| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Also update BUILD.txt
|
|
Previously, the PAM responses could contain an arbitrary number of
arguments. This is not acceptable by the D-BUS protocol, as there
is no way to introspect it. This patch converts the response
objects to be an array of D-BUS structs.
It also fixes two potential memory leaks by not unref'ing the
reply object if we get an error.
|
|
Turn the backend process into data provider servers
Make Frontends (pam, nss) directly attach to the backends
|
|
This reverts commit 8c50bd085c0efe5fde354deee2c8118887aae29d.
Amended: commit 1016af2b1b97ad4290ccce8fa462cc7e3c191b2e also made
use of the SYSLOG_ERROR() macro, so those portions of that code
also needed to be reverted.
|
|
This is just a band-aid until ELAPI is fully functional and ready to
use.
|
|
- the client sends the PID as uint32_t and sssd will use uint32_t too
- fix a possible type issue where a uint32_t is sent as int32 in internal
dbus communication
|
|
Mirrors what we have done with the monitor.
|
|
|
|
|
|
- allow unspecified value in struct pam_data to be NULL
- check if domain structure is initialized in pam_reply
|
|
When a user from a domain served by the proxy backend changes his
password with passwd the passwd command asks for the old password,
but it is not validated by the pam_chauthtok call in the proxy
backend, because it is running as root.
If the request is coming the unpriviledged socket we now call
pam_authenticate explicitly before pam_chauthtok.
|
|
Implement credentials caching in pam responder.
Currently works only for the proxy backend.
Also cleanup pam responder code and mode common code in data provider.
(the data provider should never include responder private headers)
|
