| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
| |
Thanks to Têko Mihinto.
See https://bugzilla.redhat.com/show_bug.cgi?id=1612543
|
|
|
|
|
|
|
|
|
| |
This adds a domain variable (if it can be determined on the system) that
can be used in pam_authz_search and pam_authc_search filters to build
search filters that search on the domain name (the FQDN without the
starting host name).
Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/8
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This function integrates the myldap_set_credentials() and
myldap_get_policy_response() and performs the bind operation witout
actually performing a search.
The function performs a "fake" search that returns after performing the
LDAP BIND operation.
This replaces a number of dummy search operations that were there to
ensure that the connection was open. This allows us to skip the search
operation after authentication.
|
|
|
|
|
| |
This allows performing a different, configurable search from the default
BASE search after the BIND operation.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This moves the autzsearch_var_add(), autzsearch_vars_free(),
autzsearch_var_get() and do_autzsearches() functions to the top of the
file using more generic names and introduces search_vars_new() in
prepartion of other similar searches.
This also renames the remaining authzsearch functions to authz_search to
be consistent with the pam_authz_search option.
|
|
|
|
|
|
|
| |
This avoids changing the cannonical username to the value as specified
in LDAP when ignorecase is used.
See https://github.com/arthurdejong/nss-pam-ldapd/issues/12
|
|
|
|
|
| |
This fixes setting the correct LDAP error code and also fixes formatting
in 027df03.
|
|
|
|
|
|
|
|
|
|
| |
chasing referrals
This fixes a bug where 'shadowLastChange' attribute cannot be updated when
chasing a referral. After a password is succesfully changed, the credentials
for binding should also be updated with the new password for the session.
Signed-off-by: Vasilis Tsiligiannis <vasilis.tsiligiannis@nokia.com>
|
|
|
|
| |
This fixes 15fc13c.
|
|
|
|
|
| |
This clears most buffers that may hold credentials at one point before
free()ing the memory.
|
| |
|
|
|
|
|
| |
This adds logging of most cases where a defined buffer is not large
enough to hold provided data on error log level.
|
| |
|
|
|
|
|
|
| |
Common buffer sizes are now stored centrally so it can be easily and
consistently updated if required. Some buffers remain with locally
defined sizes that do not match a global buffer size.
|
|
|
|
|
| |
This includes a number of small fixes for issues that were formerly
masked by the incorrect AC_LANG_PROGRAM check.
|
| |
|
|
|
|
| |
authenticate as administrator when rootpwmoddn is not set
|
| |
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1903 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
LDAP error on password change failure
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1895 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
nslcd LDAP connection if the update with the user's connection failed
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1894 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
line with manual page
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1888 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1887 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1878 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1873 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1865 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1762 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
option to deny password change introducing a NSLCD_ACTION_CONFIG_GET request thanks to Ted Cheng
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1715 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
terminate protocol on password change failure
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1703 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
multiple times
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1679 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
Chris J Arges
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1643 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
by Matt Rae
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1628 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1590 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
|
|
|
|
|
| |
returns invalid value
If myldap_get_values() failed for the attmap_passwd_uid, nss-pam-ldapd
would dereference a NULL pointer.
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1589 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
spamming the logs with useless information (thanks Wakko Warner)
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1551 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1542 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
authenticating, only check account expiration when doing authorisation check
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1475 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1474 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
unavailable to PAM module
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1449 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1447 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
does) in the PAM handling code
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1446 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1444 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1443 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
search into the try_autzsearch() function
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1441 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
| |
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1436 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
each request (this may mean one or two more lookups when doing authentication but simplifies things)
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1434 ef36b2f9-881f-0410-afb5-c4e39611909c
|
|
|
|
|
|
| |
informative
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1423 ef36b2f9-881f-0410-afb5-c4e39611909c
|