Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
https://fedorahosted.org/sssd/ticket/1136
|
|
|
|
|
|
|
|
|
|
|
|
This test always generate a random string so each time the test is run we will
test the hash function with a new value.
It also hashes the same string twice and compares the result so that we have a
chance of catching if uninitialized variables are getting mixed into the value
calculation and end up generating different results for the same input.
|
|
|
|
|
|
|
|
Coverity 12394, 12395, 12396, 12397 and 12398
|
|
|
|
|
|
https://fedorahosted.org/sssd/ticket/1046
|
|
https://fedorahosted.org/sssd/ticket/836
|
|
|
|
This is mostly a cosmetic patch.
The purpose of wrapping a multi-line macro in a do { } while(0) is to
make the macro usable as a regular statement, not a compound statement.
When the while(0) is terminated with a semicolon, the do { } while(0);
block becomes a compound statement again.
|
|
https://fedorahosted.org/sssd/ticket/956
|
|
Removed:
SSS_UNRESOLVED_DEBUG_LEVEL (completely replaced with SSSDBG_UNRESOLVED)
Added new macro:
CONVERT_AND_SET_DEBUG_LEVEL(new_value)
Changes unresolved debug level value (SSSDBG_UNRESOLVED) from -1 to 0
so DEBUG macro could be reduced by one condition. Anyway, it has a minor
effect, every time you want to load debug_level from command line parameters,
you have to use following pattern:
/* Set debug level to invalid value so we can deside if -d 0 was used. */
debug_level = SSSDBG_INVALID;
pc = poptGetContext(argv[0], argc, argv, long_options, 0);
while((opt = poptGetNextOpt(pc)) != -1) { ... }
CONVERT_AND_SET_DEBUG_LEVEL(debug_level);
|
|
https://fedorahosted.org/sssd/ticket/925
|
|
https://fedorahosted.org/sssd/ticket/925
Conversion of the old debug_level format to the new one.
(only where it was necessary)
Removed:
SSS_DEFAULT_DEBUG_LEVEL (completely replaced with SSSDBG_DEFAULT)
|
|
This patch deletes memory context parameter in those places in sysdb
where it is not necessary. The code using modified functions has been
updated. Tests updated as well.
|
|
The patch also updates code using modified functions. Tests have also
been adjusted.
|
|
https://fedorahosted.org/sssd/ticket/943
|
|
https://fedorahosted.org/sssd/ticket/943
|
|
|
|
Allows to be more concise in tests and more defensive in resolve
callbacks
|
|
|
|
Several parts of the HBAC python bindings did not work with old Python
versions, such as the one shipped in RHEL5.
The changes include:
* a compatibility wrapper around python set object
* PyModule_AddIntMacro compat macro
* Py_ssize_t compat definition
* Do not use PyUnicode_FromFormat
* several function prototypes and structures used to have "char
arguments where they have "const char *" in recent versions.
This caused compilation warnings this patch mitigates by using
the discard_const hack on python 2.4
|
|
These changes were proposed during a review:
* Change the signature of str_concat_sequence() to const char *
* use a getsetter for HbacRule.enabled to allow string true/false and
integer 1/0 in addition to bool
* fix a minor memory leak (HbacRequest.rule_name)
* remove overzealous discard consts
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
https://fedorahosted.org/sssd/ticket/807
|
|
|
|
Sometimes, a value in LDAP will cease to exist (the classic
example being shadowExpire). We need to make sure we purge that
value from SSSD's sysdb as well.
https://fedorahosted.org/sssd/ticket/750
|
|
Specially crafted packages might lead to an integer overflow and the
parsing of the input buffer might not continue as expected. This issue
was identified by Sebastian Krahmer <krahmer@suse.de>.
|
|
Includes a unit test
|
|
https://fedorahosted.org/sssd/ticket/714
|
|
https://fedorahosted.org/sssd/ticket/732
|
|
https://fedorahosted.org/sssd/ticket/728
|
|
This patch adds simple_allow_groups and simple_deny_groups options
to the simple access provider. It makes it possible to grant or
deny access based on a user's group memberships within the domain.
This patch makes one minor change to previous functionality: now
all deny rules will supersede allow rules. Previously, if both
simple_allow_users and simple_deny_users were set with the same
value, the allow would win.
https://fedorahosted.org/sssd/ticket/440
|
|
It was decided that IPA HBAC will move to a different format to specify
time ranges in access control rules. The evaluation based on the old
format is not needed anymore.
|