summaryrefslogtreecommitdiff
path: root/src/providers/proxy
AgeCommit message (Collapse)AuthorFilesLines
2011-01-21Delete attributes that are removed from LDAPStephen Gallagher1-4/+8
Sometimes, a value in LDAP will cease to exist (the classic example being shadowExpire). We need to make sure we purge that value from SSSD's sysdb as well. https://fedorahosted.org/sssd/ticket/750
2010-12-15Fix memory leak of library handle in proxySumit Bose2-18/+26
https://fedorahosted.org/sssd/ticket/733
2010-12-02Add a special filter type to handle enumerationsSumit Bose1-32/+16
2010-12-01Run checks before resetting offline stateSumit Bose1-1/+2
Before setting the backend to online during a reset offline request the check_online method if the ID provider is called. If the check_online method returns that the ID provider is still not reachable the backend stays offline. Otherwise the backend is switched to online and the related callbacks are run. Additionally the check online test is called during the res_init request because a change in /etc/resolve.conf might also make a server reachable which was assumed offline before.
2010-11-18Fix authentication queue code for proxy authStephen Gallagher1-12/+19
We weren't decrementing the count of in-progress authentication request child processes when they completed successfully. With this patch, we will now guarantee that the process count is accurate and that queued requests will be started when a slot is freed up.
2010-11-15Fix const cast issue with sysdb_attrs_users_from_str_listStephen Gallagher1-9/+9
2010-10-26Always use uint32_t for UID/GID numbersJakub Hrozek1-4/+3
2010-10-25Implement netgroups for proxy providerSumit Bose3-2/+143
2010-10-25Add netgroups infrastructure to proxy providerSumit Bose3-0/+42
2010-10-18Use unsigned long for conversion to id_tJakub Hrozek1-2/+2
We used strtol() on a number of places to convert into uid_t or gid_t from a string representation such as LDAP attribute, but on some platforms, unsigned long might be necessary to store big id_t values. This patch converts to using strtoul() instead.
2010-09-28Suppress some 'may be used uninitialized' warningsSumit Bose1-1/+1
Additionally the handling of errno and the errno_t return value of functions is fixed in krb5_common.c.
2010-09-08Dead assignments cleanup in providers codeJan Zeleny1-2/+0
Dead assignments were deleted. Also prototype of function sdap_access_decide_offline() has been changed, since its return code was never used. Ticket: #586
2010-09-02Fixed uninialized value in proxy_id providerJan Zeleny1-0/+2
In function get_pw_name when allocation of memory fails, there were two codepaths which could cause printing of undefined value. This patch fixes both cases. Ticket: #580
2010-06-30Split proxy.c into smaller filesStephen Gallagher7-2518/+2599
proxy.c was growing too large to manage (and some graphical development tools could no longer open it because of memory limitations). This patch splits proxy.c into the following files: proxy_init.c: Setup routines for the plugin proxy_id.c: Functions to handle user and group lookups proxy_auth.c: Functions to handle PAM interactions proxy_common.c: Common utility routines
2010-06-30Rename proxy_ctx to proxy_id_ctx for clarityStephen Gallagher1-14/+15
2010-06-10Eliminate unused variable from pc_init_timeout()Stephen Gallagher1-4/+0
https://fedorahosted.org/sssd/ticket/525
2010-06-10Check return code of hash_delete in proxy_child_destructorStephen Gallagher1-1/+7
We can't do much about an error here, but we should be reporting it. https://fedorahosted.org/sssd/ticket/534
2010-06-06Don't return uninitialized value in proxy providerJakub Hrozek1-1/+4
Fixes: #498
2010-05-27Support password changes in chpass_provider = proxyStephen Gallagher1-5/+73
We were not passing the old authtok to the pam_chauthtok() function, causing it to return PAM_AUTH_ERR.
2010-05-27Proxy provider PAM handling in child processStephen Gallagher3-0/+3039
This patch adds a new tevent_req to the proxy provider, which will spawn short-lived child processes to handle PAM requests. These processes then call the proxied PAM stack and return the results via SBUS method reply. Once it is returned, the parent process kills the child. There is a maximum of ten child processes running simultaneously, after which requests will be queued for sending once a child slot frees up. The maximum processes will be made configurable at a later date (as this would violate string freeze).