| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
In several places the code used a %d format to print a size_t variable.
On amd64 at least size_t is an unsigned long, so use %lu instead.
An alternative would be to use %ud for size_t and %zd fo ssize_t but not
all platforms seem to support that formatter.
|
|
|
|
|
|
|
| |
There are several places where a static length array in a struct is
compared to a null pointer. These comparisons will always be false,
since an array in a struct is not actually a pointer, so they can be
removed.
|
|
|
|
|
|
|
| |
Thanks David Binderma for pointing this out.
Note that in practical situations this should not result in any errors
due to the position of searches within the ldap_session struct.
|
| |
|
|
|
|
|
|
|
|
|
| |
This alleviates some cases where multi-second lag occurs before a query
returns due to some or all connections having been closed by the peer,
e.g. a load balancer timing out old connections, but they are all tried
before opening new connections.
Tested and working on Linux.
|
|
|
|
|
| |
This clears most buffers that may hold credentials at one point before
free()ing the memory.
|
|
|
|
|
|
|
|
|
| |
This ensures that controls returned by an LDAP server as part of a
failed BIND operation are also returned. This makes it possible to
distinguish between a wrong password and an expired password.
This also only logs the BIND operation result on DEBUG level (the error
is logged later on).
|
|
|
|
|
| |
This adds logging of most cases where a defined buffer is not large
enough to hold provided data on error log level.
|
| |
|
|
|
|
|
|
|
| |
This function looks for deref response controls (LDAP_CONTROL_X_DEREF)
in the entry and returns the information from the dereferenced attribute
in two lists: dereferenced values and attribute values that could not be
dereferenced.
|
|
|
|
|
|
|
|
|
|
| |
This uses the LDAP_CONTROL_X_DEREF control as descibed in
draft-masarati-ldap-deref-00 to request the LDAP server to dereference
member attribute values to uid attribute values in order to avoid doing
extra searches.
This control is currently only added for group search by looking for the
member attribute in the search.
|
|
|
|
|
|
| |
This changes entrye->rangedattributevalues to entry->buffers because the
propery is not only used for ranged attribute values but for anything
that can be freed with free().
|
|
|
|
|
| |
Since we could get arbitrray controls and are only interested in page
controls we ignore failures to find page controls.
|
|
|
|
|
| |
This also changes do_try_search() to support building continued paged
controls and lays the groundwork for adding more search controls.
|
|
|
|
|
|
| |
Common buffer sizes are now stored centrally so it can be easily and
consistently updated if required. Some buffers remain with locally
defined sizes that do not match a global buffer size.
|
|
|
|
|
|
| |
This also invalidates the caches configured with reconnect_invalidate on
the first successful search. This should handle the case more gracefully
where caches were filled with negative hits before nslcd was running.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This implemens a myldap_immediate_reconnect() function that resets the
reconnect timer to retry failing connections to the LDAP server upon the
next search.
This can be used to cut the reconnect_sleeptime and reconnect_retrytime
sleeping periodss short if we have some indication that the LDAP server
is available again.
|
|
|
|
|
| |
This also renames the internal nscd module to invalidator for both nslcd
and pynslcd. The new invalidator module is now no longer nscd-specific.
|
| |
|
|
|
|
| |
after reconnecting to the LDAP server after failure
|
| |
|
|
|
|
| |
user authentication in nslcd
|
| |
|
|
|
|
|
|
| |
instead of a set
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1912 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
ranged attributes (very unlikely to occur)
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1910 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
myldap_get_values_len() if malloc() would fail
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1909 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1906 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1901 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1898 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
LDAP error on password change failure
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1895 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1892 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1889 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
line with manual page
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1888 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1887 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1873 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1868 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
sasl_canonicalize option is explicitly set in the configuration file
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1824 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
to not hide these log messages in most configurations (fixes r1095)
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1814 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
attribute values for possibly binary attributes (thanks scan-build)
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1770 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
alignment warnings
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1769 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1745 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
but should have been removed in r1714
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1734 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
default, disable reverse host name lookups in OpenLDAP
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1733 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
(should have been part of r1639)
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1714 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1693 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
and errno if available in a consistent format
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1639 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1627 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
ldap_start_tls_s() failures (based on a patch by Mel Flynn)
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1626 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
debugging easier (patch by Matthijs Kooijman)
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1625 ef36b2f9-881f-0410-afb5-c4e39611909c
|