summaryrefslogtreecommitdiff
path: root/src/providers/ldap/sdap_async.c
AgeCommit message (Collapse)AuthorFilesLines
2012-04-18Prevent printing NULL from DEBUG messagesJakub Hrozek1-2/+4
2012-03-21LDAP: Add better error logging when ldap_result() failsStephen Gallagher1-1/+3
2012-02-24LDAP: Only use paging control on requests for multiple entriesStephen Gallagher1-5/+40
The paging control can cause issues on servers that put limits on how many paging controls can be active at one time (on some servers, it is limited to one per connection). We need to reduce our usage so that we only activate the paging control when making a request that may return an arbitrary number of results. https://fedorahosted.org/sssd/ticket/1202 phase one
2012-02-21End request if ldap_parse_result failsJakub Hrozek1-0/+3
2012-02-06Update shadowLastChanged attribute during LDAP password changeJan Zeleny1-0/+132
https://fedorahosted.org/sssd/ticket/1019
2012-01-18LDAP: Add option to disable paging controlStephen Gallagher1-2/+6
Fixes https://fedorahosted.org/sssd/ticket/967
2011-12-16Use the case sensitivity flag in the LDAP providerJakub Hrozek1-4/+5
2011-12-16Refactor saving sdap entitiesJakub Hrozek1-0/+80
There was too much code duplication between sdap_save_{user,group,netgroup}. This patch removes the most egregious ones.
2011-11-22Cleanup: Remove unused parametersJakub Hrozek1-1/+2
2011-11-18Prevent printing NULL in several places of LDAP providerJakub Hrozek1-2/+4
2011-11-02Remove confusing do-while loopJakub Hrozek1-35/+36
The deref processing would return a single control back. The do-while loop was harmless but confusing.
2011-11-02Use LDAPDerefSpec properlyJakub Hrozek1-4/+6
ldap_create_deref_control_value expects an array of LDAPDerefSpec structures with LDAPDerefSpec.derefAttr == NULL as a sentinel. We were passing a single instance of a LDAPDerefSpec structure. https://fedorahosted.org/sssd/ticket/1050
2011-09-28Store name aliases for users, groupsJakub Hrozek1-0/+90
Also checks fake users for aliases when storing a real users so that getgrnam for a RFC2307 group that references a user by his secondary name followed by getpwnam for this user by his primary name works
2011-09-06Keep deref controls until the whole request is finishedJakub Hrozek1-8/+45
https://fedorahosted.org/sssd/ticket/989 John Hodrien found out that when paging is used while dereferencing an entry, sssd_be may segfault on the second page. This was because paging returned the control to sdap_generic_search multiple times but sssd was freeing dereference control after the first search invocation. The subsequend sdap searched accessed memory that was already freed.
2011-09-06Improve error message for LDAP password constraint violationJakub Hrozek1-5/+12
https://fedorahosted.org/sssd/ticket/985
2011-09-06Allow turning dereference off by setting the threshold to 0Jakub Hrozek1-1/+7
2011-09-06sss_ldap_err2string() - ldap_err2string() to sss_ldap_err2string()Pavel Březina1-5/+5
https://fedorahosted.org/sssd/ticket/986
2011-08-25New DEBUG facility - conversionPavel Březina1-1/+1
https://fedorahosted.org/sssd/ticket/925 Conversion of the old debug_level format to the new one. (only where it was necessary) Removed: SSS_DEFAULT_DEBUG_LEVEL (completely replaced with SSSDBG_DEFAULT)
2011-05-24Fix uninitialized pointer read in sdap_x_deref_parse_entryJakub Hrozek1-1/+1
https://fedorahosted.org/sssd/ticket/877
2011-05-24Fix bad comparison in sdap_has_deref_supportJakub Hrozek1-1/+1
https://fedorahosted.org/sssd/ticket/876
2011-05-20Generic dereference searchJakub Hrozek1-0/+139
A generic wrapper around ASQ and OpenLDAP dereference searches. https://fedorahosted.org/sssd/ticket/635
2011-05-20OpenLDAP dereference searchesJakub Hrozek1-0/+210
This dereference method is supported at least by OpenLDAP and 389DS/RHDS For more details, see: http://tools.ietf.org/html/draft-masarati-ldap-deref-00
2011-05-20Add support for Attribute Scoped QueriesJakub Hrozek1-0/+203
For more details on ASQ, see: http://msdn.microsoft.com/en-us/library/aa366976%28VS.85%29.aspx http://msdn.microsoft.com/en-us/library/aa746418%28v=VS.85%29.aspx
2011-05-20Generic dereference data structures and utilitiesJakub Hrozek1-0/+35
These will be shared by both dereference methods in a later patch.
