| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
This fixes a byte order issue when nscd is running.
|
| |
|
|
| |
This adds tests for a function and type used in the code.
|
| |
|
|
| |
FreeBSD doesn't have ENODATA so we use ENOATTR instead.
|
| |
|
|
| |
This was a compatibility leftover from the nss_ldap days.
|
| | |
|
| |
|
|
|
|
|
| |
This updates the test framework to support --with-module-name, ensures
that exports.map is rebuilt when configure is re-ran, fixes parsing of
nsswitch.conf (to determine what to return for passwd lookups) and fixes
the check for _nss_ldap_version.
|
| |
|
|
|
|
|
| |
This disables the use of thread-local storage in the NSS module when it
is not available in libc. This results in the get*ent() functions not
being thread-safe. However, on most platforms they are not expected to
be thread-safe anyway.
|
| |
|
|
|
|
|
| |
Update nslcd.conf man page that multiple URIs can be set by using more
uri lines or more URIs defined on one uri line.
https://bugzilla.redhat.com/show_bug.cgi?id=1204195
|
| |
|
|
|
|
|
|
| |
In several places the code used a %d format to print a size_t variable.
On amd64 at least size_t is an unsigned long, so use %lu instead.
An alternative would be to use %ud for size_t and %zd fo ssize_t but not
all platforms seem to support that formatter.
|
| |
|
|
|
|
|
| |
There are several places where a static length array in a struct is
compared to a null pointer. These comparisons will always be false,
since an array in a struct is not actually a pointer, so they can be
removed.
|
| |
|
|
|
| |
Adjust the Linux OOM (Out-Of-Memory) killer score by -1000 for nslcd so
that it should not be killed.
|
| |
|
|
| |
This introduces the --with-module-name configure option to allow building of NSS and
PAM modules with different namespaces than ldap.
|
| |
|
|
|
| |
This fixes a bug in the NSS library when encountering IPv6 addresses in
the hosts map.
|
| |
|
|
|
|
|
| |
Thanks David Binderma for pointing this out.
Note that in practical situations this should not result in any errors
due to the position of searches within the ldap_session struct.
|
| |
|
| |
See http://lists.arthurdejong.org/nss-pam-ldapd-users/2014/msg00166.html
|
| |
|
| |
Thanks Jianhai Luan.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
mmkfilter_passwd_byuid()/mkfilter_group_bygid() get wrong filter string
because "%d" will return negative when uid/gid larger than 2^31, and
result to "Authentiction failure".
This also changes the other places where uid_t or gid_t values are
formatted.
|
| |
|
|
|
|
|
|
| |
This fixes a problem with a buffer that could end up padded with
garbage.
This also clarifies the code a bit and adds extra logging for errors
that could occur during daemonising.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
This alleviates some cases where multi-second lag occurs before a query
returns due to some or all connections having been closed by the peer,
e.g. a load balancer timing out old connections, but they are all tried
before opening new connections.
Tested and working on Linux.
|
| | |
|
| |
|
|
|
|
| |
This uses IP addresses from the RFC 5737 TEST-NET-1 range that is meant
for use in documentation. This avoids issues with running the tests
environments that also use the 10.0.0.0/8 range.
|
| | |
|
| |
|
|
|
|
| |
This is a small fix for when using nscd (which still does not seem to
work completely). The port is stored in network byte order but should be
printed in host byte order.
|
| | |
|
| |
|
|
| |
This fixes 15fc13c.
|
| |
|
|
| |
This fixes 3d29861.
|
| |
|
|
| |
This fixes 2274b41.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
This command can be used to perform a lookup using getgrouplist() to
present a list of returned numeric group ids. This can be used to avoid
the additional lookups that are done with the id and groups commands.
|
| |
|
|
|
| |
This clears most buffers that may hold credentials at one point before
free()ing the memory.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
This ensures that controls returned by an LDAP server as part of a
failed BIND operation are also returned. This makes it possible to
distinguish between a wrong password and an expired password.
This also only logs the BIND operation result on DEBUG level (the error
is logged later on).
|
| | |
|
| |
|
|
|
| |
This includes a number of minor changes to the documentation. This also
documents the children search scope (related to 2caeef4).
|
| |
|
|
|
| |
This also clears errno in the main function to ensure that no incorrect
errno value is logged on errors.
|
| | |
|
| |
|
|
| |
This fixes be94912.
|
| |
|
|
|
| |
This adds logging of most cases where a defined buffer is not large
enough to hold provided data on error log level.
|
| | |
|
| |
|
|
|
| |
The buffer size seems to be a problem in environments with long names or
environments with non-ASCII characters.
|
| |
|
|
|
|
| |
I had some edge cases where 64 bytes were not enough. People are using
password managers with long generated passwords. I increased the buffer
size to 128.
|
| | |
|
| | |
|