summaryrefslogtreecommitdiff
path: root/src/providers
AgeCommit message (Collapse)AuthorFilesLines
2011-11-02LDAP: Add support for multiple search bases for group enumerationStephen Gallagher4-24/+101
2011-11-02LDAP: Add support for multiple search bases for user enumerationStephen Gallagher4-8/+49
2011-11-02LDAP: Convert ldap_*_search_filterStephen Gallagher3-59/+23
Instead of making this a global option for all user lookups, make it only used if the search base is passed without an explicit filter.
2011-11-02LDAP: Add multiple search bases for initgroups (RFC2307bis groups)Stephen Gallagher1-77/+225
2011-11-02LDAP: Add multiple search bases for initgroups (RFC2307 groups)Stephen Gallagher1-17/+99
2011-11-02LDAP: Add multiple search bases for initgroups (users)Stephen Gallagher1-30/+72
2011-11-02LDAP: Support multiple group search bases (non-enumeration, RFC2307)Stephen Gallagher4-16/+74
2011-11-02LDAP: Support multiple netgroup search basesStephen Gallagher3-14/+65
2011-11-02LDAP: Support multiple user search bases (non-enumeration)Stephen Gallagher4-14/+70
2011-11-02LDAP: Add parser for multiple search basesStephen Gallagher5-26/+380
2011-11-02Make sdap_get_id_specific_filter() more strictStephen Gallagher2-4/+4
2011-11-02Fix size return for split_on_separator()Stephen Gallagher1-5/+5
It was returning the size of the array, rather than the number of elements. (The array was NULL-terminated). This argument was only used in one place that was actually working around this odd return value.
2011-11-02Remove unused sdap_options attributesStephen Gallagher1-3/+0
These DNs were never assigned or referenced anywhere.
2011-11-02Cleanup of unused function in ldap access providerJan Zeleny1-2/+0
2011-11-02Remove confusing do-while loopJakub Hrozek1-35/+36
The deref processing would return a single control back. The do-while loop was harmless but confusing.
2011-11-02Use LDAPDerefSpec properlyJakub Hrozek1-4/+6
ldap_create_deref_control_value expects an array of LDAPDerefSpec structures with LDAPDerefSpec.derefAttr == NULL as a sentinel. We were passing a single instance of a LDAPDerefSpec structure. https://fedorahosted.org/sssd/ticket/1050
2011-10-31Steal result onto mem_ctx in sdap_initgr_nested_get_direct_parentsJakub Hrozek1-2/+1
2011-10-31RFC2307bis initgroups: fix nested groups processingJakub Hrozek1-20/+33
Due to incorrectly written loop, SSSD would go into infitite loop if it processed the same group on two different levels of membership.
2011-10-31Do not leak hash table iterator during proxy authJakub Hrozek1-0/+1
2011-10-25Plug memory leaks in LDAP providerJakub Hrozek1-0/+3
2011-10-17Cancel transactions correctly during initgroupsJakub Hrozek1-13/+31
2011-10-17Use fewer transactions during IPA initgroupsJakub Hrozek1-171/+273
2011-10-17Use fewer transactions during RFC2307bis initgroupsJakub Hrozek1-346/+366
2011-10-17Utility functions for LDAP nested schema initgroupsJakub Hrozek1-0/+119
2011-10-17Add a missing breakJakub Hrozek1-0/+1
2011-10-14HBAC: Use originalMember for identifying hostgroupsStephen Gallagher3-45/+165
2011-10-14HBAC: Use originalMember for identifying servicegroupsStephen Gallagher3-41/+169
2011-10-14HBAC: Do not save member/memberOf linksStephen Gallagher1-120/+0
We can just trust the values from the FreeIPA server
2011-10-13SysDB commands that save lastUpdate allows this value to be passed inPavel Březina7-32/+62
https://fedorahosted.org/sssd/ticket/836
2011-10-13Append PID to sbus server socket name, let clients use a symlinkJakub Hrozek2-2/+2
https://fedorahosted.org/sssd/ticket/1034
2011-10-06Fix small bug where TALLOC_CTX could end up unfreed.Pavel Zuna1-3/+3
2011-10-03Use explicit base 10 for converting strings to integersJakub Hrozek2-4/+4
https://fedorahosted.org/sssd/ticket/1013
2011-09-28Store name aliases for users, groupsJakub Hrozek5-37/+216
Also checks fake users for aliases when storing a real users so that getgrnam for a RFC2307 group that references a user by his secondary name followed by getpwnam for this user by his primary name works
2011-09-28Add a sysdb_get_direct_parents functionJakub Hrozek1-57/+5
2011-09-28HBAC: fix typos preventing proper hostgroup evaluationStephen Gallagher1-3/+3
2011-09-28Fixed bad logic in processing netgroups in LDAP providerJan Zeleny1-1/+3
2011-09-28IPA access: hostname comparison should be case-insensitiveJakub Hrozek1-1/+1
2011-09-28Multiline macro cleanupJakub Hrozek8-10/+11
This is mostly a cosmetic patch. The purpose of wrapping a multi-line macro in a do { } while(0) is to make the macro usable as a regular statement, not a compound statement. When the while(0) is terminated with a semicolon, the do { } while(0); block becomes a compound statement again.
2011-09-20Fix uninitialized pointer read in sdap_gssapi_get_default_realm()Jakub Hrozek1-1/+1
https://fedorahosted.org/sssd/ticket/1003
2011-09-08DEBUG timestamps offer higher precisionPavel Březina4-6/+24
https://fedorahosted.org/sssd/ticket/956 Added: --debug-microseconds=0/1 Added: debug_microseconds to sssd.conf
2011-09-08Improve documentation of libipa_hbacStephen Gallagher2-21/+1697
2011-09-07Do not access memory out of boundsSumit Bose1-2/+2
2011-09-06Keep deref controls until the whole request is finishedJakub Hrozek1-8/+45
https://fedorahosted.org/sssd/ticket/989 John Hodrien found out that when paging is used while dereferencing an entry, sssd_be may segfault on the second page. This was because paging returned the control to sdap_generic_search multiple times but sssd was freeing dereference control after the first search invocation. The subsequend sdap searched accessed memory that was already freed.
2011-09-06Improve error message for LDAP password constraint violationJakub Hrozek3-16/+29
https://fedorahosted.org/sssd/ticket/985
2011-09-06Allow turning dereference off by setting the threshold to 0Jakub Hrozek3-3/+9
2011-09-06sss_ldap_err2string() - ldap_err2string() to sss_ldap_err2string()Pavel Březina3-35/+35
https://fedorahosted.org/sssd/ticket/986
2011-09-06sss_ldap_err2string() - function createdPavel Březina1-2/+0
https://fedorahosted.org/sssd/ticket/986
2011-08-29HBAC: Properly skip all non-group memberOf entriesStephen Gallagher1-1/+2
2011-08-29Fix moving to next entry in deref codeJakub Hrozek1-1/+6
https://fedorahosted.org/sssd/ticket/973
2011-08-26HBAC: Use of hostgroups for targethost or sourcehost was brokenStephen Gallagher1-4/+4
We were trying to look up the wrong attribute for the name of the hostgroup.