Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
path: root/nslcd/passwd.c
Commit message (Collapse)AuthorAgeFilesLines
* provide strtouid() and strtogid() functions that use ↵Arthur de Jong2011-08-271-3/+3
| | | | | | strtoul() or strtoull() (thanks Jakub Hrozek) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1524 ef36b2f9-881f-0410-afb5-c4e39611909c
* check errno after calls to strtol() to ensure that ↵Arthur de Jong2011-08-271-0/+21
| | | | | | numbers that are too large for type will be reported (thanks Jakub Hrozek) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1523 ef36b2f9-881f-0410-afb5-c4e39611909c
* check nsswitch.conf mtime to see whether file should be ↵Arthur de Jong2011-08-091-6/+41
| | | | | | reloaded git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1495 ef36b2f9-881f-0410-afb5-c4e39611909c
* check whether the NSS shadow map queries LDAP before ↵Arthur de Jong2011-08-051-3/+14
| | | | | | returning x as a password has for shadow users git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1487 ef36b2f9-881f-0410-afb5-c4e39611909c
* implementation of myldap_get_values_len() to use ↵Arthur de Jong2011-08-051-3/+3
| | | | | | ldap_get_values_len() instead of ldap_get_values() to fix some problems with binary data in returned attribute values (patch by Wesley Mason) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1485 ef36b2f9-881f-0410-afb5-c4e39611909c
* make buffer sizes consistent, grow gidNumber buffer to ↵Arthur de Jong2011-07-021-2/+2
| | | | | | hold larger numbers and small consistency improvements git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1476 ef36b2f9-881f-0410-afb5-c4e39611909c
* provide replacement implementation for strndup() for ↵Arthur de Jong2011-04-151-0/+1
| | | | | | systems that don't have it git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1427 ef36b2f9-881f-0410-afb5-c4e39611909c
* support using the objectSid attribute to provide numeric ↵Arthur de Jong2011-04-151-24/+79
| | | | | | user and group ids, based on a patch by Wesley Mason git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1425 ef36b2f9-881f-0410-afb5-c4e39611909c
* make user and group name validation errors a little more ↵Arthur de Jong2011-04-031-2/+2
| | | | | | informative git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1423 ef36b2f9-881f-0410-afb5-c4e39611909c
* properly handle user-not-found errors when doing ↵Arthur de Jong2011-03-091-2/+12
| | | | | | authentication (CVE-2011-0438) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1382 ef36b2f9-881f-0410-afb5-c4e39611909c
* allow attribute mapping with an expression for the ↵Arthur de Jong2010-12-281-2/+3
| | | | | | userPassword attribute for passwd, group and shadow entries and by default map it to the unmatchable password ("*") to avoid accidentally leaking password information git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1346 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a nss_min_uid option to filter user entries ↵Arthur de Jong2010-12-201-20/+69
| | | | | | returned by LDAP git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1338 ef36b2f9-881f-0410-afb5-c4e39611909c
* return correct PAM status code for when LDAP server is ↵Arthur de Jong2010-11-171-3/+3
| | | | | | unavailable (based on a patch by Pierre Gambarotto) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1315 ef36b2f9-881f-0410-afb5-c4e39611909c
* log the request with any logged messagesArthur de Jong2010-11-071-6/+5
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1301 ef36b2f9-881f-0410-afb5-c4e39611909c
* avoid unneeded strdup()s by using a passed buffer to ↵Arthur de Jong2010-11-041-15/+21
| | | | | | lookup_dn2uid() and using strcmp() in dn2uid() to see if the existing cached value is ok git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1297 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix race condition that could cause a memory leakArthur de Jong2010-11-041-0/+3
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1296 ef36b2f9-881f-0410-afb5-c4e39611909c
* tune some buffer sizes and small cleanupsArthur de Jong2010-05-071-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1087 ef36b2f9-881f-0410-afb5-c4e39611909c
* also have myldap_search() return an LDAP status codeArthur de Jong2010-04-131-16/+11
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1078 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement attribute mapping using shell-like expressionsArthur de Jong2009-12-281-76/+28
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1041 ef36b2f9-881f-0410-afb5-c4e39611909c
* give search filter escaping buffers more logical namesArthur de Jong2009-11-011-3/+3
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1014 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename software to nss-pam-ldapdArthur de Jong2009-08-311-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@978 ef36b2f9-881f-0410-afb5-c4e39611909c
* don't return password hashes at all for non-root users, ↵Arthur de Jong2009-08-121-8/+8
| | | | | | based on a patch by Alexander V. Chernikov <melifaro@ipfw.ru> git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@969 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix off by one error in the maximum number of uidNumber ↵Arthur de Jong2009-06-291-1/+1
| | | | | | attributes in an LDAP entry (thanks to David Binderman for finding this) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@956 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement case-sensitive filtering for group, netgroup, ↵Arthur de Jong2009-06-061-32/+23
| | | | | | passwd, protocols, rpc, services and shadow lookups git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@934 ef36b2f9-881f-0410-afb5-c4e39611909c
