sssd - System Security Services Daemon

Age	Commit message (Collapse)	Author	Files	Lines
2012-03-29	Return correct resolv_status on resolver timeout	Jakub Hrozek	2	-12/+17
	https://fedorahosted.org/sssd/ticket/1274
2012-03-28	Remove old compatibility tests	Stephen Gallagher	2	-31/+0
	These are now replaced by the more accurate tests. This patch also drops the runtime option-count check, since we are always performing the more complete check at build-time.
2012-03-28	Add terminator for sdap_attr_map	Stephen Gallagher	3	-22/+49

2012-03-28	Add terminator for dp_option	Stephen Gallagher	4	-5/+12

2012-03-28	Put dp_option maps in their own file	Stephen Gallagher	6	-512/+610
	There is no functional change due to this patch.
2012-03-26	LDAP: Fix memory leaks in synchronous_tls_setup	Stephen Gallagher	1	-8/+10
	We were never freeing "result" if it was allocated by ldap_result(). We were also not freeing "errmsg" if it was allocated but ldap_parse_result() returned an error. Also disambiguate error messages from ldap_parse_result() and error messages from sss_ldap_get_diagnostic_msg() since they use differing memory-management functions.
2012-03-26	LDAP services: Keep the protocol around	Jakub Hrozek	1	-0/+1

2012-03-21	LDAP: Add better error logging when ldap_result() fails	Stephen Gallagher	1	-1/+3

2012-03-21	Make the string_equal() function public	Jakub Hrozek	1	-13/+4

2012-03-16	LDAP: Errors retrieving the RootDSE should not be fatal	Stephen Gallagher	1	-15/+8
	If we can't reach the RootDSE, let's just proceed as if it's unavailable with reasonable defaults. If we fail later on, that's fine. Fixes https://fedorahosted.org/sssd/ticket/1257
2012-03-16	Fix uninitialized variable	Jakub Hrozek	1	-1/+1

2012-03-16	IPA: Allow service lookups	Stephen Gallagher	1	-0/+1

2012-03-14	LDAP: Add AD 2008r2 schema	Stephen Gallagher	1	-2/+49
	https://fedorahosted.org/sssd/ticket/1031
2012-03-12	IPA: Initialize hbac_ctx to NULL	Stephen Gallagher	1	-1/+1

2012-03-09	Handle empty elements in proxy netgroups:	Jakub Hrozek	1	-3/+6

2012-03-09	Fix netgroup error handling	Jakub Hrozek	1	-17/+59
	https://fedorahosted.org/sssd/ticket/1242
2012-03-09	PROXY: Create fake user entries for group lookups	Stephen Gallagher	1	-3/+85

2012-03-09	Missing debug message if sdap_sudo_refresh_set_timer fails	Pavel Březina	1	-1/+5
	https://fedorahosted.org/sssd/ticket/1238
2012-03-09	IPA: Check nsAccountLock during PAM_ACCT_MGMT	Stephen Gallagher	4	-1/+69
	https://fedorahosted.org/sssd/ticket/1227
2012-03-09	LDAP: Make sdap_access_send/recv public	Stephen Gallagher	2	-12/+17
	We want to consume this in the IPA provider.
2012-03-08	Fix nested groups processing	Jakub Hrozek	1	-26/+60
	Instead of keeping the number of parent groups in "state" and having to reset the count when moving to another group on the same level, keep track of the all groups on a particular level along with their parents and parent count.
2012-03-08	Detect cycle in the fail over on subsequent resolve requests only	Jakub Hrozek	5	-23/+28

2012-03-06	krb5_child: set debugging sooner	Jakub Hrozek	2	-23/+35

2012-03-06	Only do one cycle when resolving a server	Jakub Hrozek	7	-37/+105
	https://fedorahosted.org/sssd/ticket/1214
2012-03-05	Use proper errno code	Jakub Hrozek	1	-1/+1

