summaryrefslogtreecommitdiff
path: root/src/providers
AgeCommit message (Collapse)AuthorFilesLines
2011-12-08LDAP provider: Error while setting the nocanon option should not be fatalJakub Hrozek1-3/+9
https://fedorahosted.org/sssd/ticket/1100
2011-12-08Add ldap_sasl_minssf optionJan Zeleny5-1/+21
https://fedorahosted.org/sssd/ticket/1075
2011-12-05Allow using Glib for UTF8 supportStephen Gallagher1-33/+11
2011-11-30Use dereference during IPA provider initgroupsJakub Hrozek1-40/+149
https://fedorahosted.org/sssd/ticket/1099
2011-11-29Fix two small bugs in group dereferencingJakub Hrozek1-2/+5
2011-11-29Add ipa_hbac_support_srchost option to IPA providerJan Zeleny6-36/+151
don't fetch all host groups if this option is false https://fedorahosted.org/sssd/ticket/1078
2011-11-29IPA migration fixesJakub Hrozek3-97/+141
* use the id connection for looking up the migration flag * force TLS on the password based authentication connection https://fedorahosted.org/sssd/ticket/924
2011-11-29Provide means of forcing TLS and GSSAPI enabled/disabled for sdap connectionsJakub Hrozek5-11/+43
2011-11-29LDAP: Try next failover server on any errorStephen Gallagher1-9/+5
2011-11-28Fixed logically dead code in netgroup processingJan Zeleny1-1/+1
2011-11-28Fixed uninitialized pointer read in netgroups processingJan Zeleny1-0/+6
2011-11-25Fix sdap_id_ctx/ipa_id_ctx mismatch in IPA providerJakub Hrozek4-4/+18
This was causing a segfault during HBAC processing and any ID lookups except for netgroups
2011-11-23Added IPA account info handlerJan Zeleny3-1/+373
Currently it is only handling netgroups by itself, other requests are forwarded to LDAP provider.
2011-11-23Added support for fetching netgroups in IPA providerJan Zeleny1-0/+992
2011-11-23New IPA ID contextJan Zeleny3-22/+37
2011-11-23Added and modified options for IPA netgroupsJan Zeleny2-24/+69
2011-11-23Modified sdap_parse_search_base()Jan Zeleny4-16/+14
2011-11-23Renamed some LDAP routinesJan Zeleny6-41/+49
These were renamed just ot make sure they are not mistook for IPA netgroup functions.
2011-11-22Set more strict permissions on keyringSimo Sorce1-1/+1
We want to confine access to the keyring to the current process and not let root easily peek into the keyring contents.
2011-11-22Fixed unchecked value of setenv() in check_and_export_options()Jan Zeleny1-2/+5
https://fedorahosted.org/sssd/ticket/1080
2011-11-22Cleanup: Remove unused parametersJakub Hrozek25-119/+38
2011-11-18Prevent printing NULL in several places of LDAP providerJakub Hrozek2-5/+9
2011-11-11Use one transaction instead of two during RFC2307bis group processingJakub Hrozek1-31/+55
https://fedorahosted.org/sssd/ticket/1054
2011-11-11Squash transactions in sdap_initgr_common_storeJakub Hrozek1-6/+25
https://fedorahosted.org/sssd/ticket/1053
2011-11-08LDAP: Remove redundant groups from the lookup listStephen Gallagher1-23/+0
2011-11-07Fixed empty loginShell in proxy providerJan Zeleny1-4/+32
https://fedorahosted.org/sssd/ticket/892
2011-11-07Use correct state struct in sdap_initgr_rfc2307bis_next_baseJakub Hrozek1-2/+3
2011-11-07Fix segfault in sdap_get_initgr_userJakub Hrozek1-1/+2
2011-11-02Support to request canonicalization in LDAP/IPA providerJan Zeleny7-1/+28
https://fedorahosted.org/sssd/ticket/957
2011-11-02Add support to request canonicalization on krb AS requestsJan Zeleny5-3/+28
https://fedorahosted.org/sssd/ticket/957
2011-11-02LDAP: Add support for multiple search bases for group enumerationStephen Gallagher4-24/+101
2011-11-02LDAP: Add support for multiple search bases for user enumerationStephen Gallagher4-8/+49
2011-11-02LDAP: Convert ldap_*_search_filterStephen Gallagher3-59/+23
Instead of making this a global option for all user lookups, make it only used if the search base is passed without an explicit filter.
2011-11-02LDAP: Add multiple search bases for initgroups (RFC2307bis groups)Stephen Gallagher1-77/+225
2011-11-02LDAP: Add multiple search bases for initgroups (RFC2307 groups)Stephen Gallagher1-17/+99
2011-11-02LDAP: Add multiple search bases for initgroups (users)Stephen Gallagher1-30/+72
2011-11-02LDAP: Support multiple group search bases (non-enumeration, RFC2307)Stephen Gallagher4-16/+74
2011-11-02LDAP: Support multiple netgroup search basesStephen Gallagher3-14/+65
2011-11-02LDAP: Support multiple user search bases (non-enumeration)Stephen Gallagher4-14/+70
2011-11-02LDAP: Add parser for multiple search basesStephen Gallagher5-26/+380
2011-11-02Make sdap_get_id_specific_filter() more strictStephen Gallagher2-4/+4
2011-11-02Fix size return for split_on_separator()Stephen Gallagher1-5/+5
It was returning the size of the array, rather than the number of elements. (The array was NULL-terminated). This argument was only used in one place that was actually working around this odd return value.
2011-11-02Remove unused sdap_options attributesStephen Gallagher1-3/+0
These DNs were never assigned or referenced anywhere.
2011-11-02Cleanup of unused function in ldap access providerJan Zeleny1-2/+0
2011-11-02Remove confusing do-while loopJakub Hrozek1-35/+36
The deref processing would return a single control back. The do-while loop was harmless but confusing.
2011-11-02Use LDAPDerefSpec properlyJakub Hrozek1-4/+6
ldap_create_deref_control_value expects an array of LDAPDerefSpec structures with LDAPDerefSpec.derefAttr == NULL as a sentinel. We were passing a single instance of a LDAPDerefSpec structure. https://fedorahosted.org/sssd/ticket/1050
2011-10-31Steal result onto mem_ctx in sdap_initgr_nested_get_direct_parentsJakub Hrozek1-2/+1
2011-10-31RFC2307bis initgroups: fix nested groups processingJakub Hrozek1-20/+33
Due to incorrectly written loop, SSSD would go into infitite loop if it processed the same group on two different levels of membership.
2011-10-31Do not leak hash table iterator during proxy authJakub Hrozek1-0/+1
2011-10-25Plug memory leaks in LDAP providerJakub Hrozek1-0/+3