summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2010-01-20Fix timeout memory heirarchyStephen Gallagher1-2/+14
This fixes two issues: 1) Eliminates a double-free when a timeout occurs (we were freeing the running event context) 2) Ensures that we don't continue to schedule unnecessary timeout checks
2010-01-20Deleting nonexistent users or groups is not a noopJakub Hrozek2-4/+2
The manual pages for userdel and groupdel utilities incorrectly stated that deleting a nonexistent user or group is a noop. We changed that behavior, but forgot to sync the documentation.
2010-01-20document debug_timestampsJakub Hrozek2-0/+22
2010-01-20Add sysdb request to authenticate against a cached passwordSumit Bose8-217/+378
The code for authentication against a cached password is moved from the pam responder to a generic sysdb tevent request. The new code can be used by other components of sssd to verify passwords on their own. Tests for the sysdb_cache_password and sysdb_cache_auth request are added and some unneeded or unused code and variables are removed.
2010-01-20sss_groupshow - a utility to print properties of a local groupJakub Hrozek10-2/+454
This patch adds a utility called sss_groupshow that allows user to print properties of a group in the local domain. Fixes: #306
2010-01-14Resetting VERSION to 1.0.99Stephen Gallagher1-1/+1
This shouldn't be set to 1.1.0 until it's ready for release
2010-01-14Updating version to 1.1Stephen Gallagher1-1/+1
2010-01-14Update version to 1.0.2Stephen Gallagher1-1/+1
2010-01-14Copy-edit, mainly fixing typos and EnglishDavid O'Brien2-71/+68
Some reformatting to stay within 79 char line length. Better definition of server vs. machine usage in failover section.
2010-01-14Make sure callbacks never retry when ares channel is destroyedMartin Nagy1-4/+12
When the resolv context destructor is invoked, the callbacks for pending queries could have been called with ARES_EDESTRUCTION and try to re-send the query.
2010-01-14Don't recursively call ares_process_fd() from fd_event()Martin Nagy1-17/+0
Since ares_process_fd() might also cause fd_event() to be called again, calling ares_process_fd() is unwise. The bug will cause a crash if c-ares is using tcp connections. Fixes: #384
2010-01-14Make periodic checks for DNS timeoutsMartin Nagy1-1/+82
Since we only call c-ares to process input on FD when there is an activity on them, c-ares never gets a chance to react to a timed-out request. This caused SSSD to hang. Fixes: #381
2010-01-14Explicitly set async DNS timeoutStephen Gallagher5-6/+15
We will allow 5s per DNS server, no retries.
2010-01-12Fix #382, a segfault bug in the memberof plugin.Simo Sorce1-1/+1
2010-01-12Re-create c-ares channels if /etc/resolv.conf is modifiedMartin Nagy3-14/+95
Fixes: #378
2010-01-12Remove local and kerberos providers from the access_provider listStephen Gallagher3-6/+2
Update tests to reflect these removals.
2010-01-12Update SV translationPiotr Drąg1-3/+2
2010-01-11Releasing version 1.0.1Stephen Gallagher1-1/+1
2010-01-11Fix return value when offline and TGT is validSumit Bose1-1/+1
Fixes CVE-2010-0014
2010-01-05Update SV translationGöran Uddeborg1-3/+3
2010-01-05Update translations for masterStephen Gallagher11-413/+402
2010-01-05Don't free timer events within the handler.Simo Sorce1-16/+12
Tevent frees timer handlers once done, so freeing the timer within the event is going to cause double frees. Just attach the timer event to the request it depends on and make sure to steal it on NULL if we are going to free the request from within the handler.
2010-01-05Return an error for an unknown PAM requestSumit Bose4-12/+41
2009-12-21Allow debug_timestamps setting on a per-domain basisStephen Gallagher2-0/+3
This was missing from the SSSDConfig API, though it was supported by the daemon.