2012-03-05	DP: Reorganize memory hierarchy of requests	Stephen Gallagher	1	-24/+108
	This function alters the memory hierarchy of the be_req to ensure memory safety during shutdown. It creates a spy on the be_cli object so that it will free the be_req if the client is freed. It is generally allocated atop the private data context for the appropriate back-end against which it is being filed. https://fedorahosted.org/sssd/ticket/1226
2012-03-05	IPA: Fix segfault with srchost functionality enabled	Stephen Gallagher	1	-1/+1
	https://fedorahosted.org/sssd/ticket/1215
2012-03-01	IPA: Set the DNS discovery domain to match ipa_domain	Stephen Gallagher	5	-8/+17
	https://fedorahosted.org/sssd/ticket/1217
2012-02-29	Keep sysdb context in domain info struct	Sumit Bose	1	-8/+2

2012-02-27	PAM: Don't send PAM_SYSTEM_INFO message if module unset	Stephen Gallagher	1	-7/+3
	We now have a session module that is only available for the IPA provider. We should not be logging noisily that other providers do not have the session provider configured. https://fedorahosted.org/sssd/ticket/1211
2012-02-26	LDAP: Remove unnecessary filter sanitize	Stephen Gallagher	1	-11/+5
	The orig_dn here isn't being passed to a filter and therefore must not be santized, as the sanitization process would break DNs that contain (among other things) parentheses.
2012-02-26	SSH: Save SSH host name aliases	Jan Cholasta	2	-30/+11

2012-02-24	Modifications to simplify list_missing_attrs	Jan Zeleny	8	-44/+21

2012-02-24	Delete missing attributes from netgroups to be stored	Jan Zeleny	3	-3/+28
	https://fedorahosted.org/sssd/ticket/1136
2012-02-24	IPA hosts refactoring	Jan Zeleny	16	-154/+132

2012-02-24	LDAP: Only use paging control on requests for multiple entries	Stephen Gallagher	16	-40/+100
	The paging control can cause issues on servers that put limits on how many paging controls can be active at one time (on some servers, it is limited to one per connection). We need to reduce our usage so that we only activate the paging control when making a request that may return an arbitrary number of results. https://fedorahosted.org/sssd/ticket/1202 phase one
2012-02-23	AUTOFS: Search all search bases for automounter map entries	Jakub Hrozek	1	-18/+86
	https://fedorahosted.org/sssd/ticket/1168
2012-02-23	LDAP: Properly assign orig_dn	Stephen Gallagher	1	-0/+1
	This was only used for properly identifying debug messages.
2012-02-23	Save errno value before calling DEBUG	Jakub Hrozek	1	-2/+4

2012-02-23	IPA: Add ipa_parse_search_base()	Stephen Gallagher	3	-19/+72
	Previously, we were using sdap_parse_search_base() for setting up the search_base objects for use in IPA. However, this was generating unfriendly log messages about unknown search base types. This patch creates a new common_parse_search_base() routine that can be used with either LDAP or IPA providers. https://fedorahosted.org/sssd/ticket/1151
2012-02-21	Don't give memory context in confdb where not needed	Jan Zeleny	4	-8/+7

2012-02-21	End request if ldap_parse_result fails	Jakub Hrozek	1	-0/+3

2012-02-17	LDAP: Ignore group member users that do not have name attributes	Stephen Gallagher	1	-2/+2
	Instead of failing the group lookup, just skip them. This was impacting some users of ActiveDirectory where not all users had the appropriate attributes. https://fedorahosted.org/sssd/ticket/1169
2012-02-17	Redesign purging of the sudo cache	Pavel Březina	1	-19/+55
	https://fedorahosted.org/sssd/ticket/1173
2012-02-14	Fix memory hierarchy when processing nested group memberships	Jakub Hrozek	4	-11/+14
	https://fedorahosted.org/sssd/ticket/1186
2012-02-13	Fix uninitialized value error in proxy provider	Stephen Gallagher	1	-1/+1
	Coverity #12467
2012-02-13	Fix bad failure handling in be_sudo_handler()	Stephen Gallagher	1	-13/+13
	If the dbus_message_get_args() failed, we would have been dereferencing a NULL be_req. Coverity #12490
2012-02-13	Fix uninitialized in_transaction	Stephen Gallagher	1	-1/+1
	Coverity #12521 and #12491
2012-02-13	Add missing breaks to switch statements	Stephen Gallagher	2	-0/+2
	Coverity #12525 and #12524
2012-02-13	Remove dead code	Stephen Gallagher	1	-9/+0
	Coverity #12529