summaryrefslogtreecommitdiff
path: root/src/providers/ldap/sdap_async_initgroups.c
AgeCommit message (Collapse)AuthorFilesLines
2013-01-21Remove sysdb as a be context structure memberSimo Sorce1-1/+1
The sysdb context is already available through the 'domain' structure.
2013-01-15LDAP: avoid complex realloc logic in save_rfc2307bis_group_membershipsJakub Hrozek1-12/+4
https://fedorahosted.org/sssd/ticket/1761 The function tried to be smart and realloc only when needed, but that only lead to hard-to find bugs where the logic would not allocate the proper space. Remove the reallocation and prefer readability over speed in this case.
2013-01-15Add domain arguemnt to sysdb_get_real_name()Simo Sorce1-1/+2
2013-01-15Add domain arg to sysdb group member functionsSimo Sorce1-5/+7
2013-01-15Add domain arguments to sysdb_add_group functions.Simo Sorce1-2/+2
2013-01-15Add domain to sysdb_search_group_by_name()Simo Sorce1-6/+12
Also remove unused sysdb_search_domgroup_by_name()
2013-01-15Add domain to sysdb_search_user_by_name()Simo Sorce1-10/+22
Also remove unused sysdb_search_domuser_by_name()
2012-12-10LDAP: remove dead assignmentJakub Hrozek1-1/+0
2012-12-05LDAP: Continue adjusting group membership even if there is nothing to addJakub Hrozek1-2/+1
https://fedorahosted.org/sssd/ticket/1695
2012-09-24sdap_add_incomplete_groups(): fix ret may be uninitialized warningPavel Březina1-1/+1
2012-09-24AD: Optimize initgroups lookups with tokenGroupsStephen Gallagher1-4/+20
https://fedorahosted.org/sssd/ticket/1355
2012-08-23Unify usage of sysdb transactionsMichal Zidek1-27/+47
Removing bad examples of usage of sysdb_transaction_start/commit/end functions and making it more consistent (all files except of src/db/sysdb_*.c).
2012-08-21Remove compilation warning: ret may be uninitializedPavel Březina1-0/+2
2012-08-21Process all groups from a single nesting levelJakub Hrozek1-4/+14
https://bugzilla.redhat.com/show_bug.cgi?id=846664 If the first group was cached when processing the nested group membership, we would call tevent_req_done, effectivelly marking the whole nesting level as done.
2012-08-10When ldap_group_nesting_level was reached, the LDAP provider tried to link ↵Michal Zidek1-1/+45
group members with groups outside nesting limit. https://fedorahosted.org/sssd/ticket/1194
2012-06-13LDAP: Auto-detect support for the ldap match ruleStephen Gallagher1-1/+3
This patch extends the RootDSE lookup so that we will perform a second request to test whether the match rule syntax can be used. If both groups and initgroups are disabled in the configuration, this lookup request can be skipped.
2012-06-13LDAP: Add support for AD chain matching extension in initgroupsStephen Gallagher1-9/+20
2012-06-12LDAP: Make sdap_initgr_common_store() non-staticStephen Gallagher1-7/+7
Move it to a private header so it can be reused by other initgroups C files.
2012-06-12LDAP: Add helper function to get list of a user's groups from sysdbStephen Gallagher1-33/+64
2012-06-12LDAP: Fix incorrect switch statement in sdap_get_initgr_done()Stephen Gallagher1-1/+1
SDAP_SCHEMA_AD needs to be calling sdap_initgr_rfc2307bis_recv(), not sdap_initgr_nested_recv(). By coincidence both recv functions happened to be identical, but if one or the other changed, this would break unexpectedly.
2012-05-31Utilize attribute exclusion in LDAP initgroupsJan Zeleny1-3/+33
Previous patch added the possibility to exclude some attributes from a map when building an attribute list to be sent to server. The original reason for this functionality is the code handling LDAP initgroups. In this code, there is no need to fetch members of groups in question. This can save some performance since the list of members can be pretty long in some cases. This case apllies only to RFC2307 and generic RFC2307bis, it doesn't apply for IPA schema.
2012-05-31Add support for filtering atributesJan Zeleny1-10/+10
This patch adds support for filtering attributes when constructing attribute list from a map for LDAP query.
