Age | Commit message (Collapse) | Author | Files | Lines |
|
Fixes: #585
|
|
Three assignments deleted, two return code inspection added.
Also found and fixed one critical bug caused by dead assignment.
Ticket: #590
|
|
Some assignments deleted, two return value inspections were
added.
Ticket: #589
|
|
Various dead assignments were deleted, some return value inspections
were added.
Ticket: #588
|
|
Dead assignments were deleted. Also prototype of function
sdap_access_decide_offline() has been changed, since its return
code was never used.
Ticket: #586
|
|
When obfuscated password is used in config file, the LDAP backend
converts it back to clear text and uses it to authenticate to the
server.
|
|
A tool to add obfuscated passwords into the SSSD config file
|
|
|
|
|
|
Adds two utility functions to obfuscate a password and inverse to
extract the cleartext password back.
So far, only NSS-based implementation is provided.
|
|
|
|
A refactoring patch that creates a common util/crypto subdir with
per-implementation subdirectories for each underlying crypto library
supported by SSSD.
|
|
In fail_over.c, there was a small bug causing subrequest to have
wrong parent memory context. This patch fixes it.
|
|
Some config options updated, newly documented 12 new options.
|
|
Two needless assignments were deleted, two were complemented
with code checking function results.
Ticket: #582
|
|
So far, the systemd unit file is only packaged but not used in any of
the packaged spec files.
Fixes: #483
|
|
In function get_pw_name when allocation of memory fails, there
were two codepaths which could cause printing of undefined value.
This patch fixes both cases.
Ticket: #580
|
|
If sysdb_attrs_get_el() call failed in function sdap_save_group(),
it would result in printing an undefined value of variable name.
This is now fixed by initializing the variable.
Ticket: #579
|
|
If the allocation on line 678 failed, the value of ret was undefined
in following comparison. ENOMEM is now assigned before the comparison.
Ticket: #578
|
|
In the very unlikely case dp_copy_options was called
with num_options == 0, the return value as well as the left operand
of comparison on line 214 would be undefined.
Ticket: #577
|
|
Fixes: #584
|
|
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
|
|
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
|
|
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
|
|
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
|
|
Every ldap function that could possibly create a new connection is now
wrapped in a tevent_req. If the connection is created, we will call the
function again after the socket is ready for writing.
|
|
|
|
Some LDAP servers allow binding with blank passwords. We should
not allow a blank password to authenticate the SSSD.
|
|
|
|
|
|
|
|
They are no longer used. The toplevel Makefile.am builds
everything now.
|
|
|
|
There is no longer a need to have nested Makefiles and configure
scripts. This patch combines the src/ Makefile and configure.ac
into the root.
|
|
All files formerly in common are now being built individually out
of the ding-libs repository.
git clone git://git.fedorahosted.org/git/ding-libs.git
|
|
The initial verification of the old password was returning an
error because we were not explicitly setting dp_err to
DP_ERR_SUCCESS and it was initialized earlier in the function to
DP_ERR_FATAL.
|
|
|
|
Instead of recursively updating all users of each group the user
being queried belongs to, just add or remove membership for the
requested user.
Fixes https://fedorahosted.org/sssd/ticket/478
|
|
This function will take a user, a list of groups that this user
should be added to and a list of groups the user should be removed
from and will recursively call sysdb_[add|remove]_group_member
Includes a unit test
|
|
|
|
|
|
Includes a unit test
|
|
|
|
Fixes: #587
|
|
The value returned in the 'done:' label was always EOK which is wrong as
any parsing errors are not returned to the caller.
Fixes: #583
|
|
|
|
|
|
In addition to validating the keytab everytime a TGT is requested, we
also validate the keytab on back end startup to give early warning that
the keytab is not usable.
Fixes: #556
|
|
|
|
|