summaryrefslogtreecommitdiff
path: root/server
AgeCommit message (Collapse)AuthorFilesLines
2009-10-29added a ASQ search API for sysdbSumit Bose3-0/+356
2009-10-28Kill the ldap connection when we go offlineSimo Sorce1-5/+16
This patch uses a wrapper to kill the ldap connection when we are marked offline. This also makes sure we do not try to reuse a bad connection handler after a fatal error.
2009-10-28Fix sssd.api.conf with correct entry_cache_timeoutStephen Gallagher2-2/+5
Changeset 3a21103f61bf9b60256cc2d0da54b757b634319f moved the wrong option to the domain list, and also didn't update the unit tests.
2009-10-27Do not migrate Data ProviderJakub Hrozek1-22/+57
Add a way to make changes to the most recent format of config files. Use it to remove all traces of Data Provider from the config file which is being migrated.
2009-10-27Move responsibility for entry expiration timeoutSimo Sorce17-75/+109
The providers are now responsible for determining how long a cached entry is considered valid. The default is the same as before (600s)
2009-10-27Add proper support for IPA/AD schemasSimo Sorce4-202/+574
Nested groups weren't properly handled. Add 2 pass strategy to update groups memberships Stuff work as expected when enumeration is enabled now.
2009-10-27Fix segfaultSimo Sorce1-1/+1
Fix copy/paste error that picked up the wrong request structure to pass down. This was causing the talloc code that checks for the right signature to fail and abort as the 2 request structures have different state structures attacched.
2009-10-27Remove [dp] section from example configStephen Gallagher2-13/+3
Also remove references to the DP service from the sssd.conf manpages.
2009-10-27store original DN with cached group objects if availableSumit Bose1-0/+16
2009-10-27Updating polish translation for 0.7.0Piotr Drąg1-34/+31
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2009-10-26Remove DP from example configurationStephen Gallagher1-1/+1
2009-10-26Use standard coding practice to set last loginSimo Sorce1-90/+128
This rewrite should also fix a segfault in the code that may happen when exiting in case of error conditions. The previous code was attaching the transaction handle to llreq structure and then calling prepare_reply() from within the request handlers which could ultimately free the preq and llreq and handle before the transaction request was actually completed by tevent.
2009-10-26Zero pointers on freeSimo Sorce1-4/+4
If the pointer stays around, zero it when it is freed, so we do not risk access to released memory in case of bugs.
2009-10-26Add IPA conf templateSimo Sorce1-0/+9
2009-10-26Read the right buffer, avoids potential segfaultsSimo Sorce1-5/+5
Also fix some debug message levels
2009-10-26Copy option overrides.Simo Sorce1-0/+26
We were not copying IPA named options to the ldap id options list. So the ldap_id provider was always using just the default settings.
2009-10-26Fix migration script for pre-0.5 local domainsJakub Hrozek1-2/+11
Configuration files before 0.5.0 did not enforce provider= in local domains it did special-case by domain name (LOCAL). Our script was relying on provider= value, this patch adds the special-casing in case the domain was called LOCAL.
2009-10-23Update version to 0.7.0Stephen Gallagher3-222/+481
Update gettext strings
2009-10-22Add support for offline auth cache timeoutStephen Gallagher9-3/+217
This adds a new option (offline_credentials_expiration) to the [PAM] section of the sssd.conf If the user does not perform an online authentication within the timeout (in days), they will be denied auth once the timeout passes.
2009-10-22Add pam_ctx (similar to nss_ctx) for storing global PAM configStephen Gallagher2-5/+25
2009-10-22User home directories managementJakub Hrozek19-60/+1984
Create and populate user directories on useradd, delete them on userdel Fixes: #212
2009-10-22Fix setting the schema in the ipa providerSimo Sorce1-0/+3
2009-10-22fix a compiler warning about redefinition of DEBUGSumit Bose1-15/+19
2009-10-22update ipa auth options to new option schemeSumit Bose4-110/+134
2009-10-22update krb5 option handling to new option schemeSumit Bose9-131/+296
2009-10-22Bring SSSDConfig API options up-to-dateStephen Gallagher3-21/+68
2009-10-22add store/search/delete interface for custom sysdb objectsSumit Bose4-0/+933
2009-10-22Delete sssd-i18n.h and put it's old contents into util.hMartin Nagy7-37/+10
Also include talloc.h, tevent.h and ldb.h as system headers in util.h.