2012-05-31Ghost members - removed sdap_check_aliases()Jan Zeleny1-7/+0
This function is no longer necessary because we don't have fake user entries any more. The original purpose of this function was to check if there are fake user entries for particular user and, if yes, to update its membership.
2012-05-10LDAP: Add attr_count return value to build_attrs_from_map()Stephen Gallagher1-5/+5
This is necessary because in several places in the code, we are appending to the attrs returned from this value, and if we relied on the map size macro, we would be appending after the NULL terminator if one or more attributes were defined as NULL.
2012-05-03LDAP: Treat groups with unmappable SIDs as non-POSIX groupsStephen Gallagher1-9/+12
2012-05-03LDAP: Add helper function to map IDsStephen Gallagher1-16/+5
This function will also auto-create a new ID map if the domain has not been seen previously.
2012-05-03LDAP: Add helper routine to convert LDAP blob to SID stringStephen Gallagher1-28/+144
2012-03-08Fix nested groups processingJakub Hrozek1-26/+60
Instead of keeping the number of parent groups in "state" and having to reset the count when moving to another group on the same level, keep track of the all groups on a particular level along with their parents and parent count.
2012-03-05Use proper errno codeJakub Hrozek1-1/+1
2012-02-24Modifications to simplify list_missing_attrsJan Zeleny1-1/+1
2012-02-24LDAP: Only use paging control on requests for multiple entriesStephen Gallagher1-6/+12
The paging control can cause issues on servers that put limits on how many paging controls can be active at one time (on some servers, it is limited to one per connection). We need to reduce our usage so that we only activate the paging control when making a request that may return an arbitrary number of results. https://fedorahosted.org/sssd/ticket/1202 phase one
2012-02-23LDAP: Properly assign orig_dnStephen Gallagher1-0/+1
This was only used for properly identifying debug messages.
2012-02-14Fix memory hierarchy when processing nested group membershipsJakub Hrozek1-6/+8
https://fedorahosted.org/sssd/ticket/1186
2012-02-04LDAP: Fix incorrect search timeoutsStephen Gallagher1-1/+1
2012-02-04LDAP: Do not fail if RootDSE check cannot determine search basesStephen Gallagher1-1/+34
https://fedorahosted.org/sssd/ticket/1152
2011-12-16Use the case sensitivity flag in the LDAP providerJakub Hrozek1-4/+13
2011-11-30Use dereference during IPA provider initgroupsJakub Hrozek1-40/+149
https://fedorahosted.org/sssd/ticket/1099
2011-11-22Cleanup: Remove unused parametersJakub Hrozek1-16/+7
2011-11-11Squash transactions in sdap_initgr_common_storeJakub Hrozek1-6/+25
https://fedorahosted.org/sssd/ticket/1053
2011-11-07Use correct state struct in sdap_initgr_rfc2307bis_next_baseJakub Hrozek1-2/+3
2011-11-07Fix segfault in sdap_get_initgr_userJakub Hrozek1-1/+2
2011-11-02LDAP: Add multiple search bases for initgroups (RFC2307bis groups)Stephen Gallagher1-77/+225
2011-11-02LDAP: Add multiple search bases for initgroups (RFC2307 groups)Stephen Gallagher1-17/+99
2011-11-02LDAP: Add multiple search bases for initgroups (users)Stephen Gallagher1-30/+72
2011-10-31Steal result onto mem_ctx in sdap_initgr_nested_get_direct_parentsJakub Hrozek1-2/+1
2011-10-31RFC2307bis initgroups: fix nested groups processingJakub Hrozek1-20/+33
Due to incorrectly written loop, SSSD would go into infitite loop if it processed the same group on two different levels of membership.
2011-10-25Plug memory leaks in LDAP providerJakub Hrozek1-0/+3
2011-10-17Cancel transactions correctly during initgroupsJakub Hrozek1-13/+31
2011-10-17Use fewer transactions during IPA initgroupsJakub Hrozek1-171/+273
2011-10-17Use fewer transactions during RFC2307bis initgroupsJakub Hrozek1-346/+366
generated by cgit (git 2.34.1) at 2024-11-16 05:06:46 +0000