Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
path: root/nslcd/common.h
Commit message (Collapse)AuthorAgeFilesLines
* Return partial shadow information to non-root usersArthur de Jong2013-08-211-2/+2
| | | | | | | | | | | | | | This also returns everything except the password hash from the shadow database to non-root users (nothing was returned before). This allows non-root users to do PAM authentication in some configurations. On some systems there is a setgid executable that is allowed to read /etc/shadow for authentication by e.g. screensavers. Returning no shadow information will cause pam_unix to deny authorisation in common configurations. See: http://bugs.debian.org/706913
* Rename nscd_invalidate option to reconnect_invalidateArthur de Jong2013-07-261-4/+4
| | | | | This also renames the internal nscd module to invalidator for both nslcd and pynslcd. The new invalidator module is now no longer nscd-specific.
* Handle user modification requests in nslcdArthur de Jong2013-03-301-0/+1
| | | | | | | This is currently limited to supporting modification of the homeDirectory and loginShell attributes. Modifications as root currently use the rootpwmoddn and rootpwmodpw options.
* implement functionality to send a cache invalidation ↵Arthur de Jong2013-03-091-0/+8
| | | | signal to nscd
* move signame() function to common.c to make it available ↵Arthur de Jong2013-03-091-0/+3
| | | | to all modules
* move update_lastchange() function from shadow to pam codeArthur de Jong2013-03-011-3/+0
|
* implement a netgroup_all requestArthur de Jong2013-02-081-1/+2
|
* remove the ldc_ prefix from struct ldap_config fieldsArthur de Jong2012-12-301-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1887 ef36b2f9-881f-0410-afb5-c4e39611909c
* more comment fixesArthur de Jong2012-12-241-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1879 ef36b2f9-881f-0410-afb5-c4e39611909c
* move the action argument to NSLCD_HANDLE to the frontArthur de Jong2012-12-231-5/+5
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1877 ef36b2f9-881f-0410-afb5-c4e39611909c
* update C coding style to a more commonly used styleArthur de Jong2012-12-221-113/+122
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1873 ef36b2f9-881f-0410-afb5-c4e39611909c
* move all nsswitch-parsing related functions to nsswitch.cArthur de Jong2012-11-251-1/+4
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1840 ef36b2f9-881f-0410-afb5-c4e39611909c
* only inlude stdint.h if we have itArthur de Jong2012-07-211-0/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1725 ef36b2f9-881f-0410-afb5-c4e39611909c
* add missing includes to ensure all types are defined in ↵Arthur de Jong2012-07-211-0/+2
| | | | | | header git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1724 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a pam_password_prohibit_message nslcd.conf ↵Arthur de Jong2012-07-081-0/+1
| | | | | | option to deny password change introducing a NSLCD_ACTION_CONFIG_GET request thanks to Ted Cheng git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1715 ef36b2f9-881f-0410-afb5-c4e39611909c
* make whether or not to do case-sensitive filtering ↵Arthur de Jong2012-03-131-0/+6
| | | | | | configurable (patch by Matthew L. Dailey) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1634 ef36b2f9-881f-0410-afb5-c4e39611909c
* add missing include for _POSIX_HOST_NAME_MAX (thanks Mel ↵Arthur de Jong2012-03-101-1/+2
| | | | | | Flynn) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1631 ef36b2f9-881f-0410-afb5-c4e39611909c
* make validation log messages consistentArthur de Jong2011-09-091-3/+4
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1542 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement and use a strtoui() function if uid_t or gid_t ↵Arthur de Jong2011-08-291-0/+13
| | | | | | is of size unsigned int (thanks Jakub Hrozek) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1528 ef36b2f9-881f-0410-afb5-c4e39611909c
* provide strtouid() and strtogid() functions that use ↵Arthur de Jong2011-08-271-0/+18
| | | | | | strtoul() or strtoull() (thanks Jakub Hrozek) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1524 ef36b2f9-881f-0410-afb5-c4e39611909c
* check whether the NSS shadow map queries LDAP before ↵Arthur de Jong2011-08-051-0/+4
| | | | | | returning x as a password has for shadow users git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1487 ef36b2f9-881f-0410-afb5-c4e39611909c
* check shadow properties (similarly to what pam_unix ↵Arthur de Jong2011-04-301-0/+9
| | | | | | does) in the PAM handling code git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1446 ef36b2f9-881f-0410-afb5-c4e39611909c
* support using the objectSid attribute to provide numeric ↵Arthur de Jong2011-04-151-0/+8
| | | | | | user and group ids, based on a patch by Wesley Mason git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1425 ef36b2f9-881f-0410-afb5-c4e39611909c
* put all HOST_NAME_MAX fallbacks in common.h and fall ↵Arthur de Jong2011-03-121-0/+4
| | | | | | back to _POSIX_HOST_NAME_MAX (thanks Peter Bray) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1390 ef36b2f9-881f-0410-afb5-c4e39611909c
* move HOST_NAME_MAX fallback definition to header fileArthur de Jong2011-03-111-0/+5
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1387 ef36b2f9-881f-0410-afb5-c4e39611909c
* update copyright headers to add missing yearsArthur de Jong2011-03-101-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1384 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a fqdn variable that can be used inside ↵Arthur de Jong2011-01-291-0/+5