* make lookup_dn2uid() available to other modules and ↵Arthur de Jong2009-06-031-21/+23
| | | | | | split uid2dn() into uid2entry() and uid2dn() (from nss-pam-ldapd branch) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@922 ef36b2f9-881f-0410-afb5-c4e39611909c
* refactor protocol reading and writing macros to the ↵Arthur de Jong2009-05-291-1/+1
| | | | | | common directory, use more logical names and in the PAM module no longer use NSS status codes (import of r887 from nss-pam-ldapd) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@904 ef36b2f9-881f-0410-afb5-c4e39611909c
* initialise database modules only once after parsing configArthur de Jong2009-05-241-3/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@893 ef36b2f9-881f-0410-afb5-c4e39611909c
* support multiple search bases, partially based on a ↵Arthur de Jong2009-05-241-10/+19
| | | | | | patch by Leigh Wedding <lwedding@bigpond.com> git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@892 ef36b2f9-881f-0410-afb5-c4e39611909c
* clear up protocol description in nslcd.h, renaming ↵Arthur de Jong2009-04-191-1/+1
| | | | | | NSLCD_RESULT_SUCCESS to NSLCD_RESULT_BEGIN git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@834 ef36b2f9-881f-0410-afb5-c4e39611909c
* add some more documentationArthur de Jong2009-02-271-1/+12
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@808 ef36b2f9-881f-0410-afb5-c4e39611909c
* combine isvalidusername() and isvalidgroupname() into ↵Arthur de Jong2008-06-131-48/+5
| | | | | | isvalidname() because they are similar enough and we just want to check to see if it is a reasonable name (e.g. not a DN) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@759 ef36b2f9-881f-0410-afb5-c4e39611909c
* miscellaneous portability improvementsArthur de Jong2008-06-061-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@742 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a cache for dn2uid() lookups that saves some ↵Arthur de Jong2008-05-031-24/+81
| | | | | | time doing LDAP searches for groups with a lot of members, based on a patch by Petter Reinholdtsen <pere@hungry.com> git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@722 ef36b2f9-881f-0410-afb5-c4e39611909c
* make log message a little more descriptiveArthur de Jong2008-04-261-2/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@704 ef36b2f9-881f-0410-afb5-c4e39611909c
* don't issue warning when myldap_get_entry() returns NULL ↵Arthur de Jong2008-04-231-1/+2
| | | | | | and LDAP_SUCCESS git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@692 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix tests for valid user and group namesArthur de Jong2008-04-201-5/+5
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@690 ef36b2f9-881f-0410-afb5-c4e39611909c
* add checks for valid user and group names in incoming ↵Arthur de Jong2008-04-201-10/+78
| | | | | | requests and for data returned from LDAP git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@689 ef36b2f9-881f-0410-afb5-c4e39611909c
* add test for emtpy DNArthur de Jong2008-04-191-0/+3
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@678 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix member->group searches by also searching for DN in ↵Arthur de Jong2008-04-051-0/+36
| | | | | | uniqueMember attribute git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@663 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a dn2uid() function to transform a DN into a ↵Arthur de Jong2008-02-021-0/+42
| | | | | | username (looking inside the DN or doing an LDAP lookup if neede) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@610 ef36b2f9-881f-0410-afb5-c4e39611909c
* update copyright yearArthur de Jong2008-01-031-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@555 ef36b2f9-881f-0410-afb5-c4e39611909c
* do not warn about missing loginShell attribute because ↵Arthur de Jong2008-01-031-2/+0
| | | | | | it is not mandatory git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@553 ef36b2f9-881f-0410-afb5-c4e39611909c
* switch to new LDAP entry parsing code that is much ↵Arthur de Jong2007-12-091-132/+169
| | | | | | simpler and more readable git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@488 ef36b2f9-881f-0410-afb5-c4e39611909c
* first step to use the new myldap interfaceArthur de Jong2007-10-281-115/+58
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@468 ef36b2f9-881f-0410-afb5-c4e39611909c
* call mysnprintf() instead of snprintf() where needed ↵Arthur de Jong2007-10-201-4/+4
| | | | | | (bugfix) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@448 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove support for nested groups and use of uniqueMember ↵Arthur de Jong2007-09-151-21/+0
| | | | | | and member attributes as well as memberOf attribute (this removes quite some functionality but helps us in refactoring because the code was one big exception to all the other modules) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@407 ef36b2f9-881f-0410-afb5-c4e39611909c
* do not pass useless errnos around because they aren't ↵Arthur de Jong2007-09-151-7/+3
| | | | | | used anymore git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@404 ef36b2f9-881f-0410-afb5-c4e39611909c
* move the two remaining useful functions from util.c to ↵Arthur de Jong2007-09-151-1/+0
| | | | | | ldap-nss.c git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@400 ef36b2f9-881f-0410-afb5-c4e39611909c
* add note about free()ing the returned value and add loggingArthur de Jong2007-09-141-0/+4
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@398 ef36b2f9-881f-0410-afb5-c4e39611909c
* move user2dn() from group.c to passwd_username2dn() in ↵Arthur de Jong2007-09-141-1/+18
| | | | | | passwd.c git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@397 ef36b2f9-881f-0410-afb5-c4e39611909c