summaryrefslogtreecommitdiff
path: root/src/providers/data_provider.h
AgeCommit message (Collapse)AuthorFilesLines
2013-01-10Change pam data auth tokens.Simo Sorce1-6/+3
Use the new authtok abstraction and interfaces throught the code.
2012-12-05Hook for mmap cache update on initgroup callsSimo Sorce1-0/+1
This set of functions enumerate the user's groups and invalidate them all if the list does not matches what we get from the caller.
2012-12-05Hook to perform a mmap cache update from sssd_nssSimo Sorce1-0/+6
This set of functions enumerate each user/group from all domains and invalidate any mmap cache record that matches.
2012-12-04Use an entry type mask macro to filter entry typesSimo Sorce1-0/+1
Avoids hardcoding magic numbers everywhere and self documents why a mask is being applied.
2012-10-26krb5_child: send back the client principalSumit Bose1-0/+1
In general Kerberos is case sensitive but the KDC of Active Directory typically handles request case in-sensitive. In the case where we guess a user principal by combining the user name and the realm and are not sure about the cases of the letters used in the user name we might get a valid ticket from the AD KDC but are not able to access it with the Kerberos client library because we assume a wrong case. The client principal in the returned credentials will always have the right cases. To be able to update the cache user principal name the krb5_child will return the principal for further processing.
2012-06-29sudo: clean upPavel Březina1-5/+2
2012-06-29sudo ldap provider: add support for on demand refresh of specific rulesPavel Březina1-0/+1
2012-06-29sudo ldap provider: add support for on demand full refreshPavel Březina1-0/+1
2012-04-24data provider: added subdomainsSumit Bose1-2/+0
2012-04-24Responder part of the subdomain retrieval workJan Zeleny1-0/+1
2012-03-28Add terminator for dp_optionStephen Gallagher1-0/+2
2012-02-07DP: Add host info handlerJan Cholasta1-1/+3
2012-02-05AUTOFS: responderJakub Hrozek1-0/+1
2012-02-05AUTOFS: Data Provider requestJakub Hrozek1-0/+1
2012-01-27SUDO Integration - prepare data provider for new responder commandsPavel Březina1-7/+9
https://fedorahosted.org/sssd/ticket/1143
2012-01-27SUDO: Provide a sudo DP request based on the internal_reqJakub Hrozek1-0/+1
2012-01-27DP: Add support for services in dp requestsStephen Gallagher1-0/+1
2011-12-16SUDO integration - data provider backend handlerPavel Březina1-0/+1
2011-09-28Multiline macro cleanupJakub Hrozek1-1/+1
This is mostly a cosmetic patch. The purpose of wrapping a multi-line macro in a do { } while(0) is to make the macro usable as a regular statement, not a compound statement. When the while(0) is terminated with a semicolon, the do { } while(0); block becomes a compound statement again.
2011-08-25New DEBUG facility - conversionPavel Březina1-1/+1
https://fedorahosted.org/sssd/ticket/925 Conversion of the old debug_level format to the new one. (only where it was necessary) Removed: SSS_DEFAULT_DEBUG_LEVEL (completely replaced with SSSDBG_DEFAULT)
2011-05-06Remove unused constants from data_provider.hJakub Hrozek1-11/+0
2011-03-08Remove unused be_check_online() SBUS callJan Zeleny1-1/+0
2010-12-03Add support for server-side pam response messagesSumit Bose1-0/+8
2010-12-02Add a special filter type to handle enumerationsSumit Bose1-0/+1
2010-11-15Introduce pam_verbosity config optionSumit Bose1-0/+1
Currently we display all PAM messages generated by sssd to the user. But only some of them are important and others are just some useful information. This patch introduces a new option to the PAM responder which controls what kind of messages are displayed. As an example the 'Authenticated with cached credentials' message is used. This message is only displayed if pam_verbosity=1 or if there is an expire date.
2010-10-13Add netgroup support to the NSS responderStephen Gallagher1-0/+1
2010-05-27Copy pam data from DBus messageSumit Bose1-2/+2
Instead of just using references to the pam data inside of the DBus message the data is copied. New the DBus message can be freed at any time and the pam data is part of the memory hierarchy. Additionally it is possible to overwrite the authentication tokens in the DBus message, because it is not used elsewhere.
2010-05-27Make data provider id_callback publicStephen Gallagher1-0/+1
2010-05-26Add support for delayed kinit if offlineSumit Bose1-0/+11
If the configuration option krb5_store_password_if_offline is set to true and the backend is offline the plain text user password is stored and used to request a TGT if the backend becomes online. If available the Linux kernel key retention service is used.
2010-05-20Revert "Copy pam data from DBus message"Stephen Gallagher1-2/+2
This reverts commit 2faf73eef14d66aeb345ffa38d0f53670fa8a9a1.
2010-05-20Copy pam data from DBus messageSumit Bose1-2/+2
Instead of just using references to the pam data inside of the DBus message the data is copied. New the DBus message can be freed at any time and the pam data is part of the memory hierarchy. Additionally it is possible to overwrite the authentication tokens in the DBus message, because it is not used elsewhere.
2010-02-22Remove unnecessary domain parameter from PAM requestsStephen Gallagher1-7/+4
If we're sending a message to the backend, we already know which domain the request is targeting. Carrying this information is not useful and confuses the interface.
2010-02-22Remove unnecessary "domain" parameter from DP registrationStephen Gallagher1-1/+1
This was a holdover from when the DP and the providers were unique processes. The NSS and PAM registrations do not need to send the domain, as it is not ambiguous which one they are talking to.
2010-02-19Add documentation for PAM response messagesSumit Bose1-0/+69
2010-02-19Remove unneeded items from struct pam_dataSumit Bose1-4/+0
2010-02-18Rename server/ directory to src/Stephen Gallagher1-0/+219
Also update BUILD.txt