summaryrefslogtreecommitdiff
path: root/server/responder/nss/nsssrv.h
AgeCommit message (Collapse)AuthorFilesLines
2009-09-09Add support for the EntryCacheNoWaitRefreshTimeoutStephen Gallagher1-1/+3
This timeout specifies the lifetime of a cache entry before it is updated out-of-band. When this timeout is hit, the request will still complete from cache, but the SSSD will also go and update the cached entry in the background to extend the life of the cache entry and reduce the wait time of a future request.
2009-08-31Turn enumeration into a boolean valueSimo Sorce1-4/+0
2009-08-21fix handling of filtersUsers in groupsSumit Bose1-0/+2
- with the boolean option filterUsersInGroups it can be controlled wether filtered users appear in groups or not. - fixed an error which prevented the display of groups with filtered members - removed some tab indents
2009-08-11Change the why DP clients identifySimo Sorce1-2/+0
Mirrors what we have done with the monitor.
2009-08-11Make socket paths a compile-time optionStephen Gallagher1-1/+0
Previously, we had hardcoded the paths for the NSS, PAM and private PAM sockets to /var/lib/sss/pipes. With this patch, we will specify the sockets with --with-pipe-path.
2009-08-10Simplify interfaces initializationSimo Sorce1-1/+1
Make as much as possible static, and remove use of talloc_reference and allocation/deallocation of memory when not necessary. Fix also responder use of rctx->conn, was mistakenly used for both monitor and dp connections.
2009-04-17Force user check and discover user's domainSimo Sorce1-17/+0
Force a user lookup against the users domain provider. If a user domain is not specified search though all non fully qualifying domains. Perform authentication against the corrent domain auth backend, based on the user's domain found in the lookup if one was not specified. Also move the NSS-DP functions in COMMON-DP as they are reused by the PAM responder too now.
2009-04-07Unify name parsing and reposnder headersSimo Sorce1-9/+1
Use common sss_parse_name function in all responders Simplify responder headers by combining common,cmd,dp in one header and add name parse structure as part of the common responder context.
2009-04-01Add a more flexible way to parse and filter names.Simo Sorce1-0/+8
A new nss_parse_name function uses pcre to parse names, this makes it possible, in future, to make the filter user configurable. Add a new filter mechanism to filter out users that uses the negative cache by setting a permanet negative entry. Rework the entry points where the negative cache is checked for.
2009-03-27Make nsssrv use the common responder functionsSimo Sorce1-41/+8
Make nss_ctx a private pointer of the common resp_ctx Use sss_process_init and remove all duplicate functions from nsssrv.c
2009-03-24Fix buildSimo Sorce1-0/+3
forgot to commit a few changes
2009-03-20Retrieve some options from confdbSimo Sorce1-1/+1
This fixes some old 'Fixme's :)
2009-03-20Enhance server_setupSimo Sorce1-0/+2
Now it can load from scratch default configuration that is valid for all daemons. First thing, make it possible for each daemon/provider to set its own debug level in its configuration entry.
2009-03-13Implement Negative cache for NSSSimo Sorce1-0/+2
As for positive caches, negative caches are implement for all queries except enumerations. Also set the correct requires in sssd.spec as we now depend directly on tdb as well.
2009-03-09use fixed paths to sockets to make sure clients and server are using the sameSumit Bose1-1/+1
2009-03-06Fix reporting non-default users.Simo Sorce1-1/+3
We need to add the domain when users are not part of the default domain, otherwise name conflicts may happen.
2009-03-04Add enumeration backout period.Simo Sorce1-0/+4
If an enumeration has been requested recently enough, force the nss responder to read from the cache and not go out to each backend and do slow network operations. This greatly improves performances if enumerations are used often. Currently the balcout period is harcoded to 2 min, we will need to make it a configurable option.
2009-02-27Refactor creation of domain_map into confdbStephen Gallagher1-8/+1
The NSS provider, the Data Provider backends and the InfoPipe all need access to the domain map provided by the confdb. Instead of reimplimenting it in multiple places, it is now provided in a pair of helper functions from the confdb. confdb_get_domains() returns a domain map by reference. Always returns the most up-to-date set of domains from the confdb. confdb_get_domains_list() returns an array of strings of all the domain names. Always returns the most up-to-date set of domains from the confdb. This patch also modifies the btreemap_get_keys() function to better handle memory and report allocation failures.
2009-02-26Rebase the code to use talloc, tdb, tevent, ldb as externalSimo Sorce1-5/+5
dependencies based on the latest samba code. Convert all references to the old events library to use the renamed tevent library.
2009-02-24Add PAM responderSumit Bose1-0/+118
Also move responders under server/responder with shared code in server/responder/common Signed-off-by: Simo Sorce <ssorce@redhat.com>