summaryrefslogtreecommitdiff
path: root/src/providers/ipa
AgeCommit message (Collapse)AuthorFilesLines
2012-02-04LDAP: Do not fail if RootDSE check cannot determine search basesStephen Gallagher1-0/+7
https://fedorahosted.org/sssd/ticket/1152
2012-02-01Fixed wrong position of ldap_service_search_baseJan Zeleny1-1/+1
The wrong position in configuration directive array caused problems in IPA provider, which tried to fetch another value instead of the services lookup base.
2012-01-31IPA: Add support for services lookups (non-enum)Stephen Gallagher2-1/+41
2012-01-30docs: Use absolute srcdir pathJakub Hrozek1-1/+1
Building docs only worked in parallel builds. This patch uses abs_top_srcdir to make building documentation work in both parallel and in-tree builds.
2012-01-18LDAP: Add option to disable paging controlStephen Gallagher2-2/+3
Fixes https://fedorahosted.org/sssd/ticket/967
2012-01-17SUDO Integration - periodical update of rules in data providerPavel Březina2-1/+3
https://fedorahosted.org/sssd/ticket/1110 Adds new configuration options: - ldap_sudo_refresh_enabled - enable/disable periodical updates - ldap_sudo_refresh_timeout - rules timeout (refresh period)
2012-01-17SUDO Integration review issuesPavel Březina1-2/+2
2012-01-17IPA: Detect nsupdate support for the realm directiveStephen Gallagher1-14/+40
For older platforms, do not add the 'realm' line in the update message
2012-01-17Raise the debug level of two very noisy statementsStephen Gallagher1-2/+3
2012-01-14Support multiple search bases in HBACJan Zeleny5-39/+176
2012-01-06IPA netgroups: Do not reuse loop iterator variableJakub Hrozek1-3/+3
2012-01-06HBAC: create empty groups with one NULL elementJakub Hrozek1-16/+15
https://fedorahosted.org/sssd/ticket/1130
2011-12-19Pass sdap_id_ctx to online check from IPA providerJakub Hrozek3-1/+14
2011-12-19Move child_common routines to utilStephen Gallagher2-2/+2
2011-12-16SUDO Integration - LDAP configuration optionsPavel Březina2-1/+40
2011-12-16Export the function to convert ldb_result to sysdb_attrsJakub Hrozek1-1/+1
It will be reused later in the sudo responder
2011-12-12Add sdap_connection_expire_timeout optionStephen Gallagher2-2/+3
https://fedorahosted.org/sssd/ticket/1036
2011-12-12Fix uninitialized value error in ipa_netgroups.cStephen Gallagher1-0/+1
DEBUG message can print an unitialized value if the first netgroup has no members. Coverity 12382
2011-12-09Fixed IPA netgroup processingJan Zeleny3-2/+7
In case IPA netgroup had indirect member hosts, they wouldn't be detected. This patch also modifies debug messages for easier debugging in the future.
2011-12-08Add ldap_sasl_minssf optionJan Zeleny2-1/+2
https://fedorahosted.org/sssd/ticket/1075
2011-12-05Allow using Glib for UTF8 supportStephen Gallagher1-33/+11
2011-11-29Add ipa_hbac_support_srchost option to IPA providerJan Zeleny6-36/+151
don't fetch all host groups if this option is false https://fedorahosted.org/sssd/ticket/1078
2011-11-29IPA migration fixesJakub Hrozek3-97/+141
* use the id connection for looking up the migration flag * force TLS on the password based authentication connection https://fedorahosted.org/sssd/ticket/924
2011-11-29Provide means of forcing TLS and GSSAPI enabled/disabled for sdap connectionsJakub Hrozek1-1/+1
2011-11-28Fixed logically dead code in netgroup processingJan Zeleny1-1/+1
2011-11-28Fixed uninitialized pointer read in netgroups processingJan Zeleny1-0/+6
2011-11-25Fix sdap_id_ctx/ipa_id_ctx mismatch in IPA providerJakub Hrozek2-2/+4
This was causing a segfault during HBAC processing and any ID lookups except for netgroups
2011-11-23Added IPA account info handlerJan Zeleny3-1/+373
Currently it is only handling netgroups by itself, other requests are forwarded to LDAP provider.
2011-11-23Added support for fetching netgroups in IPA providerJan Zeleny1-0/+992
2011-11-23New IPA ID contextJan Zeleny3-22/+37
2011-11-23Added and modified options for IPA netgroupsJan Zeleny2-24/+69
2011-11-23Modified sdap_parse_search_base()Jan Zeleny1-4/+4
2011-11-22Cleanup: Remove unused parametersJakub Hrozek10-40/+6
2011-11-02Support to request canonicalization in LDAP/IPA providerJan Zeleny2-1/+2
https://fedorahosted.org/sssd/ticket/957
2011-11-02Add support to request canonicalization on krb AS requestsJan Zeleny2-2/+3
https://fedorahosted.org/sssd/ticket/957
2011-11-02LDAP: Add parser for multiple search basesStephen Gallagher1-0/+20
2011-10-17Add a missing breakJakub Hrozek1-0/+1
2011-10-14HBAC: Use originalMember for identifying hostgroupsStephen Gallagher3-45/+165
2011-10-14HBAC: Use originalMember for identifying servicegroupsStephen Gallagher3-41/+169
2011-10-14HBAC: Do not save member/memberOf linksStephen Gallagher1-120/+0
We can just trust the values from the FreeIPA server
2011-09-28HBAC: fix typos preventing proper hostgroup evaluationStephen Gallagher1-3/+3
2011-09-28IPA access: hostname comparison should be case-insensitiveJakub Hrozek1-1/+1
2011-09-28Multiline macro cleanupJakub Hrozek2-2/+2
This is mostly a cosmetic patch. The purpose of wrapping a multi-line macro in a do { } while(0) is to make the macro usable as a regular statement, not a compound statement. When the while(0) is terminated with a semicolon, the do { } while(0); block becomes a compound statement again.
2011-09-08Improve documentation of libipa_hbacStephen Gallagher2-21/+1697
2011-09-07Do not access memory out of boundsSumit Bose1-2/+2
2011-08-29HBAC: Properly skip all non-group memberOf entriesStephen Gallagher1-1/+2
2011-08-26HBAC: Use of hostgroups for targethost or sourcehost was brokenStephen Gallagher1-4/+4
We were trying to look up the wrong attribute for the name of the hostgroup.
2011-08-26HBAC: Handle saving groups that have no membersStephen Gallagher1-7/+21
2011-08-26Add LDAP provider option to set LDAP_OPT_X_SASL_NOCANONJakub Hrozek2-2/+3
https://fedorahosted.org/sssd/ticket/978
2011-08-25IPA dyndns: do not segfault if the server cannot be resolvedJakub Hrozek1-4/+2
https://fedorahosted.org/sssd/ticket/963
generated by cgit (git 2.34.1) at 2024-06-29 12:51:12 +0000