summaryrefslogtreecommitdiffstats
path: root/src/providers/ldap
Commit message (Collapse)AuthorAgeFilesLines
...
* Plug memory leaks in LDAP providerJakub Hrozek2011-10-251-0/+3
|
* Cancel transactions correctly during initgroupsJakub Hrozek2011-10-171-13/+31
|
* Use fewer transactions during IPA initgroupsJakub Hrozek2011-10-171-171/+273
|
* Use fewer transactions during RFC2307bis initgroupsJakub Hrozek2011-10-171-346/+366
|
* Utility functions for LDAP nested schema initgroupsJakub Hrozek2011-10-171-0/+119
|
* SysDB commands that save lastUpdate allows this value to be passed inPavel Březina2011-10-135-21/+41
| | | | https://fedorahosted.org/sssd/ticket/836
* Fix small bug where TALLOC_CTX could end up unfreed.Pavel Zuna2011-10-061-3/+3
|
* Use explicit base 10 for converting strings to integersJakub Hrozek2011-10-031-2/+2
| | | | https://fedorahosted.org/sssd/ticket/1013
* Store name aliases for users, groupsJakub Hrozek2011-09-285-37/+216
| | | | | | Also checks fake users for aliases when storing a real users so that getgrnam for a RFC2307 group that references a user by his secondary name followed by getpwnam for this user by his primary name works
* Add a sysdb_get_direct_parents functionJakub Hrozek2011-09-281-57/+5
|
* Fixed bad logic in processing netgroups in LDAP providerJan Zeleny2011-09-281-1/+3
|
* Multiline macro cleanupJakub Hrozek2011-09-282-3/+3
| | | | | | | | | | This is mostly a cosmetic patch. The purpose of wrapping a multi-line macro in a do { } while(0) is to make the macro usable as a regular statement, not a compound statement. When the while(0) is terminated with a semicolon, the do { } while(0); block becomes a compound statement again.
* Fix uninitialized pointer read in sdap_gssapi_get_default_realm()Jakub Hrozek2011-09-201-1/+1
| | | | https://fedorahosted.org/sssd/ticket/1003
* DEBUG timestamps offer higher precisionPavel Březina2011-09-081-0/+2
| | | | | | | https://fedorahosted.org/sssd/ticket/956 Added: --debug-microseconds=0/1 Added: debug_microseconds to sssd.conf
* Keep deref controls until the whole request is finishedJakub Hrozek2011-09-061-8/+45
| | | | | | | | | | | | https://fedorahosted.org/sssd/ticket/989 John Hodrien found out that when paging is used while dereferencing an entry, sssd_be may segfault on the second page. This was because paging returned the control to sdap_generic_search multiple times but sssd was freeing dereference control after the first search invocation. The subsequend sdap searched accessed memory that was already freed.
* Improve error message for LDAP password constraint violationJakub Hrozek2011-09-063-16/+29
| | | | https://fedorahosted.org/sssd/ticket/985
* Allow turning dereference off by setting the threshold to 0Jakub Hrozek2011-09-063-3/+9
|
* sss_ldap_err2string() - ldap_err2string() to sss_ldap_err2string()Pavel Březina2011-09-063-35/+35
| | | | https://fedorahosted.org/sssd/ticket/986
* sss_ldap_err2string() - function createdPavel Březina2011-09-061-2/+0
| | | | https://fedorahosted.org/sssd/ticket/986
* Fix moving to next entry in deref codeJakub Hrozek2011-08-291-1/+6
| | | | https://fedorahosted.org/sssd/ticket/973
* Use the default Kerberos realm for LDAP with GSSAPI authJakub Hrozek2011-08-261-3/+55
| | | | https://fedorahosted.org/sssd/ticket/970
* Add LDAP provider option to set LDAP_OPT_X_SASL_NOCANONJakub Hrozek2011-08-263-1/+14
| | | | https://fedorahosted.org/sssd/ticket/978
* New DEBUG facility - SSSDBG_UNRESOLVED changed from -1 to 0Pavel Březina2011-08-251-1/+4
| | | | | | | | | | | | | | | | | | | | | Removed: SSS_UNRESOLVED_DEBUG_LEVEL (completely replaced with SSSDBG_UNRESOLVED) Added new macro: CONVERT_AND_SET_DEBUG_LEVEL(new_value) Changes unresolved debug level value (SSSDBG_UNRESOLVED) from -1 to 0 so DEBUG macro could be reduced by one condition. Anyway, it has a minor effect, every time you want to load debug_level from command line parameters, you have to use following pattern: /* Set debug level to invalid value so we can deside if -d 0 was used. */ debug_level = SSSDBG_INVALID; pc = poptGetContext(argv[0], argc, argv, long_options, 0); while((opt = poptGetNextOpt(pc)) != -1) { ... } CONVERT_AND_SET_DEBUG_LEVEL(debug_level);
* New DEBUG facility - conversionPavel Březina2011-08-253-2/+4
| | | | | | | | | | https://fedorahosted.org/sssd/ticket/925 Conversion of the old debug_level format to the new one. (only where it was necessary) Removed: SSS_DEFAULT_DEBUG_LEVEL (completely replaced with SSSDBG_DEFAULT)
* Improve password policy error code and messageSumit Bose2011-08-251-4/+9
| | | | | | Instead of returning PAM_SYSTEM_ERR if they necessary attributes for the requested password policy cannot be found we return PAM_PERM_DENIED. Additionally the log message says that the access is denied.
