summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2010-02-15Make attr_type an integerStephen Gallagher2-20/+14
Previously it was a string being passed and converted into an integer. It will be more efficient this way (and simpler for other implementers)
2010-02-15Add doxygen docs for ConfDBStephen Gallagher5-14/+1761
2010-02-12Add check for broken LDAP connection callbacksSumit Bose2-2/+12
2010-02-12sss_groupshow: separate member lists by commaJakub Hrozek1-3/+6
Fixes: #398
2010-02-12Remove ELAPI from the SSSD repositoryStephen Gallagher40-8421/+3
ELAPI now lives in its own project at https://fedorahosted.org/ELAPI
2010-02-12gitignore additionsJakub Hrozek1-0/+3
2010-02-12Make change password errors more transparentSumit Bose9-24/+228
2010-02-12Don't pass a variable as format to talloc_asprintf()Martin Nagy2-2/+2
This practice is not recommended and can also be dangerous.
2010-02-10sss_groupshow improvementsJakub Hrozek2-104/+698
This patch fixes the following issues: * man page issues (#395) * show info on MPGs (#396) * recursively print indirect members (#397) * the list of groupnames is comma separated (#398) * output inconsistencies (#399)
2010-02-10Make collection_queue.h and collection_stack.h into public headersStephen Gallagher2-3/+5
2010-02-10Fix other memory alignment issuesJakub Hrozek4-42/+55
Similar to George McCollister's patch to the pam code, this patch fixes other places in the code where we forced data into 32-bit alignment. Fixes: #390
2010-02-10Few misc minor man page bugsJakub Hrozek3-26/+23
* sssd.conf * sbus_timeout was used in an example but explained nowhere * enum_cache_timeout unit was not defined * same for entry_cache_timeout * store_legacy_passwords option does not exist anymore * better example than domain/LOCAL - domain/LDAP which uses krb5/ldap * sssd.conf(5) listed sssd.conf(5) in SEE ALSO section * sssd-krb5, sssd-ldap * these include each other in SEE ALSO section Fixes: #393
2010-02-10Make return values more specific during password changeSumit Bose5-38/+84
- return PAM_AUTHTOK_ERR instead of PAM_SYSTEM_ERR if the password change operation fails - send a message to the user if the system is offline and the password cannot be changed
2010-02-10Updating PL translationPiotr Drąg2-8/+10
2010-02-10Fix handling of the global context in the leak detectorSumit Bose2-1/+3
2010-02-10Send a message to the user if the login is delayedSumit Bose7-36/+152
2010-02-05Update translatable stringsStephen Gallagher19-609/+815
2010-02-05Add a few additional extensions to .gitignoreStephen Gallagher1-0/+3
2010-02-05Document when LDAP referral chasing is availableSumit Bose2-0/+17
2010-02-05Reactivate old fd handling conditionallySumit Bose5-1/+82
Older versions of openLDAP do not provide a connection callback. This patch adds a configure check to see if the callback is available and activates the old way of handling the file description of the LDAP connection. This also means that it is not possible to follow referrals.
2010-02-05Add mandatory flag to SSSD config schemaStephen Gallagher8-207/+455
Also add list_mandatory_options() to both SSSDService and SSSDDomain objects. There is a new list_options_with_mandatory() function that will return a longer tuple than list_options(), including the mandatory flag directly.
