summaryrefslogtreecommitdiff
path: root/src/responder/nss
AgeCommit message (Collapse)AuthorFilesLines
2012-02-13Check for failure in sss_packet_grow()Stephen Gallagher1-5/+5
Coverity #12489
2012-02-13Avoid uninitialized value comparisonStephen Gallagher1-0/+3
Coverity #12526
2012-02-13Allocate setent structure on state, not on the client contextJakub Hrozek3-7/+7
https://fedorahosted.org/sssd/ticket/1189
2012-02-13Remove setent structure when callback is calledJakub Hrozek2-10/+4
2012-02-10Fix group enumerationJakub Hrozek1-0/+2
Also adds some more debugging and fixes a code style issue. https://fedorahosted.org/sssd/ticket/1182
2012-02-05AUTOFS: responderJakub Hrozek1-3/+0
2012-02-05Split the logic to check cache expiration into separate functionJakub Hrozek1-43/+17
2012-02-05RESPONDERS: Refactor setent_req_listJakub Hrozek4-95/+43
Makes the setent_add_ref() and setent_notify_*() functions more generic to be reusable by the autofs responder.
2012-02-04NSS: Add individual timeouts for entry typesStephen Gallagher1-1/+1
https://fedorahosted.org/sssd/ticket/1016
2012-02-04NSS: Use sss_hash_create instead of destructorJakub Hrozek2-13/+2
2012-02-02RESPONDERS: Provide a common sss_cmd_send_error functionJakub Hrozek1-13/+1
The common function could be reused in new responders
2012-01-31Refactor nss_cmd_send_emptyJakub Hrozek4-41/+7
2012-01-27NSS: Add service enumeration support to NSS providerStephen Gallagher2-1/+659
2012-01-27DP: Refactor responder_dp_req so it's reusable by other respondersJakub Hrozek1-1/+2
* the internal request is now more generic and is decoupled from account-specific data. There is a new sss_dp_issue_request() wrapper that issues a BE request or registers a callback * the public requests all use struct sss_dp_req_state as the tevent_req state data. This allows to report back data from the internal request even if the caller is just a callback notifier * each specific request now uses an _info structure that contains all the data necessary to construct a DBusMessage passed to provider * each specific request now defines a sss_dp_get_$data_msg callback that is called from the sss_dp_issue_request() common wraper. The purpose of the wrapper is to construct a DBusMessage and bind it to a DBus method so the message can be just sent over to back end The miscellanous changes include: * change SSS_DP_ constants to an enum. This way, a switch() would error if a value is not handled. * rename sss_dp_get_account_int_send() to sss_dp_internal_get_send() request because the internal request is going to handle more than just account data * the DBus return values were renamed from err_maj, err_min to dp_err and dp_ret respectively
2012-01-27NSS: Add getservbyname and getservbyport support to the NSS ResponderStephen Gallagher3-0/+1209
2012-01-23Move sized_string declaration to utilsStephen Gallagher2-19/+0
2012-01-23DP: Fix bugs in sss_dp_get_account_intStephen Gallagher1-0/+1
The conversion to the tevent_req style introduced numerous bugs related to memory management of the various client requests. In some circumstances, this could cause memory corruption and segmentation faults in the NSS responder. This patch makes the following changes: 1) Rename the internal lookup from subreq to sidereq, to indicate that it is not a sub-request of the current lookup (and therefore is not cancelled if the current request is). 2) Change the handling of the callback loops since they call tevent_req_[done|error], which results in them being freed (and therefore removed from the cb_list. This was the source of the memory corruption that would occasionally result in dereferencing an unreadable request. 3) Remove the unnecessary sss_dp_get_account_int_recv() function and change sss_dp_get_account_done() so that it only frees the sidereq. All of the waiting processes have already been signaled with the final results from sss_dp_get_account_int_done()
2012-01-21RESPONDER: Extend sss_dp_account_send() to include extra dataStephen Gallagher1-4/+4
Some NSS maps such as 'services' require more values to be passed to the data provider than just the name or ID. In these cases, we will amend an optional component to filter value to pass to the data provider backend.
2012-01-17NSS: Improve DEBUG messages for netgroup cacheStephen Gallagher1-2/+2
2012-01-09nsssrv: use sized_string in fill_grentSimo Sorce1-35/+48
2012-01-09nsssrv: use sized_string in fill_pwentSimo Sorce1-41/+56
2012-01-09nsssrv: add string manipulation helperSimo Sorce2-0/+19
the sized_string structure makes it easier to keep track of string lengths and makes passing around data more compat and readable.