* Handle timeout during sss_ldap_init_sendJakub Hrozek2011-08-151-1/+5
| | | | | | | | | In some cases, where there would be no response from the LDAP server, there would be no R/W events on the LDAP fd, so sdap_async_sys_connect_done would never be called. This patch adds a tevent timer that cancels the connection after SDAP_NETWORK_TIMEOUT seconds.
* Moved some functions in sdap_async_initgroupsJan Zeleny2011-08-151-345/+349
|
* Moved some functions in sdap_async_groupsJan Zeleny2011-08-151-122/+112
|
* Confusing part of code cleared outJan Zeleny2011-08-151-34/+32
|
* sdap_async_accounts.c splitJan Zeleny2011-08-154-2514/+2588
| | | | | | | | | The file has been split in three: sdap_async_users.c sdap_async_groups.c sdap_async_initgroups.c https://fedorahosted.org/sssd/ticket/864
* sysdb refactoring: memory context deletedJan Zeleny2011-08-155-25/+15
| | | | | | This patch deletes memory context parameter in those places in sysdb where it is not necessary. The code using modified functions has been updated. Tests updated as well.
* sysdb refactoring: deleted domain variables in sysdb APIJan Zeleny2011-08-159-58/+35
| | | | | The patch also updates code using modified functions. Tests have also been adjusted.
* Use sysdb attribute name for GID, not LDAP attributeStephen Gallagher2011-08-111-3/+3
|
* Fix returning groups when gidNumber attribute is not orderedJakub Hrozek2011-08-043-4/+10
| | | | https://fedorahosted.org/sssd/ticket/951
* Request password control unconditionally during bindJakub Hrozek2011-08-011-6/+6
| | | | https://fedorahosted.org/sssd/ticket/940
* Wrong paramater to sysdb_attrs_add_uint32Jakub Hrozek2011-08-011-1/+1
|
* Explicitly ignore groups with gidNumber=0Jakub Hrozek2011-07-272-11/+18
| | | | https://fedorahosted.org/sssd/ticket/916
* Set gidNumber of non-posix groups to 0 even on updatesJakub Hrozek2011-07-271-8/+44
|
* fo_get_server_name() getter for a server nameJakub Hrozek2011-07-211-1/+10
| | | | | Allows to be more concise in tests and more defensive in resolve callbacks
* Rename fo_get_server_name to fo_get_server_str_nameJakub Hrozek2011-07-211-2/+2
|
* Do not add a NULL host parsed from LDAP URIJakub Hrozek2011-07-211-1/+8
| | | | https://fedorahosted.org/sssd/ticket/911
* Add LDAP access control based on NDS attributesSumit Bose2011-07-085-2/+193
|
* Add helper function msgs2attrs_arrayStephen Gallagher2011-07-082-0/+33
| | | | | This function converts a list of ldb_messages into a list of sysdb_attrs.
* Use ldap_init_fd() instead of ldap_initialize() if availableSumit Bose2011-06-303-37/+88
|
* Use name based URI instead of IP address based URIsSumit Bose2011-06-301-37/+2
|
* Add sdap_call_conn_cb() to call add connection callback directlySumit Bose2011-06-302-0/+40
|
* Add sockaddr_storage to sdap_serviceSumit Bose2011-06-302-0/+12
|
* Do not check pwdAttributeSumit Bose2011-06-161-9/+0
| | | | | | | It is not safe to check pwdAttribute to see if server side password policies are active. Only if a LDAP_CONTROL_PASSWORDPOLICYRESPONSE is present the bind response we can assume that there is a server side password policy.
* Switch resolver to using resolv_hostent and honor TTLJakub Hrozek2011-06-151-2/+2
|
* Non-posix group processing - ldap provider and nss responderJan Zeleny2011-06-022-28/+79
|
generated by cgit (git 2.34.1) at 2025-09-29 05:03:14 +0000