2010-02-05Remove unnecessary explicit defaults from SSSDConfig APIStephen Gallagher2-10/+10
2010-02-05Add missing includeJakub Hrozek1-0/+1
2010-02-05Added option to use libcrypto instead of NSS.George McCollister7-11/+416
crypto_sha512crypt.c is a clone of nss_sha512crypt.c with the exception that all usage of NSS and related libraries has been switched to libcrypto. I renamed nss_sha512crypt.h to sha512crypt.h since it is common to both crypto_sha512crypt.c and nss_sha512crypt.c. Note that the random number generator is not seeded manually and thus relies on seeding done automatically by libcrypto. On some systems without /dev/urandom seeding may not be performed. See http://www.openssl.org/docs/crypto/RAND_add.html. Signed-off-by: George McCollister <georgem@novatech-llc.com>
2010-02-05Internationalize the command-line help messageStephen Gallagher5-15/+15
2010-02-05Enable debug_timestamps by defaultStephen Gallagher7-11/+11
It can be overridden in the sssd.conf or on the commandline with --debug-timestamps=0
2010-02-03Make krb5 and open checks work if forking is disabledSumit Bose2-1/+6
When CK_FORK is set to 'no' the fixtures are executed for every new test inside of the same process. Global variables must be set to the expected values by the fixtures. check_and_open-tests.c: the filename template for mkstemp() was a globally defined character string. After the first call to mkstemp() the trailing XXXXXX are substituted by random values, a second call to mkstemp() with this character string fails. This patch initialize the filename template before mkstemp() is called with the help of strdup() and the memory is freed in the teardown fixture. krb5_utils-tests.c: this patch sets the just freed global talloc context to NULL to make a consistency check in the setup fixture pass.
2010-02-03Make resolve and failover test work with CK_FORK=noSumit Bose4-6/+11
The leak checking code which is used by the resolve and failover tests frees talloc's autofree context which is not recommended. As a consequence the initialization of tevent failed when it was called by the second test and CF_FORK=no, because it holds some data in the autofree context. This patch introduces a global talloc context which should be uses by the test as the root of their memory hierarchy instead of NULL. This global context is used in the leak checking routines. Not all types of memory leaks can be detected by the new version , it is recommended to use valgrind or similar tools additionally.
2010-02-03Package libref_array and libref_array-develStephen Gallagher1-0/+39
2010-02-03Split refarray off into a shared libraryStephen Gallagher4-10/+13
2010-02-03Add license files for refarrayStephen Gallagher2-0/+839
2010-02-03Package libini_config and libini_config-develStephen Gallagher1-0/+42
2010-02-03Split off libini_config into a shared libraryStephen Gallagher7-12/+42
2010-02-03Fix array index errorStephen Gallagher1-1/+1
The null-terminator would have been written one byte past the end of the array (and there may have been an extra garbage character in the index before it)
2010-02-03Add license files for ini_configStephen Gallagher2-0/+839
2010-02-03Package libcollection and libcollection-develStephen Gallagher1-0/+42
2010-02-03Split off libcollection into a shared libraryStephen Gallagher6-13/+37
2010-02-03Remove private header requirements from collection_tools.hStephen Gallagher1-1/+0
2010-02-03Add license files for collectionStephen Gallagher2-0/+839
2010-02-03Package libpath_utils and libpath_utils-develStephen Gallagher1-0/+37
2010-02-03Split off libpath_utils into a shared libraryStephen Gallagher3-8/+11
2010-02-03License libpath_utils under LGPLStephen Gallagher3-0/+846
2010-02-02Warn the user if authentication happens offlineSumit Bose6-13/+219
2010-02-02Add offline failed login counterSumit Bose9-17/+631
2010-02-02Update suse sssd.specSergey V. Kovylov1-3/+65
2010-02-02Add new option ldap_referralsSumit Bose7-1/+30
2010-02-02Use ldap connection callbacks to get file descriptorsSumit Bose4-43/+121
2010-02-02Check cache_credentials in sysdb_cache_auth_send()Sumit Bose2-0/+14
2010-02-01COLLECTION: Fixing queue collection and unit tests.Dmitri Pal4-298/+478
This patch includes following functionality: 1) Fixed the invalid handling of the pointers in the collection when last element is removed from the collection. 2) Added unit test to verify the fix. 3) Modified the three unit test to be verbose on demand. 4) Switched the main of the unit test to use array of functions rather than big if statement.
2010-02-01Force offline operation with SIGUSR1Stephen Gallagher3-0/+69
If the monitor receives SIGUSR1, it will instruct all providers to enter offline operation. If any individual provider receives SIGUSR1, it alone will enter offline operation.