summaryrefslogtreecommitdiff
path: root/src/providers/ldap
AgeCommit message (Collapse)AuthorFilesLines
2011-09-28Add a sysdb_get_direct_parents functionJakub Hrozek1-57/+5
2011-09-28Fixed bad logic in processing netgroups in LDAP providerJan Zeleny1-1/+3
2011-09-28Multiline macro cleanupJakub Hrozek2-3/+3
This is mostly a cosmetic patch. The purpose of wrapping a multi-line macro in a do { } while(0) is to make the macro usable as a regular statement, not a compound statement. When the while(0) is terminated with a semicolon, the do { } while(0); block becomes a compound statement again.
2011-09-20Fix uninitialized pointer read in sdap_gssapi_get_default_realm()Jakub Hrozek1-1/+1
https://fedorahosted.org/sssd/ticket/1003
2011-09-08DEBUG timestamps offer higher precisionPavel Březina1-0/+2
https://fedorahosted.org/sssd/ticket/956 Added: --debug-microseconds=0/1 Added: debug_microseconds to sssd.conf
2011-09-06Keep deref controls until the whole request is finishedJakub Hrozek1-8/+45
https://fedorahosted.org/sssd/ticket/989 John Hodrien found out that when paging is used while dereferencing an entry, sssd_be may segfault on the second page. This was because paging returned the control to sdap_generic_search multiple times but sssd was freeing dereference control after the first search invocation. The subsequend sdap searched accessed memory that was already freed.
2011-09-06Improve error message for LDAP password constraint violationJakub Hrozek3-16/+29
https://fedorahosted.org/sssd/ticket/985
2011-09-06Allow turning dereference off by setting the threshold to 0Jakub Hrozek3-3/+9
2011-09-06sss_ldap_err2string() - ldap_err2string() to sss_ldap_err2string()Pavel Březina3-35/+35
https://fedorahosted.org/sssd/ticket/986
2011-09-06sss_ldap_err2string() - function createdPavel Březina1-2/+0
https://fedorahosted.org/sssd/ticket/986
2011-08-29Fix moving to next entry in deref codeJakub Hrozek1-1/+6
https://fedorahosted.org/sssd/ticket/973
2011-08-26Use the default Kerberos realm for LDAP with GSSAPI authJakub Hrozek1-3/+55
https://fedorahosted.org/sssd/ticket/970
2011-08-26Add LDAP provider option to set LDAP_OPT_X_SASL_NOCANONJakub Hrozek3-1/+14
https://fedorahosted.org/sssd/ticket/978
2011-08-25New DEBUG facility - SSSDBG_UNRESOLVED changed from -1 to 0Pavel Březina1-1/+4
Removed: SSS_UNRESOLVED_DEBUG_LEVEL (completely replaced with SSSDBG_UNRESOLVED) Added new macro: CONVERT_AND_SET_DEBUG_LEVEL(new_value) Changes unresolved debug level value (SSSDBG_UNRESOLVED) from -1 to 0 so DEBUG macro could be reduced by one condition. Anyway, it has a minor effect, every time you want to load debug_level from command line parameters, you have to use following pattern: /* Set debug level to invalid value so we can deside if -d 0 was used. */ debug_level = SSSDBG_INVALID; pc = poptGetContext(argv[0], argc, argv, long_options, 0); while((opt = poptGetNextOpt(pc)) != -1) { ... } CONVERT_AND_SET_DEBUG_LEVEL(debug_level);
2011-08-25New DEBUG facility - conversionPavel Březina3-2/+4
https://fedorahosted.org/sssd/ticket/925 Conversion of the old debug_level format to the new one. (only where it was necessary) Removed: SSS_DEFAULT_DEBUG_LEVEL (completely replaced with SSSDBG_DEFAULT)
2011-08-25Improve password policy error code and messageSumit Bose1-4/+9
Instead of returning PAM_SYSTEM_ERR if they necessary attributes for the requested password policy cannot be found we return PAM_PERM_DENIED. Additionally the log message says that the access is denied.
2011-08-15Handle timeout during sss_ldap_init_sendJakub Hrozek1-1/+5
In some cases, where there would be no response from the LDAP server, there would be no R/W events on the LDAP fd, so sdap_async_sys_connect_done would never be called. This patch adds a tevent timer that cancels the connection after SDAP_NETWORK_TIMEOUT seconds.
