summaryrefslogtreecommitdiff
path: root/src/providers/ldap/ldap_child.c
AgeCommit message (Collapse)AuthorFilesLines
2011-11-02Support to request canonicalization in LDAP/IPA providerJan Zeleny1-0/+8
https://fedorahosted.org/sssd/ticket/957
2011-09-08DEBUG timestamps offer higher precisionPavel Březina1-0/+2
https://fedorahosted.org/sssd/ticket/956 Added: --debug-microseconds=0/1 Added: debug_microseconds to sssd.conf
2011-08-25New DEBUG facility - SSSDBG_UNRESOLVED changed from -1 to 0Pavel Březina1-1/+4
Removed: SSS_UNRESOLVED_DEBUG_LEVEL (completely replaced with SSSDBG_UNRESOLVED) Added new macro: CONVERT_AND_SET_DEBUG_LEVEL(new_value) Changes unresolved debug level value (SSSDBG_UNRESOLVED) from -1 to 0 so DEBUG macro could be reduced by one condition. Anyway, it has a minor effect, every time you want to load debug_level from command line parameters, you have to use following pattern: /* Set debug level to invalid value so we can deside if -d 0 was used. */ debug_level = SSSDBG_INVALID; pc = poptGetContext(argv[0], argc, argv, long_options, 0); while((opt = poptGetNextOpt(pc)) != -1) { ... } CONVERT_AND_SET_DEBUG_LEVEL(debug_level);
2011-08-25New DEBUG facility - conversionPavel Březina1-0/+2
https://fedorahosted.org/sssd/ticket/925 Conversion of the old debug_level format to the new one. (only where it was necessary) Removed: SSS_DEFAULT_DEBUG_LEVEL (completely replaced with SSSDBG_DEFAULT)
2011-04-25Modify principal selection for keytab authenticationJan Zeleny1-2/+3
Currently we construct the principal as host/fqdn@REALM. The problem with this is that this principal doesn't have to be in the keytab. In that case the provider fails to start. It is better to scan the keytab and find the most suitable principal to use. Only in case no suitable principal is found the backend should fail to start. The second issue solved by this patch is that the realm we are authenticating the machine to can be in general different from the realm our users are part of (in case of cross Kerberos trust). The patch adds new configuration option SDAP_SASL_REALM. https://fedorahosted.org/sssd/ticket/781
2010-10-13Make ldap_child report kerberos return code to parentJakub Hrozek1-4/+9
2010-10-13Report Kerberos error code from ldap_child_get_tgt_syncJakub Hrozek1-23/+16
2010-08-03Validate keytab at startupJakub Hrozek1-48/+3
In addition to validating the keytab everytime a TGT is requested, we also validate the keytab on back end startup to give early warning that the keytab is not usable. Fixes: #556
2010-08-03Fix getting default realm in the ldap childJakub Hrozek1-1/+10
2010-07-09Add syslog messages for LDAP GSSAPI bindStephen Gallagher1-2/+58
We will now emit a level 0 debug message on keytab errors, and also write to the syslog (LOG_DAEMON)
2010-07-09GSSAPI ticket expiry time is returned from ldap_child and stored in ↵eindenbom1-7/+28
sdap_handle for future reference.
2010-05-16Add ldap_krb5_ticket_lifetime optionSumit Bose1-3/+8
2010-03-25Allow arbitrary-length PAM messagesStephen Gallagher1-6/+6
The PAM standard allows for messages of any length to be returned to the client. We were discarding all messages of length greater than 255. This patch dynamically allocates the message buffers so we can pass the complete message. This resolves https://fedorahosted.org/sssd/ticket/432
2010-03-03Improve safe alignment buffer handling macrosSimo Sorce1-7/+7
Make the counter optional so that alignment safe macros can be used also where there is no counter to update. Change arguments names so that they are not deceiving (ptr normlly identify a pointer) Turn the memcpy substitute into an inline function so that passing a pointer to rp and checking for it doesn't make the compiler spit lots of warnings.
2010-02-18Rename server/ directory to src/Stephen Gallagher1-0/+429
Also update BUILD.txt