summaryrefslogtreecommitdiff
path: root/src/providers/proxy
AgeCommit message (Collapse)AuthorFilesLines
2012-05-31Ghost members - support in proxy providerJan Zeleny1-6/+8
2012-05-14Potential NULL dereference in proxy providerAriel Barria1-1/+1
2012-05-03PROXY: return correct return codesJakub Hrozek1-7/+9
We were reporting on the value of "status" instead of "ret'. We also didn't set ret to EOK in cases group contained no members.
2012-04-20proxy: new option proxy_fast_aliasJakub Hrozek3-43/+123
2012-04-20proxy: Canonicalize user and group namesJakub Hrozek1-312/+354
https://fedorahosted.org/sssd/ticket/1249
2012-03-29Proxy services: Save lowercased protocol names and aliases in ↵Jakub Hrozek1-57/+17
case-insensitive domains
2012-03-09Handle empty elements in proxy netgroups:Jakub Hrozek1-3/+6
2012-03-09Fix netgroup error handlingJakub Hrozek1-17/+59
https://fedorahosted.org/sssd/ticket/1242
2012-03-09PROXY: Create fake user entries for group lookupsStephen Gallagher1-3/+85
2012-02-24Delete missing attributes from netgroups to be storedJan Zeleny1-1/+1
https://fedorahosted.org/sssd/ticket/1136
2012-02-13Fix uninitialized value error in proxy providerStephen Gallagher1-1/+1
Coverity #12467
2012-02-04NSS: Add individual timeouts for entry typesStephen Gallagher5-17/+12
https://fedorahosted.org/sssd/ticket/1016
2012-01-31SYSDB: extend sysdb_store_service() to accept additional attributesStephen Gallagher1-0/+2
2012-01-27PROXY: add support for enumerating servicesStephen Gallagher4-0/+226
2012-01-27PROXY: add support for service lookups (non-enumeration)Stephen Gallagher4-0/+273
2011-12-16Use the case sensitivity flag in the proxy providerJakub Hrozek3-153/+181
2011-11-22Cleanup: Remove unused parametersJakub Hrozek3-3/+1
2011-11-07Fixed empty loginShell in proxy providerJan Zeleny1-4/+32
https://fedorahosted.org/sssd/ticket/892
2011-10-31Do not leak hash table iterator during proxy authJakub Hrozek1-0/+1
2011-10-13SysDB commands that save lastUpdate allows this value to be passed inPavel Březina2-11/+21
https://fedorahosted.org/sssd/ticket/836
2011-10-13Append PID to sbus server socket name, let clients use a symlinkJakub Hrozek1-1/+1
https://fedorahosted.org/sssd/ticket/1034
2011-10-03Use explicit base 10 for converting strings to integersJakub Hrozek1-2/+2
https://fedorahosted.org/sssd/ticket/1013
2011-09-08DEBUG timestamps offer higher precisionPavel Březina1-2/+3
https://fedorahosted.org/sssd/ticket/956 Added: --debug-microseconds=0/1 Added: debug_microseconds to sssd.conf
2011-08-25--debug-timestamps=1 is not passed to providersPavel Březina1-3/+2
https://fedorahosted.org/sssd/ticket/972 --debug-timestamps=1 is now passed to providers
2011-08-25New DEBUG facility - SSSDBG_UNRESOLVED changed from -1 to 0Pavel Březina1-1/+4
Removed: SSS_UNRESOLVED_DEBUG_LEVEL (completely replaced with SSSDBG_UNRESOLVED) Added new macro: CONVERT_AND_SET_DEBUG_LEVEL(new_value) Changes unresolved debug level value (SSSDBG_UNRESOLVED) from -1 to 0 so DEBUG macro could be reduced by one condition. Anyway, it has a minor effect, every time you want to load debug_level from command line parameters, you have to use following pattern: /* Set debug level to invalid value so we can deside if -d 0 was used. */ debug_level = SSSDBG_INVALID; pc = poptGetContext(argv[0], argc, argv, long_options, 0); while((opt = poptGetNextOpt(pc)) != -1) { ... } CONVERT_AND_SET_DEBUG_LEVEL(debug_level);
2011-08-25New DEBUG facility - conversionPavel Březina3-2/+3
https://fedorahosted.org/sssd/ticket/925 Conversion of the old debug_level format to the new one. (only where it was necessary) Removed: SSS_DEFAULT_DEBUG_LEVEL (completely replaced with SSSDBG_DEFAULT)
2011-08-15sysdb refactoring: memory context deletedJan Zeleny2-11/+10
This patch deletes memory context parameter in those places in sysdb where it is not necessary. The code using modified functions has been updated. Tests updated as well.
