summaryrefslogtreecommitdiff
path: root/src/util
AgeCommit message (Collapse)AuthorFilesLines
2012-06-15KRB5: Auto-detect DIR cache support in configureStephen Gallagher2-2/+18
We can't support the DIR cache features in systems with kerberos libraries older than 1.10. Make sure we don't build it on those systems.
2012-06-15Fix compilation on older little-endian systemsStephen Gallagher1-1/+2
2012-06-14Use Kerberos context in KRB5_DEBUGJakub Hrozek1-0/+8
Passing Kerberos context to sss_krb5_get_error_message will allow us to get better error messages.
2012-06-14Add support for storing credential caches in the DIR: back endJakub Hrozek2-20/+4
https://fedorahosted.org/sssd/ticket/974
2012-06-14Residual util functionsJakub Hrozek2-0/+102
Kerberos credential caches can be specified by TYPE:RESIDUAL. This patch adds a couple of utilities to support parsing if ccache locations, checking types etc.
2012-06-13sss_names_init: Report correct error code if allocation failedJakub Hrozek1-1/+4
2012-06-12Make re_expression and full_name_format per domain optionsStef Walter3-7/+140
* Allows different user/domain qualified names for different domains. For example Domain\User or user@domain. * The global re_expression and full_name_format options remain as defaults for the domains. * Subdomains get the re_expression and full_name_format of their parent domain. https://bugzilla.redhat.com/show_bug.cgi?id=811663
2012-05-22KRB5: Avoid NULL-dereference with empty keytabStephen Gallagher1-7/+13
https://fedorahosted.org/sssd/ticket/1330
2012-05-22Simple implementation of Netscape password warning expiration controlJoshua Roys1-0/+8
2012-05-07Limit krb5_get_init_creds_keytab() to etypes in keytabStef Walter2-0/+145
* Load the enctypes for the keys in the keytab and pass them to krb5_get_init_creds_keytab(). * This fixes the problem where the server offers a enctype that krb5 supports, but we don't have a key for in the keytab. https://bugzilla.redhat.com/show_bug.cgi?id=811375
2012-05-07Remove erroneous failure message in find_principal_in_keytabStef Walter1-1/+1
* When it's actually a failure, then the callers will print a message. Fine tune this.
2012-05-04Modify behavior of pam_pwd_expiration_warningJan Zeleny2-0/+6
New option pwd_expiration_warning is introduced which can be set per domain and can override the value specified by the original pam_pwd_expiration_warning. If the value of expiration warning is set to zero, the filter isn't apllied at all - if backend server returns the warning, it will be automatically displayed. Default value for Kerberos: 7 days Default value for LDAP: don't apply the filter Technical note: default value when creating the domain is -1. This is important so we can distinguish between "no value set" and 0. Without this possibility it would be impossible to set different values for LDAP and Kerberos provider.
2012-05-04Fix endian issue in SID conversionSumit Bose1-0/+2
Since the byte-order is only important when dealing with the binary SID the sub-auth values are stored in host order and are only converted while reading or writing the binary SID.
2012-05-02Handle endianness issues on older systemsStephen Gallagher1-0/+17
Older versions of glibc (like that on RHEL 5) do not have the le32toh() function exposed. We need this for handling the Active Directory ID-mapping, so we'll copy these macros from endian.h on a newer glibc.
2012-05-02SERVER: use the correct return code of sss_atomic_write_sJakub Hrozek1-1/+1
2012-05-01execv, excvp and exec_child never return EOKStef Walter2-8/+5
* So don't need to handle that case
2012-04-24murmurhash: Relax inline requirementStephen Gallagher1-2/+2
2012-04-24Two fixes in responder subdomain codeJan Zeleny1-1/+1
2012-04-24SSH: Add support for hashed known_hostsJan Cholasta2-3/+9
https://fedorahosted.org/sssd/ticket/1203
2012-04-24UTIL: Add HMAC-SHA-1 functionJan Cholasta3-0/+127
2012-04-24Moved expand_homedir_template() from NSS responder to utility codeJan Zeleny2-0/+167
2012-04-24New config option for subdomainsJan Zeleny1-0/+2
subdomain_homedir - if set, it contains default value, can be overriden in further processing
2012-04-24Add conn_name to allow different names for domains and connectionsJan Zeleny1-2/+2
2012-04-24Add some utility functions for subdomainsJan Zeleny2-0/+119
2012-04-20Convert read and write operations to sss_atomic_readJakub Hrozek4-120/+89
https://fedorahosted.org/sssd/ticket/1209
2012-04-20Move atomic io function to a separate moduleJakub Hrozek4-43/+102
We'll be using it on various places of the SSSD. The function is in its own file to allow using just the one piece without having to drag in the whole util.c module.
2012-04-20sss_atomic_io: Do not fail reads with EPIPE if there is not enough data to readJakub Hrozek1-1/+2
Also adds a unit test for sss_atomic_io()
2012-04-05Clean up log messages about keytab_nameStephen Gallagher2-11/+21
There were many places where we were printing (null) to the logs because a NULL keytab name tells libkrb5 to use its configured default instead of a particular path. This patch should clean up all uses of this to print "default" in the logs. https://fedorahosted.org/sssd/ticket/1288
2012-03-29Fix off-by-one error in principal selectionJakub Hrozek1-3/+3
https://fedorahosted.org/sssd/ticket/1269
2012-03-29Add sss_get_cased_name_list utility functionJakub Hrozek2-0/+41
2012-03-26Always initialize the returned data in sss_krb5_princ_realm()Sumit Bose1-0/+3
2012-03-21Make the string_equal() function publicJakub Hrozek2-0/+10
2012-03-19nsssrv: add handling of memory cache group mapSimo Sorce1-0/+10
2012-03-19util: Helper headers for shared memory cacheSimo Sorce1-0/+117
2012-02-29Handle cases where UID is -1Stephen Gallagher1-6/+1
Also removes an unnecessary range check (since it's already handled by strtoint32() https://fedorahosted.org/sssd/ticket/1216
2012-02-27SSH: Add missing break statements to sss_ssh_format_pubkeyJan Cholasta1-0/+2
2012-02-27SSH: Add more debugging messagesJan Cholasta1-0/+1
2012-02-26UTIL: Add function for atomic I/OJan Cholasta2-0/+44
2012-02-26SSH: Refactor responder and client common codeJan Cholasta2-0/+233
2012-02-21Don't give memory context in confdb where not neededJan Zeleny1-4/+4
2012-02-14Ensure NULL-termination in get_uid_from_pid()Stephen Gallagher1-0/+3
Coverity #12399
2012-02-07UTIL: Provide base64 encoding and decoding functionsJan Cholasta4-36/+139
2012-02-06Added some SELinux-related utility functionsJan Zeleny2-0/+232
2012-01-23UTIL: Add strtouint16Stephen Gallagher2-0/+20
2012-01-23Move sized_string declaration to utilsStephen Gallagher2-0/+19
2012-01-21Fix invalid index in pidfile()Stephen Gallagher1-1/+3
If we hit the "read too much, this should never happen" line, we would write a NULL-terminator past the end of the static buffer. Coverity 12472
2012-01-17Raise the debug level of two very noisy statementsStephen Gallagher1-2/+3
2012-01-14Log fixes for sdap_call_conn_cbStephen Gallagher1-1/+2
2012-01-09util: Fix murmurhash3 on machines with old glibcSimo Sorce1-0/+10
2012-01-09util: add murmurhash3 hash functionSimo Sorce2-0/+120