Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
path: root/nslcd/cfg.c
Commit message (Collapse)AuthorAgeFilesLines
...
* when doing DNS queries for SRV records recognise default ↵Arthur de Jong2012-03-101-3/+14
| | | | | | ldap and ldaps ports git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1632 ef36b2f9-881f-0410-afb5-c4e39611909c
* properly log failures to lookup DNS SRV recordsArthur de Jong2011-12-101-1/+6
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1569 ef36b2f9-881f-0410-afb5-c4e39611909c
* Use an explicit base of 10 for ↵Jakub Hrozek2011-09-301-2/+2
| | | | | | strtouid()/strtogid()/strtol() calls git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1547 ef36b2f9-881f-0410-afb5-c4e39611909c
* provide strtouid() and strtogid() functions that use ↵Arthur de Jong2011-08-271-2/+2
| | | | | | strtoul() or strtoull() (thanks Jakub Hrozek) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1524 ef36b2f9-881f-0410-afb5-c4e39611909c
* check errno after calls to strtol() to ensure that ↵Arthur de Jong2011-08-271-2/+4
| | | | | | numbers that are too large for type will be reported (thanks Jakub Hrozek) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1523 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix typo (thanks Nalin Dahyabhai)Arthur de Jong2011-08-241-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1517 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix a problem with uninitialised memory while parsing ↵Arthur de Jong2011-08-241-7/+5
| | | | | | the tls_ciphers option (was broken in r853, similar problem was fixed in r910, reported by Isaac Freeman) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1515 ef36b2f9-881f-0410-afb5-c4e39611909c
* support querying DNS SRV records from a different domain ↵Arthur de Jong2011-08-241-4/+13
| | | | | | than the current one (based on a patch by James M. Leddy) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1513 ef36b2f9-881f-0410-afb5-c4e39611909c
* check all variables in pam_authz_search to see if they existArthur de Jong2011-06-051-2/+35
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1474 ef36b2f9-881f-0410-afb5-c4e39611909c
* mark more strings as const and don't free() data ↵Arthur de Jong2011-06-051-7/+6
| | | | | | returned by cfg_getdomainname() git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1473 ef36b2f9-881f-0410-afb5-c4e39611909c
* allow usernames of only two charactersArthur de Jong2011-03-311-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1419 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a validnames option that can be used to ↵Arthur de Jong2011-03-251-1/+58
| | | | | | fine-tune the test for valid user and group names using a regular expression git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1411 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a fqdn variable that can be used inside ↵Arthur de Jong2011-01-291-50/+6
| | | | | | pam_authz_search filters git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1367 ef36b2f9-881f-0410-afb5-c4e39611909c
* also support the tls_cacert option as an alias for ↵Arthur de Jong2010-12-261-1/+2
| | | | | | tls_cacertfile git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1342 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a nss_min_uid option to filter user entries ↵Arthur de Jong2010-12-201-0/+6
| | | | | | returned by LDAP git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1338 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a rootpwmodpw option that allows root users to ↵Arthur de Jong2010-09-051-2/+31
| | | | | | change user passwords without a password prompt git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1206 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove warning messages from parsing the sasl_* options ↵Arthur de Jong2010-06-181-19/+14
| | | | | | and document them in the nslcd.conf(5) manual page (they should be functional) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1150 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove the use_sasl option and instead rely on sasl_mech ↵Arthur de Jong2010-06-181-4/+1
| | | | | | being specified git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1148 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename reconnect_maxsleeptime option to reconnect_retrytimeArthur de Jong2010-05-091-3/+6
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1094 ef36b2f9-881f-0410-afb5-c4e39611909c
* refactor retry timing mechanism to use time between ↵Arthur de Jong2010-05-091-1/+1
| | | | | | first and last error to determin when to rerty and only try once (and don't sleep) when we have been failing for a long time git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1091 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename authz_search option to pam_authz_searchArthur de Jong2010-05-081-3/+3
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1089 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement an authz_search option to test whether the ↵Arthur de Jong2010-05-071-0/+6
| | | | | | user is authorised git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1088 ef36b2f9-881f-0410-afb5-c4e39611909c
* also have myldap_search() return an LDAP status codeArthur de Jong2010-04-131-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1078 ef36b2f9-881f-0410-afb5-c4e39611909c
* add an nss_initgroups_ignoreusers option to ignore ↵Arthur de Jong2010-03-201-0/+49
