Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Get files ready for 0.9.12 release0.9.12Arthur de Jong2021-11-2010-21/+243
|
* Support DNSLDAPS in uriArthur de Jong2021-11-192-10/+33
| | | | | | This supports both `uri DNSLDAPS` and `uri DNSLDAPS:some.domain` variants alongside the pre-existing `uri DNS` that was already supported generating ldaps URIs for all SRV records found.
* Fix internal assertion function detection on SolarisArthur de Jong2021-11-152-5/+11
|
* Update files from latest automakeArthur de Jong2021-11-157-23/+26
|
* Do not use user arthur in testsArthur de Jong2021-11-143-48/+48
| | | | | This makes it more complicated to run the tests on an environment where a local user arthur exists.
* Fix running pynslcd without uid optionArthur de Jong2021-11-141-3/+4
| | | | Fixes 65695aa
* Support running tests with OpenLDAP 2.5Ryan Tandy2021-11-142-10/+10
| | | | | - Change database backend to LMDB - Load external ppolicy schema conditionally
* Configure CodeQL code scanningArthur de Jong2021-11-031-0/+47
|
* Support an empty search baseArthur de Jong2021-11-023-12/+14
| | | | | | | | | | | | This allows putting `base ""` in nslcd.conf to specify an empty search base. Note that the LDAP server needs to support this. With slapd this requires setting up an olcDefaultSearchBase attribute in the olcFrontendConfig object under cn=config or have the database have an empty suffix. Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/50
* Support minus character in attribute expressionsArthur de Jong2021-10-172-11/+23
| | | | | This requires the attribute name is contained within a ${var-name} expression.
* Retry connecting to the first URI after idle_timelimitArthur de Jong2021-05-261-0/+2
| | | | | | | | | | | This ensures that a connection to the first URI listed in the config file will be re-established once the connection is closed cleanly after the idle time. This ensures that the listed URIs are handled more in a primary/fallback manner if an idle time is configured. Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/46
* Replace Travis with GitHub actionsArthur de Jong2021-05-264-54/+77
| | | | | This includes a few tweaks to the test scripts to make debugging easier and to avoid issues on Github action runners.
* Add tls_reqsan to check certificate SANArthur de Jong2021-01-232-13/+62
| | | | This option is passed to the LDAP library if it is supported.
* Add tls_crlfile to check local CRL fileArthur de Jong2021-01-232-3/+36
| | | | This option is passed to the LDAP library if it is supported.
* Add tls_crlcheck to check Certificate Revocation Listsebastienblavier2021-01-183-0/+68
| | | | | | This option is passed to the LDAP library if it is supported. Closes https://github.com/arthurdejong/nss-pam-ldapd/pull/41
* Use the provided Python for `make distcheck`Arthur de Jong2021-01-171-1/+2
| | | | | | This ensures that if a Python interpreter was previously supplied to configure it is also used for subsequent calls to run a distribution check.
* Update files from latest automakeArthur de Jong2021-01-178-105/+150
|
* Fix handling of the pam_authc_ppolicy optionArthur de Jong2020-09-111-17/+13
| | | | | | | | | | | | | | Check the result of the BIND operation instead of that of the ldap_result() call when pam_authc_ppolicy is set to "no". This could have resulted in successful authentication if the BIND operation to the LDAP server timed out and pam_authc_ppolicy was set to "no" but should not result in successful authentication otherwise so it is unlikely that setting pam_authc_ppolicy to "no" ever worked as intended. The timeout also would have to occur on the BIND operation, not on setting up the connection. Fixes 31cd2cf
* Fix typoArthur de Jong2020-04-191-1/+1
| | | | | | Thanks Filip Dvorak See https://bugzilla.redhat.com/show_bug.cgi?id=1825240
* Fix typo in manual pageArthur de Jong2020-02-101-1/+1
| | | | | | | Thanks Benedict Reuschling for pointing this out. Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/39 Fixes b93838d
* Log the correct timeout valueArthur de Jong2019-12-271-3/+3
| | | | | | This fixes logging of the LDAP_OPT_TIMEOUT, LDAP_OPT_NETWORK_TIMEOUT and LDAP_X_OPT_CONNECT_TIMEOUT options to actually log the value of the bind_timelimit option instead of the timelimit option.
* Add pam_authc_ppolicy support in pynslcdArthur de Jong2019-10-132-3/+6
| | | | See https://bugs.debian.org/900253
* Fix Python 3 compatibility in chsh.ldapArthur de Jong2019-10-132-4/+4
|
* Get files ready for 0.9.11 release0.9.11Arthur de Jong2019-10-0612-25/+150
|
* Fix Python interpreter detection in testsArthur de Jong2019-10-061-1/+1
| | | | Fixes 644bc62
* Portability improvements to test suiteArthur de Jong2019-10-061-11/+13
| | | | | Some test systems have more local users and some systems prefer IPv4 addresses over IPv6 addresses.
