summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2009-07-31Correct check for local domain in toolsJakub Hrozek2-14/+2
When looking for the local domain in the tools, do so by looking on provider value, not domain name. Also removes one redundant lookup of local domain.
2009-07-31Notify user when deleting nonexistent user or groupJakub Hrozek2-5/+20
Fixes: RHBZ #513247, RHBZ #513250
2009-07-31Use correct return codesJakub Hrozek4-4/+4
Some code paths that should exit with an error used potentionally incorrect return code.
2009-07-31Add ignore_not_found parameter to sysdb delete functionsJakub Hrozek4-21/+182
Also add tests
2009-07-31Improve error messagesJakub Hrozek4-5/+32
Fixes: * RHBZ 513282 - Error Message Incorrect when Trying to add Group with GID already in use * RHBZ 513284 - Error Message Incorrect when Trying to add User with UID already in use * RHBZ 513242 - Better error Message when modifying a user that doesn't exist * RHBZ 513244 - Better error Message when adding a user to a group that doesn't exist
2009-07-29Address CVE-2009-2410Stephen Gallagher1-1/+1
Fix incorrect error code return in local_handler_callback
2009-07-24Add async resolver testsJakub Hrozek2-1/+455
Add some basic unit tests of the async resolver module. One of the tests resolves a name on the Internet, therefore it is off by default and is turned on with the -n switch.
2009-07-24Add ares helpers into sssdJakub Hrozek9-1/+498
This patch adds ares parsing functions that are not yet upstreamed together with a private ares header file (ares_dns.h) that contains some necessary macros for parsing common structures in the replies. Users of these two parsing functions must also include the header files ares_parse_{srv,txt}_reply.h that contain the function and structures declarations that should eventually end up in upstream ares.h
2009-07-24Async DNS integrationJakub Hrozek6-1/+740
Integrates the c-ares asynchronous resolved library into SSSD.
2009-07-24Fix race condition that was causing segfaultsSimo Sorce1-80/+136
The sdap_handle might be freed when processing a message. Rearrange data flow so that the sdap_handle is never used after a message is processed but a new event (dependent on the handle) is instead scheduled. If the sdap_handle is freed, the scheduled event is also removed and not fired
2009-07-22Minor cleanups in monitor.cStephen Gallagher1-1/+5
1) Forgot to check for successful allocation 2) Used the wrong mem_ctx when allocating a timer event.
2009-07-22cleanup of pam_sssSumit Bose1-250/+241
- make pam_sss work with pam_cracklib and similar pam modules - clean up the if-&&-else-|| jungle to make clear what is happening
2009-07-21added LDAP change password backend targetSumit Bose4-4/+307
2009-07-21add handling of the new backend targets to proxy backendSumit Bose1-0/+30
2009-07-21Add 'make srpms' targetStephen Gallagher1-0/+5
2009-07-20Rework the engine that deals with openldap librariesSimo Sorce3-497/+403
The way openldap libraries work, require to have a single engine per connection as all replies are read at the same time. So we need to always read anything that comes in from the wire and then loop to dispatch results to the requests that are waiting.
2009-07-20Raise debug level for version negotiationSimo Sorce1-2/+2
2009-07-20Add option to add timestamps to debug outputSimo Sorce4-8/+39
use '--debug-timestamps' at the command line or set 'debug-timestamps = TRUE' in the configuration file.
2009-07-20Remove unused InfoPipe and PolicyKit codeStephen Gallagher17-5532/+2
2009-07-20Fix typo in elapi's Makefile.am that breaks 'make dist'Stephen Gallagher1-1/+1
2009-07-20Instrument memberof for debuggingSimo Sorce2-1/+57
Fix ldb debug to avoid printing the debug function name, it's useless.
2009-07-20Start rationalizing user tools a bitSimo Sorce7-408/+299
There is a lot of duplication in user tools. First steps to remove as much duplication as possible.
2009-07-20Implement resInit for monitor, NSS, PAM, DP and the backendsStephen Gallagher5-1/+91
2009-07-20Monitor resolv.conf for changesStephen Gallagher4-128/+234
This patch updates the monitor_config_file() functions so that they can monitor any number of files and invoke a specified callback whenever they are modified. When inotify is available, we will add an additional watch descriptor to the inotify file descriptor. When inotify is not available, the polling function will simply loop to check each file in the monitor list. When changes are discovered in resolv.conf, the monitor will send a "resInit" signal to all of its known children. They are only required to handle this function if they need updated DNS information. Services that do not implement resInit should return DBUS_ERROR_UNKNOWN_METHOD (rather than timing out) with no ill effects.
2009-07-20Improvements to config file updatesStephen Gallagher2-41/+152
1) Some text editors will create a new file and move it into place on top of the existing file. When this happens, the kernel issues an IN_IGNORE inotify event and automatically removes the watch descriptor for that file. We'll handle the event and create a new watch descriptor for the new file. We will attempt to rewatch the file six times at five-second intervals. 2) Some scripts may append new data to the config file in several steps (such as calling echo "foo" >> sssd.conf several times). In order to handle these scripts safely, we'll defer processing of inotify events for one second after the first is detected. This should be ample time for the remainder of the script to complete.
