Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
path: root/nslcd/cfg.c
Commit message (Collapse)AuthorAgeFilesLines
* the argument to nss_min_uid must be numericArthur de Jong2013-04-281-1/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd-0.8@1948 ef36b2f9-881f-0410-afb5-c4e39611909c
* handle the case where getpwuid() returns NULLArthur de Jong2013-04-281-5/+8
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd-0.8@1947 ef36b2f9-881f-0410-afb5-c4e39611909c
* check result of set_tolist() to ensure that memory ↵Arthur de Jong2013-02-231-0/+5
| | | | | | allocation problems are logged (r1911 from 0.9) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd-0.8@1934 ef36b2f9-881f-0410-afb5-c4e39611909c
* correctly handle the case where the gid option is before ↵Arthur de Jong2013-01-111-2/+2
| | | | | | the uid option in the configuration (fixes r1723) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd-0.8@1907 ef36b2f9-881f-0410-afb5-c4e39611909c
* to only set LDAP_OPT_X_SASL_NOCANON if the ↵Arthur de Jong2012-11-131-1/+1
| | | | | | sasl_canonicalize option is explicitly set in the configuration file git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1824 ef36b2f9-881f-0410-afb5-c4e39611909c
* change the default value of sasl_canonicalize to yes ↵Arthur de Jong2012-08-311-1/+3
| | | | | | (thanks Marcus Moeller) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1735 ef36b2f9-881f-0410-afb5-c4e39611909c
* introduce a sasl_canonicalize option that will now, by ↵Arthur de Jong2012-08-141-0/+17
| | | | | | default, disable reverse host name lookups in OpenLDAP git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1733 ef36b2f9-881f-0410-afb5-c4e39611909c
* on startup have the gid option default to the primary ↵Arthur de Jong2012-07-201-3/+16
| | | | | | group of the specified user and load the user's supplementary groups git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1723 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a pam_password_prohibit_message nslcd.conf ↵Arthur de Jong2012-07-081-0/+22
| | | | | | option to deny password change introducing a NSLCD_ACTION_CONFIG_GET request thanks to Ted Cheng git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1715 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement extra range checking of all numeric valuesArthur de Jong2012-05-201-2/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1694 ef36b2f9-881f-0410-afb5-c4e39611909c
* allow the pam_authz_search option to be specified ↵Arthur de Jong2012-05-041-3/+12
| | | | | | multiple times git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1679 ef36b2f9-881f-0410-afb5-c4e39611909c
* make whether or not to do case-sensitive filtering ↵Arthur de Jong2012-03-131-0/+6
| | | | | | configurable (patch by Matthew L. Dailey) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1634 ef36b2f9-881f-0410-afb5-c4e39611909c
* when doing DNS queries for SRV records recognise default ↵Arthur de Jong2012-03-101-3/+14
| | | | | | ldap and ldaps ports git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1632 ef36b2f9-881f-0410-afb5-c4e39611909c
* properly log failures to lookup DNS SRV recordsArthur de Jong2011-12-101-1/+6
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1569 ef36b2f9-881f-0410-afb5-c4e39611909c
* Use an explicit base of 10 for ↵Jakub Hrozek2011-09-301-2/+2
| | | | | | strtouid()/strtogid()/strtol() calls git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1547 ef36b2f9-881f-0410-afb5-c4e39611909c
* provide strtouid() and strtogid() functions that use ↵Arthur de Jong2011-08-271-2/+2
| | | | | | strtoul() or strtoull() (thanks Jakub Hrozek) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1524 ef36b2f9-881f-0410-afb5-c4e39611909c
* check errno after calls to strtol() to ensure that ↵Arthur de Jong2011-08-271-2/+4
| | | | | | numbers that are too large for type will be reported (thanks Jakub Hrozek) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1523 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix typo (thanks Nalin Dahyabhai)Arthur de Jong2011-08-241-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1517 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix a problem with uninitialised memory while parsing ↵Arthur de Jong2011-08-241-7/+5
| | | | | | the tls_ciphers option (was broken in r853, similar problem was fixed in r910, reported by Isaac Freeman) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1515 ef36b2f9-881f-0410-afb5-c4e39611909c
* support querying DNS SRV records from a different domain ↵Arthur de Jong2011-08-241-4/+13
| | | | | | than the current one (based on a patch by James M. Leddy) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1513 ef36b2f9-881f-0410-afb5-c4e39611909c
* check all variables in pam_authz_search to see if they existArthur de Jong2011-06-051-2/+35
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1474 ef36b2f9-881f-0410-afb5-c4e39611909c
* mark more strings as const and don't free() data ↵Arthur de Jong2011-06-051-7/+6
| | | | | | returned by cfg_getdomainname() git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1473 ef36b2f9-881f-0410-afb5-c4e39611909c
* allow usernames of only two charactersArthur de Jong2011-03-311-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1419 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a validnames option that can be used to ↵Arthur de Jong2011-03-251-1/+58
| | | | | | fine-tune the test for valid user and group names using a regular expression git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1411 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a fqdn variable that can be used inside ↵Arthur de Jong2011-01-291-50/+6
