Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2012-01-27 | PROXY: add support for service lookups (non-enumeration) | Stephen Gallagher | 5 | -0/+274 | |
2012-01-27 | NSS: Add getservbyname and getservbyport support to the NSS Responder | Stephen Gallagher | 4 | -0/+1211 | |
2012-01-27 | NSS: Add negative cache routines for services | Stephen Gallagher | 2 | -3/+132 | |
2012-01-27 | DP: Add support for services in dp requests | Stephen Gallagher | 3 | -0/+5 | |
2012-01-27 | NSS: Add client support for services (non-enumeration) | Stephen Gallagher | 4 | -5/+389 | |
2012-01-27 | SYSDB: Add indexes for servicePort and serviceProtocol | Stephen Gallagher | 4 | -2/+118 | |
2012-01-27 | SYSDB: Add sysdb routines for manipulating service entries | Stephen Gallagher | 4 | -0/+1133 | |
2012-01-27 | DP: Handle parsing extra results in be_get_account_info | Stephen Gallagher | 2 | -33/+70 | |
2012-01-26 | PAM: Do not overwrite ret | Jakub Hrozek | 1 | -3/+1 | |
2012-01-23 | SYSDB: Move add_string and add_ulong to sysdb_private.h | Stephen Gallagher | 2 | -4/+9 | |
2012-01-23 | UTIL: Add strtouint16 | Stephen Gallagher | 2 | -0/+20 | |
2012-01-23 | Move sized_string declaration to utils | Stephen Gallagher | 4 | -19/+19 | |
2012-01-23 | LDAP: Improve debugging for sdap_parse_deref | Stephen Gallagher | 1 | -4/+7 | |
Move the debug statement identifying the DN to an earlier line, so if we get a reply with no attributes, we know which entry is at fault. | |||||
2012-01-23 | DP: Fix bugs in sss_dp_get_account_int | Stephen Gallagher | 4 | -66/+47 | |
The conversion to the tevent_req style introduced numerous bugs related to memory management of the various client requests. In some circumstances, this could cause memory corruption and segmentation faults in the NSS responder. This patch makes the following changes: 1) Rename the internal lookup from subreq to sidereq, to indicate that it is not a sub-request of the current lookup (and therefore is not cancelled if the current request is). 2) Change the handling of the callback loops since they call tevent_req_[done|error], which results in them being freed (and therefore removed from the cb_list. This was the source of the memory corruption that would occasionally result in dereferencing an unreadable request. 3) Remove the unnecessary sss_dp_get_account_int_recv() function and change sss_dp_get_account_done() so that it only frees the sidereq. All of the waiting processes have already been signaled with the final results from sss_dp_get_account_int_done() | |||||
2012-01-21 | RESPONDER: Extend sss_dp_account_send() to include extra data | Stephen Gallagher | 5 | -14/+32 | |
Some NSS maps such as 'services' require more values to be passed to the data provider than just the name or ID. In these cases, we will amend an optional component to filter value to pass to the data provider backend. | |||||
2012-01-21 | Fix invalid index in pidfile() | Stephen Gallagher | 1 | -1/+3 | |
If we hit the "read too much, this should never happen" line, we would write a NULL-terminator past the end of the static buffer. Coverity 12472 | |||||
2012-01-21 | SYSDB: Redundant check is redundant. | Stephen Gallagher | 1 | -5/+0 | |
Coverity 12480 | |||||
2012-01-18 | SUDO: include the sources in the IPA provider, too | Jakub Hrozek | 1 | -0/+6 | |
2012-01-18 | PAM: Fix reversed logic | Jakub Hrozek | 1 | -1/+1 | |
2012-01-18 | LDAP: Add option to disable paging control | Stephen Gallagher | 9 | -5/+40 | |
Fixes https://fedorahosted.org/sssd/ticket/967 | |||||
2012-01-18 | NSS: Add sss_readrep_copy_string | Stephen Gallagher | 5 | -181/+131 | |
There were many places in the client code where we were duplicating a loop to copy data in from the response buffer. This patch turns those loops into a function for easier maintenance and easier-to-read *readrep() routines. | |||||
2012-01-18 | Do not use sudo symbols in LDAP provider unconditionally | Jakub Hrozek | 1 | -0/+2 | |
2012-01-17 | Add a new Makefile target to build RPMs with the experimental flag | Jakub Hrozek | 2 | -5/+53 | |
