summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2010-01-11Fix return value when offline and TGT is validSumit Bose1-1/+1
Fixes CVE-2010-0014
2010-01-05Update SV translationGöran Uddeborg1-3/+3
2010-01-05Update translations for masterStephen Gallagher11-413/+402
2010-01-05Don't free timer events within the handler.Simo Sorce1-16/+12
Tevent frees timer handlers once done, so freeing the timer within the event is going to cause double frees. Just attach the timer event to the request it depends on and make sure to steal it on NULL if we are going to free the request from within the handler.
2010-01-05Return an error for an unknown PAM requestSumit Bose4-12/+41
2009-12-21Allow debug_timestamps setting on a per-domain basisStephen Gallagher2-0/+3
This was missing from the SSSDConfig API, though it was supported by the daemon.
2009-12-18Release SSSD 1.0Stephen Gallagher1-1/+1
2009-12-18Fix broken password changes for local usersStephen Gallagher1-1/+6
2009-12-18Do not blindly accept zero-length passwordsStephen Gallagher2-8/+17
2009-12-18Fix ldap child memory hierarchy and other issuesSimo Sorce8-306/+482
The timeout handler was not a child of the request so it could fire even though the request was already freed. The code wouldn't use async writes to the children so it could incur in a short write with no way to detect or recover from it. Also fixed style of some helper functions to pass explicit paramters instead of a general structure. Add common code to do async writes to pipes. Fixed async write issue for the krb5_child as well. Fix also sdap_kinit_done(), a return statement was missing and we were mixing SDAP_AUTH and errno return codes in state->result Remove usless helper function that just replicates talloc_strndup()
2009-12-18Fix for #344Sumit Bose1-13/+11
Do not handle a missing ccache file as inactive by default, check if there are still active processes of the user.
2009-12-18Do not overwrite valid TGTs when offlineSumit Bose5-43/+185
2009-12-18Handle chauthtok with PAM_PRELIM_CHECK separatelySumit Bose8-23/+77
If pam_sm_chauthtok is called with the flag PAM_PRELIM_CHECK set we generate a separate call to the sssd to validate the old password before asking for a new password and sending the change password request.
2009-12-17disable password migration codeSumit Bose1-2/+2
2009-12-17Clarify access_provider manpage entryStephen Gallagher1-1/+3
We support installed access providers as well as permit and deny
2009-12-17Add DEBUG messages to getpwnam_callback and getpwuid_callbackStephen Gallagher1-0/+4
This matches the DEBUG logging available for groups.
2009-12-17Updating ES translationStephen Gallagher1-20/+36
2009-12-17Properly handle EINTR from poll()Stephen Gallagher1-10/+40
2009-12-17Fix tight-loop in monitor part 2Stephen Gallagher1-0/+5
The first fix only fixed tight loops caused by setting 'timeout=0' in services. This patch also fixes it for domains.
2009-12-17Change default for enumeration to TRUEStephen Gallagher2-2/+2
2009-12-17Raise DEBUG level of sdap_get_generic_done()Stephen Gallagher1-1/+1
The DEBUG level of the result should not be lower than the DEBUG level of the request. It generates too much noise when enumerate is enabled or initgroups deals with groups with large numbers of users.
2009-12-15Update SV translationGöran Uddeborg1-26/+35
2009-12-15Fix warning in server.cStephen Gallagher1-1/+1
Function definition was missing "void" to denote that it took no arguments.
2009-12-15Don't set explicit default for "timeout" in domainsStephen Gallagher1-1/+1
2009-12-15Fix tight loop in monitorStephen Gallagher2-4/+9
If the domain heartbeat time was explicitly set in the configuration to 0, we would enter a tight loop in the heartbeat check and never answer requests from the child processes.
2009-12-15Cleanup db files after test runSumit Bose2-2/+21
2009-12-15Fix upgrade bug #323Simo Sorce1-180/+186
Move the upgrade function first and check explicitly for the old ldb name. Perform upgrades up to v02 first if necessary. Then proceed as normal letting the normal init functions perform further upgrades if necessary. This now works also if there is no "local" provider in the current configuration.
2009-12-15sssd.spec for SLESSergei V. Kovylov1-0/+238
2009-12-15Properly close STDERR when daemonizingStephen Gallagher1-9/+3
This is necessary so that any process managing our startup and shutdown (e.g. authconfig) does not block and stall waiting for stderr to terminate. Fixes bug https://fedorahosted.org/sssd/ticket/324
2009-12-15Update IT translationMarina Latini3-4/+648
2009-12-15Update SV translationGöran Uddeborg1-86/+101
2009-12-15Use --with-ldb-lib-dir while running make distcheckSumit Bose1-0/+2
2009-12-15Build python modules in builddirSumit Bose2-4/+13
This requires increasing the required autoconf version to 2.59 for use of $(abs_builddir). Fix uninstallation of python files as well
2009-12-15Check for minimal version of checkSumit Bose1-1/+1
Test loops and _i are only available since 0.9.5.
2009-12-15Add elapi_ut.conf to the list of dist filesSumit Bose2-3/+4
Some newlines are added, too.
2009-12-15Use sys.exit instead of exitSumit Bose1-1/+2
2009-12-15fail over: Change the first server pick logicMartin Nagy1-5/+26
The logic of selecting the server to fail over to was changed so that we start from the server next to the one that didn't work the last time. This is because the status of a server that failed last time might get reset before we try another one. This can cause that we try to use the nonworking server repeatedly, not giving a chance to other servers. Fixes: #321
2009-12-15Don't consider one address with different port numbers as the sameMartin Nagy6-21/+38
There were two problems with the code. We were using fo_set_server_status() instead of fo_set_port_status() when we failed to connect to a service. This is a problem because if two services use the same server, or we want to use one server with two different ports, marking the whole server as bad is incorrect. The other problem was that be_resolve_server_done() was comparing the hostent structures -- these are, however, equal across multiple server:port pairs with the same server addresses. Fixes: #321
2009-12-11Updating version to 0.99.1Stephen Gallagher1-1/+1
2009-12-10Fix stupid copy-paste errorStephen Gallagher1-1/+0
2009-12-10INI Correcting build warnings.Dmitri Pal2-8/+7
The previous patch included "config.h" into the public header which caused all sorts of redefinitions and warnings.
2009-12-10Fix DEBUG message for sysdb_initSumit Bose1-2/+2
2009-12-10Fix for #322, update from old database versions.Simo Sorce1-1/+14
2009-12-10Run SSSDConfig tests during 'make check'Stephen Gallagher2-89/+108
2009-12-10Remove default for ldap_use_start_tls in IPA providersStephen Gallagher1-1/+1
2009-12-10Add 'permit' and 'deny' access providers to SSSDConfig APIStephen Gallagher2-5/+16
2009-12-10Consolidate code for splitting strings by separatorJakub Hrozek6-163/+107
There were two functions for parsing strings by a separator. This patch consolidates on the one previously used in confdb. This also allows stripping the tokens of whitespace. Fixes: #319
2009-12-10Fix for #316Simo Sorce1-3/+3
We were never filling the group attrs because of an inverse return check. Plus fix a crash bug for using a pointer that is not a memory context.
2009-12-10Add Swedish translation for SSSD serverGöran Uddeborg2-0/+628
2009-12-10Fix processing of Boolean values in SSSDConfigStephen Gallagher4-23/+169
Previously, we were just casting the strings to bool, but this meant that all boolean values were "True". This patch solves the problem and adds regression tests for it.