| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2010-07-09 | Use new LDAP connection framework in LDAP access backend. | eindenbom | 1 | -59/+73 | |
| 2010-07-09 | Use new LDAP connection framework for LDAP user and group enumeration. | eindenbom | 1 | -236/+131 | |
| 2010-07-09 | Use new LDAP connection framework to get user account groups from LDAP. | eindenbom | 1 | -108/+67 | |
| 2010-07-09 | Use new LDAP connection framework to get group account info from LDAP. | eindenbom | 2 | -37/+66 | |
| 2010-07-09 | Use new LDAP connection framework to get user account info from LDAP. | eindenbom | 2 | -38/+91 | |
| 2010-07-09 | Add an interface to try next fail-over server after connection to the active ↵ | eindenbom | 5 | -45/+81 | |
| server was unexpectedly dropped. | |||||
| 2010-07-09 | LDAP connection usage tracking, sharing and failover retry framework. | eindenbom | 7 | -0/+872 | |
| 2010-07-09 | Added an interface to query number of configured (and currently resolved ↵ | eindenbom | 4 | -0/+40 | |
| through SRV records) failover servers. | |||||
| 2010-07-09 | GSSAPI ticket expiry time is returned from ldap_child and stored in ↵ | eindenbom | 6 | -17/+64 | |
| sdap_handle for future reference. | |||||
| 2010-06-30 | Add dns_discovery_domain option | Jakub Hrozek | 13 | -30/+242 | |
| The service discovery used to use the SSSD domain name to perform DNS queries. This is not an optimal solution, for example from the point of view of authconfig. This patch introduces a new option "dns_discovery_domain" that allows to set the domain part of a DNS SRV query. If this option is not set, the default behavior is to use the domain part of the machine's hostname. Fixes: #479 | |||||
| 2010-06-30 | Split proxy.c into smaller files | Stephen Gallagher | 8 | -2519/+2603 | |
| proxy.c was growing too large to manage (and some graphical development tools could no longer open it because of memory limitations). This patch splits proxy.c into the following files: proxy_init.c: Setup routines for the plugin proxy_id.c: Functions to handle user and group lookups proxy_auth.c: Functions to handle PAM interactions proxy_common.c: Common utility routines | |||||
| 2010-06-30 | Rename proxy_ctx to proxy_id_ctx for clarity | Stephen Gallagher | 1 | -14/+15 | |
| 2010-06-28 | Make RootDSE optional | Stephen Gallagher | 2 | -3/+17 | |
| In violation of the standard, some LDAP servers control access to the RootDSE, thus preventing us from being able to read it before performing a bind. This patch will allow us to continue on if the RootDSE was inaccessible. All of the places that we use the return value of the RootDSE after this are already checked for NULL and use sane defaults if the RootDSE is unavailable | |||||
| 2010-06-28 | Add explicit requests for several operational attrs | Alexander Gordeev | 1 | -1/+12 | |
| Operational attributes are not returned in searched requests unless explicitly requested according to RFC 4512 section 5.1. Therefore to get several standard attributes of root DSE we have to request for them. The requested attrs are: - altServer - namingContexts - supportedControl - supportedExtension - supportedFeatures - supportedLDAPVersion - supportedSASLMechanisms Signed-off-by: Alexander Gordeev <lasaine@lvk.cs.msu.su> | |||||
| 2010-06-28 | Memory leak in case of empty value | Dmitri Pal | 2 | -0/+44 | |
| Addressing coverity issue. Ticket #513. The memory was really leaked when the configuration value was empty. Added unit test that confirmed the bug. MANUAL MERGE. | |||||
| 2010-06-28 | Fixing NULL dereferencing in ini_config | Dmitri Pal | 1 | -22/+32 | |
| Addressing ticket #504 Conflicts: common/ini/ini_config.c | |||||
| 2010-06-28 | Fixing memory leaks in the unit test. | Dmitri Pal | 1 | -3/+9 | |
| 2010-06-28 | Fix SASL authentication | Sumit Bose | 1 | -2/+2 | |
| 2010-06-28 | Replace %define with %global in example spec | Stephen Gallagher | 2 | -16/+16 | |
| 2010-06-28 | Fixing types in queue and stack interfaces | Dmitri Pal | 7 | -22/+21 | |
| 2010-06-28 | Bump libini_config version to 0.6.0 | Stephen Gallagher | 2 | -2/+2 | |
| 2010-06-28 | Drop release requirement from versions | Stephen Gallagher | 1 | -4/+4 | |
| 2010-06-28 | Resend SIGINT as SIGTERM in services | Jakub Hrozek | 2 | -0/+4 | |
| Fixes: #462 | |||||
| 2010-06-18 | Protect against segfault in remove_ldap_connection_callbacks | Stephen Gallagher | 1 | -1/+6 | |
| If sdap_mark_offline() is called before a live connection is established, sdap_fd_events could be NULL, causing a segfault when remove_ldap_connection_callbacks() attempts to free the sdap_fd_events->conncb https://fedorahosted.org/sssd/ticket/545 | |||||
| 2010-06-18 | Fix return value from remove_connection_callback() destructor | Stephen Gallagher | 1 | -9/+2 | |