2012-01-17 | Export libsss_sudo as a separate package | Jakub Hrozek | 4 | -8/+58 | |
2012-01-17 | Add a configure switch to specify 3rd party app libraries location | Jakub Hrozek | 2 | -1/+19 | |
2012-01-17 | SUDO Integration - periodical update of rules in data provider | Pavel Březina | 11 | -1/+354 | |
https://fedorahosted.org/sssd/ticket/1110 Adds new configuration options: - ldap_sudo_refresh_enabled - enable/disable periodical updates - ldap_sudo_refresh_timeout - rules timeout (refresh period) | |||||
2012-01-17 | SUDO Integration - functions for manipulating with 'refreshed' attribute | Pavel Březina | 2 | -0/+68 | |
https://fedorahosted.org/sssd/ticket/1110 | |||||
2012-01-17 | sysdb_get_bool() and sysdb_get_bool() functions | Pavel Březina | 2 | -51/+108 | |
2012-01-17 | SUDO Integration - wrap data provider with tevent_req | Pavel Březina | 2 | -43/+138 | |
https://fedorahosted.org/sssd/ticket/1110 | |||||
2012-01-17 | SUDO Integration review issues | Pavel Březina | 16 | -41/+68 | |
2012-01-17 | IPA: Detect nsupdate support for the realm directive | Stephen Gallagher | 3 | -15/+55 | |
For older platforms, do not add the 'realm' line in the update message | |||||
2012-01-17 | Raise the debug level of two very noisy statements | Stephen Gallagher | 2 | -4/+6 | |
2012-01-17 | NSS: Improve DEBUG messages for netgroup cache | Stephen Gallagher | 1 | -2/+2 | |
2012-01-14 | Support multiple search bases in HBAC | Jan Zeleny | 5 | -39/+176 | |
2012-01-14 | Add info about ipa_host_search_base to man page | Jan Zeleny | 1 | -0/+29 | |
Also add comment that setting ipa_hbac_support_srchost to False disables search filters given in ipa_host_search_base | |||||
2012-01-14 | NSS: Validate input string lengths | Stephen Gallagher | 4 | -9/+32 | |
Also fixes a return value bug where we were returning errno error codes instead of nss_status codes. Fixes https://fedorahosted.org/sssd/ticket/1135 | |||||
2012-01-14 | LDAP: Copy URI instead of pointing at failover service record | Stephen Gallagher | 1 | -2/+8 | |
In a heavy load environment, sometimes the failover service record would be updated and free the URI value. We need to guarantee that this URI string remains valid throughout the entire request. https://fedorahosted.org/sssd/ticket/1139 | |||||
2012-01-14 | Log fixes for sdap_call_conn_cb | Stephen Gallagher | 2 | -2/+4 | |
2012-01-09 | util: Fix murmurhash3 on machines with old glibc | Simo Sorce | 1 | -0/+10 | |
2012-01-09 | Add a random + identity test for murmurhash3 | Simo Sorce | 1 | -0/+29 | |
This test always generate a random string so each time the test is run we will test the hash function with a new value. It also hashes the same string twice and compares the result so that we have a chance of catching if uninitialized variables are getting mixed into the value calculation and end up generating different results for the same input. | |||||
2012-01-09 | util: add murmurhash3 hash function | Simo Sorce | 4 | -1/+147 | |
2012-01-09 | nsssrv: use sized_string in fill_grent | Simo Sorce | 1 | -35/+48 | |
2012-01-09 | nsssrv: use sized_string in fill_pwent | Simo Sorce | 1 | -41/+56 | |
2012-01-09 | nsssrv: add string manipulation helper | Simo Sorce | 2 | -0/+19 | |
the sized_string structure makes it easier to keep track of string lengths and makes passing around data more compat and readable. | |||||
2012-01-06 | IPA netgroups: Do not reuse loop iterator variable | Jakub Hrozek | 1 | -3/+3 | |
2012-01-06 | Do not call krb5_child when changing passwords and provider went offline | Jakub Hrozek | 1 | -1/+11 | |
https://fedorahosted.org/sssd/ticket/1131 | |||||
2012-01-06 | HBAC: create empty groups with one NULL element | Jakub Hrozek | 1 | -16/+15 | |
https://fedorahosted.org/sssd/ticket/1130 | |||||
2012-01-04 | nsssrv: remove unused macro | Simo Sorce | 1 | -2/+0 | |
2012-01-04 | tests: fix test group of utf8 tests | Simo Sorce | 1 | -5/+5 | |
2012-01-04 | make dist fixes | Simo Sorce | 1 | -1/+1 | |
Use pax format for tar as it is the only one that will succeed (albeit spitting warnings) to create a tar file if user UID values are above ~2M |