summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2011-08-25--debug-timestamps=1 is not passed to providersPavel Březina3-55/+77
https://fedorahosted.org/sssd/ticket/972 --debug-timestamps=1 is now passed to providers
2011-08-25New DEBUG facility - SSSDBG_UNRESOLVED changed from -1 to 0Pavel Březina30-49/+99
Removed: SSS_UNRESOLVED_DEBUG_LEVEL (completely replaced with SSSDBG_UNRESOLVED) Added new macro: CONVERT_AND_SET_DEBUG_LEVEL(new_value) Changes unresolved debug level value (SSSDBG_UNRESOLVED) from -1 to 0 so DEBUG macro could be reduced by one condition. Anyway, it has a minor effect, every time you want to load debug_level from command line parameters, you have to use following pattern: /* Set debug level to invalid value so we can deside if -d 0 was used. */ debug_level = SSSDBG_INVALID; pc = poptGetContext(argv[0], argc, argv, long_options, 0); while((opt = poptGetNextOpt(pc)) != -1) { ... } CONVERT_AND_SET_DEBUG_LEVEL(debug_level);
2011-08-25New DEBUG facility - unit testsPavel Březina1-0/+742
https://fedorahosted.org/sssd/ticket/925
2011-08-25New DEBUG facility - man pagesPavel Březina3-17/+62
https://fedorahosted.org/sssd/ticket/925 Modified sssd and sssd.conf man pages to reflect new levels. Added new man include: include/debug_levels.xml
2011-08-25New DEBUG facility - conversionPavel Březina40-61/+62
https://fedorahosted.org/sssd/ticket/925 Conversion of the old debug_level format to the new one. (only where it was necessary) Removed: SSS_DEFAULT_DEBUG_LEVEL (completely replaced with SSSDBG_DEFAULT)
2011-08-25New DEBUG facility - modified DEBUGPavel Březina1-6/+41
https://fedorahosted.org/sssd/ticket/925 Modified: DEBUG() macro to work with new levels There are several new macros in util/util.h: - DEBUG_MSG(level, function, message) which will format the debug message like "(time) [prg_name] [function] (level): message\n" - DEBUG_IS_SET(level) that you should use to check if the level is allowed to be logged You can use it like: if (DEBUG_IS_SET(SSSDBG_TRACE_LIBS)) {...}
2011-08-25New DEBUG facility - new levelsPavel Březina2-2/+89
https://fedorahosted.org/sssd/ticket/925 Added functions: - debug_convert_old_level() to convert levels 0-9 to appropriate bitmask debug_convert_old_level(5) returns 0x03F0 (= 0 | 1 | 2 | 3 | 4 | 5) - debug_get_level() to convert old level number to its new value debug_get_level(5) returns 0x0200 (= 5) There are several new macros in util/util.h: - SSSDBG_* to reflect a debug level (same names as in the ticket) - please, don't use magic numbers anymore
2011-08-25Improve password policy error code and messageSumit Bose1-4/+9
Instead of returning PAM_SYSTEM_ERR if they necessary attributes for the requested password policy cannot be found we return PAM_PERM_DENIED. Additionally the log message says that the access is denied.
2011-08-25Return the first value of name if the multivalued name attribute does not ↵Jakub Hrozek1-3/+4
match RDN https://fedorahosted.org/sssd/ticket/926
2011-08-25IPA dyndns: do not segfault if the server cannot be resolvedJakub Hrozek1-4/+2
https://fedorahosted.org/sssd/ticket/963
2011-08-15Handle timeout during sss_ldap_init_sendJakub Hrozek3-3/+41
In some cases, where there would be no response from the LDAP server, there would be no R/W events on the LDAP fd, so sdap_async_sys_connect_done would never be called. This patch adds a tevent timer that cancels the connection after SDAP_NETWORK_TIMEOUT seconds.
2011-08-15Do not delete requests inside hash_iterate loopJakub Hrozek1-10/+12
2011-08-15Handle errno properly in set_debug_file_from_fd()Jakub Hrozek1-2/+5
2011-08-15Moved some functions in sdap_async_initgroupsJan Zeleny1-345/+349
2011-08-15Moved some functions in sdap_async_groupsJan Zeleny1-122/+112
2011-08-15Confusing part of code cleared outJan Zeleny1-34/+32
2011-08-15sdap_async_accounts.c splitJan Zeleny4-2514/+2588
The file has been split in three: sdap_async_users.c sdap_async_groups.c sdap_async_initgroups.c https://fedorahosted.org/sssd/ticket/864
2011-08-15Remaining memory context variables renamedJan Zeleny2-75/+75
memctx to mem_ctx tmpctx to tmp_ctx
2011-08-15sysdb refactoring: memory context deletedJan Zeleny20-455/+429
This patch deletes memory context parameter in those places in sysdb where it is not necessary. The code using modified functions has been updated. Tests updated as well.
2011-08-15sysdb refactoring: deleted domain variables in sysdb APIJan Zeleny42-538/+254
The patch also updates code using modified functions. Tests have also been adjusted.
