summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2011-05-23Set _GNU_SOURCE globallySumit Bose14-23/+17
2011-05-20Use dereference when processing RFC2307bis nested groupsJakub Hrozek9-17/+487
Instead of issuing N LDAP requests when processing a group with N users, utilize the dereference functionality to pull down all the members in a single LDAP request. https://fedorahosted.org/sssd/ticket/799
2011-05-20Refactor RFC2307bis nested group processingJakub Hrozek1-123/+188
This patch splits checking cache and hash tables into standalone functions. This will make it easy to reuse the code in a new branch that uses dereferencing.
2011-05-20Use fake users during RFC2307bis nested group processingJakub Hrozek1-13/+165
Instead of downloading complete user data which is potentionally very slow, only download the necessary minimum information and store the users as dummy entries.
2011-05-20Change sysdb_add_fake_user to add OriginalDNJakub Hrozek3-3/+11
RFC2307bis code relies heavily on originalDN, so the fake users need to have an option to store it, too.
2011-05-20Generic dereference searchJakub Hrozek2-0/+157
A generic wrapper around ASQ and OpenLDAP dereference searches. https://fedorahosted.org/sssd/ticket/635
2011-05-20OpenLDAP dereference searchesJakub Hrozek3-0/+376
This dereference method is supported at least by OpenLDAP and 389DS/RHDS For more details, see: http://tools.ietf.org/html/draft-masarati-ldap-deref-00
2011-05-20Add support for Attribute Scoped QueriesJakub Hrozek2-0/+207
For more details on ASQ, see: http://msdn.microsoft.com/en-us/library/aa366976%28VS.85%29.aspx http://msdn.microsoft.com/en-us/library/aa746418%28v=VS.85%29.aspx
2011-05-20Generic dereference data structures and utilitiesJakub Hrozek2-0/+45
These will be shared by both dereference methods in a later patch.
2011-05-20sdap_get_generic_extJakub Hrozek1-73/+202
Add a private sdap_get_generic_ext_send()/_recv() request that exposes more of ldap_search_ext options, in particular the server contols. The existing sdap_generic_search_send()/_recv() request is now a thin wrapper around the new _ext request. The other important change is that an entry parsing is a callback now. That was done in order to allow custom parsing for results such as OpenLDAP deref or Attribute Scoped Queries.
2011-05-20Add new options to override shell valueJakub Hrozek9-1/+189
https://fedorahosted.org/sssd/ticket/742
2011-05-20Add a new option to override home directory valueJakub Hrozek9-2/+192
https://fedorahosted.org/sssd/ticket/551
2011-05-20Add a new option to override primary GID numberJakub Hrozek8-2/+33
https://fedorahosted.org/sssd/ticket/742
2011-05-20Fixed copying of pam_data structureJan Zeleny1-0/+1
Related ticket: https://fedorahosted.org/sssd/ticket/855
2011-05-20Rename label in expand_ccname_templateJakub Hrozek1-17/+17
The label was named fail but used also in success cases.
2011-05-20Remove append_attrs_to_arrayJakub Hrozek2-12/+0
This function was not used anywhere
2011-05-20IPA Provider: don't fail if user is not a member of any groupsStephen Gallagher1-2/+5
2011-05-16Fixed uninitialized value in sss_cacheJan Zeleny1-0/+1
https://fedorahosted.org/sssd/ticket/865
2011-05-16Fixed unitialized pointer in select_principal_from_keytabJan Zeleny1-1/+1
https://fedorahosted.org/sssd/ticket/857
2011-05-16Fixed unitialized return value in match_principalJan Zeleny1-2/+1
https://fedorahosted.org/sssd/ticket/858
2011-05-16Possible memory leak fixedJan Zeleny1-1/+1
2011-05-16Fixed wrong variable in sdap_initgr_nested_storeJan Zeleny1-1/+1
2011-05-16Fixed --debug-to-files for nss and pam servicesJan Zeleny1-4/+4
This error caused that monitor didn't pass --debug-to-files option to nss and pam services when creating them.
