Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
path: root/nslcd/myldap.c
Commit message (Collapse)AuthorAgeFilesLines
* Warn if ldap_set_option() fails for LDAP_OPT_ERROR_NUMJakub Hrozek2012-01-091-4/+8
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1593 ef36b2f9-881f-0410-afb5-c4e39611909c
* Fix a typo in disconnect logicJakub Hrozek2011-12-091-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1560 ef36b2f9-881f-0410-afb5-c4e39611909c
* move LDAP_DEPRECATED and LDAP_REFERRALS to configure.ac ↵Arthur de Jong2011-08-301-6/+0
| | | | | | to ensure that tests from configure see the same API git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1529 ef36b2f9-881f-0410-afb5-c4e39611909c
* pass a statically allocated callback structure to ↵Arthur de Jong2011-08-271-1/+2
| | | | | | OpenLDAP because it doesn't make it's own copy (thanks Jakub Hrozek) (fixes a problem in r1490) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1522 ef36b2f9-881f-0410-afb5-c4e39611909c
* set the socket timeout in a connection callback to avoid ↵Arthur de Jong2011-08-071-27/+75
| | | | | | timeout issues during the SSL handshake (based on a patch by Stefan Völkel) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1490 ef36b2f9-881f-0410-afb5-c4e39611909c
* implementation of myldap_get_values_len() to use ↵Arthur de Jong2011-08-051-1/+104
| | | | | | ldap_get_values_len() instead of ldap_get_values() to fix some problems with binary data in returned attribute values (patch by Wesley Mason) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1485 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix r1468Arthur de Jong2011-06-051-2/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1470 ef36b2f9-881f-0410-afb5-c4e39611909c
* simplify and correct find_rdn_value() to handle ↵Arthur de Jong2011-06-051-4/+3
| | | | | | splitting attribute and value correctly git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1468 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix problem with partial attribute name matches in DN ↵Arthur de Jong2011-05-211-0/+1
| | | | | | (e.g. uid vs. uidNumber) (thanks to Timothy White for the fix) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1464 ef36b2f9-881f-0410-afb5-c4e39611909c
* report correct reported error from ldap_abandon()Arthur de Jong2011-04-221-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1431 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix problem with endless loop on incorrect passwordArthur de Jong2011-03-111-4/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1388 ef36b2f9-881f-0410-afb5-c4e39611909c
* include definition of rc in all code paths because it's ↵Arthur de Jong2011-01-011-3/+1
| | | | | | used most of the time git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1362 ef36b2f9-881f-0410-afb5-c4e39611909c
* try to update the shadowLastChange attribute of a user ↵Arthur de Jong2010-12-261-0/+12
| | | | | | on password change (the update is only tried if the attribute is present to begin with) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1345 ef36b2f9-881f-0410-afb5-c4e39611909c
* pass the ld to do_bind() instead of the session to use ↵Arthur de Jong2010-12-121-14/+18
| | | | | | the correct ld from do_rebind() git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1328 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix commentArthur de Jong2010-12-121-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1325 ef36b2f9-881f-0410-afb5-c4e39611909c
* in each worker wake up once in a while to check whether ↵Arthur de Jong2010-12-081-6/+5
| | | | | | any existing LDAP connections should be closed git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1319 ef36b2f9-881f-0410-afb5-c4e39611909c
* call myldap_session_check() before adding a new search ↵Arthur de Jong2010-11-031-2/+2
| | | | | | to the session so the connection actually gets closed on timeout (the connection isn't closed when there are active searches) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1294 ef36b2f9-881f-0410-afb5-c4e39611909c
* set a longer socket timout for the normal connection ↵Arthur de Jong2010-10-151-19/+23
| | | | | | (just in case mostly) and a short one to use when shutting down the connection (also see http://www.openldap.org/its/index.cgi?selectid=6673) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1276 ef36b2f9-881f-0410-afb5-c4e39611909c
* simplify SASL includesArthur de Jong2010-10-141-3/+3
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1271 ef36b2f9-881f-0410-afb5-c4e39611909c
* set timeout options on LDAP socket to avoid problems ↵Arthur de Jong2010-10-121-0/+11
| | | | | | when the LDAP library hangs on a read() (e.g. at ldap_unbind()) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1264 ef36b2f9-881f-0410-afb5-c4e39611909c
* make use of UNUSED() consistent throughout the codeArthur de Jong2010-10-101-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1256 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove variables which are no longer necessary due to r1220Arthur de Jong2010-09-271-2/+0
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1221 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove disabling keepalives since we handle SIGPIPE anywayArthur de Jong2010-09-271-6/+0
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1220 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove ugly empty lineArthur de Jong2010-09-261-1/+0
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1219 ef36b2f9-881f-0410-afb5-c4e39611909c