2011-08-15Added sysdb_ctx_get_domain functionJan Zeleny2-0/+7
2011-08-15sysdb refactoring: renamed ctx variable to sysdbJan Zeleny4-348/+348
2011-08-11Use sysdb attribute name for GID, not LDAP attributeStephen Gallagher1-3/+3
2011-08-11Allow the O_NONBLOCK flag to be reset correctlyRalf Haferkamp1-14/+0
sssd set the O_NONBLOCK flag on the LDAP socket twice. First in set_fd_flags_and_opts(). And the second time in sdap_async_sys_connect_send() after storing a backup in the local state structure. The backup is later used to restore the original flags (after connect() succeeded). As NONBLOCK was already set before it didn't correctly reset that flag. https://fedorahosted.org/sssd/ticket/952
2011-08-10Fix potential double-free issueStephen Gallagher1-1/+1
tmp_ctx is a child of ctx.
2011-08-10Cancel sysdb upgrade transaction if commit failsStephen Gallagher1-60/+30
2011-08-08Remove unused temporary contextJakub Hrozek1-5/+0
2011-08-08Prevent segfault if vetoed_shells are specified without allowed_shellsJakub Hrozek1-16/+19
https://fedorahosted.org/sssd/ticket/954
2011-08-08Fixed implicit declaration of function 'time' in src/sss_client/common.c.Pavel Březina1-0/+1
2011-08-08debug_timestamps fixesPavel Březina4-14/+24
Fixed: could not overwrite debug_timestamps when set in sssd.conf Fixed: invalid description of debug_timestamps in sssd man page
2011-08-08Rename sssd.conf to sssd-example.confStephen Gallagher1-1/+1
This file should not be installed by default. It leads to user confusion. We will instead install it as documentation. Fix incorrect example of entry_cache_nowait_percentage
2011-08-04Revert "Allow LDAP to decide when an expiration warning is warranted"Stephen Gallagher1-4/+3
This reverts commit b0b9c38dfce3e3ccbfaa4d00fdf2ea08a70d41a6.
2011-08-04Fix returning groups when gidNumber attribute is not orderedJakub Hrozek3-4/+10
https://fedorahosted.org/sssd/ticket/951
2011-08-04pyhbac: Do not convert int to boolJakub Hrozek1-2/+11
2011-08-03Fix two man page typosYuri Chornoivan2-2/+2
2011-08-02Updating translations for 1.6.0 releaseStephen Gallagher6-2596/+4336
2011-08-01Allow LDAP to decide when an expiration warning is warrantedStephen Gallagher1-3/+4
Previously, we were only displaying expiration warnings if the password was going to expire within a day. We'll allow LDAP to make this decision (by whether it passes us the expiration time). In the future, we can add an option to clamp this down to a shorter period if the local admin prefers it.
2011-08-01Request password control unconditionally during bindJakub Hrozek1-6/+6
https://fedorahosted.org/sssd/ticket/940
2011-08-01HBAC rule validation Python bindingsJakub Hrozek2-0/+129
https://fedorahosted.org/sssd/ticket/943
2011-08-01Change the default value of ldap_tls_cacert in IPA providerJakub Hrozek1-1/+1
https://fedorahosted.org/sssd/ticket/944
2011-08-01Add rule validator to libipa_hbacStephen Gallagher3-0/+189
https://fedorahosted.org/sssd/ticket/943
2011-08-01Remove incorrect private variableStephen Gallagher1-1/+1
This caused no ill effects, since it wasn't used in the callback. However, it is a layering violation (especially since req is freed in the callback)
2011-08-01Wrong paramater to sysdb_attrs_add_uint32Jakub Hrozek1-1/+1
2011-07-29Converge accept_fd_handler and accept_priv_fd_handlerStephen Gallagher1-85/+50
These two functions were almost identical. Better to maintain them as a single function.
2011-07-29Fix incorrect NULL check in ipa_hbac_common.cStephen Gallagher1-1/+1
https://fedorahosted.org/sssd/ticket/936
2011-07-29Fix memory leak in ipa_hbac_evaluate_rulesStephen Gallagher1-0/+1
https://fedorahosted.org/sssd/ticket/933
2011-07-29Add vetoed_shells optionJohn Hodrien6-1/+27
There may be users in LDAP that have a valid but unwelcome shell set in their account. This adds a blacklist of shells that should always be replaced by the fallback_shell. Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2011-07-29sss_client: avoid leaking file descriptorsSimo Sorce1-0/+3
If a pam or nss module is dlcolse()d and unloaded we were leaking the file descriptor used to communicate to sssd in the process. Make sure the fucntion used to close the socket file descriptor is called on dlclose() Silence autoconf 2.28 warnings (Patch by Jakub Hrozek)
2011-07-29UTF8 HBAC testJakub Hrozek1-0/+117
2011-07-29libipa_hbac: Support case-insensitive comparisons with UTF8Stephen Gallagher2-16/+107