| | | | | | username to group lookups for the specified users git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1076 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename admindn option to rootpwmoddnArthur de Jong2010-02-271-3/+3
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1067 ef36b2f9-881f-0410-afb5-c4e39611909c
* add --with-bindpw-file configure option to enable ↵Arthur de Jong2010-01-241-1/+57
| | | | | | reading the bindpw option from a file git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1060 ef36b2f9-881f-0410-afb5-c4e39611909c
* add admindn configuration file option that is used when ↵Arthur de Jong2010-01-241-1/+6
| | | | | | modifying another user's password git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1059 ef36b2f9-881f-0410-afb5-c4e39611909c
* improve getting of domain name by also checking hostname ↵Arthur de Jong2010-01-081-18/+46
| | | | | | aliases (based on patch by Jan Schampera <jan.schampera@web.de>) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1048 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement attribute mapping using shell-like expressionsArthur de Jong2009-12-281-7/+5
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1041 ef36b2f9-881f-0410-afb5-c4e39611909c
* some compatibility improvementsArthur de Jong2009-10-051-0/+4
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@998 ef36b2f9-881f-0410-afb5-c4e39611909c
* some simple changes in includes to make FreeBSD diff smallerArthur de Jong2009-09-041-1/+6
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@986 ef36b2f9-881f-0410-afb5-c4e39611909c
* add a --disable-configfile-checking option to configure ↵Arthur de Jong2009-09-011-0/+2
| | | | | | to cause unknown options to be ignored from the configuration git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@985 ef36b2f9-881f-0410-afb5-c4e39611909c
* lower the default values for bind_timelimit and ↵Arthur de Jong2009-09-011-2/+2
| | | | | | reconnect_maxsleeptime from 30 to 10 seconds git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@983 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename software to nss-pam-ldapdArthur de Jong2009-08-311-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@978 ef36b2f9-881f-0410-afb5-c4e39611909c
* also support starttls as value for the ssl optionArthur de Jong2009-06-201-1/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@942 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove SSL/TLS warning messages during startupArthur de Jong2009-06-031-9/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@925 ef36b2f9-881f-0410-afb5-c4e39611909c
* don't look inside the passed variable get_strdup() ↵Arthur de Jong2009-05-301-6/+3
| | | | | | because it could point to uninitialized memory git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@910 ef36b2f9-881f-0410-afb5-c4e39611909c
* initialise database modules only once after parsing configArthur de Jong2009-05-241-0/+12
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@893 ef36b2f9-881f-0410-afb5-c4e39611909c
* support multiple search bases, partially based on a ↵Arthur de Jong2009-05-241-17/+27
| | | | | | patch by Leigh Wedding <lwedding@bigpond.com> git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@892 ef36b2f9-881f-0410-afb5-c4e39611909c
* set most SSL/TLS related options globally instead of per ↵Arthur de Jong2009-05-011-22/+44
| | | | | | connection git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@853 ef36b2f9-881f-0410-afb5-c4e39611909c
* move debugging initialisation to myldap_set_debuglevel() ↵Arthur de Jong2009-04-301-2/+1
| | | | | | function git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@852 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename the tls_checkpeer option to tls_reqcert, ↵Arthur de Jong2008-12-061-2/+35
| | | | | | deprecating the old name and supporting all options that OpenLDAP supports for that value git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@805 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove sslpath option because it wasn't used for anythingArthur de Jong2008-11-291-8/+0
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@801 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename get_base_from_dse() to get_base_from_rootdse()Arthur de Jong2008-07-201-5/+5
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@777 ef36b2f9-881f-0410-afb5-c4e39611909c
* make the get_base_from_dse() function cleaner and add a ↵Arthur de Jong2008-07-201-5/+11
| | | | | | comment describing the function git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@776 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement looking up search base in DSE of LDAP serverArthur de Jong2008-07-201-0/+53
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@775 ef36b2f9-881f-0410-afb5-c4e39611909c
* replace https:// by ldaps:// (stupid typo)Arthur de Jong2008-06-171-3/+3
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@770 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement SASL authentication based on a patch by Dan ↵Arthur de Jong2008-06-141-6/+27
| | | | | | White <dwhite@olp.net> git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@762 ef36b2f9-881f-0410-afb5-c4e39611909c
* don't perform SSL/TLS sanity checks if it isn't ↵Arthur de Jong2008-06-121-0/+4
| | | | | | available on the platform git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@757 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove warning on using ssl optionArthur de Jong2008-06-061-1/+0
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@751 ef36b2f9-881f-0410-afb5-c4e39611909c