sssd - System Security Services Daemon

Age	Commit message (Collapse)	Author	Files	Lines
2012-10-12	Collect krb5 trace on high debug levels	Jakub Hrozek	1	-1/+1
	If the debug level contains SSSDBG_TRACE_ALL, then the logs would also include tracing information from libkrb5. https://fedorahosted.org/sssd/ticket/1539
2012-10-04	Remove unused variable	Jakub Hrozek	1	-6/+0

2012-10-02	remove left over principal selection	Pavel Březina	1	-21/+0
	https://fedorahosted.org/sssd/ticket/1303 Domain start up was taking too long when there are many principals in a kerberos keytab. We were looking up in the keytab two times. The first time we try to select a proper principal and remember it. The second call happens almost right after the first one and it is just a check if the principal exists in the keytab, without any output information other than success/failure. It is probably a left over from https://fedorahosted.org/sssd/ticket/781. This patch removes the second call.
2012-05-01	execv, excvp and exec_child never return EOK	Stef Walter	1	-5/+3
	* So don't need to handle that case
2011-12-19	Move child_common routines to util	Stephen Gallagher	1	-1/+1

2011-09-28	Multiline macro cleanup	Jakub Hrozek	1	-1/+1
	This is mostly a cosmetic patch. The purpose of wrapping a multi-line macro in a do { } while(0) is to make the macro usable as a regular statement, not a compound statement. When the while(0) is terminated with a semicolon, the do { } while(0); block becomes a compound statement again.
2011-04-25	Modify principal selection for keytab authentication	Jan Zeleny	1	-2/+7
	Currently we construct the principal as host/fqdn@REALM. The problem with this is that this principal doesn't have to be in the keytab. In that case the provider fails to start. It is better to scan the keytab and find the most suitable principal to use. Only in case no suitable principal is found the backend should fail to start. The second issue solved by this patch is that the realm we are authenticating the machine to can be in general different from the realm our users are part of (in case of cross Kerberos trust). The patch adds new configuration option SDAP_SASL_REALM. https://fedorahosted.org/sssd/ticket/781
2010-10-13	Make ldap_child report kerberos return code to parent	Jakub Hrozek	1	-7/+16

2010-08-03	Validate keytab at startup	Jakub Hrozek	1	-0/+16
	In addition to validating the keytab everytime a TGT is requested, we also validate the keytab on back end startup to give early warning that the keytab is not usable. Fixes: #556
2010-07-09	GSSAPI ticket expiry time is returned from ldap_child and stored in ↵	eindenbom	1	-5/+18
	sdap_handle for future reference.
2010-06-09	Fix realm_str dereference	Jakub Hrozek	1	-1/+1
	Fixes: #508
2010-05-16	Add ldap_krb5_ticket_lifetime option	Sumit Bose	1	-2/+7

2010-05-16	Properly set up SIGCHLD handlers	Stephen Gallagher	1	-10/+8
	Instead of having all-purpose SIGCHLD handlers that try to catch every occurrence, we instead create a per-PID handler. This will allow us to specify callbacks to occur when certain children exit.
2010-03-03	Improve safe alignment buffer handling macros	Simo Sorce	1	-11/+11
	Make the counter optional so that alignment safe macros can be used also where there is no counter to update. Change arguments names so that they are not deceiving (ptr normlly identify a pointer) Turn the memcpy substitute into an inline function so that passing a pointer to rp and checking for it doesn't make the compiler spit lots of warnings.
2010-02-18	Rename server/ directory to src/	Stephen Gallagher	1	-0/+462
	Also update BUILD.txt