Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2011-11-02 | LDAP: Add support for multiple search bases for group enumeration | Stephen Gallagher | 4 | -24/+101 | |
2011-11-02 | LDAP: Add support for multiple search bases for user enumeration | Stephen Gallagher | 4 | -8/+49 | |
2011-11-02 | LDAP: Convert ldap_*_search_filter | Stephen Gallagher | 3 | -59/+23 | |
Instead of making this a global option for all user lookups, make it only used if the search base is passed without an explicit filter. | |||||
2011-11-02 | LDAP: Add multiple search bases for initgroups (RFC2307bis groups) | Stephen Gallagher | 1 | -77/+225 | |
2011-11-02 | LDAP: Add multiple search bases for initgroups (RFC2307 groups) | Stephen Gallagher | 1 | -17/+99 | |
2011-11-02 | LDAP: Add multiple search bases for initgroups (users) | Stephen Gallagher | 1 | -30/+72 | |
2011-11-02 | LDAP: Support multiple group search bases (non-enumeration, RFC2307) | Stephen Gallagher | 4 | -16/+74 | |
2011-11-02 | LDAP: Support multiple netgroup search bases | Stephen Gallagher | 3 | -14/+65 | |
2011-11-02 | LDAP: Support multiple user search bases (non-enumeration) | Stephen Gallagher | 4 | -14/+70 | |
2011-11-02 | LDAP: Add parser for multiple search bases | Stephen Gallagher | 5 | -26/+380 | |
2011-11-02 | Make sdap_get_id_specific_filter() more strict | Stephen Gallagher | 2 | -4/+4 | |
2011-11-02 | Fix size return for split_on_separator() | Stephen Gallagher | 1 | -5/+5 | |
It was returning the size of the array, rather than the number of elements. (The array was NULL-terminated). This argument was only used in one place that was actually working around this odd return value. | |||||
2011-11-02 | Remove unused sdap_options attributes | Stephen Gallagher | 1 | -3/+0 | |
These DNs were never assigned or referenced anywhere. | |||||
2011-11-02 | Cleanup of unused function in ldap access provider | Jan Zeleny | 1 | -2/+0 | |
2011-11-02 | Remove confusing do-while loop | Jakub Hrozek | 1 | -35/+36 | |
The deref processing would return a single control back. The do-while loop was harmless but confusing. | |||||
2011-11-02 | Use LDAPDerefSpec properly | Jakub Hrozek | 1 | -4/+6 | |
ldap_create_deref_control_value expects an array of LDAPDerefSpec structures with LDAPDerefSpec.derefAttr == NULL as a sentinel. We were passing a single instance of a LDAPDerefSpec structure. https://fedorahosted.org/sssd/ticket/1050 | |||||
2011-10-31 | Steal result onto mem_ctx in sdap_initgr_nested_get_direct_parents | Jakub Hrozek | 1 | -2/+1 | |
2011-10-31 | RFC2307bis initgroups: fix nested groups processing | Jakub Hrozek | 1 | -20/+33 | |
Due to incorrectly written loop, SSSD would go into infitite loop if it processed the same group on two different levels of membership. | |||||
2011-10-31 | Do not leak hash table iterator during proxy auth | Jakub Hrozek | 1 | -0/+1 | |
2011-10-25 | Plug memory leaks in LDAP provider | Jakub Hrozek | 1 | -0/+3 | |
2011-10-17 | Cancel transactions correctly during initgroups | Jakub Hrozek | 1 | -13/+31 | |
2011-10-17 | Use fewer transactions during IPA initgroups | Jakub Hrozek | 1 | -171/+273 | |
2011-10-17 | Use fewer transactions during RFC2307bis initgroups | Jakub Hrozek | 1 | -346/+366 | |
2011-10-17 | Utility functions for LDAP nested schema initgroups | Jakub Hrozek | 1 | -0/+119 | |
2011-10-17 | Add a missing break | Jakub Hrozek | 1 | -0/+1 | |
2011-10-14 | HBAC: Use originalMember for identifying hostgroups | Stephen Gallagher | 3 | -45/+165 | |
2011-10-14 | HBAC: Use originalMember for identifying servicegroups | Stephen Gallagher | 3 | -41/+169 | |
2011-10-14 | HBAC: Do not save member/memberOf links | Stephen Gallagher | 1 | -120/+0 | |