| | | | | | pam_authz_search filters git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1367 ef36b2f9-881f-0410-afb5-c4e39611909c
* also support the tls_cacert option as an alias for ↵Arthur de Jong2010-12-261-1/+2
| | | | | | tls_cacertfile git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1342 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a nss_min_uid option to filter user entries ↵Arthur de Jong2010-12-201-0/+6
| | | | | | returned by LDAP git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1338 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a rootpwmodpw option that allows root users to ↵Arthur de Jong2010-09-051-2/+31
| | | | | | change user passwords without a password prompt git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1206 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove warning messages from parsing the sasl_* options ↵Arthur de Jong2010-06-181-19/+14
| | | | | | and document them in the nslcd.conf(5) manual page (they should be functional) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1150 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove the use_sasl option and instead rely on sasl_mech ↵Arthur de Jong2010-06-181-4/+1
| | | | | | being specified git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1148 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename reconnect_maxsleeptime option to reconnect_retrytimeArthur de Jong2010-05-091-3/+6
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1094 ef36b2f9-881f-0410-afb5-c4e39611909c
* refactor retry timing mechanism to use time between ↵Arthur de Jong2010-05-091-1/+1
| | | | | | first and last error to determin when to rerty and only try once (and don't sleep) when we have been failing for a long time git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1091 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename authz_search option to pam_authz_searchArthur de Jong2010-05-081-3/+3
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1089 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement an authz_search option to test whether the ↵Arthur de Jong2010-05-071-0/+6
| | | | | | user is authorised git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1088 ef36b2f9-881f-0410-afb5-c4e39611909c
* also have myldap_search() return an LDAP status codeArthur de Jong2010-04-131-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1078 ef36b2f9-881f-0410-afb5-c4e39611909c
* add an nss_initgroups_ignoreusers option to ignore ↵Arthur de Jong2010-03-201-0/+49
| | | | | | username to group lookups for the specified users git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1076 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename admindn option to rootpwmoddnArthur de Jong2010-02-271-3/+3
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1067 ef36b2f9-881f-0410-afb5-c4e39611909c
* add --with-bindpw-file configure option to enable ↵Arthur de Jong2010-01-241-1/+57
| | | | | | reading the bindpw option from a file git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1060 ef36b2f9-881f-0410-afb5-c4e39611909c
* add admindn configuration file option that is used when ↵Arthur de Jong2010-01-241-1/+6
| | | | | | modifying another user's password git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1059 ef36b2f9-881f-0410-afb5-c4e39611909c
* improve getting of domain name by also checking hostname ↵Arthur de Jong2010-01-081-18/+46
| | | | | | aliases (based on patch by Jan Schampera <jan.schampera@web.de>) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1048 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement attribute mapping using shell-like expressionsArthur de Jong2009-12-281-7/+5
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1041 ef36b2f9-881f-0410-afb5-c4e39611909c
* some compatibility improvementsArthur de Jong2009-10-051-0/+4
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@998 ef36b2f9-881f-0410-afb5-c4e39611909c
* some simple changes in includes to make FreeBSD diff smallerArthur de Jong2009-09-041-1/+6
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@986 ef36b2f9-881f-0410-afb5-c4e39611909c
* add a --disable-configfile-checking option to configure ↵Arthur de Jong2009-09-011-0/+2
| | | | | | to cause unknown options to be ignored from the configuration git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@985 ef36b2f9-881f-0410-afb5-c4e39611909c
* lower the default values for bind_timelimit and ↵Arthur de Jong2009-09-011-2/+2
| | | | | | reconnect_maxsleeptime from 30 to 10 seconds git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@983 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename software to nss-pam-ldapdArthur de Jong2009-08-311-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@978 ef36b2f9-881f-0410-afb5-c4e39611909c
* also support starttls as value for the ssl optionArthur de Jong2009-06-201-1/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@942 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove SSL/TLS warning messages during startupArthur de Jong2009-06-031-9/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@925 ef36b2f9-881f-0410-afb5-c4e39611909c
* don't look inside the passed variable get_strdup() ↵Arthur de Jong2009-05-301-6/+3
| | | | | | because it could point to uninitialized memory git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@910 ef36b2f9-881f-0410-afb5-c4e39611909c
* initialise database modules only once after parsing configArthur de Jong2009-05-241-0/+12
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@893 ef36b2f9-881f-0410-afb5-c4e39611909c