Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2011-08-15 | Moved some functions in sdap_async_groups | Jan Zeleny | 1 | -122/+112 | |
2011-08-15 | Confusing part of code cleared out | Jan Zeleny | 1 | -34/+32 | |
2011-08-15 | sdap_async_accounts.c split | Jan Zeleny | 4 | -2514/+2588 | |
The file has been split in three: sdap_async_users.c sdap_async_groups.c sdap_async_initgroups.c https://fedorahosted.org/sssd/ticket/864 | |||||
2011-08-15 | sysdb refactoring: memory context deleted | Jan Zeleny | 10 | -43/+31 | |
This patch deletes memory context parameter in those places in sysdb where it is not necessary. The code using modified functions has been updated. Tests updated as well. | |||||
2011-08-15 | sysdb refactoring: deleted domain variables in sysdb API | Jan Zeleny | 22 | -101/+69 | |
The patch also updates code using modified functions. Tests have also been adjusted. | |||||
2011-08-11 | Use sysdb attribute name for GID, not LDAP attribute | Stephen Gallagher | 1 | -3/+3 | |
2011-08-04 | Fix returning groups when gidNumber attribute is not ordered | Jakub Hrozek | 3 | -4/+10 | |
https://fedorahosted.org/sssd/ticket/951 | |||||
2011-08-01 | Request password control unconditionally during bind | Jakub Hrozek | 1 | -6/+6 | |
https://fedorahosted.org/sssd/ticket/940 | |||||
2011-08-01 | Change the default value of ldap_tls_cacert in IPA provider | Jakub Hrozek | 1 | -1/+1 | |
https://fedorahosted.org/sssd/ticket/944 | |||||
2011-08-01 | Add rule validator to libipa_hbac | Stephen Gallagher | 2 | -0/+74 | |
https://fedorahosted.org/sssd/ticket/943 | |||||
2011-08-01 | Remove incorrect private variable | Stephen Gallagher | 1 | -1/+1 | |
This caused no ill effects, since it wasn't used in the callback. However, it is a layering violation (especially since req is freed in the callback) | |||||
2011-08-01 | Wrong paramater to sysdb_attrs_add_uint32 | Jakub Hrozek | 1 | -1/+1 | |
2011-07-29 | Fix incorrect NULL check in ipa_hbac_common.c | Stephen Gallagher | 1 | -1/+1 | |
https://fedorahosted.org/sssd/ticket/936 | |||||
2011-07-29 | Fix memory leak in ipa_hbac_evaluate_rules | Stephen Gallagher | 1 | -0/+1 | |
https://fedorahosted.org/sssd/ticket/933 | |||||
2011-07-29 | libipa_hbac: Support case-insensitive comparisons with UTF8 | Stephen Gallagher | 1 | -16/+98 | |
2011-07-27 | Explicitly ignore groups with gidNumber=0 | Jakub Hrozek | 2 | -11/+18 | |
https://fedorahosted.org/sssd/ticket/916 | |||||
2011-07-27 | Set gidNumber of non-posix groups to 0 even on updates | Jakub Hrozek | 1 | -8/+44 | |
2011-07-21 | fo_get_server_name() getter for a server name | Jakub Hrozek | 5 | -3/+31 | |
Allows to be more concise in tests and more defensive in resolve callbacks | |||||
2011-07-21 | Rename fo_get_server_name to fo_get_server_str_name | Jakub Hrozek | 6 | -10/+10 | |
2011-07-21 | Only print server address if one is available | Jakub Hrozek | 1 | -0/+7 | |
2011-07-21 | Do not add a NULL host parsed from LDAP URI | Jakub Hrozek | 1 | -1/+8 | |
https://fedorahosted.org/sssd/ticket/911 | |||||
2011-07-13 | Remove unused krb5_service structure member | Jakub Hrozek | 3 | -7/+1 | |
2011-07-11 | Check DNS records before updating | Jakub Hrozek | 4 | -25/+470 | |
https://fedorahosted.org/sssd/ticket/802 | |||||
2011-07-11 | Split reading resolver family order into a separate function | Jakub Hrozek | 1 | -23/+3 | |