| | | | | | pam_authz_search filters git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1367 ef36b2f9-881f-0410-afb5-c4e39611909c
* allow attribute mapping with an expression for the ↵Arthur de Jong2010-12-281-1/+2
| | | | | | userPassword attribute for passwd, group and shadow entries and by default map it to the unmatchable password ("*") to avoid accidentally leaking password information git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1346 ef36b2f9-881f-0410-afb5-c4e39611909c
* try to update the shadowLastChange attribute of a user ↵Arthur de Jong2010-12-261-0/+3
| | | | | | on password change (the update is only tried if the attribute is present to begin with) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1345 ef36b2f9-881f-0410-afb5-c4e39611909c
* return correct PAM status code for when LDAP server is ↵Arthur de Jong2010-11-171-1/+1
| | | | | | unavailable (based on a patch by Pierre Gambarotto) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1315 ef36b2f9-881f-0410-afb5-c4e39611909c
* log the request with any logged messagesArthur de Jong2010-11-071-7/+5
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1301 ef36b2f9-881f-0410-afb5-c4e39611909c
* avoid unneeded strdup()s by using a passed buffer to ↵Arthur de Jong2010-11-041-1/+1
| | | | | | lookup_dn2uid() and using strcmp() in dn2uid() to see if the existing cached value is ok git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1297 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a rootpwmodpw option that allows root users to ↵Arthur de Jong2010-09-051-2/+2
| | | | | | change user passwords without a password prompt git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1206 ef36b2f9-881f-0410-afb5-c4e39611909c
* make include guard names consistent throughout the ↵Arthur de Jong2010-06-141-3/+3
| | | | | | source and avoid conflicts with system headers git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1140 ef36b2f9-881f-0410-afb5-c4e39611909c
* make logging of buffer checks consistentArthur de Jong2010-05-131-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1104 ef36b2f9-881f-0410-afb5-c4e39611909c
* also have myldap_search() return an LDAP status codeArthur de Jong2010-04-131-2/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1078 ef36b2f9-881f-0410-afb5-c4e39611909c
* make NSLCD_HANDLE_PARAMS() macro simpler and not have ↵Arthur de Jong2009-10-111-5/+5
| | | | | | empty argument git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1005 ef36b2f9-881f-0410-afb5-c4e39611909c
* log reading and writing errors with errno messageArthur de Jong2009-09-271-2/+4
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@995 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename software to nss-pam-ldapdArthur de Jong2009-08-311-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@978 ef36b2f9-881f-0410-afb5-c4e39611909c
* don't return password hashes at all for non-root users, ↵Arthur de Jong2009-08-121-5/+10
| | | | | | based on a patch by Alexander V. Chernikov <melifaro@ipfw.ru> git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@969 ef36b2f9-881f-0410-afb5-c4e39611909c
* import preliminary version of PAM functionality into nslcdArthur de Jong2009-06-031-0/+5
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@923 ef36b2f9-881f-0410-afb5-c4e39611909c
* make lookup_dn2uid() available to other modules and ↵Arthur de Jong2009-06-031-0/+7
| | | | | | split uid2dn() into uid2entry() and uid2dn() (from nss-pam-ldapd branch) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@922 ef36b2f9-881f-0410-afb5-c4e39611909c
* refactor protocol reading and writing macros to the ↵Arthur de Jong2009-05-291-1/+1
| | | | | | common directory, use more logical names and in the PAM module no longer use NSS status codes (import of r887 from nss-pam-ldapd) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@904 ef36b2f9-881f-0410-afb5-c4e39611909c
* initialise database modules only once after parsing configArthur de Jong2009-05-241-2/+14
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@893 ef36b2f9-881f-0410-afb5-c4e39611909c
* support multiple search bases, partially based on a ↵Arthur de Jong2009-05-241-8/+13
| | | | | | patch by Leigh Wedding <lwedding@bigpond.com> git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@892 ef36b2f9-881f-0410-afb5-c4e39611909c
* combine isvalidusername() and isvalidgroupname() into ↵Arthur de Jong2008-06-131-2/+2
| | | | | | isvalidname() because they are similar enough and we just want to check to see if it is a reasonable name (e.g. not a DN) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@759 ef36b2f9-881f-0410-afb5-c4e39611909c
* add checks for valid user and group names in incoming ↵Arthur de Jong2008-04-201-0/+3
| | | | | | requests and for data returned from LDAP git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@689 ef36b2f9-881f-0410-afb5-c4e39611909c
* return values of dn2uid() and uid2dn() should always be usedArthur de Jong2008-04-061-2/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@673 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix member->group searches by also searching for DN in ↵Arthur de Jong2008-04-051-0/+3
| | | | | | uniqueMember attribute git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@663 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a dn2uid() function to transform a DN into a ↵Arthur de Jong2008-02-021-1/+4
| | | | | | username (looking inside the DN or doing an LDAP lookup if neede) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@610 ef36b2f9-881f-0410-afb5-c4e39611909c