2009-07-20COLLECTION & INI CleanupDmitri Pal5-86/+113
I started to cleanup the unit tests from the type cust around NULL and found several problems that I had to address: 1) The choice of the "." as a search separator turned out to be a poor choice. The problem was that the file name has "." and INI was relaying on files to be used as property names. I corrected that part in the INI but after discussion with Simo we decided to switch from "." to "!" as special symbol anyways. 2) Found that the property rename was not reinitializing the hash. Corrected. Added ticket to add unit tests around it (#83).
2009-07-20add infrastructure to handle new backend targetsSumit Bose6-150/+228
2009-07-20Fix saving new nextIDJakub Hrozek1-1/+1
2009-07-16COLLECTION Improving searchesDmitri Pal2-9/+181
Addressing ticket #71. The searches were not taking advantage of the hashes, now they are.
2009-07-16Run ini_config unit test with "make check"Stephen Gallagher2-2/+19
Also adds support for running ini_config_ut under a parallel build directory.
2009-07-16Run libcollection unit tests with 'make check'Stephen Gallagher1-1/+3
2009-07-16COLLECTION Add remove item functionsDmitri Pal4-31/+146
The remove functions extract and remove items, they act differently from the way the delete_property function works. The new functions allow deletion with the disposition while the delete_property only deletes specified property. The delete_property function is left as is since there are some use cases when it is more efficient to use it rather than new remove_item_xxx ones.
2009-07-16INI Refactoring code a bitDmitri Pal2-42/+16
The inefficient function from ini_config.c is replaced with the function provided now by the collection interface. Also the unit test is updated to run from the local directory.
2009-07-15ELAPI First part of the interfaceDmitri Pal12-4/+1655
This is just a part of the interface, a beginning. Most likely some of the functions will be altered but it is a starting point. For example in future there will be a way to override some of the parts of the default template using the application configuration file. Removed obfuscation of the data types based on discussion with Simo.
2009-07-15COLLECTION Fixed: iterator_up and insert_into_currentDmitri Pal3-17/+83
During a review of the previous patch the two issues were found: a) The col_iterator_up function was not implemented properly so it got reworked. New implementation changes the way error condition is handled. Comments were updated accordingly. b) There was a mising check for validity of the argument in the col_insert_into_current function. Check was added. c) Unit test modified to reflect the change in functionality.
2009-07-15COLLECTION Adding flat traversal & copyDmitri Pal5-99/+598
The collection is hearachical. The flattening of the collection was not implemented before both for traversal and copying. This patch introduces functionality to traverse or iterate through collection as flat set and also copy collection into another flattening it and automatically resolving conflicts. Also imptoved tracability and fixed memory leak in unbind iterator code.
2009-07-15add path_utils filesystem path manipulation utility functionsJohn Dennis8-2/+840
remove trace macro, not needed modifications to satisfy Stephen's checkin review correct spelling of PATH_UTILS_ERROR_NOT_FULLY_NORMALIZED add checks for truncation, return error add checks for getcwd errors modify (dst >= dst_end) test to be (dst > dst_end) remove all use of tabs remove all trailing whitespace add missing truncation check after strncpy() Fix path_utils.pc Also correct a minor typo.
2009-07-13Build all SSSD components with warnings enabledStephen Gallagher8-3/+40
Previously, only the SSSD server components were being built with compile-time warnings enabled. This patch will ensure that all components in common and sss_client are also built the same way.
2009-07-10let krb5 backend safe valid credentials for offline authenticationSumit Bose1-0/+43
2009-07-10fixed the default value for tls_reqcertSumit Bose1-1/+1
2009-07-10add a short explanation about the used debug levelsSumit Bose1-0/+14
2009-07-09fixed typos and a potential memory leakSumit Bose1-2/+3
2009-07-08Implement the ldap identity module.Simo Sorce7-787/+1408
This uses and exapands the async helpers.
2009-07-08Unify password caching ops in sysdbSimo Sorce7-291/+178
2009-07-08Use async helpers for ldap auth moduleSimo Sorce1-722/+314
This changes the style quite a lot, but the tevent_req style is much more clear and much less error-prone than the giant loop we had previously.
2009-07-08Add async helper functionsSimo Sorce7-25/+2060
These functions use the tevent_req async model, where a pair of _send/_recv functions pilot requests, with additional helpers like _done functions, and where needed multiple stage helpers.
2009-07-08Expose sysdb function to parse sysdb_attrsSimo Sorce2-2/+4
2009-07-08Add dumb way to clean up .X filesSimo Sorce3-0/+4
2009-07-08fix return code of krb5 child to indicate that the kdc is unavailableSumit Bose1-1/+5
2009-07-08fixed some typos which prevented password cachingSumit Bose1-3/+5