2011-05-12Set c-ares to retry nameserversJakub Hrozek1-1/+1
https://fedorahosted.org/sssd/ticket/867
2011-05-12Use a temporary memory context in expand_ccname_templateJakub Hrozek1-20/+33
2011-05-06Add support for openldap24 package on RHEL 5.7Sumit Bose3-2/+32
2011-05-06Allow changing the log level without restartStephen Gallagher10-17/+89
We will now re-read the confdb debug_level value when processing the monitor_common_logrotate() function, which occurs when the monitor receives a SIGHUP.
2011-05-06Create common sss_monitor_init()Stephen Gallagher4-69/+55
This was implemented almost identically for both the responders and the providers. It is easier to maintain as a single routine. This patch also adds the ability to provide a private context to attach to the sbus_connection for later use.
2011-05-06Remove unused constants from data_provider.hJakub Hrozek1-11/+0
2011-05-06Do not leak netgroups hash tableJakub Hrozek1-0/+12
2011-05-05Added some kerberos functions for building on RHEL5Jan Zeleny4-8/+192
2011-05-04Include manpage for sss_cacheStephen Gallagher1-0/+1
2011-05-04Man page for sss_cacheJan Zeleny2-1/+123
2011-05-04Some minor fixes and changes in sysdb_opsJan Zeleny1-17/+40
2011-05-04Cache cleaning toolJan Zeleny3-1/+370
2011-05-04Add a function for searching netgroups with custom filterJan Zeleny2-0/+65
2011-05-04Make sysdb_ctx_list public structureJan Zeleny3-8/+53
Also create a routine to initialize it
2011-05-04Fixed lastUSN checking improvementsJan Zeleny3-5/+23
This patch fixes some issues with setting lastUSN attribute and it adds check against the highest user/group USN after enumeration to keep better track of the real highest USN. Optimal solution here would be to schedule a check of rootDSE entry right after the enumeration finishes, but for the moment this is good enough.
2011-05-04Override config file debug_level with command-lineStephen Gallagher4-22/+66
This patch also makes the following changes: 1) The [sssd] debug_level setting no longer acts as a default for all other sections. 2) We will now skip passing the debug argument to the child processes from the master unless the SSSD was run with a command-line argument for the debug level. https://fedorahosted.org/sssd/ticket/764
2011-05-04Do not leak LDAP URI with high log levelJakub Hrozek1-2/+7
2011-05-04Do not leak pcre contextJakub Hrozek1-0/+12
2011-05-03clients: use poll instead of selectSimo Sorce1-9/+6
select is limited to fd numbers up to 1024, we need to use poll() here to avoid causing memory corruption in the calling process. Fixes: https://fedorahosted.org/sssd/ticket/861
2011-05-02Fix minor typo in error messageStephen Gallagher1-1/+1
https://fedorahosted.org/sssd/ticket/825
2011-05-02Return pam data to the renewal item if renewal failsSumit Bose1-4/+9
A previous patch changed a talloc_steal() into a talloc_move(). Now it is not enough to change the parent memory context with talloc_steal to give back the data, but it has to be assigned back too. Additionally this patch uses the missing pam data as an indication that a renewal request for this data is currently running.
2011-04-29Fix order of arguments in select_principal_from_keytab() callJakub Hrozek1-1/+1
2011-04-29Fix bad password caching when using automatic TGT renewalStephen Gallagher1-3/+12
Fixes CVE-2011-1758, https://fedorahosted.org/sssd/ticket/856
2011-04-29Fix segfault in IPA providerStephen Gallagher1-2/+2
We were trying to request the krb5 keytab from the auth provider configuration, but it hasn't yet been set up. Much better to use the value in the ID provider.
2011-04-28Fix IPA config bug with SDAP_KRB5_REALMStephen Gallagher1-1/+1
2011-04-28Do not leak LDAP paging controlsJakub Hrozek1-0/+5
2011-04-27Regular translation updateStephen Gallagher20-1971/+2773
generated by cgit (git 2.34.1) at 2025-03-18 05:01:26 +0000