Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2012-05-31 | Add support for filtering atributes | Jan Zeleny | 1 | -6/+6 | |
This patch adds support for filtering attributes when constructing attribute list from a map for LDAP query. | |||||
2012-05-10 | LDAP: Add attr_count return value to build_attrs_from_map() | Stephen Gallagher | 1 | -3/+3 | |
This is necessary because in several places in the code, we are appending to the attrs returned from this value, and if we relied on the map size macro, we would be appending after the NULL terminator if one or more attributes were defined as NULL. | |||||
2012-05-03 | LDAP: Enable looking up id-mapped groups by GID | Stephen Gallagher | 1 | -2/+45 | |
2012-05-03 | LDAP: Allow looking up ID-mapped groups by name | Stephen Gallagher | 1 | -11/+20 | |
2012-05-03 | LDAP: Enable looking up id-mapped users by UID | Stephen Gallagher | 1 | -6/+43 | |
2012-01-31 | LDAP: Add enumeration support for services | Stephen Gallagher | 1 | -0/+2 | |
2012-01-31 | LDAP: Add support for service lookups (non-enum) | Stephen Gallagher | 1 | -0/+30 | |
2011-12-19 | Pass sdap_id_ctx to online check from IPA provider | Jakub Hrozek | 1 | -17/+40 | |
2011-11-29 | Provide means of forcing TLS and GSSAPI enabled/disabled for sdap connections | Jakub Hrozek | 1 | -1/+2 | |
2011-11-25 | Fix sdap_id_ctx/ipa_id_ctx mismatch in IPA provider | Jakub Hrozek | 1 | -2/+13 | |
This was causing a segfault during HBAC processing and any ID lookups except for netgroups | |||||
2011-11-23 | Renamed some LDAP routines | Jan Zeleny | 1 | -2/+2 | |
These were renamed just ot make sure they are not mistook for IPA netgroup functions. | |||||
2011-11-02 | LDAP: Add support for multiple search bases for group enumeration | Stephen Gallagher | 1 | -1/+2 | |
2011-11-02 | LDAP: Add support for multiple search bases for user enumeration | Stephen Gallagher | 1 | -1/+2 | |
2011-11-02 | LDAP: Convert ldap_*_search_filter | Stephen Gallagher | 1 | -32/+12 | |
Instead of making this a global option for all user lookups, make it only used if the search base is passed without an explicit filter. | |||||
2011-11-02 | LDAP: Support multiple group search bases (non-enumeration, RFC2307) | Stephen Gallagher | 1 | -1/+3 | |
2011-11-02 | LDAP: Support multiple user search bases (non-enumeration) | Stephen Gallagher | 1 | -0/+1 | |
2011-10-03 | Use explicit base 10 for converting strings to integers | Jakub Hrozek | 1 | -2/+2 | |
https://fedorahosted.org/sssd/ticket/1013 | |||||
2011-08-15 | sysdb refactoring: memory context deleted | Jan Zeleny | 1 | -7/+5 | |
This patch deletes memory context parameter in those places in sysdb where it is not necessary. The code using modified functions has been updated. Tests updated as well. | |||||
2011-08-15 | sysdb refactoring: deleted domain variables in sysdb API | Jan Zeleny | 1 | -9/+4 | |
The patch also updates code using modified functions. Tests have also been adjusted. | |||||
2011-08-04 | Fix returning groups when gidNumber attribute is not ordered | Jakub Hrozek | 1 | -1/+3 | |
https://fedorahosted.org/sssd/ticket/951 | |||||
2011-07-27 | Explicitly ignore groups with gidNumber=0 | Jakub Hrozek | 1 | -1/+1 | |
https://fedorahosted.org/sssd/ticket/916 | |||||
2011-05-04 | Fixed lastUSN checking improvements | Jan Zeleny | 1 | -3/+6 | |
This patch fixes some issues with setting lastUSN attribute and it adds check against the highest user/group USN after enumeration to keep better track of the real highest USN. Optimal solution here would be to schedule a check of rootDSE entry right after the enumeration finishes, but for the moment this is good enough. | |||||
2011-04-19 | Add last usn checking after reconnection | Jan Zeleny | 1 | -1/+16 | |
