Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
| * | Implement a nss_nested_groups configuration option | Arthur de Jong | 2013-03-24 | 7 | -28/+60 | |
| | | | | | | | | | | | | This option can be used in both nslcd and pynslcd to enable recursive group member lookups. By default the functionality is disabled. This also updates the documentation. | |||||
| * | Implement support for nested groups in pynslcd | Arthur de Jong | 2013-03-24 | 2 | -16/+54 | |
| | | ||||||
| * | Implement support for nested groups in nslcd | Arthur de Jong | 2013-03-24 | 1 | -24/+162 | |
| | | | | | | | | | | | | | | | | | | | | | | This differs from the code provided by Steve Hill in that it avoids (recursively) performing parallel LDAP searches by queueing groups and check for extra members per queued group (in the forward lookup) or check for extra parents (for the user to groups lookup). For the reverse lookup handling the NSLCD_HANDLE macro could no longer be used because extra care should be taken to free the sets before returning and two search phases are needed. | |||||
| * | Implement a mkfilter_group_bymemberdn() function | Steve Hill | 2013-03-24 | 2 | -0/+16 | |
|/ | | | | | | | | This was part of a bigger change to implement nested groups, however most of the other parts were re-implemented differently. For the original changes, see: http://lists.arthurdejong.org/nss-pam-ldapd-users/2013/msg00034.html | |||||
* | Unpack the LDIF file to make diffs clearer | Arthur de Jong | 2013-03-24 | 2 | -0/+55867 | |
| | ||||||
* | spelling fixes | Arthur de Jong | 2013-03-24 | 2 | -2/+2 | |
| | ||||||
* | fix service request logging | Arthur de Jong | 2013-03-24 | 1 | -2/+2 | |
| | ||||||
* | NSS: Return TRYAGAIN on zero-length buffer | Jakub Hrozek | 2013-03-19 | 1 | -1/+6 | |
| | | | | | | One of our customers was running into a situation where glibc provided a zero buffer, which is a condition that is retriable and the nss module should return NSS_STATUS_TRYAGAIN not NSS_STATUS_UNAVAIL. | |||||
* | fix the text representation of shadow information for ↵ | Arthur de Jong | 2013-03-11 | 1 | -7/+7 | |
| | | | | nscd on Solaris | |||||
* | implement a lookup_shadow test command for use on ↵ | Arthur de Jong | 2013-03-11 | 3 | -1/+102 | |
| | | | | systems that don't allow querying shadow via getent | |||||
* | fix a few compiler warnings | Arthur de Jong | 2013-03-10 | 2 | -5/+7 | |
| | ||||||
* | guess the value for --with-pam-seclib-dir if it is not ↵ | Arthur de Jong | 2013-03-10 | 1 | -2/+12 | |
| | | | | specified | |||||
* | small portability fix in test_pamcmds.sh | Arthur de Jong | 2013-03-10 | 1 | -2/+4 | |
| | ||||||
* | only log protocol name if it is present | Arthur de Jong | 2013-03-10 | 1 | -2/+4 | |
| | ||||||
* | also support systems without bet_get_enum() | Arthur de Jong | 2013-03-10 | 2 | -1/+5 | |
| | ||||||
* | log hex value of action id to make debugging easier | Arthur de Jong | 2013-03-09 | 1 | -1/+1 | |
| | ||||||
* | ensure consistent naming of DN variables | Arthur de Jong | 2013-03-09 | 1 | -9/+8 | |
| | ||||||
* | clean up imports and use ↵ | Arthur de Jong | 2013-03-09 | 7 | -21/+21 | |
| | | | | ldap.filter.escape_filter_chars() directly | |||||
* | move get_connection function to search module as ↵ | Arthur de Jong | 2013-03-09 | 3 | -25/+28 | |
| | | | | Connection class as subclass of ReconnectLDAPObject to automatically reconnect to the LDAP server | |||||
* | move Search class to search module | Arthur de Jong | 2013-03-09 | 15 | -148/+184 | |
| | ||||||
* | fix default logging configuration setting in pynslcd | Arthur de Jong | 2013-03-09 | 1 | -1/+1 | |
| | ||||||
* | fix the description of the tio_time_remaining() function | Arthur de Jong | 2013-03-09 | 1 | -2/+3 | |
