sssd - System Security Services Daemon

Age	Commit message (Collapse)	Author	Files	Lines
2012-09-04	SSH: Simplify public key formatting function	Jan Cholasta	1	-2/+1

2012-09-04	SSH: Return error code in SSH utility functions	Jan Cholasta	1	-6/+7

2012-08-27	Use PTHREAD_MUTEX_ROBUST to avoid deadlock in the client	Jakub Hrozek	1	-6/+90
	https://fedorahosted.org/sssd/ticket/1460
2012-08-13	sss_client: Group lookups should work even when fastcache cannot be initialized	Jakub Hrozek	1	-8/+2
	https://fedorahosted.org/sssd/ticket/1415
2012-07-27	Write SELinux config files in responder instead of PAM module	Jan Zeleny	2	-99/+0

2012-07-27	Move SELinux processing from session to account PAM stack	Jan Zeleny	1	-55/+55
	The idea is to rename session provider to selinux provider. Processing of SELinux rules has to be performed in account stack in order to ensure that pam_selinux (which is the first module in PAM session stack) will get the correct input from SSSD. Processing of account PAM stack is bound to access provider. That means we need to have two providers executed when SSS_PAM_ACCT_MGMT message is received from PAM responder. Change in data_provider_be.c ensures just that - after access provider finishes its actions, the control is given to selinux provider and only after this provider finishes is the result returned to PAM responder.
2012-07-18	Fix uninitialized values	Nick Guay	1	-1/+1
	https://fedorahosted.org/sssd/ticket/1379
2012-07-16	sudo test client: avoid SIGSEGV when run without arguments	Pavel Březina	1	-1/+1
	SIGSEGV occured when sss_sudo_cli was run without any arguments.
2012-07-10	Remove resource leak in sssdpac_import_authdata	Sumit Bose	1	-3/+1
	Fixes https://fedorahosted.org/sssd/ticket/1409
2012-07-09	Fix use-after-free	Stephen Gallagher	1	-0/+1
	Coverity #12803
2012-06-29	sudo responder: change protocol version to 1	Pavel Březina	1	-1/+1

2012-06-29	sudo api: send uid, username and domainname	Pavel Březina	5	-66/+158
	https://fedorahosted.org/sssd/ticket/1239 Test client was changed accordingly. The new usage is: sss_sudo_cli username [uid] If uid is not set, getpwnam(username) is called. It will retrieve both default options and rules.
2012-06-29	sudo api: remove EOK	Pavel Březina	2	-13/+10

2012-06-21	PAC client: add krb5 authdata plugin	Sumit Bose	2	-0/+467

2012-06-21	PAC client: add basic support in common client code	Sumit Bose	2	-0/+38

2012-06-21	PAC responder: add the core functionality	Sumit Bose	1	-0/+4
	This adds support for parsing PAC and storing information contained within. In particular the user and all his memberships are stored. In case it is necessary, getgrgid() requests are sent to provider for group resolution.
2012-06-21	Add close on exec support for old platforms	Simo Sorce	1	-1/+16
	Older platfroms like RHEL5 do not have support for O_CLOEXC and need an explicit fcntl after the fd is created. Add it conditionally so it can be clearly removed once we declared those platfroms obsolete and unsupported.
2012-06-21	Do not leak file descriptors in client libs.	Simo Sorce	1	-1/+1
	We need to make sure the mc socket is not leaked otherwise child processes will pile up leaked file descriptors. Add O_CLOEXEC when opening the cache.
2012-06-18	Do not send SIGPIPE on disconnection	Shantanu Goel	1	-6/+21
	Note we set MSG_NOSIGNAL to avoid having to fiddle with signal masks but also do not want to die in case SIGPIPE gets raised and the application does not handle it.
2012-06-18	Set return errno to the value prior to calling close().	Shantanu Goel	1	-2/+2

2012-06-15	SSS_CLIENT: Fix uninitialized value error	Stephen Gallagher	1	-1/+1
	This would cause a crash if we jump to the done: label before it has been allocated.
2012-06-14	Provide "service filter" for SELinux context	Jan Zeleny	1	-0/+20
	At this moment we will support only asterisk, designating "all services". https://fedorahosted.org/sssd/ticket/1360
2012-05-31	SSH: Don't abort connection in sss_ssh_knownhostsproxy when DNS records are ↵	Jan Cholasta	1	-36/+49
	missing https://fedorahosted.org/sssd/ticket/1356
2012-05-31	SSH: Supress error message output in sss_ssh_knownhostsproxy	Jan Cholasta	2	-15/+8

