Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
path: root/nslcd/shadow.c
Commit message (Collapse)AuthorAgeFilesLines
* Update shadow.c to resolve pwdLastSet issuejoshuashire2014-01-251-1/+1
| | | | | | | We read the date into the buffer to the specified length to get it to the Unix time (i.e. seconds) from its AD value of nanoseconds, then convert it to days for shadow. If we use date rather than buffer we end up trying to convert the original nanosecond value.
* Centralise buffer sizesArthur de Jong2013-12-181-5/+5
| | | | | | Common buffer sizes are now stored centrally so it can be easily and consistently updated if required. Some buffers remain with locally defined sizes that do not match a global buffer size.
* Increase password buffer sizeBersl2013-08-281-1/+1
| | | | With the smaller buffers some password hashes would be truncated.
* Return partial shadow information to non-root usersArthur de Jong2013-08-211-6/+7
| | | | | | | | | | | | | | This also returns everything except the password hash from the shadow database to non-root users (nothing was returned before). This allows non-root users to do PAM authentication in some configurations. On some systems there is a setgid executable that is allowed to read /etc/shadow for authentication by e.g. screensavers. Returning no shadow information will cause pam_unix to deny authorisation in common configurations. See: http://bugs.debian.org/706913
* move update_lastchange() function from shadow to pam codeArthur de Jong2013-03-011-66/+0
|
* check result of set_tolist() to ensure that memory ↵Arthur de Jong2013-01-121-1/+6
| | | | | | allocation problems are logged git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1911 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove the ldc_ prefix from struct ldap_config fieldsArthur de Jong2012-12-301-2/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1887 ef36b2f9-881f-0410-afb5-c4e39611909c
* move the action argument to NSLCD_HANDLE to the frontArthur de Jong2012-12-231-4/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1877 ef36b2f9-881f-0410-afb5-c4e39611909c
* update C coding style to a more commonly used styleArthur de Jong2012-12-221-156/+159
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1873 ef36b2f9-881f-0410-afb5-c4e39611909c
* grow all search filter buffers to 4096 bytes (thanks flavio)Arthur de Jong2012-09-141-2/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1763 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement extra range checking of all numeric valuesArthur de Jong2012-05-201-4/+4
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1694 ef36b2f9-881f-0410-afb5-c4e39611909c
* make whether or not to do case-sensitive filtering ↵Arthur de Jong2012-03-131-1/+1
| | | | | | configurable (patch by Matthew L. Dailey) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1634 ef36b2f9-881f-0410-afb5-c4e39611909c
* Use an explicit base of 10 for ↵Jakub Hrozek2011-09-301-3/+3
| | | | | | strtouid()/strtogid()/strtol() calls git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1547 ef36b2f9-881f-0410-afb5-c4e39611909c
* make validation log messages consistentArthur de Jong2011-09-091-13/+13
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1542 ef36b2f9-881f-0410-afb5-c4e39611909c
* check errno after calls to strtol() to ensure that ↵Arthur de Jong2011-08-271-0/+19
| | | | | | numbers that are too large for type will be reported (thanks Jakub Hrozek) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1523 ef36b2f9-881f-0410-afb5-c4e39611909c
* make buffer sizes consistent, grow gidNumber buffer to ↵Arthur de Jong2011-07-021-4/+4
| | | | | | hold larger numbers and small consistency improvements git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1476 ef36b2f9-881f-0410-afb5-c4e39611909c
* check shadow properties (similarly to what pam_unix ↵Arthur de Jong2011-04-301-3/+37
| | | | | | does) in the PAM handling code git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1446 ef36b2f9-881f-0410-afb5-c4e39611909c
* move code for getting shadow expiry properties to a ↵Arthur de Jong2011-04-301-36/+37
| | | | | | separate function git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1442 ef36b2f9-881f-0410-afb5-c4e39611909c
* set maxdays to -1 to indicate no expiry (instead of a ↵Arthur de Jong2011-04-291-1/+1
| | | | | | long time) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1439 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix descriptions of filesArthur de Jong2011-03-231-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1405 ef36b2f9-881f-0410-afb5-c4e39611909c
* allow attribute mapping with an expression for the ↵Arthur de Jong2010-12-281-2/+3
| | | | | | userPassword attribute for passwd, group and shadow entries and by default map it to the unmatchable password ("*") to avoid accidentally leaking password information git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1346 ef36b2f9-881f-0410-afb5-c4e39611909c
* try to update the shadowLastChange attribute of a user ↵Arthur de Jong2010-12-261-0/+66
| | | | | | on password change (the update is only tried if the attribute is present to begin with) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1345 ef36b2f9-881f-0410-afb5-c4e39611909c
* log the request with any logged messagesArthur de Jong2010-11-071-4/+3
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1301 ef36b2f9-881f-0410-afb5-c4e39611909c
* tune some buffer sizes and small cleanupsArthur de Jong2010-05-071-2/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1087 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement attribute mapping using shell-like expressionsArthur de Jong2009-12-281-54/+35
