summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2009-11-18Failover fixes and additionsSimo Sorce3-7/+25
2009-11-18Store initgr expire time on initgr callSimo Sorce1-6/+17
2009-11-18Change the pam code to perform an initgroups callSimo Sorce1-1/+1
An initgroups call refreshes both the user and the user's groups, this is ideal for pam so that we don't need addiotnal initgroups calls (initgroups calls are cached too now) during the login process.
2009-11-18Change initgroups code to use and check the cacheSimo Sorce2-218/+109
We were previously always ending up contacting the backend because we had no way to know if an initgroups call for the same user had ever been called. Add attribute to hold this information and rely on backends to update it. If they don't we fallback to the previous behvior of asking the backend.
2009-11-18Fix crash due to uninitialized timeout variableSimo Sorce1-0/+1
This slipped through in previous patches. Fixes #283
2009-11-18Upgrade cache and local databases to case-sensitive namesStephen Gallagher2-2/+96
2009-11-18Make the sysdb user and group names case-sensitiveStephen Gallagher2-1/+39
2009-11-13Fix option name krb5_changepw_principalSumit Bose5-7/+7
2009-11-12Change var name to make its use more clear.Simo Sorce2-7/+7
Change memctx to make clear it should be used only when a callback is being used.
2009-11-12Make 'permit' the default for the access targetSumit Bose2-16/+5
2009-11-12Fix check_cache bug in dealing with the callbackSimo Sorce1-97/+104
Also rework check_cache so that the operations it makes are more explicit. Also add comments about why we are doing something. Should make the code easier to understand in future (took quite some time and discussion on IRC to understand exactly how this function was behaving and to find the callback passing bug).
2009-11-12Fix double free case.Simo Sorce1-1/+3
2009-11-12Fixes for proxy providerSumit Bose2-7/+26
- use the correct private data for each PAM task - make proxy_pam_target a mandatory option for auth, chpass and access
2009-11-12Fix inconsistent use of krb5_ccname_templateSumit Bose2-2/+2
2009-11-12Try to fix offline loginsSimo Sorce2-13/+7
2009-11-12Add support for host, source host and user categorySumit Bose1-8/+54
This patch add support for the host, source host and user category 'all'. All other category values are ignored so far. With the patch the interpretation of an empty memberUser and empty sourceHost and externalHost is changed to 'not applicable'.
2009-11-10Fix Requires: sssd-client line in specfileStephen Gallagher1-1/+1
2009-11-10Add cleanup taskSimo Sorce9-156/+915
2009-11-10Refactor delete functions and add a fewSimo Sorce4-234/+648
Refactor user/group delete functions so that they can be used without a transaction (they autostart an operation). Add user and group search function where a subfilter can be specified.
2009-11-10Add check for access-time rules to ipa_access.Sumit Bose4-0/+74
2009-11-10Simplify krb5 child handlerSumit Bose1-17/+18
Currently the Kerberos child handler evaluates the siginfo_t structure to wait for a specific child. This scheme is prone to error, especially when there are more than one child process active, and can produce missleading debug message. This patch simplifies the scheme as it waits for any child.
2009-11-09Fix segfault on unknown user/domainStephen Gallagher1-2/+2
2009-11-09Fix tevent_req error checking.Simo Sorce16-284/+111
When possible using a macro that correctly deals with tstate
2009-11-09Assorted manpage fixesJakub Hrozek1-27/+14
* do not mention the sbus_timeout parameter at all * document the config_file_version parameter * different wording for negative cache
2009-11-09Fix regression in error message when deleting groupsJakub Hrozek1-6/+4
2009-11-09Fix enumerationsSimo Sorce1-2/+6
The counter was not set so we were storing only the first user for each anumeration.
2009-11-09IPA time rules parsing routinesJakub Hrozek4-0/+1841
2009-11-09Add missing includeJakub Hrozek1-0/+1
2009-11-09Check return, zero free hostent, adhere to styleSimo Sorce4-20/+28
2009-11-07Fix ldap driverSimo Sorce1-0/+3
2009-11-07Fix buildSimo Sorce1-4/+8
2009-11-07added access module of IPA providerSumit Bose6-4/+1697
2009-11-06Add fail over utility functionsMartin Nagy4-1/+971
These functions should be used by providers to centrally manage lists of servers. Servers are grouped into services and each service has it's own list of servers. If, however, you will try to add a same server into two different services, they will share a common structure. This means that a host will only be resolved once.
2009-11-06Add simple reference counting wrappers for tallocMartin Nagy4-1/+373
2009-11-06Add DLIST_FOR_EACH() macroMartin Nagy1-0/+3
2009-11-06Check is ccache structure is initialized before calling krb5_cc_destroySumit Bose1-8/+16
2009-11-06Update sssd.spec to use only the required KRB5_LIBS and NSS_LIBSStephen Gallagher1-0/+2
2009-11-06Clean up unused dependenciesStephen Gallagher4-9/+38
2009-11-06Fix a bad free in async_resolv.cMartin Nagy1-6/+0
Also remove redundant talloc_free()'s. They are not needed since their parent should be freed right after calling the _recv() function.
2009-11-06Add missing include file to files-tests.cMartin Nagy1-0/+1
2009-11-06Always set last update and expire timeSimo Sorce4-114/+110
modifications to existing users/groups were setting metadata, but creation was not. Fixes #259
2009-11-06Split async helpers in multiple filesSimo Sorce6-3285/+3386
The size of sdap_async.c was unmanageable. This patch splits it into a generic file with common infrastructure calls, a file that handles connection calls and a file for id related calls.
2009-11-06Reorganize ldap id provider filesSimo Sorce5-547/+584
Split enum task in a separate file.
2009-11-06Unify code to use the generic search interfaceSimo Sorce1-593/+473
This code removes redundancies in the code. both users and groups enumeration code use the same search generic search function now. Also the code to save users and groups have been unified across all callers.
2009-11-06Fix and enhance initgroups callSimo Sorce1-170/+637
This call was failing and was defective because it didn't properly handle the various different schemas we support. Now the function does 2 things: - Updates the user entry to make sure it is still valid - Retrieves every group the user is member of
2009-11-06Unify parse routines, use maps in generic searchesSimo Sorce4-130/+77
This remove redundant code and also allows the generic search to be used to use maps to convert attributes.
2009-11-06Store the original memberof attributes if anySimo Sorce1-7/+30
Also change the interface of sdap_save_user_send() so that it can be more easily reused like it was done for sdap_save_group_send().
2009-11-06Make useful function more broadly available.Simo Sorce3-30/+30
2009-11-06Make available method to quickly retrive stringSimo Sorce2-3/+35
sysdb_attrs has a lot of methods to add them but very little to get information out. Start adding a way to retrieve a single valued attribute as a string.
2009-11-05Build files.c only for toolsStephen Gallagher4-13/+14
Move files.c into tools directory