Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2012-09-12 | backend: initialize sudo only when it is enabled in services | Pavel Březina | 1 | -3/+63 | |
https://fedorahosted.org/sssd/ticket/1458 When the responder is disabled and sudo_provider is set explicitly, a warning is print and the module will be initialized. | |||||
2012-09-12 | be_process_init(): free ctx on error | Pavel Březina | 1 | -15/+21 | |
2012-09-12 | netgroup: resolve hostgroup membership correctly | Pavel Březina | 1 | -1/+1 | |
https://fedorahosted.org/sssd/ticket/1519 IPA host refactoring changed mapping of memberOf attribute which caused SSSD being unable to retrieve membership of hostgroup when being interpreted as netgroup. | |||||
2012-09-12 | Remove obsolete comment | Simo Sorce | 1 | -5/+0 | |
Made obsolete by commit e2d17ea806d273784b621583dd0490c2f69f237d | |||||
2012-09-10 | KRB5: Add a missing string argument | Jakub Hrozek | 1 | -1/+2 | |
2012-09-10 | SYSDB: NULL-terminate the output of sysdb_get_{ranges,subdomains} | Jakub Hrozek | 3 | -4/+7 | |
2012-09-10 | RPM: BuildRequire selinux-policy-targeted | Jakub Hrozek | 1 | -0/+1 | |
selinux-policy-targeted contains the /etc/selinux/targeted/logins directory that is checked during build time to determine if the platform supports SELinux user logins. | |||||
2012-09-10 | KRB5: Return PAM_AUTH_ERR on incorrect password | Jakub Hrozek | 1 | -19/+32 | |
https://fedorahosted.org/sssd/ticket/1515 | |||||
2012-09-10 | KRB5: cancel the sysdb transaction on one place only | Jakub Hrozek | 1 | -1/+0 | |
https://fedorahosted.org/sssd/ticket/1516 If sysdb_set_user_attr failed, we would cancel the transaction, then go to the error handler and attempt to close it again. | |||||
2012-09-07 | Out-of-bounds read fix in hmac-sha-1 | Ondrej Kos | 1 | -1/+3 | |
2012-09-07 | libsss_sudo should have a versioned dependency on SSSD | Jakub Hrozek | 1 | -0/+1 | |
https://fedorahosted.org/sssd/ticket/1509 | |||||
2012-09-05 | Bumping version for the 1.9.0 beta 7 release | Jakub Hrozek | 1 | -1/+1 | |
2012-09-05 | Update translations for 1.9.0 beta 7 release | Jakub Hrozek | 34 | -8623/+15821 | |
2012-09-05 | SIGUSR2 should force SSSD to reread resolv.conf as well | Ariel Barria | 1 | -2/+19 | |
2012-09-05 | Don't terminate the same connection twice | Jakub Hrozek | 1 | -6/+0 | |
https://fedorahosted.org/sssd/ticket/1488 | |||||
2012-09-05 | Retry the next server if bind during LDAP auth times out | Jakub Hrozek | 1 | -1/+6 | |
2012-09-05 | SYSDB: Abort unit test if sysdb_getpwnam fails | Jakub Hrozek | 1 | -0/+3 | |
2012-09-05 | SYSDB: Commit transaction in sysdb_store_user | Jakub Hrozek | 1 | -17/+19 | |
2012-09-04 | Unify usage of sysdb transactions (part 2). | Michal Zidek | 9 | -270/+330 | |
2012-09-04 | Check flat names when searching for sub-domains as well | Sumit Bose | 1 | -1/+3 | |
2012-09-04 | SSH: Add support for OpenSSH-style public keys | Jan Cholasta | 1 | -13/+37 | |
2012-09-04 | SSH: Simplify public key formatting function | Jan Cholasta | 4 | -46/+12 | |
2012-09-04 | SSH: Return error code in SSH utility functions | Jan Cholasta | 4 | -29/+54 | |
2012-09-04 | Adding -std=gnu99 flag. | Michal Zidek | 1 | -1/+2 | |
2012-09-04 | Check if the SELinux login directory exists | Jakub Hrozek | 3 | -3/+13 | |
https://fedorahosted.org/sssd/ticket/1492 | |||||
2012-08-29 | RPM: Always include the patch file | Jakub Hrozek | 1 | -2/+0 | |
2012-08-28 | RPM: Switch the default ccache location | Jakub Hrozek | 3 | -1/+29 | |
https://fedorahosted.org/sssd/ticket/1500 | |||||
2012-08-27 | Use PTHREAD_MUTEX_ROBUST to avoid deadlock in the client | Jakub Hrozek | 3 | -8/+115 | |
https://fedorahosted.org/sssd/ticket/1460 | |||||
2012-08-24 | Use new debug levels in validate_tgt() | Sumit Bose | 1 | -13/+16 | |
2012-08-24 | Fix fallback in validate_tgt() | Sumit Bose | 1 | -8/+20 | |
To validate a TGT a keytab entry from the client realm is preferred but if none ca be found the last entry should be used. But the entry was freed and zeroed before it could be used. This should also fix the trusted domain use case mentioned in https://fedorahosted.org/sssd/ticket/1396 although a different approach then suggested in the ticket is used. | |||||