2011-08-15Moved some functions in sdap_async_initgroupsJan Zeleny1-345/+349
2011-08-15Moved some functions in sdap_async_groupsJan Zeleny1-122/+112
2011-08-15Confusing part of code cleared outJan Zeleny1-34/+32
2011-08-15sdap_async_accounts.c splitJan Zeleny4-2514/+2588
The file has been split in three: sdap_async_users.c sdap_async_groups.c sdap_async_initgroups.c https://fedorahosted.org/sssd/ticket/864
2011-08-15sysdb refactoring: memory context deletedJan Zeleny5-25/+15
This patch deletes memory context parameter in those places in sysdb where it is not necessary. The code using modified functions has been updated. Tests updated as well.
2011-08-15sysdb refactoring: deleted domain variables in sysdb APIJan Zeleny9-58/+35
The patch also updates code using modified functions. Tests have also been adjusted.
2011-08-11Use sysdb attribute name for GID, not LDAP attributeStephen Gallagher1-3/+3
2011-08-04Fix returning groups when gidNumber attribute is not orderedJakub Hrozek3-4/+10
https://fedorahosted.org/sssd/ticket/951
2011-08-01Request password control unconditionally during bindJakub Hrozek1-6/+6
https://fedorahosted.org/sssd/ticket/940
2011-08-01Wrong paramater to sysdb_attrs_add_uint32Jakub Hrozek1-1/+1
2011-07-27Explicitly ignore groups with gidNumber=0Jakub Hrozek2-11/+18
https://fedorahosted.org/sssd/ticket/916
2011-07-27Set gidNumber of non-posix groups to 0 even on updatesJakub Hrozek1-8/+44
2011-07-21fo_get_server_name() getter for a server nameJakub Hrozek1-1/+10
Allows to be more concise in tests and more defensive in resolve callbacks
2011-07-21Rename fo_get_server_name to fo_get_server_str_nameJakub Hrozek1-2/+2
2011-07-21Do not add a NULL host parsed from LDAP URIJakub Hrozek1-1/+8
https://fedorahosted.org/sssd/ticket/911
2011-07-08Add LDAP access control based on NDS attributesSumit Bose5-2/+193
2011-07-08Add helper function msgs2attrs_arrayStephen Gallagher2-0/+33
This function converts a list of ldb_messages into a list of sysdb_attrs.
2011-06-30Use ldap_init_fd() instead of ldap_initialize() if availableSumit Bose3-37/+88
2011-06-30Use name based URI instead of IP address based URIsSumit Bose1-37/+2
2011-06-30Add sdap_call_conn_cb() to call add connection callback directlySumit Bose2-0/+40
2011-06-30Add sockaddr_storage to sdap_serviceSumit Bose2-0/+12
2011-06-16Do not check pwdAttributeSumit Bose1-9/+0
It is not safe to check pwdAttribute to see if server side password policies are active. Only if a LDAP_CONTROL_PASSWORDPOLICYRESPONSE is present the bind response we can assume that there is a server side password policy.
2011-06-15Switch resolver to using resolv_hostent and honor TTLJakub Hrozek1-2/+2
2011-06-02Non-posix group processing - ldap provider and nss responderJan Zeleny2-28/+79
2011-06-02Use escaped IP addresses in LDAP providerJakub Hrozek1-6/+56
2011-05-25Sanitize username during initgroups callSumit Bose1-1/+7
2011-05-25Separate return paths for success and failure in sdap_nested_group_check_cacheJakub Hrozek1-6/+10
2011-05-24Make "password" the default for ldap_default_authtok_typeStephen Gallagher1-1/+1
2011-05-24Fix uninitialized scalar variable in sdap_nested_group_check_cacheJakub Hrozek1-2/+4
https://fedorahosted.org/sssd/ticket/878
2011-05-24Fix uninitialized pointer read in sdap_x_deref_parse_entryJakub Hrozek1-1/+1
https://fedorahosted.org/sssd/ticket/877
2011-05-24Fix bad comparison in sdap_has_deref_supportJakub Hrozek1-1/+1
https://fedorahosted.org/sssd/ticket/876
2011-05-20Use dereference when processing RFC2307bis nested groupsJakub Hrozek3-15/+457
Instead of issuing N LDAP requests when processing a group with N users, utilize the dereference functionality to pull down all the members in a single LDAP request. https://fedorahosted.org/sssd/ticket/799
2011-05-20Refactor RFC2307bis nested group processingJakub Hrozek1-123/+188
This patch splits checking cache and hash tables into standalone functions. This will make it easy to reuse the code in a new branch that uses dereferencing.
generated by cgit (git 2.34.1) at 2024-07-12 00:09:45 +0000