summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2011-11-02Support to request canonicalization in LDAP/IPA providerJan Zeleny10-1/+45
https://fedorahosted.org/sssd/ticket/957
2011-11-02Add support to request canonicalization on krb AS requestsJan Zeleny10-6/+68
https://fedorahosted.org/sssd/ticket/957
2011-11-02Add wrapper for krb5_get_init_creds_opt_set_canonicalizeJan Zeleny3-0/+14
2011-11-02Fixes debug-tests.c coverity issues: NEGATIVE_RETURNS, FORWARD_NULLPavel Březina1-49/+140
https://fedorahosted.org/sssd/ticket/1046
2011-11-02RESPONDER: Fix segfault in sss_packet_send()Stephen Gallagher1-0/+5
There are several places (all error-handling) where sss_cmd_done() is called with no response packet created. As a short-term solution, we need to check whether the packet is NULL and simply return EINVAL. client_send() (the consumer) will then forcibly disconnect the client (which will return PAM_SYSTEM_ERR to the client).
2011-11-02LDAP: Add support for multiple search bases for group enumerationStephen Gallagher4-24/+101
2011-11-02LDAP: Add support for multiple search bases for user enumerationStephen Gallagher4-8/+49
2011-11-02LDAP: Convert ldap_*_search_filterStephen Gallagher3-59/+23
Instead of making this a global option for all user lookups, make it only used if the search base is passed without an explicit filter.
2011-11-02LDAP: Update manpages with multiple search base informationStephen Gallagher1-1/+56
2011-11-02LDAP: Add multiple search bases for initgroups (RFC2307bis groups)Stephen Gallagher1-77/+225
2011-11-02LDAP: Add multiple search bases for initgroups (RFC2307 groups)Stephen Gallagher1-17/+99
2011-11-02LDAP: Add multiple search bases for initgroups (users)Stephen Gallagher1-30/+72
2011-11-02LDAP: Support multiple group search bases (non-enumeration, RFC2307)Stephen Gallagher4-16/+74
2011-11-02LDAP: Support multiple netgroup search basesStephen Gallagher3-14/+65
2011-11-02LDAP: Support multiple user search bases (non-enumeration)Stephen Gallagher4-14/+70
2011-11-02LDAP: Add parser for multiple search basesStephen Gallagher5-26/+380
2011-11-02Make sdap_get_id_specific_filter() more strictStephen Gallagher2-4/+4
2011-11-02Fix size return for split_on_separator()Stephen Gallagher2-6/+6
It was returning the size of the array, rather than the number of elements. (The array was NULL-terminated). This argument was only used in one place that was actually working around this odd return value.
2011-11-02Remove unused sdap_options attributesStephen Gallagher1-3/+0
These DNs were never assigned or referenced anywhere.
2011-11-02Cleanup of unused function in ldap access providerJan Zeleny1-2/+0
2011-11-02Remove confusing do-while loopJakub Hrozek1-35/+36
The deref processing would return a single control back. The do-while loop was harmless but confusing.
2011-11-02Use LDAPDerefSpec properlyJakub Hrozek1-4/+6
ldap_create_deref_control_value expects an array of LDAPDerefSpec structures with LDAPDerefSpec.derefAttr == NULL as a sentinel. We were passing a single instance of a LDAPDerefSpec structure. https://fedorahosted.org/sssd/ticket/1050
2011-10-31Steal result onto mem_ctx in sdap_initgr_nested_get_direct_parentsJakub Hrozek1-2/+1
2011-10-31RFC2307bis initgroups: fix nested groups processingJakub Hrozek1-20/+33
Due to incorrectly written loop, SSSD would go into infitite loop if it processed the same group on two different levels of membership.
2011-10-31resolver: Free the whole hostent structureJakub Hrozek1-1/+1
We would only free the hostent structure itself, not its contents. Use a wrapper provided by c-ares to do so.
2011-10-31Do not leak hash table iterator during proxy authJakub Hrozek1-0/+1
2011-10-31Plug memory leaks in sysdb_opsJakub Hrozek1-20/+54
https://fedorahosted.org/sssd/ticket/1051
2011-10-31Added krb5_fast_principal to SSSDConfig APIJan Zeleny4-3/+9
2011-10-25SSSDConfig: Handle integer parsing more lenientlyStephen Gallagher2-1/+4
Allow the base to be auto-detected rather than limited to base 10 Add hexadecimal integer test
2011-10-25Plug memory leaks in LDAP providerJakub Hrozek1-0/+3
2011-10-18Updating translation filesStephen Gallagher72-5716/+178926
2011-10-17Cancel transactions correctly during initgroupsJakub Hrozek1-13/+31
2011-10-17Use fewer transactions during IPA initgroupsJakub Hrozek1-171/+273
2011-10-17Use fewer transactions during RFC2307bis initgroupsJakub Hrozek1-346/+366
2011-10-17Utility functions for LDAP nested schema initgroupsJakub Hrozek1-0/+119
2011-10-17MONITOR: fix timeout conversionStephen Gallagher1-1/+1
2011-10-17gitignore additionsJakub Hrozek1-1/+20
2011-10-17Sanitize DN in sysdb_get_direct_parentsJakub Hrozek1-1/+7
2011-10-17Add a missing breakJakub Hrozek1-0/+1
2011-10-14Update sssd-example.confMarko Myllynen1-3/+6
Mention cache_credentials and tweak the AD example to match the wiki page. https://fedorahosted.org/sssd/wiki/Configuring%20sssd%20to%20authenticate%20with%20a%20Windows%202008%20Domain%20Server
2011-10-14TOOLS: Do not leak pid_file handle on errorStephen Gallagher1-1/+2
Coverity 11032
2011-10-14Report on errno, not return code in create_socket_symlinkJakub Hrozek1-0/+2
https://fedorahosted.org/sssd/ticket/1044
2011-10-14Fix off-by-one error in remove_socket_symlink()Jakub Hrozek1-1/+1
https://fedorahosted.org/sssd/ticket/1043
2011-10-14Fixed timeout handling in respondersJan Zeleny1-72/+72
2011-10-14BUILDSYS: Fix --without-manpagesStephen Gallagher2-1/+8
We weren't honoring the --without-manpages option, and this was causing builds to break. Note: 'make dist[check]' will not work if you have configured with --without-manpages because it will not be able to pre-generate the translation files necessary for tarball release.
2011-10-14HBAC: Use originalMember for identifying hostgroupsStephen Gallagher3-45/+165
2011-10-14HBAC: Use originalMember for identifying servicegroupsStephen Gallagher3-41/+169
2011-10-14HBAC: Do not save member/memberOf linksStephen Gallagher1-120/+0
We can just trust the values from the FreeIPA server
2011-10-13SysDB commands that save lastUpdate allows this value to be passed inPavel Březina11-77/+130
https://fedorahosted.org/sssd/ticket/836
2011-10-13Check if dp_requests hash table exists before using itJakub Hrozek1-0/+5