* add some more error cases which should trigger a disconnectArthur de Jong2010-09-231-1/+3
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1208 ef36b2f9-881f-0410-afb5-c4e39611909c
* handle errors from ldap_result() consistently and also ↵Arthur de Jong2010-09-201-32/+35
| | | | | | retry in case it times out git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1207 ef36b2f9-881f-0410-afb5-c4e39611909c
* add logging to SASL interaction functionArthur de Jong2010-06-191-0/+12
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1154 ef36b2f9-881f-0410-afb5-c4e39611909c
* improve debug logging of SASL bind callsArthur de Jong2010-06-191-4/+14
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1153 ef36b2f9-881f-0410-afb5-c4e39611909c
* make SASL binding code a little earier to readArthur de Jong2010-06-181-16/+12
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1149 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove the use_sasl option and instead rely on sasl_mech ↵Arthur de Jong2010-06-181-1/+1
| | | | | | being specified git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1148 ef36b2f9-881f-0410-afb5-c4e39611909c
* only log "connected to LDAP server" if the previous ↵Arthur de Jong2010-05-091-2/+3
| | | | | | connect failed or we are failing over to a different server git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1095 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename reconnect_maxsleeptime option to reconnect_retrytimeArthur de Jong2010-05-091-4/+4
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1094 ef36b2f9-881f-0410-afb5-c4e39611909c
* don't log errno if it is not set (make error less confusing)Arthur de Jong2010-05-091-6/+9
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1093 ef36b2f9-881f-0410-afb5-c4e39611909c
* handle authentication searches a little differently ↵Arthur de Jong2010-05-091-6/+14
| | | | | | (only try once if an authentication error is returned) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1092 ef36b2f9-881f-0410-afb5-c4e39611909c
* refactor retry timing mechanism to use time between ↵Arthur de Jong2010-05-091-24/+37
| | | | | | first and last error to determin when to rerty and only try once (and don't sleep) when we have been failing for a long time git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1091 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix buffer overflowArthur de Jong2010-05-071-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1085 ef36b2f9-881f-0410-afb5-c4e39611909c
* don't have myldap_set_credentials() try to open a ↵Arthur de Jong2010-04-131-3/+1
| | | | | | connection but have the PAM code perform a search with the new credentials so we re-use the fail-over mechanism in myldap_search() git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1079 ef36b2f9-881f-0410-afb5-c4e39611909c
* also have myldap_search() return an LDAP status codeArthur de Jong2010-04-131-3/+14
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1078 ef36b2f9-881f-0410-afb5-c4e39611909c
* have less warnings when LDAP_OPT_X_TLS isn't definedArthur de Jong2010-02-281-0/+4
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1074 ef36b2f9-881f-0410-afb5-c4e39611909c
* first try password modification without the old password ↵Arthur de Jong2010-02-171-4/+18
| | | | | | and if that fails with the old password git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1064 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix for type mismatch (thanks to Jan Schampera)Arthur de Jong2010-01-251-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1061 ef36b2f9-881f-0410-afb5-c4e39611909c
* make logging of passwords consistent and support a NULL ↵Arthur de Jong2010-01-241-10/+11
| | | | | | oldpassword value in myldap_passwd() git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1057 ef36b2f9-881f-0410-afb5-c4e39611909c
* free data returned from ldap_passwd_s() call if needed ↵Arthur de Jong2010-01-241-10/+8
| | | | | | and add missing casts git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1056 ef36b2f9-881f-0410-afb5-c4e39611909c
* some small simplifcations and clarificationsArthur de Jong2009-12-291-16/+7
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1046 ef36b2f9-881f-0410-afb5-c4e39611909c
* change dict and set API to perform loops with a list of ↵Arthur de Jong2009-12-131-56/+11
| | | | | | strings instead of loop_first() and loop_next() functions git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1028 ef36b2f9-881f-0410-afb5-c4e39611909c
* also log uri when ldap_start_tls_s() failsArthur de Jong2009-11-011-2/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1012 ef36b2f9-881f-0410-afb5-c4e39611909c
* provide replacement functions for ldap_initialize() and ↵Arthur de Jong2009-10-171-9/+1
| | | | | | ldap_passwd_s() and centralise LDAP compatibility hacks into ldap_compat.h git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1007 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix some header checks in configure and fix ↵Arthur de Jong2009-10-081-3/+3
| | | | | | ldap_set_rebind_proc() return type check git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1003 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement password changing in the PAM module by ↵Arthur de Jong2009-10-071-0/+37
| | | | | | performing an LDAP password modify EXOP request git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1000 ef36b2f9-881f-0410-afb5-c4e39611909c
* some compatibility improvementsArthur de Jong2009-10-051-0/+4
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@998 ef36b2f9-881f-0410-afb5-c4e39611909c