summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2011-08-11Use sysdb attribute name for GID, not LDAP attributeStephen Gallagher1-3/+3
2011-08-11Allow the O_NONBLOCK flag to be reset correctlyRalf Haferkamp1-14/+0
sssd set the O_NONBLOCK flag on the LDAP socket twice. First in set_fd_flags_and_opts(). And the second time in sdap_async_sys_connect_send() after storing a backup in the local state structure. The backup is later used to restore the original flags (after connect() succeeded). As NONBLOCK was already set before it didn't correctly reset that flag. https://fedorahosted.org/sssd/ticket/952
2011-08-10Fix potential double-free issueStephen Gallagher1-1/+1
tmp_ctx is a child of ctx.
2011-08-10Cancel sysdb upgrade transaction if commit failsStephen Gallagher1-60/+30
2011-08-08Remove unused temporary contextJakub Hrozek1-5/+0
2011-08-08Prevent segfault if vetoed_shells are specified without allowed_shellsJakub Hrozek1-16/+19
https://fedorahosted.org/sssd/ticket/954
2011-08-08Fixed implicit declaration of function 'time' in src/sss_client/common.c.Pavel Březina1-0/+1
2011-08-08debug_timestamps fixesPavel Březina4-14/+24
Fixed: could not overwrite debug_timestamps when set in sssd.conf Fixed: invalid description of debug_timestamps in sssd man page
2011-08-08Rename sssd.conf to sssd-example.confStephen Gallagher1-1/+1
This file should not be installed by default. It leads to user confusion. We will instead install it as documentation. Fix incorrect example of entry_cache_nowait_percentage
2011-08-04Revert "Allow LDAP to decide when an expiration warning is warranted"Stephen Gallagher1-4/+3
This reverts commit b0b9c38dfce3e3ccbfaa4d00fdf2ea08a70d41a6.
2011-08-04Fix returning groups when gidNumber attribute is not orderedJakub Hrozek3-4/+10
https://fedorahosted.org/sssd/ticket/951
2011-08-04pyhbac: Do not convert int to boolJakub Hrozek1-2/+11
2011-08-03Fix two man page typosYuri Chornoivan2-2/+2
2011-08-02Updating translations for 1.6.0 releaseStephen Gallagher6-2596/+4336
2011-08-01Allow LDAP to decide when an expiration warning is warrantedStephen Gallagher1-3/+4
Previously, we were only displaying expiration warnings if the password was going to expire within a day. We'll allow LDAP to make this decision (by whether it passes us the expiration time). In the future, we can add an option to clamp this down to a shorter period if the local admin prefers it.
2011-08-01Request password control unconditionally during bindJakub Hrozek1-6/+6
https://fedorahosted.org/sssd/ticket/940
2011-08-01HBAC rule validation Python bindingsJakub Hrozek2-0/+129
https://fedorahosted.org/sssd/ticket/943
2011-08-01Change the default value of ldap_tls_cacert in IPA providerJakub Hrozek1-1/+1
https://fedorahosted.org/sssd/ticket/944
2011-08-01Add rule validator to libipa_hbacStephen Gallagher3-0/+189
https://fedorahosted.org/sssd/ticket/943
2011-08-01Remove incorrect private variableStephen Gallagher1-1/+1
This caused no ill effects, since it wasn't used in the callback. However, it is a layering violation (especially since req is freed in the callback)
2011-08-01Wrong paramater to sysdb_attrs_add_uint32Jakub Hrozek1-1/+1
2011-07-29Converge accept_fd_handler and accept_priv_fd_handlerStephen Gallagher1-85/+50
These two functions were almost identical. Better to maintain them as a single function.