2009-10-22Various improvements to the resolv test suiteMartin Nagy3-59/+223
* The resolv test case can now test for TXT and SRV resolving by specifying -t host and -s host respectively. The -n flag must still be passed in to enable network tests. * Added test for the little complicated resolv_copy_hostent() function. * Leak checking using the new tests common functions. * Fix indentation for test_internet, since the whole function was modified to be able to handle SRV and TXT replies. * Initialize the debug variable in main(). Also removed one unused variable in krb5_utils-tests.c
2009-10-22Add a new set of helpful common functions for testsMartin Nagy3-1/+125
The leak_check_setup() and leak_check_teardown() functions can be added to a test case with tcase_add_checked_fixture(). They will make sure that all tests are checked for memory leaks. However, since talloc is hierarchical and automatically frees the children, this will not catch all cases, but might still be helpful. The check_leaks(ctx, bytes) function takes a talloc context as an argument and the number of bytes it should be using up (children included). The total byte size used up by the context is determined by the talloc_total_size() function. If the size doesn't agree, check_leaks() will print out a talloc report on the context and makes the current test fail. The check_leaks_push() and check_leaks_pop() both take a talloc context as an argument. Every time push is called, the context is "pushed" onto an internal stack and it's current size is noted. When the context is later "poped", the pop function will make sure that the size is the same as when it was pushed. It will also check that it's not called out-of-order or if the stack isn't empty.
2009-10-22Use talloc to copy data from c-aresMartin Nagy2-27/+212
C-ares either returned a malloc-ed memory or it automatically freed the memory after out callback has returned. This patch will make sure that anything that the resolv_* function return is allocated by talloc and can be safely freed by talloc_free(). This will break the resolv tests to the point they will not be compilable. This will be addressed in a later patch with other improvements to the tests.
2009-10-22Resolver: Use talloc_get_type() for type safetyMartin Nagy1-5/+5
2009-10-22Fix potential memory leaks in the data providerMartin Nagy1-2/+4
2009-10-22Use correct talloc context in sss_names_init()Martin Nagy1-2/+2
2009-10-22Better offline/enumeration behaviorSimo Sorce1-10/+12
Go offline in case of hard errors too. It makes no sense to keep trying too often when you have bad credentials for example. Also delay starting the enumeration thread so that we finish initializations first (bind to ldap is still a blocking operation and this may interfere with clients/monitor registrations).
2009-10-22added generic LDAP search sdap_get_generic_send/_recvSumit Bose4-0/+304
2009-10-20Start implementing ipa specific options.Simo Sorce7-8/+778
First step generate ldap options from ipa options. Add sssd-ipa man page too.
2009-10-20Set the Default-Stop LSB option for the SSSD sysv init scriptStephen Gallagher1-0/+1
2009-10-16Always list inputs before outputsSimo Sorce1-8/+11
2009-10-16Add krb5_common.h to the list of headers to 'make dist'Stephen Gallagher1-0/+1
With this missing, RPM builds were broken.
2009-10-16Do not allow setting auth, access or chpass providers for LOCALStephen Gallagher1-0/+33
The LOCAL provider does not have a mechanism to load alternate auth, access or chpass backends, nor does it make sense to do so. This will throw a configuration error if these values are specified (unless they are explicitly also set to 'local')
2009-10-16Add first basic IPA providerSimo Sorce2-1/+256
2009-10-16Move all krb5 provider init functionsSimo Sorce6-195/+264
Put all init functions in their own file so that the other files can be reused in other providers w/o having them in the way.
2009-10-16Move all ldap provider init functionsSimo Sorce6-145/+203
Put all init functions in their own file so that the other files can be reused in other providers w/o having them in the way.
2009-10-16Fix segfault when using SSS tools with no local providerStephen Gallagher1-5/+0
There was a double-free here. I removed the free()s within setup_db, because upon returning to sss_init_tools(), if ret != EOK, the context is freed as well.
2009-10-15Remove two unused functions.Stephen Gallagher2-18/+0
These functions were used when reconnecting to the DP after losing the connection. Since there is no DP any longer, there's no reason to have these functions.
2009-10-15Remove warnings caused by 5e2301b8a75d10e5cbbe11e26e5192b894af6ad7Stephen Gallagher1-0/+8
There were unused functions still being compiled. This will suppress them until we turn live configuration updates back on.
2009-10-15Clean up warnings in pysss.cStephen Gallagher1-8/+12
On older versions of the python headers, some arguments used 'char *' instead of 'const char *', which means that assigning a constant string such as "adduser" threw a warning about discarding qualifiers. This patch cleans up most of these warnings in this file. There remain several warnings in the sss_local_methods initialization that I do not know how to fix.
2009-10-15Check for expired passwords in LDAP providerSumit Bose4-23/+425
2009-10-15enable debugging of krb5_childSumit Bose6-8/+182