* Various spelling fixesArthur de Jong2019-09-1730-68/+68
|
* Fix Python interpreter detectionArthur de Jong2019-09-112-2/+3
| | | | | Apparently some environments provide certain Python executables which are not working Python interpreters.
* Remove confinc.out which is left behind by aclocal.m4Arthur de Jong2019-09-082-0/+3
|
* Correctly validate shadow requests and responsesArthur de Jong2019-09-081-3/+10
|
* Update Python interpreter in installed scriptsArthur de Jong2019-09-082-3/+5
| | | | | | | | Ensure that the Python interpreter that is passed to configure ends up in the shebang of the Python scripts. This allows one to pass PYTHON=python3 to configure to install the scripts using the Python 3 interpreter.
* Improve Python code styleArthur de Jong2019-09-0831-513/+828
| | | | | | This also adds a flake8 test that checks code style. Note that this test is not run by default because it requires network access to create the virtualenv with the test software.
* Add Python 3 supportArthur de Jong2019-09-0823-118/+222
| | | | | | | | | This ensures that both pynslcd and the command-line utilities work with Python3 as interpreter and runs some tests with all installed Python interpreters. This drops support for Python 2.6 and extends 5a84be2 to perform more testing with Python 3.
* Avoid logging unknown socket peer informationArthur de Jong2018-09-081-3/+15
| | | | | This avoids logging the client PID when the underlying socker layer cannot provide the relevant information.
* Fix crash in chsh.ldapMizunashi Mana2018-09-051-1/+3
| | | | | | Specify result type of getusershell. Closes https://github.com/arthurdejong/nss-pam-ldapd/pull/31
* Get files ready for 0.9.10 release0.9.10Arthur de Jong2018-09-0110-14/+96
|
* Update files from latest automakeArthur de Jong2018-09-0110-405/+386
|
* Add FreeBSD netgroup supportHWLin2018-08-292-1/+107
| | | | Closes: https://github.com/arthurdejong/nss-pam-ldapd/pull/29
* Make password expiry messages correct and consistentArthur de Jong2018-08-062-14/+14
| | | | | Thanks to Têko Mihinto. See https://bugzilla.redhat.com/show_bug.cgi?id=1612543
* Add domain variable for use in pam_authz_searchArthur de Jong2018-07-213-2/+8
| | | | | | | | | This adds a domain variable (if it can be determined on the system) that can be used in pam_authz_search and pam_authc_search filters to build search filters that search on the domain name (the FQDN without the starting host name). Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/8
* Add a Travis configuration fileArthur de Jong2018-07-213-5/+83
| | | | | | This ensures that the integration tests can be successfully run. It configures a slapd instance with the test database, configures the system to use LDAP authentication and runs the tests.
* Allow logging longer linesArthur de Jong2018-07-211-1/+1
| | | | | | | This increases the buffer that holds log messages so longer messages can be logged. Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/26
* Create /var/run/nslcd/socket after dropping privilegesArthur de Jong2018-07-211-3/+3
| | | | | | | | | | This is needed to avoid a problem where a call to initgroups() can result in NSS lookups. If nscd is configured the mechanism to avoid loopback lookups using nss_ldap_enablelookups will not work and cause for delays on start-up. Note that this changes ownership of the socket to the user running nslcd.
* Get files ready for 0.9.9 release0.9.9Arthur de Jong2018-02-1810-26/+89
|
* Update files from latest automakeArthur de Jong2018-02-186-258/+298
|
* Fix running pylint on distcheckArthur de Jong2018-02-171-4/+9
| | | | | This sets PYTHONPATH so that both the source and build directories are used to find constants.py.
* Mark case blocks without break statementArthur de Jong2018-02-172-1/+9
| | | | | This avoids a gcc warning in non-empty case blocks without a break statement by explicitly marking those blocks.
* Increase size of hostname bufferArthur de Jong2018-02-172-13/+4
| | | | | | | | This increases the host name buffer to support host names (that include FQDNs) to 255 characters and removes the reliance on HOST_NAME_MAX and _POSIX_HOST_NAME_MAX which may be smaller in some situations. Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/22
* Increase size of config file tokenArthur de Jong2017-12-231-1/+1
| | | | | | | | This increases the maximum size of tokens that are read from the nslcd.conf configuration file to 256 characters. This was a problem for some very long uri values. Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/21
* Support spaces in attribute mapping expressionsArthur de Jong2017-10-132-6/+8
|