We can just trust the values from the FreeIPA server | |||||
2011-10-13 | SysDB commands that save lastUpdate allows this value to be passed in | Pavel Březina | 7 | -32/+62 | |
https://fedorahosted.org/sssd/ticket/836 | |||||
2011-10-13 | Append PID to sbus server socket name, let clients use a symlink | Jakub Hrozek | 2 | -2/+2 | |
https://fedorahosted.org/sssd/ticket/1034 | |||||
2011-10-06 | Fix small bug where TALLOC_CTX could end up unfreed. | Pavel Zuna | 1 | -3/+3 | |
2011-10-03 | Use explicit base 10 for converting strings to integers | Jakub Hrozek | 2 | -4/+4 | |
https://fedorahosted.org/sssd/ticket/1013 | |||||
2011-09-28 | Store name aliases for users, groups | Jakub Hrozek | 5 | -37/+216 | |
Also checks fake users for aliases when storing a real users so that getgrnam for a RFC2307 group that references a user by his secondary name followed by getpwnam for this user by his primary name works | |||||
2011-09-28 | Add a sysdb_get_direct_parents function | Jakub Hrozek | 1 | -57/+5 | |
2011-09-28 | HBAC: fix typos preventing proper hostgroup evaluation | Stephen Gallagher | 1 | -3/+3 | |
2011-09-28 | Fixed bad logic in processing netgroups in LDAP provider | Jan Zeleny | 1 | -1/+3 | |
2011-09-28 | IPA access: hostname comparison should be case-insensitive | Jakub Hrozek | 1 | -1/+1 | |
2011-09-28 | Multiline macro cleanup | Jakub Hrozek | 8 | -10/+11 | |
This is mostly a cosmetic patch. The purpose of wrapping a multi-line macro in a do { } while(0) is to make the macro usable as a regular statement, not a compound statement. When the while(0) is terminated with a semicolon, the do { } while(0); block becomes a compound statement again. | |||||
2011-09-20 | Fix uninitialized pointer read in sdap_gssapi_get_default_realm() | Jakub Hrozek | 1 | -1/+1 | |
https://fedorahosted.org/sssd/ticket/1003 | |||||
2011-09-08 | DEBUG timestamps offer higher precision | Pavel Březina | 4 | -6/+24 | |
https://fedorahosted.org/sssd/ticket/956 Added: --debug-microseconds=0/1 Added: debug_microseconds to sssd.conf | |||||
2011-09-08 | Improve documentation of libipa_hbac | Stephen Gallagher | 2 | -21/+1697 | |
2011-09-07 | Do not access memory out of bounds | Sumit Bose | 1 | -2/+2 | |
2011-09-06 | Keep deref controls until the whole request is finished | Jakub Hrozek | 1 | -8/+45 | |
https://fedorahosted.org/sssd/ticket/989 John Hodrien found out that when paging is used while dereferencing an entry, sssd_be may segfault on the second page. This was because paging returned the control to sdap_generic_search multiple times but sssd was freeing dereference control after the first search invocation. The subsequend sdap searched accessed memory that was already freed. | |||||
2011-09-06 | Improve error message for LDAP password constraint violation | Jakub Hrozek | 3 | -16/+29 | |
https://fedorahosted.org/sssd/ticket/985 | |||||
2011-09-06 | Allow turning dereference off by setting the threshold to 0 | Jakub Hrozek | 3 | -3/+9 | |
2011-09-06 | sss_ldap_err2string() - ldap_err2string() to sss_ldap_err2string() | Pavel Březina | 3 | -35/+35 | |
https://fedorahosted.org/sssd/ticket/986 | |||||
2011-09-06 | sss_ldap_err2string() - function created | Pavel Březina | 1 | -2/+0 | |
https://fedorahosted.org/sssd/ticket/986 | |||||
2011-08-29 | HBAC: Properly skip all non-group memberOf entries | Stephen Gallagher | 1 | -1/+2 | |
2011-08-29 | Fix moving to next entry in deref code | Jakub Hrozek | 1 | -1/+6 | |
https://fedorahosted.org/sssd/ticket/973 | |||||
2011-08-26 | HBAC: Use of hostgroups for targethost or sourcehost was broken | Stephen Gallagher | 1 | -4/+4 | |
We were trying to look up the wrong attribute for the name of the hostgroup. |