2012-08-23 | Fix: IPv6 address with square brackets doesn't work. | Michal Zidek | 6 | -1/+67 | |
https://fedorahosted.org/sssd/ticket/1365 | |||||
2012-08-23 | Unify usage of sysdb transactions | Michal Zidek | 20 | -67/+270 | |
Removing bad examples of usage of sysdb_transaction_start/commit/end functions and making it more consistent (all files except of src/db/sysdb_*.c). | |||||
2012-08-23 | Typo in debug message (SSSd -> SSSD). | Michal Zidek | 1 | -1/+1 | |
https://fedorahosted.org/sssd/ticket/1434 | |||||
2012-08-23 | Clean up cache on server reinitialization | Pavel Březina | 6 | -4/+404 | |
https://fedorahosted.org/sssd/ticket/734 We successfully detect when the server is reinitialized by testing the new lastUSN value. The maximum USN values are set to zero, but the current cache content remains. This patch removes records that were deleted from the server. It uses the following approach: 1. remove entryUSN attribute from all entries 2. run enumeration 3. remove records that doesn't have entryUSN attribute updated We don't need to do this for sudo rules, they will be refreshed automatically during next smart/full refresh, or when an expired rule is deleted. | |||||
2012-08-23 | Consolidation of functions that make realm upper-case | Ondrej Kos | 5 | -31/+28 | |
2012-08-23 | AD context was set to null due to type mismatch | Ondrej Kos | 3 | -1/+14 | |
2012-08-21 | Remove compilation warning: ret may be uninitialized | Pavel Březina | 1 | -0/+2 | |
2012-08-21 | Unbreak build on RHEL5: replace ldap_destroy() with ldap_unbind_ext() | Pavel Březina | 1 | -1/+1 | |
ldap_destroy() is not present in RHEL5 | |||||
2012-08-21 | Close LDAP connection when unable to install TLS | Pavel Březina | 1 | -13/+13 | |
We were not closing LDAP connection when using SSL with invalid certificate. https://fedorahosted.org/sssd/ticket/1490 | |||||
2012-08-21 | accept_fd_handler: add missing return | Sumit Bose | 1 | -0/+1 | |
2012-08-21 | SYSDB: Make sysdb_attrs_get_el_int() public | Stephen Gallagher | 2 | -8/+10 | |
Also rename it to sysdb_attrs_get_el_ext() | |||||
2012-08-21 | Process all groups from a single nesting level | Jakub Hrozek | 1 | -4/+14 | |
https://bugzilla.redhat.com/show_bug.cgi?id=846664 If the first group was cached when processing the nested group membership, we would call tevent_req_done, effectivelly marking the whole nesting level as done. | |||||
2012-08-16 | Fix compilation error in Python murmurhash bindings | Jakub Hrozek | 2 | -4/+10 | |
The compilation produced an error due to missing declaration of uint32_t and a couple of warnings caused by different prototypes of argument parsing functions in older Python releases. | |||||
2012-08-16 | Only create the SELinux login file if there are mappings on the server | Jakub Hrozek | 2 | -51/+78 | |
https://fedorahosted.org/sssd/ticket/1455 In case there are no rules on the IPA server, we must simply avoid generating the login file. That would make us fall back to the system-wide default defined in /etc/selinux/targeted/seusers. The IPA default must be only used if there *are* rules on the server, but none matches. | |||||
2012-08-16 | Do not try to remove the temp login file if already renamed | Jakub Hrozek | 1 | -2/+3 | |
write_selinux_string() would try to unlink the temporary file even after it was renamed. Failure to unlink the file would not be fatal, but would produce a confusing error message. Also don't use "0" for the default fd number, that's reserved for stdin. Using -1 is safer. | |||||
2012-08-16 | Build SELinux code in responder conditionally | Jakub Hrozek | 1 | -0/+7 | |
https://fedorahosted.org/sssd/ticket/1480 | |||||
2012-08-15 | Fix LOCAL domain lookups | Pavel Březina | 1 | -19/+22 | |
https://fedorahosted.org/sssd/ticket/1436 Now subdomains are not evaluated for local domains. | |||||
2012-08-15 | Add python bindings for murmurhash3 | Sumit Bose | 4 | -3/+184 | |
2012-08-15 | KRB5: Only return PAM error for unreachable kpasswd when performing chpass | Jakub Hrozek | 1 | -2/+4 | |
https://fedorahosted.org/sssd/ticket/1452 | |||||
2012-08-15 | FO: Return EAGAIN if there are more servers to try | Jakub Hrozek | 1 | -0/+9 | |
The caller should issue a next request, which would just shortcut with ENOENT. |