When reconnecting to the LDAP server supporting USNs (either because of new incomming id operation or invokation of callback responsible for checking status of the backend), detect whether the highest USN is lower than the one SSSD has recorded. If so, setup enumeration/cleanup to refresh potentionally changed account information in the SSSD cache. Related ticket: https://fedorahosted.org/sssd/ticket/734 | |||||
2011-04-19 | Add user and group search LDAP filter options | Jakub Hrozek | 1 | -13/+32 | |
https://fedorahosted.org/sssd/ticket/647 | |||||
2011-04-15 | Do not throw a DP error when failing to delete a nonexistent entity | Stephen Gallagher | 1 | -4/+4 | |
2011-03-14 | Require existence of GID number and name in group searches | Stephen Gallagher | 1 | -3/+6 | |
https://fedorahosted.org/sssd/ticket/824 | |||||
2011-02-18 | Remove cached user entry if initgroups returns ENOENT | Stephen Gallagher | 1 | -0/+11 | |
This behavior was present for getpwnam() but was lacking for initgroups. | |||||
2011-01-21 | Add the user's primary group to the initgroups lookup | Stephen Gallagher | 1 | -5/+6 | |
The user may not be a direct member of their primary group, but we still want to make sure that group is cached on the system. | |||||
2011-01-17 | Add timeout parameter to sdap_get_generic_send() | Sumit Bose | 1 | -2/+6 | |
2010-12-07 | ldap: add checks to determine if USN features are available. | Simo Sorce | 1 | -1/+1 | |
2010-12-02 | Add a special filter type to handle enumerations | Sumit Bose | 1 | -17/+6 | |
2010-12-01 | Add check_online method to LDAP ID provider | Sumit Bose | 1 | -0/+41 | |
2010-11-15 | Sanitize search filters in LDAP provider | Stephen Gallagher | 1 | -2/+16 | |
2010-10-26 | Always use uint32_t for UID/GID numbers | Jakub Hrozek | 1 | -6/+5 | |
2010-10-18 | Use unsigned long for conversion to id_t | Jakub Hrozek | 1 | -2/+2 | |
We used strtol() on a number of places to convert into uid_t or gid_t from a string representation such as LDAP attribute, but on some platforms, unsigned long might be necessary to store big id_t values. This patch converts to using strtoul() instead. | |||||
2010-10-13 | Implement netgroup support for LDAP provider | Sumit Bose | 1 | -0/+26 | |
2010-09-22 | Request all group attributes during initgroups processing | Stephen Gallagher | 1 | -0/+1 | |
We tried to be too clever and only requested the name of the group, but we require the objectClass to validate the results. https://fedorahosted.org/sssd/ticket/622 | |||||
2010-07-09 | Use new LDAP connection framework to get user account groups from LDAP. | eindenbom | 1 | -108/+67 | |
2010-07-09 | Use new LDAP connection framework to get group account info from LDAP. | eindenbom | 1 | -36/+65 | |
2010-07-09 | Use new LDAP connection framework to get user account info from LDAP. | eindenbom | 1 | -37/+90 | |
2010-05-07 | Fix segfault in GSSAPI reconnect code | Stephen Gallagher | 1 | -55/+35 | |
Also clean up some duplicated code into a single common routine sdap_account_info_common_done() | |||||
2010-05-03 | Better handle sdap_handle memory from callers. | Simo Sorce | 1 | -16/+40 | |
Always just mark the sdap_handle as not connected and let later _send() functions to take care of freeing the handle before reconnecting. Introduce restart functions to avoid calling _send() functions in _done() functions error paths as this would have the same effect as directly freeing the sdap_handle and cause access to freed memory in sdap_handle_release() By freeing sdap_handle only in the connection _recv() function we guarantee it can never be done within sdap_handle_release() but only in a following event. | |||||
2010-04-12 | sysdb: delete sysdb_delete_group | Simo Sorce | 1 | -33/+10 | |
2010-04-12 | sysdb: convert sysdb_delete_user | Simo Sorce | 1 | -33/+10 | |
2010-02-18 | Rename server/ directory to src/ | Stephen Gallagher | 1 | -0/+795 | |
Also update BUILD.txt |