2009-12-18Release SSSD 1.0Stephen Gallagher1-1/+1
2009-12-18Fix broken password changes for local usersStephen Gallagher1-1/+6
2009-12-18Do not blindly accept zero-length passwordsStephen Gallagher2-8/+17
2009-12-18Fix ldap child memory hierarchy and other issuesSimo Sorce8-306/+482
The timeout handler was not a child of the request so it could fire even though the request was already freed. The code wouldn't use async writes to the children so it could incur in a short write with no way to detect or recover from it. Also fixed style of some helper functions to pass explicit paramters instead of a general structure. Add common code to do async writes to pipes. Fixed async write issue for the krb5_child as well. Fix also sdap_kinit_done(), a return statement was missing and we were mixing SDAP_AUTH and errno return codes in state->result Remove usless helper function that just replicates talloc_strndup()
2009-12-18Fix for #344Sumit Bose1-13/+11
Do not handle a missing ccache file as inactive by default, check if there are still active processes of the user.
2009-12-18Do not overwrite valid TGTs when offlineSumit Bose5-43/+185
2009-12-18Handle chauthtok with PAM_PRELIM_CHECK separatelySumit Bose8-23/+77
If pam_sm_chauthtok is called with the flag PAM_PRELIM_CHECK set we generate a separate call to the sssd to validate the old password before asking for a new password and sending the change password request.
2009-12-17disable password migration codeSumit Bose1-2/+2
2009-12-17Clarify access_provider manpage entryStephen Gallagher1-1/+3
We support installed access providers as well as permit and deny
2009-12-17Add DEBUG messages to getpwnam_callback and getpwuid_callbackStephen Gallagher1-0/+4
This matches the DEBUG logging available for groups.
2009-12-17Updating ES translationStephen Gallagher1-20/+36
2009-12-17Properly handle EINTR from poll()Stephen Gallagher1-10/+40
2009-12-17Fix tight-loop in monitor part 2Stephen Gallagher1-0/+5
The first fix only fixed tight loops caused by setting 'timeout=0' in services. This patch also fixes it for domains.
2009-12-17Change default for enumeration to TRUEStephen Gallagher2-2/+2
2009-12-17Raise DEBUG level of sdap_get_generic_done()Stephen Gallagher1-1/+1
The DEBUG level of the result should not be lower than the DEBUG level of the request. It generates too much noise when enumerate is enabled or initgroups deals with groups with large numbers of users.
2009-12-15Update SV translationGöran Uddeborg1-26/+35
2009-12-15Fix warning in server.cStephen Gallagher1-1/+1
Function definition was missing "void" to denote that it took no arguments.
2009-12-15Don't set explicit default for "timeout" in domainsStephen Gallagher1-1/+1
2009-12-15Fix tight loop in monitorStephen Gallagher2-4/+9
If the domain heartbeat time was explicitly set in the configuration to 0, we would enter a tight loop in the heartbeat check and never answer requests from the child processes.
2009-12-15Cleanup db files after test runSumit Bose2-2/+21
2009-12-15Fix upgrade bug #323Simo Sorce1-180/+186
Move the upgrade function first and check explicitly for the old ldb name. Perform upgrades up to v02 first if necessary. Then proceed as normal letting the normal init functions perform further upgrades if necessary. This now works also if there is no "local" provider in the current configuration.
2009-12-15sssd.spec for SLESSergei V. Kovylov1-0/+238
2009-12-15Properly close STDERR when daemonizingStephen Gallagher1-9/+3
This is necessary so that any process managing our startup and shutdown (e.g. authconfig) does not block and stall waiting for stderr to terminate. Fixes bug https://fedorahosted.org/sssd/ticket/324
2009-12-15Update IT translationMarina Latini3-4/+648
2009-12-15Update SV translationGöran Uddeborg1-86/+101
2009-12-15Use --with-ldb-lib-dir while running make distcheckSumit Bose1-0/+2
generated by cgit (git 2.34.1) at 2024-07-22 07:05:13 +0000