Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
https://fedorahosted.org/sssd/ticket/1270
|
|
This function alters the memory hierarchy of the be_req
to ensure memory safety during shutdown. It creates a
spy on the be_cli object so that it will free the be_req
if the client is freed.
It is generally allocated atop the private data context
for the appropriate back-end against which it is being
filed.
https://fedorahosted.org/sssd/ticket/1226
|
|
|
|
We now have a session module that is only available for the IPA
provider. We should not be logging noisily that other providers
do not have the session provider configured.
https://fedorahosted.org/sssd/ticket/1211
|
|
|
|
If the dbus_message_get_args() failed, we would have been
dereferencing a NULL be_req.
Coverity #12490
|
|
Coverity #12529
|
|
|
|
|
|
|
|
|
|
|
|
https://fedorahosted.org/sssd/ticket/1143
|
|
Also remove the old request implementation
https://fedorahosted.org/sssd/ticket/1115
|
|
|
|
|
|
|
|
|
|
|
|
https://fedorahosted.org/sssd/ticket/1034
|
|
Removed:
SSS_UNRESOLVED_DEBUG_LEVEL (completely replaced with SSSDBG_UNRESOLVED)
Added new macro:
CONVERT_AND_SET_DEBUG_LEVEL(new_value)
Changes unresolved debug level value (SSSDBG_UNRESOLVED) from -1 to 0
so DEBUG macro could be reduced by one condition. Anyway, it has a minor
effect, every time you want to load debug_level from command line parameters,
you have to use following pattern:
/* Set debug level to invalid value so we can deside if -d 0 was used. */
debug_level = SSSDBG_INVALID;
pc = poptGetContext(argv[0], argc, argv, long_options, 0);
while((opt = poptGetNextOpt(pc)) != -1) { ... }
CONVERT_AND_SET_DEBUG_LEVEL(debug_level);
|
|
https://fedorahosted.org/sssd/ticket/925
Conversion of the old debug_level format to the new one.
(only where it was necessary)
Removed:
SSS_DEFAULT_DEBUG_LEVEL (completely replaced with SSSDBG_DEFAULT)
|
|
We will now re-read the confdb debug_level value when processing
the monitor_common_logrotate() function, which occurs when the
monitor receives a SIGHUP.
|
|
This was implemented almost identically for both the responders
and the providers. It is easier to maintain as a single routine.
This patch also adds the ability to provide a private context to
attach to the sbus_connection for later use.
|
|
|
|
|
|
Before setting the backend to online during a reset offline request the
check_online method if the ID provider is called. If the check_online
method returns that the ID provider is still not reachable the backend
stays offline. Otherwise the backend is switched to online and the
related callbacks are run.
Additionally the check online test is called during the res_init request
because a change in /etc/resolve.conf might also make a server reachable
which was assumed offline before.
|
|
All errnum values passed into this function throughout the code
are PAM error codes, but we were passing them through strerror()
to print them, which is only meaningful for ERRNO error codes.
This patch changes dp_err_to_string() to use pam_strerror() and
renames it to dp_pam_err_to_string() for clarity.
https://fedorahosted.org/sssd/ticket/636
|
|
|
|
Integrates libnl to detect adding routes. When a route is added, the
offline status of all back ends is reset. This patch adds no heuristics
to detect whether back end went offline.
Fixes: #456
|
|
|
|
|
|
Instead of just using references to the pam data inside of the DBus
message the data is copied. New the DBus message can be freed at any
time and the pam data is part of the memory hierarchy. Additionally it
is possible to overwrite the authentication tokens in the DBus message,
because it is not used elsewhere.
|
|
|
|
This reverts commit 2faf73eef14d66aeb345ffa38d0f53670fa8a9a1.
|
|
Instead of just using references to the pam data inside of the DBus
message the data is copied. New the DBus message can be freed at any
time and the pam data is part of the memory hierarchy. Additionally it
is possible to overwrite the authentication tokens in the DBus message,
because it is not used elsewhere.
|
|
Allow backends to set a callback in the be_ctx that should be
invoked when the ID provider goes online.
This can be used to perform regular maintenance tasks that are
valid only when going online.
|
|
Always just mark the sdap_handle as not connected and let later _send()
functions to take care of freeing the handle before reconnecting.
Introduce restart functions to avoid calling _send() functions in _done()
functions error paths as this would have the same effect as directly freeing
the sdap_handle and cause access to freed memory in sdap_handle_release()
By freeing sdap_handle only in the connection _recv() function we
guarantee it can never be done within sdap_handle_release() but only
in a following event.
|
|
Using sssm_*_init() as the name of the initialization function for
identity providers was a holdover from earlier development when we
thought we would only have a single "provider" entry in the config
file.
As we have now separated out the initialization functions for
auth, chpass and access, we should rename sssm_*_init() to
sssm_*_id_init() for a cleaner interface.
|
|
This commit completes the migration to a synchronous sysdb
|
|
Upon receiving SIGHUP, the monitor signals all services to reopen their
debug logs. It is also possible to signal individual services to reopen
their particular files.
Fixes: #332
|
|
This was a holdover from when the DP and the providers were unique
processes. The NSS and PAM registrations do not need to send the
domain, as it is not ambiguous which one they are talking to.
|
|
Also update BUILD.txt
|