| ldap_get_option() can only fail if the option we're removing has already been removed. It is sufficient to log this and continue. | |||||
| 2010-06-17 | Fix potential resource leak in remove_tree_with_ctx() | Stephen Gallagher | 1 | -1/+10 | |
| https://fedorahosted.org/sssd/ticket/515 | |||||
| 2010-06-17 | Honor filter_users in PAM | Stephen Gallagher | 3 | -10/+47 | |
| 2010-06-17 | Move setup of filter_users and filter_groups to negcache.c | Stephen Gallagher | 3 | -187/+220 | |
| Creates a new function - sss_ncache_prepopulate() - that can be shared with other responders, such as PAM. | |||||
| 2010-06-17 | Refactor the negative cache | Stephen Gallagher | 6 | -59/+60 | |
| Rename functions from nss_ncache_* to sss_ncache_* Move negative cache to responder/common and rename as negcache.c/h | |||||
| 2010-06-17 | Ensure that all domains are checked for users/groups | Stephen Gallagher | 1 | -3/+15 | |
| There was a bug in the negative cache checks (probably a leftover from when filter_users was global-only) that meant that if a user was filtered out of a domain, the remaining domains would not be checked for that user. (Same for groups/initgroups) | |||||
| 2010-06-17 | Initialize len before looping to read the pidfile | Stephen Gallagher | 1 | -1/+1 | |
| https://fedorahosted.org/sssd/ticket/544 | |||||
| 2010-06-16 | Standardize on correct spelling of "principal" for krb5 | Stephen Gallagher | 5 | -11/+11 | |
| https://fedorahosted.org/sssd/ticket/542 | |||||
| 2010-06-16 | Remove references to the DP service from the SSSDConfig API tests | Stephen Gallagher | 2 | -6/+0 | |
| 2010-06-16 | Handle (ignore) unknown options in get_domain() and get_service() | Stephen Gallagher | 3 | -10/+72 | |
| We will now eliminate any unknown options and providers to guarantee that the domain is safe for use. | |||||
| 2010-06-14 | Don't segfault if ldap_access_filter is unspecified | Stephen Gallagher | 1 | -12/+13 | |
| https://fedorahosted.org/sssd/ticket/539 | |||||
| 2010-06-14 | Print correct return code | Jakub Hrozek | 1 | -1/+1 | |
| Fixes: #535 | |||||
| 2010-06-14 | Check closedir call in find_uid | Jakub Hrozek | 1 | -4/+9 | |
| Fixes: #503 | |||||
| 2010-06-14 | Potential memory leak in _nss_sss_*_r() | Jakub Hrozek | 2 | -0/+5 | |
| Fixes: #516 | |||||
| 2010-06-14 | Fix potential resource leak in copy_tree_ctx() | Jakub Hrozek | 1 | -2/+10 | |
| Ticket #515 | |||||
| 2010-06-14 | Remove the -g option from useradd | Jakub Hrozek | 2 | -70/+2 | |
| The local domain has the magic private groups option set unconditionally. Therefore, it does not make any sense to let user configure the primary GID. As a side-effect, this fixes #522. | |||||
| 2010-06-14 | Remove krb5_changepw_principal option | Jakub Hrozek | 11 | -64/+26 | |
| Fixes: #531 | |||||
| 2010-06-14 | get_uid_from_pid should use fstat rather than lstat | Jakub Hrozek | 1 | -11/+11 | |
| Fixes: #541 | |||||
| 2010-06-14 | Add ldap_force_upper_case_realm to example AD config | Stephen Gallagher | 1 | -0/+1 | |
| https://fedorahosted.org/sssd/ticket/532 | |||||
| 2010-06-14 | Properly null-terminate socket path | Stephen Gallagher | 1 | -2/+4 | |
| https://fedorahosted.org/sssd/ticket/540 | |||||
| 2010-06-10 | Addressing initialization issues. | Dmitri Pal | 1 | -6/+6 | |
| Fixing bug found by coverity. Tciket #519 | |||||
| 2010-06-10 | Make sure to close varargs before returning from a function | Stephen Gallagher | 2 | -3/+2 | |
| https://fedorahosted.org/sssd/ticket/528 | |||||
| 2010-06-10 | Eliminate unused variable from pc_init_timeout() | Stephen Gallagher | 1 | -4/+0 | |
| https://fedorahosted.org/sssd/ticket/525 | |||||
| 2010-06-10 | Check return code of hash_delete in proxy_child_destructor | Stephen Gallagher | 1 | -1/+7 | |
| We can't do much about an error here, but we should be reporting it. https://fedorahosted.org/sssd/ticket/534 | |||||
| 2010-06-10 | Properly check that the timeout event was created for cleanup/enum | Stephen Gallagher | 2 | -2/+46 | |
| We need to make sure that if we didn't create the timeout, that we cancel the request so there's no chance of ending up with two enumerations/cleanups running simultaneously. We'll attempt to reschedule later, if possible. https://fedorahosted.org/sssd/ticket/524 | |||||
| 2010-06-10 | Check the correct variable for NULL after creating timer | Stephen Gallagher | 3 | -4/+4 | |
| In several places, we were creating a new timer and assigning it to the tev variable, but then we were checking for NULL from the te variable (which, incidentally, is guaranteed never to be NULL in this situation) https://fedorahosted.org/sssd/ticket/523 | |||||
 |
index : sssd | |
| System Security Services Daemon | ben |
| summaryrefslogtreecommitdiff |