2011-05-20sdap_get_generic_extJakub Hrozek1-73/+202
Add a private sdap_get_generic_ext_send()/_recv() request that exposes more of ldap_search_ext options, in particular the server contols. The existing sdap_generic_search_send()/_recv() request is now a thin wrapper around the new _ext request. The other important change is that an entry parsing is a callback now. That was done in order to allow custom parsing for results such as OpenLDAP deref or Attribute Scoped Queries.
2011-04-28Do not leak LDAP paging controlsJakub Hrozek1-0/+5
2011-04-27Add ldap_page_size configuration optionStephen Gallagher1-2/+1
2011-04-27Enable paging support for LDAPStephen Gallagher1-23/+117
2011-04-27Log the LDAP message type we're processingStephen Gallagher1-0/+57
2011-04-08Don't pass NULL to printf for TLS errorsJakub Hrozek1-4/+2
https://fedorahosted.org/sssd/ticket/643
2011-03-09Release handle if not connectedSumit Bose1-0/+1
2011-01-17Add timeout parameter to sdap_get_generic_send()Sumit Bose1-5/+6
2010-12-07ldap: add checks to determine if USN features are available.Simo Sorce1-0/+1
2010-11-05Review comments for namingContexts patchesSumit Bose1-9/+9
2010-11-04Use (default)namingContext to set empty search basesSumit Bose1-1/+1
2010-11-04Add defaultNamingContext to RootDSE attributesSumit Bose1-0/+1
2010-10-22Add some missing ldap_memfree()Sumit Bose1-1/+2
2010-09-15Check if control is supported before using it.Simo Sorce1-7/+9
2010-09-15Revert "Make ldap bind asynchronous"Jakub Hrozek1-201/+70
This reverts 56d8d19ac9d857580a233d8264e851883b883c67
2010-09-02Make ldap bind asynchronousMartin Nagy1-70/+201
Every ldap function that could possibly create a new connection is now wrapped in a tevent_req. If the connection is created, we will call the function again after the socket is ready for writing.
2010-09-02Properly handle errors from a password change operationStephen Gallagher1-8/+14
2010-07-09Log TLS errors to syslogStephen Gallagher1-1/+17
Also adds support for detecting LDAPS errors by adding a check for SDAP_DIAGNOSTIC_MESSAGE after ldap_search_ext()
2010-07-09Remove remainder of now unused global LDAP connection handle.eindenbom1-1/+1
2010-06-28Make RootDSE optionalStephen Gallagher1-1/+3
In violation of the standard, some LDAP servers control access to the RootDSE, thus preventing us from being able to read it before performing a bind. This patch will allow us to continue on if the RootDSE was inaccessible. All of the places that we use the return value of the RootDSE after this are already checked for NULL and use sane defaults if the RootDSE is unavailable
2010-06-28Add explicit requests for several operational attrsAlexander Gordeev1-1/+12
Operational attributes are not returned in searched requests unless explicitly requested according to RFC 4512 section 5.1. Therefore to get several standard attributes of root DSE we have to request for them. The requested attrs are: - altServer - namingContexts - supportedControl - supportedExtension - supportedFeatures - supportedLDAPVersion - supportedSASLMechanisms Signed-off-by: Alexander Gordeev <lasaine@lvk.cs.msu.su>
2010-05-07Use all available servers in LDAP providerJakub Hrozek1-1/+5
2010-05-03Avoid freeing sdap_handle too earlySimo Sorce1-18/+40
Prevent freeing the sdap_handle by failing in the destructor if we are trying to recurse.
2010-04-26Make the handling of fd events opaqueSumit Bose1-124/+3
Depending on the version of the OpenLDAP libraries we use two different schemes to find the file descriptor of the connection to the LDAP server. This patch removes the related ifdefs from the main code and introduces helper functions which can handle the specific cases.
2010-03-22Lower debug level of unexpected LDAP result codesSumit Bose1-0/+5
2010-02-18Rename server/ directory to src/Stephen Gallagher1-0/+1018
Also update BUILD.txt
generated by cgit (git 2.34.1) at 2024-11-16 12:04:28 +0000