2012-05-29	Revert the client packet length, too, after reverting the packet protocol	Jakub Hrozek	1	-1/+1

2012-05-25	NSS: Restore original protocol for getservbyport	Stephen Gallagher	1	-2/+3
	When fixing an endianness bug, we changed the protocol unnecessarily.
2012-05-25	Send 16bit protocol numbers from the sss_client	Jakub Hrozek	1	-6/+7
	https://fedorahosted.org/sssd/ticket/1348
2012-05-22	Always use positional arguments in translatable strings	Stephen Gallagher	1	-2/+2
	https://fedorahosted.org/sssd/ticket/1336
2012-05-03	AUTOFS: remove unused assignments	Jakub Hrozek	1	-1/+0
	Also changes setautomntent_send so that is only return NULL in case the tevent_req creation fails.
2012-05-02	PAM_SSS: report error code if write fails	Jakub Hrozek	1	-2/+2
	clang had reported this as "value of ret is never used", I think it would be nice to report a meaningful error message.
2012-04-24	SSH: Add support for hashed known_hosts	Jan Cholasta	1	-1/+1
	https://fedorahosted.org/sssd/ticket/1203
2012-04-20	Convert read and write operations to sss_atomic_read	Jakub Hrozek	2	-27/+27
	https://fedorahosted.org/sssd/ticket/1209
2012-04-18	autofs: Raise the maximum key length to PATH_MAX	Jakub Hrozek	1	-2/+4
	https://fedorahosted.org/sssd/ticket/1300
2012-04-18	sudo api: check sss_status instead of errnop in sss_sudo_send_recv_generic()	Pavel Březina	1	-2/+4

2012-04-18	pam_sss: improve error handling in SELinux code	Jakub Hrozek	1	-3/+5

2012-04-05	Use HTML_TIMESTAMP instead of HTML_FOOTER_DESCRIPTION	Jakub Hrozek	1	-3/+4
	https://fedorahosted.org/sssd/ticket/1271
2012-03-28	Silence Coverity warning in the autofs test tool	Jakub Hrozek	1	-8/+22
	https://fedorahosted.org/sssd/ticket/1237
2012-03-26	AUTOFS: fix copy-and-paste bug in the autofs client	Jakub Hrozek	1	-1/+1

2012-03-20	SSH: Fix infinite loop in sss_ssh_knownhostsproxy	Jan Cholasta	1	-6/+9
	https://fedorahosted.org/sssd/ticket/1268
2012-03-19	sss_client: shared memory cache group map support	Simo Sorce	3	-0/+268

2012-03-19	sss_client: shared memory cache passwd map support	Simo Sorce	3	-0/+262

2012-03-19	sss_client: Add common shared memory cache utils	Simo Sorce	2	-0/+334

2012-03-15	SSH: Canonicalize host name and do reverse DNS lookup in sss_ssh_knownhostsproxy	Jan Cholasta	1	-26/+38
	https://fedorahosted.org/sssd/ticket/1245
2012-03-15	SSH: Allow clients to explicitly specify host alias	Jan Cholasta	4	-6/+25
	This change removes the need to canonicalize host names on the responder side - the relevant code was removed.
2012-03-09	Fixed resource leak in ssh client code	Jan Zeleny	1	-0/+1

2012-03-09	Fixed uninitialized pointer in SSH authorized keys client	Jan Zeleny	1	-1/+1

2012-03-09	Fixed uninitialized pointer in SSH known host proxy	Jan Zeleny	1	-1/+1

2012-03-09	Use of unininitialized value in sss_sudo_parse_response	Pavel Březina	1	-0/+2
	https://fedorahosted.org/sssd/ticket/1231
2012-03-09	Two memory leaks in sss_sudo_get_values	Pavel Březina	1	-1/+4
	https://fedorahosted.org/sssd/ticket/1235
2012-03-08	Only free returned values on success	Jakub Hrozek	1	-3/+3
	https://fedorahosted.org/sssd/ticket/1237