summaryrefslogtreecommitdiff
path: root/src/providers
AgeCommit message (Collapse)AuthorFilesLines
2011-08-15Moved some functions in sdap_async_groupsJan Zeleny1-122/+112
2011-08-15Confusing part of code cleared outJan Zeleny1-34/+32
2011-08-15sdap_async_accounts.c splitJan Zeleny4-2514/+2588
The file has been split in three: sdap_async_users.c sdap_async_groups.c sdap_async_initgroups.c https://fedorahosted.org/sssd/ticket/864
2011-08-15sysdb refactoring: memory context deletedJan Zeleny10-43/+31
This patch deletes memory context parameter in those places in sysdb where it is not necessary. The code using modified functions has been updated. Tests updated as well.
2011-08-15sysdb refactoring: deleted domain variables in sysdb APIJan Zeleny22-101/+69
The patch also updates code using modified functions. Tests have also been adjusted.
2011-08-11Use sysdb attribute name for GID, not LDAP attributeStephen Gallagher1-3/+3
2011-08-04Fix returning groups when gidNumber attribute is not orderedJakub Hrozek3-4/+10
https://fedorahosted.org/sssd/ticket/951
2011-08-01Request password control unconditionally during bindJakub Hrozek1-6/+6
https://fedorahosted.org/sssd/ticket/940
2011-08-01Change the default value of ldap_tls_cacert in IPA providerJakub Hrozek1-1/+1
https://fedorahosted.org/sssd/ticket/944
2011-08-01Add rule validator to libipa_hbacStephen Gallagher2-0/+74
https://fedorahosted.org/sssd/ticket/943
2011-08-01Remove incorrect private variableStephen Gallagher1-1/+1
This caused no ill effects, since it wasn't used in the callback. However, it is a layering violation (especially since req is freed in the callback)
2011-08-01Wrong paramater to sysdb_attrs_add_uint32Jakub Hrozek1-1/+1
2011-07-29Fix incorrect NULL check in ipa_hbac_common.cStephen Gallagher1-1/+1
https://fedorahosted.org/sssd/ticket/936
2011-07-29Fix memory leak in ipa_hbac_evaluate_rulesStephen Gallagher1-0/+1
https://fedorahosted.org/sssd/ticket/933
2011-07-29libipa_hbac: Support case-insensitive comparisons with UTF8Stephen Gallagher1-16/+98
2011-07-27Explicitly ignore groups with gidNumber=0Jakub Hrozek2-11/+18
https://fedorahosted.org/sssd/ticket/916
2011-07-27Set gidNumber of non-posix groups to 0 even on updatesJakub Hrozek1-8/+44
2011-07-21fo_get_server_name() getter for a server nameJakub Hrozek5-3/+31
Allows to be more concise in tests and more defensive in resolve callbacks
2011-07-21Rename fo_get_server_name to fo_get_server_str_nameJakub Hrozek6-10/+10
2011-07-21Only print server address if one is availableJakub Hrozek1-0/+7
2011-07-21Do not add a NULL host parsed from LDAP URIJakub Hrozek1-1/+8
https://fedorahosted.org/sssd/ticket/911
2011-07-13Remove unused krb5_service structure memberJakub Hrozek3-7/+1
2011-07-11Check DNS records before updatingJakub Hrozek4-25/+470
https://fedorahosted.org/sssd/ticket/802
2011-07-11Split reading resolver family order into a separate functionJakub Hrozek1-23/+3
2011-07-11Do not hardcode default resolver timeoutJakub Hrozek1-1/+1
2011-07-11Escape IP address in kdcinfoJakub Hrozek2-14/+36
https://fedorahosted.org/sssd/ticket/909
2011-07-11Move IP adress escaping from the LDAP namespaceJakub Hrozek1-3/+3
2011-07-08Add LDAP access control based on NDS attributesSumit Bose6-3/+197
2011-07-08Treat NULL or empty rhost as unknownStephen Gallagher2-11/+25
Previously, we were assuming this meant it was coming from the localhost, but this is not a safe assumption. We will now treat it as unknown and it will fail to match any rule that requires a specified srchost or group of srchosts.
2011-07-08Add ipa_hbac_treat_deny_as optionStephen Gallagher3-2/+13
By default, we will treat the presence of any DENY rule as denying all users. This option will allow the admin to explicitly ignore DENY rules during a transitional period.
2011-07-08Add ipa_hbac_refresh optionStephen Gallagher4-1/+21
This option describes the time between refreshes of the HBAC rules on the IPA server.
2011-07-08Add new HBAC lookup and evaluation routinesStephen Gallagher2-124/+398
2011-07-08Remove old HBAC implementationStephen Gallagher2-1595/+1
2011-07-08Add helper functions for looking up HBAC rule componentsStephen Gallagher6-0/+2616
2011-07-08Add HBAC evaluator and testsStephen Gallagher3-0/+386
2011-07-08Add helper function msgs2attrs_arrayStephen Gallagher2-0/+33
This function converts a list of ldb_messages into a list of sysdb_attrs.
2011-07-05ipa_dyndns: Use sockaddr_storage for storing IP addressesJakub Hrozek1-12/+17
https://fedorahosted.org/sssd/ticket/915
2011-06-30Use ldap_init_fd() instead of ldap_initialize() if availableSumit Bose3-37/+88
2011-06-30Use name based URI instead of IP address based URIsSumit Bose2-38/+3
2011-06-30Add sdap_call_conn_cb() to call add connection callback directlySumit Bose2-0/+40
2011-06-30Add sockaddr_storage to sdap_serviceSumit Bose3-0/+22
2011-06-21Log nsupdate messageJakub Hrozek1-0/+3
https://fedorahosted.org/sssd/ticket/893
2011-06-16Do not check pwdAttributeSumit Bose1-9/+0
It is not safe to check pwdAttribute to see if server side password policies are active. Only if a LDAP_CONTROL_PASSWORDPOLICYRESPONSE is present the bind response we can assume that there is a server side password policy.
2011-06-15Switch resolver to using resolv_hostent and honor TTLJakub Hrozek6-28/+29
2011-06-15Fix proxy provider return code for secondary missing groupsSumit Bose1-1/+3
2011-06-15Fix two typosSumit Bose1-2/+3
2011-06-15Delete cached ccache file if password is expiredSumit Bose1-8/+63
2011-06-02Non-posix group processing - ldap provider and nss responderJan Zeleny2-28/+79
2011-06-02Escape IPv6 IP addresses in the IPA providerJakub Hrozek1-4/+26
https://fedorahosted.org/sssd/ticket/880
2011-06-02Use escaped IP addresses in LDAP providerJakub Hrozek1-6/+56