| | ||||||
* | document the nscd_invalidate option | Arthur de Jong | 2013-03-09 | 1 | -0/+18 | |
| | ||||||
* | start the nscd invalidator and invalidate the nscd cache ↵ | Arthur de Jong | 2013-03-09 | 3 | -0/+18 | |
| | | | | after reconnecting to the LDAP server after failure | |||||
* | implement parsing of the nscd_invalidate option | Arthur de Jong | 2013-03-09 | 2 | -22/+83 | |
| | ||||||
* | implement functionality to send a cache invalidation ↵ | Arthur de Jong | 2013-03-09 | 5 | -5/+253 | |
| | | | | signal to nscd | |||||
* | move signame() function to common.c to make it available ↵ | Arthur de Jong | 2013-03-09 | 3 | -56/+60 | |
| | | | | to all modules | |||||
* | document the trimming expressions in the nslcd.conf(5) ↵ | Arthur de Jong | 2013-03-03 | 1 | -5/+45 | |
| | | | | manual page | |||||
* | support trimming expressions with full shell glob ↵ | Arthur de Jong | 2013-03-03 | 1 | -2/+48 | |
| | | | | matching in pynslcd | |||||
* | add tests for trimming expressions | Arthur de Jong | 2013-03-03 | 1 | -1/+14 | |
| | ||||||
* | update the trimming expressions code to follow the new ↵ | Arthur de Jong | 2013-03-03 | 1 | -44/+26 | |
| | | | | coding style | |||||
* | allow trimming expressions with ${foo#bar} syntax in nslcd | Thorsten Glaser | 2013-03-03 | 2 | -0/+63 | |
| | ||||||
* | return the password policy bind information via PAM | Arthur de Jong | 2013-03-03 | 3 | -3/+28 | |
| | ||||||
* | provide a basic replacement implementation of ↵ | Arthur de Jong | 2013-03-03 | 4 | -1/+54 | |
| | | | | ldap_passwordpolicy_err2txt() for systems that don't have it | |||||
* | provide a replacement implementation of ↵ | Arthur de Jong | 2013-03-03 | 4 | -1/+125 | |
| | | | | ldap_parse_passwordpolicy_control() for systems that don't have it | |||||
* | request and parse password policy controls when doing ↵ | Arthur de Jong | 2013-03-03 | 3 | -7/+223 | |
| | | | | user authentication in nslcd | |||||
* | pass the session along to the do_bind() function | Arthur de Jong | 2013-03-03 | 1 | -8/+8 | |
| | ||||||
* | add some missing checks to the configure script | Arthur de Jong | 2013-03-03 | 1 | -6/+8 | |
| | ||||||
* | log a more meaningful error in nslcd when trying to ↵ | Arthur de Jong | 2013-03-01 | 1 | -1/+7 | |
| | | | | authenticate as administrator when rootpwmoddn is not set | |||||
* | move update_lastchange() function from shadow to pam code | Arthur de Jong | 2013-03-01 | 3 | -69/+68 | |
| | ||||||
* | move parsing to command line arguments to main body | Arthur de Jong | 2013-03-01 | 1 | -4/+1 | |
| | ||||||
* | update TODO (setnetgrent() returns an error since r1874) | Arthur de Jong | 2013-03-01 | 1 | -1/+0 | |
| | ||||||
* | include information about when some of the options were ↵ | Arthur de Jong | 2013-02-27 | 1 | -49/+50 | |
| | | | | added | |||||
* | add missing include statement for NULL definition | Arthur de Jong | 2013-02-27 | 1 | -0/+2 | |
| | ||||||
* | log version information from the NSS module | Arthur de Jong | 2013-02-23 | 2 | -4/+22 | |
| | ||||||
* | define and export an _nss_ldap_version symbol | Arthur de Jong | 2013-02-23 | 4 | -1/+15 | |
| | ||||||
* | also search for alternative macAddress representation in ↵ | Arthur de Jong | 2013-02-23 | 1 | -1/+11 | |
| | | | | pynslcd | |||||
* | extra sanity check to ensure not too many file ↵ | Arthur de Jong | 2013-02-23 | 1 | -0/+5 | |
| | | | | descriptors are open | |||||
* | clarify NSLCD_ACTION_SERVICE_* request parameter description | Arthur de Jong | 2013-02-23 | 1 | -1/+3 | |
| | ||||||
* | allow names with one character in default validnames ↵ | Arthur de Jong | 2013-02-23 | 3 | -3/+5 | |
| | | | | option and allow parentheses (taken from Fedora packages) |