summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2011-11-23Added and modified options for IPA netgroupsJan Zeleny6-31/+199
2011-11-23Modified sdap_parse_search_base()Jan Zeleny4-16/+14
2011-11-23Renamed some LDAP routinesJan Zeleny6-41/+49
These were renamed just ot make sure they are not mistook for IPA netgroup functions.
2011-11-22Set more strict permissions on keyringSimo Sorce3-1/+29
We want to confine access to the keyring to the current process and not let root easily peek into the keyring contents.
2011-11-22Fixed unchecked value of setenv() in check_and_export_options()Jan Zeleny1-2/+5
https://fedorahosted.org/sssd/ticket/1080
2011-11-22Cleanup: Remove unused parametersJakub Hrozek36-185/+84
2011-11-22SYSDB: Make ENOENT log messages less threateningStephen Gallagher1-16/+54
Previously, they were reported with the prefix "Error:" which caused confusion among end-users while debugging.
2011-11-21Fix FTBFS related to -Werror=format-securityKrzysztof Klimonda2-2/+2
2011-11-18RESPONDER: Ensure that all input strings are valid UTF-8Stephen Gallagher7-2/+53
2011-11-18Prevent printing NULL in several places of LDAP providerJakub Hrozek2-5/+9
2011-11-11Use one transaction instead of two during RFC2307bis group processingJakub Hrozek1-31/+55
https://fedorahosted.org/sssd/ticket/1054
2011-11-11Squash transactions in sdap_initgr_common_storeJakub Hrozek1-6/+25
https://fedorahosted.org/sssd/ticket/1053
2011-11-10configAPI: Fix removing in old domain when saving a new domainJakub Hrozek1-2/+2
2011-11-10Typo fixesMarko Myllynen2-2/+2
Fix few trivial types reported by Yuri.
2011-11-10SBUS: Fix DEBUG log matchingStephen Gallagher1-7/+8
This log message should only be displayed at the most verbose of log levels. Since it didn't match, it was resulting in a Coverity error warning of the printing of an uninitialized value (fd).
2011-11-10Fix typos in manual pagesYuri Chornoivan4-4/+4
2011-11-08Fixed translation bugThorsten Scherf1-1/+1
2011-11-08LDAP: Remove redundant groups from the lookup listStephen Gallagher1-23/+0
2011-11-07Fixed empty loginShell in proxy providerJan Zeleny1-4/+32
https://fedorahosted.org/sssd/ticket/892
2011-11-07Fixed possible resource leak in create_mail_spool()Jan Zeleny1-9/+9
https://fedorahosted.org/sssd/ticket/1071
2011-11-07Fixed possible resource leak in get_uid_from_pid()Jan Zeleny1-4/+10
https://fedorahosted.org/sssd/ticket/1069
2011-11-07Use correct state struct in sdap_initgr_rfc2307bis_next_baseJakub Hrozek1-2/+3
2011-11-07Fix segfault in sdap_get_initgr_userJakub Hrozek1-1/+2
2011-11-02Periodic translation file updateStephen Gallagher74-13664/+33273
2011-11-02SYSDB: add index for nameAliasStephen Gallagher3-1/+97
2011-11-02Handle group renaming correctlyJan Zeleny1-2/+7
https://fedorahosted.org/sssd/ticket/1040
2011-11-02Support to request canonicalization in LDAP/IPA providerJan Zeleny10-1/+45
https://fedorahosted.org/sssd/ticket/957
2011-11-02Add support to request canonicalization on krb AS requestsJan Zeleny10-6/+68
https://fedorahosted.org/sssd/ticket/957
2011-11-02Add wrapper for krb5_get_init_creds_opt_set_canonicalizeJan Zeleny3-0/+14
2011-11-02Fixes debug-tests.c coverity issues: NEGATIVE_RETURNS, FORWARD_NULLPavel Březina1-49/+140
https://fedorahosted.org/sssd/ticket/1046
2011-11-02RESPONDER: Fix segfault in sss_packet_send()Stephen Gallagher1-0/+5
There are several places (all error-handling) where sss_cmd_done() is called with no response packet created. As a short-term solution, we need to check whether the packet is NULL and simply return EINVAL. client_send() (the consumer) will then forcibly disconnect the client (which will return PAM_SYSTEM_ERR to the client).
2011-11-02LDAP: Add support for multiple search bases for group enumerationStephen Gallagher4-24/+101
2011-11-02LDAP: Add support for multiple search bases for user enumerationStephen Gallagher4-8/+49
2011-11-02LDAP: Convert ldap_*_search_filterStephen Gallagher3-59/+23
Instead of making this a global option for all user lookups, make it only used if the search base is passed without an explicit filter.
2011-11-02LDAP: Update manpages with multiple search base informationStephen Gallagher1-1/+56
2011-11-02LDAP: Add multiple search bases for initgroups (RFC2307bis groups)Stephen Gallagher1-77/+225
2011-11-02LDAP: Add multiple search bases for initgroups (RFC2307 groups)Stephen Gallagher1-17/+99
2011-11-02LDAP: Add multiple search bases for initgroups (users)Stephen Gallagher1-30/+72
2011-11-02LDAP: Support multiple group search bases (non-enumeration, RFC2307)Stephen Gallagher4-16/+74
2011-11-02LDAP: Support multiple netgroup search basesStephen Gallagher3-14/+65
2011-11-02LDAP: Support multiple user search bases (non-enumeration)Stephen Gallagher4-14/+70
2011-11-02LDAP: Add parser for multiple search basesStephen Gallagher5-26/+380
2011-11-02Make sdap_get_id_specific_filter() more strictStephen Gallagher2-4/+4
2011-11-02Fix size return for split_on_separator()Stephen Gallagher2-6/+6
It was returning the size of the array, rather than the number of elements. (The array was NULL-terminated). This argument was only used in one place that was actually working around this odd return value.
2011-11-02Remove unused sdap_options attributesStephen Gallagher1-3/+0
These DNs were never assigned or referenced anywhere.
2011-11-02Cleanup of unused function in ldap access providerJan Zeleny1-2/+0
2011-11-02Remove confusing do-while loopJakub Hrozek1-35/+36
The deref processing would return a single control back. The do-while loop was harmless but confusing.
2011-11-02Use LDAPDerefSpec properlyJakub Hrozek1-4/+6
ldap_create_deref_control_value expects an array of LDAPDerefSpec structures with LDAPDerefSpec.derefAttr == NULL as a sentinel. We were passing a single instance of a LDAPDerefSpec structure. https://fedorahosted.org/sssd/ticket/1050
2011-10-31Steal result onto mem_ctx in sdap_initgr_nested_get_direct_parentsJakub Hrozek1-2/+1
2011-10-31RFC2307bis initgroups: fix nested groups processingJakub Hrozek1-20/+33
Due to incorrectly written loop, SSSD would go into infitite loop if it processed the same group on two different levels of membership.