summaryrefslogtreecommitdiff
path: root/server/providers
AgeCommit message (Collapse)AuthorFilesLines
2009-08-28fix internal order of ldap user mapping optionsSumit Bose1-4/+4
2009-08-27Make enumeration an independent taskSimo Sorce5-68/+693
Always immediately return to DP, and update users/groups in the background. Also implements an optimization to retrieve only changed/new users/groups by filtering using the modifyTimestamp after the first query.
2009-08-27Remove redunant function and always pass attrs.Simo Sorce1-8/+12
2009-08-27Always save using member/memberOfSimo Sorce1-0/+5
First pass to remove the legacy option and make it just a property of the provider
2009-08-27Initial support for multiple schema typesSimo Sorce1-7/+39
2009-08-27Use the correct structure.Simo Sorce1-2/+2
2009-08-24Do not fail enumerations if a single store failsSimo Sorce1-40/+45
Try as hard as possible to store as much data as we can.
2009-08-24some UPN handling fixesSumit Bose5-28/+49
- making the realm part upper case is now optional and done in the LDAP backend - using a username@realm UPN is now optional
2009-08-21store additional LDAP attributesSumit Bose1-4/+45
If available the original DN and the user principle will be stored in sysdb.
2009-08-21use stored upn if availableSumit Bose1-20/+101
If a user principle name (upn) can be found in sysdb the krb5 backend will use this otherwise is build as username@realm. It is checked that the realm is upper case only.
2009-08-19enable usage of defaultBindDnSumit Bose5-9/+48
2009-08-17Fix reconnection codeSimo Sorce5-37/+15
Remove redundant reconnection code that was interfeering with the sbus reconnection code. Consolidate include files for sbus relates operations. Make pamsrv code similar to nsssrv code.
2009-08-13Make "files" a reserved word for legacy local domainJakub Hrozek1-0/+43
This patch introduces provider=files as a valid provider. Upon loading the backend, its properties in confdb are overwritten to those that represent legacy local domain. Also document this in sssd.conf(5) and example config
2009-08-11Change the why DP clients identifySimo Sorce5-177/+271
Mirrors what we have done with the monitor.
2009-08-11Change services identification mechanismSimo Sorce2-156/+22
Let services identify themselves voiluntarily as the first operation instead of polling from the monitor. Also consolidate some common functions and make them available as monitor helpers.
2009-08-11Make child processes exit when parent diesJakub Hrozek2-0/+12
The child processes call prctl() and when their parent process is killed, they are sent SIGTERM using prctl. This is currently Linux-specific, for non-Linuxes, a similar effect is achieved by catching a set of common termination signals and sending SIGTERM to the process group.
2009-08-11Make socket paths a compile-time optionStephen Gallagher3-3/+0
Previously, we had hardcoded the paths for the NSS, PAM and private PAM sockets to /var/lib/sss/pipes. With this patch, we will specify the sockets with --with-pipe-path.
2009-08-10Do not fail enumerations because of range checksSimo Sorce1-3/+15
2009-08-10Simplify interfaces initializationSimo Sorce5-130/+51
Make as much as possible static, and remove use of talloc_reference and allocation/deallocation of memory when not necessary. Fix also responder use of rctx->conn, was mistakenly used for both monitor and dp connections.
2009-08-10merge server and connection structuresSimo Sorce2-25/+9
This reduce code duplication as it allows to use one set of watch and timeout functions, and at the same time also allow not to use a secondary structure just to unify these functions.
2009-08-10Cosmetic changesSimo Sorce3-105/+105
Rationalize and rename connection names in preparatoin for merging of server and connection structures.
2009-08-10Remove redundant memory contextsSimo Sorce3-34/+45
Simplify code by removing stuff that is never used or redundant.
2009-08-05Consolidate tevent helpersJakub Hrozek2-33/+0
2009-08-04Fix race condition in sdap codeSimo Sorce2-83/+172
Retrieving ldap results and storing users could sometimes results in race conditions where the final ldap result was retrieved before the store operations where finished resulting in the operations to be aborted before termination. Implement a serialization mechanism per operation.
2009-08-03Fix search replies getting ignoredSimo Sorce1-14/+12
2009-07-31Add ignore_not_found parameter to sysdb delete functionsJakub Hrozek1-6/+9
Also add tests
2009-07-24Fix race condition that was causing segfaultsSimo Sorce1-80/+136
The sdap_handle might be freed when processing a message. Rearrange data flow so that the sdap_handle is never used after a message is processed but a new event (dependent on the handle) is instead scheduled. If the sdap_handle is freed, the scheduled event is also removed and not fired
2009-07-21added LDAP change password backend targetSumit Bose4-4/+307
2009-07-21add handling of the new backend targets to proxy backendSumit Bose1-0/+30
2009-07-20Rework the engine that deals with openldap librariesSimo Sorce3-497/+403
The way openldap libraries work, require to have a single engine per connection as all replies are read at the same time. So we need to always read anything that comes in from the wire and then loop to dispatch results to the requests that are waiting.
2009-07-20Implement resInit for monitor, NSS, PAM, DP and the backendsStephen Gallagher2-0/+38
2009-07-20add infrastructure to handle new backend targetsSumit Bose6-150/+228
2009-07-10let krb5 backend safe valid credentials for offline authenticationSumit Bose1-0/+43
2009-07-10fixed the default value for tls_reqcertSumit Bose1-1/+1
2009-07-08Implement the ldap identity module.Simo Sorce5-709/+1173
This uses and exapands the async helpers.
2009-07-08Unify password caching ops in sysdbSimo Sorce4-260/+49
2009-07-08Use async helpers for ldap auth moduleSimo Sorce1-722/+314
This changes the style quite a lot, but the tevent_req style is much more clear and much less error-prone than the giant loop we had previously.
2009-07-08Add async helper functionsSimo Sorce4-0/+2035
These functions use the tevent_req async model, where a pair of _send/_recv functions pilot requests, with additional helpers like _done functions, and where needed multiple stage helpers.
2009-07-08fix return code of krb5 child to indicate that the kdc is unavailableSumit Bose1-1/+5
2009-07-08fixed some typos which prevented password cachingSumit Bose1-3/+5
2009-07-03Cleanup warnings in client and server codeSimo Sorce1-3/+0
2009-07-03Convert proxy internals to tevent_req styleSimo Sorce1-865/+1438
2009-07-03Rework transaction code to use tevent_reqSimo Sorce2-247/+556
This is part of a set of patches to rewrite sysdb to a hopefully better API, that will also let use use tevent_req async style calls to manipulate our cache.
2009-07-03Rename sysdb_req to sysdb_handle.Simo Sorce2-50/+50
This sysdb_req has always really been a transaction handle and not a request. This is part of a set of patches to rewrite transaction support in sysdb to a hopefully better API, that will also let use use tevent_req async style to manipulate our cache.
2009-07-02check pending_return after dbus_connection_send_with_replySumit Bose1-3/+3
2009-07-02added kerberos backend with tevent_req event handlingSumit Bose5-0/+845
2009-06-30Remove redundant libPath option from proxy providerStephen Gallagher1-3/+7
The libPath should be constructed from the libName. There is no benefit to specifying it separately.
2009-06-16Control sssd_be exported functionsStephen Gallagher1-0/+4
2009-06-11Remove extra implementation of password_destructorStephen Gallagher1-11/+0
2009-06-10Turn sssd_mem_takeover into sssd_mem_attachSimo Sorce1-11/+0
The old function was not used anywhere, and this function uses better semantics, including not using void ** which gives strict aliasing problems. Also add a generic password destroy function