summaryrefslogtreecommitdiff
path: root/server/responder/pam/pamsrv_cache.c
AgeCommit message (Collapse)AuthorFilesLines
2010-01-20Add sysdb request to authenticate against a cached passwordSumit Bose1-180/+0
The code for authentication against a cached password is moved from the pam responder to a generic sysdb tevent request. The new code can be used by other components of sssd to verify passwords on their own. Tests for the sysdb_cache_password and sysdb_cache_auth request are added and some unneeded or unused code and variables are removed.
2009-10-22Add support for offline auth cache timeoutStephen Gallagher1-2/+18
This adds a new option (offline_credentials_expiration) to the [PAM] section of the sssd.conf If the user does not perform an online authentication within the timeout (in days), they will be denied auth once the timeout passes.
2009-09-23Revert "Use syslog for logging error conditions in SSSD"Stephen Gallagher1-1/+1
This reverts commit 8c50bd085c0efe5fde354deee2c8118887aae29d. Amended: commit 1016af2b1b97ad4290ccce8fa462cc7e3c191b2e also made use of the SYSLOG_ERROR() macro, so those portions of that code also needed to be reverted.
2009-09-21Use syslog for logging error conditions in SSSDJakub Hrozek1-1/+1
This is just a band-aid until ELAPI is fully functional and ready to use.
2009-09-08Split database in multiple filesSimo Sorce1-1/+8
The special persistent local database retains the original name. All other backends now have their own cache-NAME.ldb file.
2009-07-03Rename sysdb_req to sysdb_handle.Simo Sorce1-6/+0
This sysdb_req has always really been a transaction handle and not a request. This is part of a set of patches to rewrite transaction support in sysdb to a hopefully better API, that will also let use use tevent_req async style to manipulate our cache.
2009-05-18Move actual password caching into sysdbSimo Sorce1-111/+1
Convert auth modules to do the caching themselves
2009-05-18Fix crypt functions to not use static buffers.Simo Sorce1-9/+7
Also fix style, clarify, and simplify some logic.
2009-04-28Use different attribute for cached passwords change timeSumit Bose1-2/+2
2009-04-27Use different attribute for cached passwordsSimo Sorce1-3/+3
This fixes a bug with legacy backends where the cached password would be cleared on a user update. Using a different attribute we make sure a userPassword coming from the remote backend does not interfere with a cachedPassword (and vice versa).
2009-04-13Implement credentials caching in pam responder.Simo Sorce1-0/+275
Implement credentials caching in pam responder. Currently works only for the proxy backend. Also cleanup pam responder code and mode common code in data provider. (the data provider should never include responder private headers)