2011-07-29Fix incorrect NULL check in ipa_hbac_common.cStephen Gallagher1-1/+1
https://fedorahosted.org/sssd/ticket/936
2011-07-29Fix memory leak in ipa_hbac_evaluate_rulesStephen Gallagher1-0/+1
https://fedorahosted.org/sssd/ticket/933
2011-07-29Add vetoed_shells optionJohn Hodrien6-1/+27
There may be users in LDAP that have a valid but unwelcome shell set in their account. This adds a blacklist of shells that should always be replaced by the fallback_shell. Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2011-07-29sss_client: avoid leaking file descriptorsSimo Sorce1-0/+3
If a pam or nss module is dlcolse()d and unloaded we were leaking the file descriptor used to communicate to sssd in the process. Make sure the fucntion used to close the socket file descriptor is called on dlclose() Silence autoconf 2.28 warnings (Patch by Jakub Hrozek)
2011-07-29UTF8 HBAC testJakub Hrozek1-0/+117
2011-07-29libipa_hbac: Support case-insensitive comparisons with UTF8Stephen Gallagher2-16/+107
2011-07-27Handle allocation error in python HBAC bindingsJakub Hrozek1-0/+3
https://fedorahosted.org/sssd/ticket/934
2011-07-27Remove dead code from python HBAC bindingsJakub Hrozek1-4/+0
https://fedorahosted.org/sssd/ticket/935
2011-07-27Explicitly ignore groups with gidNumber=0Jakub Hrozek2-11/+18
https://fedorahosted.org/sssd/ticket/916
2011-07-27Set gidNumber of non-posix groups to 0 even on updatesJakub Hrozek1-8/+44
2011-07-27silence compilation warnings on RHEL5pbrezina1-12/+13
https://fedorahosted.org/sssd/ticket/930
2011-07-21Fix indexing of skipped groupsJakub Hrozek1-2/+4
https://fedorahosted.org/sssd/ticket/928
2011-07-21fo_get_server_name() getter for a server nameJakub Hrozek6-4/+32
Allows to be more concise in tests and more defensive in resolve callbacks
2011-07-21Rename fo_get_server_name to fo_get_server_str_nameJakub Hrozek7-11/+11
2011-07-21Only print server address if one is availableJakub Hrozek1-0/+7
2011-07-21Do not add a NULL host parsed from LDAP URIJakub Hrozek1-1/+8
https://fedorahosted.org/sssd/ticket/911
2011-07-13Fix python HBAC bindings for python <= 2.4Jakub Hrozek5-84/+311
Several parts of the HBAC python bindings did not work with old Python versions, such as the one shipped in RHEL5. The changes include: * a compatibility wrapper around python set object * PyModule_AddIntMacro compat macro * Py_ssize_t compat definition * Do not use PyUnicode_FromFormat * several function prototypes and structures used to have "char arguments where they have "const char *" in recent versions. This caused compilation warnings this patch mitigates by using the discard_const hack on python 2.4
2011-07-13Fixes for python HBAC bindingsJakub Hrozek2-12/+105
These changes were proposed during a review: * Change the signature of str_concat_sequence() to const char * * use a getsetter for HbacRule.enabled to allow string true/false and integer 1/0 in addition to bool * fix a minor memory leak (HbacRequest.rule_name) * remove overzealous discard consts
2011-07-13Use ares_search instead of ares_query for hostname resolutionJakub Hrozek1-1/+1
ares_query does not take search or domain directives from /etc/resolv.conf into account https://fedorahosted.org/sssd/ticket/922
2011-07-13Remove unused krb5_service structure memberJakub Hrozek3-7/+1
2011-07-11Check DNS records before updatingJakub Hrozek4-25/+470
https://fedorahosted.org/sssd/ticket/802
2011-07-11Allow returning arbitrary address from resolv_hostent as stringJakub Hrozek2-3/+10
2011-07-11Split reading resolver family order into a separate functionJakub Hrozek3-23/+52
2011-07-11Do not hardcode default resolver timeoutJakub Hrozek2-1/+3
2011-07-11Escape IP address in kdcinfoJakub Hrozek2-14/+36
https://fedorahosted.org/sssd/ticket/909
2011-07-11Move IP adress escaping from the LDAP namespaceJakub Hrozek5-14/+14
2011-07-08Allow NULL memctx in sysdb_custom_subtree_dnStephen Gallagher1-3/+11
ldb_dn_new_fmt() has a bug and cannot take a NULL memory context
2011-07-08Add LDAP access control based on NDS attributesSumit Bose9-3/+253
generated by cgit (git 2.34.1) at 2024-11-02 05:59:49 +0000