2012-01-04nsssrv: remove unused macroSimo Sorce1-2/+0
2011-12-21Return user and group names lowercased in case insensitive domainsJakub Hrozek1-12/+32
2011-12-21sss_get_cased_name utility functionJakub Hrozek2-9/+9
2011-12-19Deleted declaration of nss_get_dom()Jan Zeleny1-4/+0
This function has been renamed to responder_get_domain() but this declaration hasn't been deleted.
2011-12-19Pass client context to sss_dp_get_account_sendJakub Hrozek1-1/+1
2011-12-16Use the case sensitivity flag in respondersJakub Hrozek2-20/+40
2011-12-16Responders: Split getting domain by name into separate functionJakub Hrozek2-17/+4
2011-12-08Ignore NULL-terminator when checking UTF8-validity for netgroupsStephen Gallagher1-1/+1
Glib fails if the NULL-terminator is included when a length is specified.
2011-12-07Pass the correct private data into Data Provider callbackJakub Hrozek1-1/+1
2011-12-05Ignore NULL-terminator when checking UTF8-validityStephen Gallagher1-3/+3
Glib fails if the NULL-terminator is included when a length is specified.
2011-11-29RESPONDER: Refactor DP requests into tevent_req styleStephen Gallagher2-50/+112
2011-11-22Cleanup: Remove unused parametersJakub Hrozek1-2/+1
2011-11-18RESPONDER: Ensure that all input strings are valid UTF-8Stephen Gallagher2-0/+28
2011-09-21Enable the midpoint cache update by defaultStephen Gallagher1-1/+1
https://fedorahosted.org/sssd/ticket/918
2011-08-25New DEBUG facility - SSSDBG_UNRESOLVED changed from -1 to 0Pavel Březina1-1/+4
Removed: SSS_UNRESOLVED_DEBUG_LEVEL (completely replaced with SSSDBG_UNRESOLVED) Added new macro: CONVERT_AND_SET_DEBUG_LEVEL(new_value) Changes unresolved debug level value (SSSDBG_UNRESOLVED) from -1 to 0 so DEBUG macro could be reduced by one condition. Anyway, it has a minor effect, every time you want to load debug_level from command line parameters, you have to use following pattern: /* Set debug level to invalid value so we can deside if -d 0 was used. */ debug_level = SSSDBG_INVALID; pc = poptGetContext(argv[0], argc, argv, long_options, 0); while((opt = poptGetNextOpt(pc)) != -1) { ... } CONVERT_AND_SET_DEBUG_LEVEL(debug_level);
2011-08-25New DEBUG facility - conversionPavel Březina1-0/+2
https://fedorahosted.org/sssd/ticket/925 Conversion of the old debug_level format to the new one. (only where it was necessary) Removed: SSS_DEFAULT_DEBUG_LEVEL (completely replaced with SSSDBG_DEFAULT)
2011-08-15sysdb refactoring: deleted domain variables in sysdb APIJan Zeleny2-9/+8
The patch also updates code using modified functions. Tests have also been adjusted.
2011-08-08Remove unused temporary contextJakub Hrozek1-5/+0
2011-08-08Prevent segfault if vetoed_shells are specified without allowed_shellsJakub Hrozek1-16/+19
https://fedorahosted.org/sssd/ticket/954
2011-07-29Add vetoed_shells optionJohn Hodrien3-1/+17
There may be users in LDAP that have a valid but unwelcome shell set in their account. This adds a blacklist of shells that should always be replaced by the fallback_shell. Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2011-07-21Fix indexing of skipped groupsJakub Hrozek1-2/+4
https://fedorahosted.org/sssd/ticket/928
2011-06-27fix typosSimo Sorce1-5/+5
2011-06-02Non-posix group processing - ldap provider and nss responderJan Zeleny1-3/+11
2011-05-31Fix typo in initgroups negative cache checkStephen Gallagher1-1/+1
2011-05-20Add new options to override shell valueJakub Hrozek3-1/+123
https://fedorahosted.org/sssd/ticket/742
2011-05-20Add a new option to override home directory valueJakub Hrozek3-1/+140
https://fedorahosted.org/sssd/ticket/551
2011-05-20Add a new option to override primary GID numberJakub Hrozek2-2/+10
https://fedorahosted.org/sssd/ticket/742
2011-05-06Allow changing the log level without restartStephen Gallagher1-1/+1
We will now re-read the confdb debug_level value when processing the monitor_common_logrotate() function, which occurs when the monitor receives a SIGHUP.