| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
| |
This option allows skipping group member list retrieval to improve
performance with very large groups. This option results in inconsistent
group membership information being presented that may confuse some
applications.
|
|
|
|
|
|
|
|
|
| |
mmkfilter_passwd_byuid()/mkfilter_group_bygid() get wrong filter string
because "%d" will return negative when uid/gid larger than 2^31, and
result to "Authentiction failure".
This also changes the other places where uid_t or gid_t values are
formatted.
|
|
|
|
|
| |
This adds logging of most cases where a defined buffer is not large
enough to hold provided data on error log level.
|
|
|
|
|
|
|
|
|
|
|
| |
This maps the gid (gidNumber) to an AD SID for builtin groups when
searching a group by gid (RID) between 544 and 552. In that case the SID
prefix is not the domain's prefix (S-1-5-21-dddddd-dddddd-dddddd) but
the BUILTIN SID prefix (1-5-32).
For example, if you add a user to the Administrators builtin group
(S-1-5-32-544), now you should be able to get this group through nslcd,
instead of receiving an error message.
|
|
|
|
|
|
|
| |
This uses information from the deref control (if available) to get the
username for each of the members of the group. Any missing deref member
attribute values will be seen as nested groups and will be traversed if
nested group support is enabled.
|
|
|
|
|
|
|
| |
This changes the group by member searches to not request the member
attributes. This will speed up result parsing by a fraction because less
data is transferred but will also cause the deref control not to be
added to these searches.
|
|
|
|
|
|
| |
This allows remapping the member attribute to an empty string which
removes support for that attribute. This can reduce the number of search
operations if the attribute is not used.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some pieces of code did not properly free() the value returned by
set_pop().
The leak in group code was related to the introduction of nested group
functionality in 41ba574 (merged in 3daa68d) so should only be present
in releases 0.9.0 forward.
The leak in the netgroup code only ended up in the Solaris version of
the NSS module and was introduced in 4ea9ad1 (merged in 5c8779d). This
leak is present in all releases from 0.8.0 forward.
|
|
|
|
|
|
| |
Common buffer sizes are now stored centrally so it can be easily and
consistently updated if required. Some buffers remain with locally
defined sizes that do not match a global buffer size.
|
|
|
|
|
| |
This includes a number of small fixes for issues that were formerly
masked by the incorrect AC_LANG_PROGRAM check.
|
|
|
|
| |
With the smaller buffers some password hashes would be truncated.
|
|
|
|
|
|
| |
This option can be used in both nslcd and pynslcd to enable recursive group
member lookups. By default the functionality is disabled. This also updates
the documentation.
|
|
|
|
|
|
|
|
|
|
|
| |
This differs from the code provided by Steve Hill in that it avoids
(recursively) performing parallel LDAP searches by queueing groups and check
for extra members per queued group (in the forward lookup) or check for extra
parents (for the user to groups lookup).
For the reverse lookup handling the NSLCD_HANDLE macro could no longer be used
because extra care should be taken to free the sets before returning and two
search phases are needed.
|
|
|
|
|
|
|
|
| |
This was part of a bigger change to implement nested groups, however most of
the other parts were re-implemented differently.
For the original changes, see:
http://lists.arthurdejong.org/nss-pam-ldapd-users/2013/msg00034.html
|
|
|
|
|
|
| |
allocation problems are logged
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1911 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1887 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1877 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1873 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
order and switch use of uid_t and gid_t in the protocol to int32
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1864 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1838 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1763 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1694 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
configurable (patch by Matthew L. Dailey)
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1634 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
strtouid()/strtogid()/strtol() calls
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1547 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1542 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
strtoul() or strtoull() (thanks Jakub Hrozek)
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1524 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
numbers that are too large for type will be reported (thanks Jakub Hrozek)
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1523 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
ldap_get_values_len() instead of ldap_get_values() to fix some problems with binary data in returned attribute values (patch by Wesley Mason)
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1485 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
of uniqueMember
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1484 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
hold larger numbers and small consistency improvements
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1476 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
systems that don't have it
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1427 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
user and group ids, based on a patch by Wesley Mason
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1425 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
informative
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1423 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
userPassword attribute for passwd, group and shadow entries and by default map it to the unmatchable password ("*") to avoid accidentally leaking password information
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1346 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
returned by LDAP
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1338 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1301 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1217 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
attributes and small cleanups
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1138 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1087 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
username to group lookups for the specified users
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1076 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1035 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
strings instead of loop_first() and loop_next() functions
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1028 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1014 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1013 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@978 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
attributes in an LDAP group entry
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@957 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
passwd, protocols, rpc, services and shadow lookups
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@934 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
common directory, use more logical names and in the PAM module no longer use NSS status codes (import of r887 from nss-pam-ldapd)
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@904 ef36b2f9-881f-0410-afb5-c4e39611909c
|