2011-08-15sysdb refactoring: deleted domain variables in sysdb APIJan Zeleny3-11/+10
The patch also updates code using modified functions. Tests have also been adjusted.
2011-06-15Fix proxy provider return code for secondary missing groupsSumit Bose1-1/+3
2011-01-21Delete attributes that are removed from LDAPStephen Gallagher1-4/+8
Sometimes, a value in LDAP will cease to exist (the classic example being shadowExpire). We need to make sure we purge that value from SSSD's sysdb as well. https://fedorahosted.org/sssd/ticket/750
2010-12-15Fix memory leak of library handle in proxySumit Bose2-18/+26
https://fedorahosted.org/sssd/ticket/733
2010-12-02Add a special filter type to handle enumerationsSumit Bose1-32/+16
2010-12-01Run checks before resetting offline stateSumit Bose1-1/+2
Before setting the backend to online during a reset offline request the check_online method if the ID provider is called. If the check_online method returns that the ID provider is still not reachable the backend stays offline. Otherwise the backend is switched to online and the related callbacks are run. Additionally the check online test is called during the res_init request because a change in /etc/resolve.conf might also make a server reachable which was assumed offline before.
2010-11-18Fix authentication queue code for proxy authStephen Gallagher1-12/+19
We weren't decrementing the count of in-progress authentication request child processes when they completed successfully. With this patch, we will now guarantee that the process count is accurate and that queued requests will be started when a slot is freed up.
2010-11-15Fix const cast issue with sysdb_attrs_users_from_str_listStephen Gallagher1-9/+9
2010-10-26Always use uint32_t for UID/GID numbersJakub Hrozek1-4/+3
2010-10-25Implement netgroups for proxy providerSumit Bose3-2/+143
2010-10-25Add netgroups infrastructure to proxy providerSumit Bose3-0/+42
2010-10-18Use unsigned long for conversion to id_tJakub Hrozek1-2/+2
We used strtol() on a number of places to convert into uid_t or gid_t from a string representation such as LDAP attribute, but on some platforms, unsigned long might be necessary to store big id_t values. This patch converts to using strtoul() instead.
2010-09-28Suppress some 'may be used uninitialized' warningsSumit Bose1-1/+1
Additionally the handling of errno and the errno_t return value of functions is fixed in krb5_common.c.
2010-09-08Dead assignments cleanup in providers codeJan Zeleny1-2/+0
Dead assignments were deleted. Also prototype of function sdap_access_decide_offline() has been changed, since its return code was never used. Ticket: #586
2010-09-02Fixed uninialized value in proxy_id providerJan Zeleny1-0/+2
In function get_pw_name when allocation of memory fails, there were two codepaths which could cause printing of undefined value. This patch fixes both cases. Ticket: #580
2010-06-30Split proxy.c into smaller filesStephen Gallagher7-2518/+2599
proxy.c was growing too large to manage (and some graphical development tools could no longer open it because of memory limitations). This patch splits proxy.c into the following files: proxy_init.c: Setup routines for the plugin proxy_id.c: Functions to handle user and group lookups proxy_auth.c: Functions to handle PAM interactions proxy_common.c: Common utility routines
2010-06-30Rename proxy_ctx to proxy_id_ctx for clarityStephen Gallagher1-14/+15
2010-06-10Eliminate unused variable from pc_init_timeout()Stephen Gallagher1-4/+0
https://fedorahosted.org/sssd/ticket/525
2010-06-10Check return code of hash_delete in proxy_child_destructorStephen Gallagher1-1/+7
We can't do much about an error here, but we should be reporting it. https://fedorahosted.org/sssd/ticket/534
2010-06-06Don't return uninitialized value in proxy providerJakub Hrozek1-1/+4
Fixes: #498
2010-05-27Support password changes in chpass_provider = proxyStephen Gallagher1-5/+73
We were not passing the old authtok to the pam_chauthtok() function, causing it to return PAM_AUTH_ERR.
2010-05-27Proxy provider PAM handling in child processStephen Gallagher3-0/+3039
This patch adds a new tevent_req to the proxy provider, which will spawn short-lived child processes to handle PAM requests. These processes then call the proxied PAM stack and return the results via SBUS method reply. Once it is returned, the parent process kills the child. There is a maximum of ten child processes running simultaneously, after which requests will be queued for sending once a child slot frees up. The maximum processes will be made configurable at a later date (as this would violate string freeze).