2011-07-11 | Do not hardcode default resolver timeout | Jakub Hrozek | 1 | -1/+1 | |
2011-07-11 | Escape IP address in kdcinfo | Jakub Hrozek | 2 | -14/+36 | |
https://fedorahosted.org/sssd/ticket/909 | |||||
2011-07-11 | Move IP adress escaping from the LDAP namespace | Jakub Hrozek | 1 | -3/+3 | |
2011-07-08 | Add LDAP access control based on NDS attributes | Sumit Bose | 6 | -3/+197 | |
2011-07-08 | Treat NULL or empty rhost as unknown | Stephen Gallagher | 2 | -11/+25 | |
Previously, we were assuming this meant it was coming from the localhost, but this is not a safe assumption. We will now treat it as unknown and it will fail to match any rule that requires a specified srchost or group of srchosts. | |||||
2011-07-08 | Add ipa_hbac_treat_deny_as option | Stephen Gallagher | 3 | -2/+13 | |
By default, we will treat the presence of any DENY rule as denying all users. This option will allow the admin to explicitly ignore DENY rules during a transitional period. | |||||
2011-07-08 | Add ipa_hbac_refresh option | Stephen Gallagher | 4 | -1/+21 | |
This option describes the time between refreshes of the HBAC rules on the IPA server. | |||||
2011-07-08 | Add new HBAC lookup and evaluation routines | Stephen Gallagher | 2 | -124/+398 | |
2011-07-08 | Remove old HBAC implementation | Stephen Gallagher | 2 | -1595/+1 | |
2011-07-08 | Add helper functions for looking up HBAC rule components | Stephen Gallagher | 6 | -0/+2616 | |
2011-07-08 | Add HBAC evaluator and tests | Stephen Gallagher | 3 | -0/+386 | |
2011-07-08 | Add helper function msgs2attrs_array | Stephen Gallagher | 2 | -0/+33 | |
This function converts a list of ldb_messages into a list of sysdb_attrs. | |||||
2011-07-05 | ipa_dyndns: Use sockaddr_storage for storing IP addresses | Jakub Hrozek | 1 | -12/+17 | |
https://fedorahosted.org/sssd/ticket/915 | |||||
2011-06-30 | Use ldap_init_fd() instead of ldap_initialize() if available | Sumit Bose | 3 | -37/+88 | |
2011-06-30 | Use name based URI instead of IP address based URIs | Sumit Bose | 2 | -38/+3 | |
2011-06-30 | Add sdap_call_conn_cb() to call add connection callback directly | Sumit Bose | 2 | -0/+40 | |
2011-06-30 | Add sockaddr_storage to sdap_service | Sumit Bose | 3 | -0/+22 | |
2011-06-21 | Log nsupdate message | Jakub Hrozek | 1 | -0/+3 | |
https://fedorahosted.org/sssd/ticket/893 | |||||
2011-06-16 | Do not check pwdAttribute | Sumit Bose | 1 | -9/+0 | |
It is not safe to check pwdAttribute to see if server side password policies are active. Only if a LDAP_CONTROL_PASSWORDPOLICYRESPONSE is present the bind response we can assume that there is a server side password policy. | |||||
2011-06-15 | Switch resolver to using resolv_hostent and honor TTL | Jakub Hrozek | 6 | -28/+29 | |
2011-06-15 | Fix proxy provider return code for secondary missing groups | Sumit Bose | 1 | -1/+3 | |
2011-06-15 | Fix two typos | Sumit Bose | 1 | -2/+3 | |
2011-06-15 | Delete cached ccache file if password is expired | Sumit Bose | 1 | -8/+63 | |
2011-06-02 | Non-posix group processing - ldap provider and nss responder | Jan Zeleny | 2 | -28/+79 | |
2011-06-02 | Escape IPv6 IP addresses in the IPA provider | Jakub Hrozek | 1 | -4/+26 | |
https://fedorahosted.org/sssd/ticket/880 | |||||
2011-06-02 | Use escaped IP addresses in LDAP provider | Jakub Hrozek | 1 | -6/+56 | |