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1041 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix log messageArthur de Jong2009-12-271-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1036 ef36b2f9-881f-0410-afb5-c4e39611909c
* give search filter escaping buffers more logical namesArthur de Jong2009-11-011-3/+3
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1014 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename software to nss-pam-ldapdArthur de Jong2009-08-311-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@978 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement case-sensitive filtering for group, netgroup, ↵Arthur de Jong2009-06-061-27/+18
| | | | | | passwd, protocols, rpc, services and shadow lookups git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@934 ef36b2f9-881f-0410-afb5-c4e39611909c
* refactor protocol reading and writing macros to the ↵Arthur de Jong2009-05-291-1/+1
| | | | | | common directory, use more logical names and in the PAM module no longer use NSS status codes (import of r887 from nss-pam-ldapd) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@904 ef36b2f9-881f-0410-afb5-c4e39611909c
* initialise database modules only once after parsing configArthur de Jong2009-05-241-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@893 ef36b2f9-881f-0410-afb5-c4e39611909c
* support multiple search bases, partially based on a ↵Arthur de Jong2009-05-241-5/+7
| | | | | | patch by Leigh Wedding <lwedding@bigpond.com> git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@892 ef36b2f9-881f-0410-afb5-c4e39611909c
* clear up protocol description in nslcd.h, renaming ↵Arthur de Jong2009-04-191-1/+1
| | | | | | NSLCD_RESULT_SUCCESS to NSLCD_RESULT_BEGIN git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@834 ef36b2f9-881f-0410-afb5-c4e39611909c
* partial support for reading AD date format for ↵Arthur de Jong2008-04-051-12/+48
| | | | | | pwdLastSet attribute git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@657 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix incorrect references to attribute map entriesArthur de Jong2007-12-311-3/+3
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@545 ef36b2f9-881f-0410-afb5-c4e39611909c
* rewrite GET_OPTIONAL_DATE() as an extension to ↵Arthur de Jong2007-12-201-20/+4
| | | | | | GET_OPTIONAL_LONG() git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@505 ef36b2f9-881f-0410-afb5-c4e39611909c
* switch to new LDAP entry parsing code that is much ↵Arthur de Jong2007-12-091-108/+134
| | | | | | simpler and more readable git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@488 ef36b2f9-881f-0410-afb5-c4e39611909c
* first step to use the new myldap interfaceArthur de Jong2007-10-281-88/+51
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@468 ef36b2f9-881f-0410-afb5-c4e39611909c
* do not pass useless errnos around because they aren't ↵Arthur de Jong2007-09-151-5/+2
| | | | | | used anymore git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@404 ef36b2f9-881f-0410-afb5-c4e39611909c
* move the two remaining useful functions from util.c to ↵Arthur de Jong2007-09-151-1/+0
| | | | | | ldap-nss.c git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@400 ef36b2f9-881f-0410-afb5-c4e39611909c
* do not flush streams: our caller closes the streams ↵Arthur de Jong2007-09-141-2/+0
| | | | | | flusing them git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@396 ef36b2f9-881f-0410-afb5-c4e39611909c
* make use of write_*ent() functions consistentArthur de Jong2007-09-141-17/+24
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@395 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove mutex from all LDAP operations because we now ↵Arthur de Jong2007-09-141-2/+0
| | | | | | have a session and a connection per thread git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@392 ef36b2f9-881f-0410-afb5-c4e39611909c
* get rid of global session and instead pass the session ↵Arthur de Jong2007-09-141-31/+16
| | | | | | as a parameter with every request and allocate a session per thread git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@391 ef36b2f9-881f-0410-afb5-c4e39611909c
* move base and scope handling to database specific ↵Arthur de Jong2007-09-081-6/+15
| | | | | | modules, gettting rid of ldap_service_search_descriptor git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@384 ef36b2f9-881f-0410-afb5-c4e39611909c
* move filters definitions to the database modules ↵Arthur de Jong2007-09-081-12/+31
| | | | | | themselves (and already define base and scope but don't use them yet) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@383 ef36b2f9-881f-0410-afb5-c4e39611909c
* make handling of ent_context consistent and simplerArthur de Jong2007-09-071-5/+4
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@382 ef36b2f9-881f-0410-afb5-c4e39611909c
* properly initialize all contextsArthur de Jong2007-09-071-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@381 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove the ldap-schema.[ch] files since this is now ↵Arthur de Jong2007-09-071-1/+0
| | | | | | fully implemented in the database specific files git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@378 ef36b2f9-881f-0410-afb5-c4e39611909c
* also pass search filter for the *_all() functions from ↵Arthur de Jong2007-09-071-2/+5
| | | | | | the database module instead of doing it in ldap-nss.c git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@377 ef36b2f9-881f-0410-afb5-c4e39611909c