Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
path: root/nslcd
Commit message (Collapse)AuthorAgeFilesLines
* remove SSL/TLS warning messages during startupArthur de Jong2009-06-031-9/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@925 ef36b2f9-881f-0410-afb5-c4e39611909c
* import preliminary version of PAM functionality into nslcdArthur de Jong2009-06-034-2/+298
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@923 ef36b2f9-881f-0410-afb5-c4e39611909c
* make lookup_dn2uid() available to other modules and ↵Arthur de Jong2009-06-032-21/+30
| | | | | | split uid2dn() into uid2entry() and uid2dn() (from nss-pam-ldapd branch) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@922 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement myldap_set_credentials() and myldap_cpy_dn() ↵Arthur de Jong2009-06-032-1/+51
| | | | | | which will be used in the PAM lookups (from nss-pam-ldapd branch) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@921 ef36b2f9-881f-0410-afb5-c4e39611909c
* don't look inside the passed variable get_strdup() ↵Arthur de Jong2009-05-301-6/+3
| | | | | | because it could point to uninitialized memory git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@910 ef36b2f9-881f-0410-afb5-c4e39611909c
* refactor protocol reading and writing macros to the ↵Arthur de Jong2009-05-2913-16/+16
| | | | | | common directory, use more logical names and in the PAM module no longer use NSS status codes (import of r887 from nss-pam-ldapd) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@904 ef36b2f9-881f-0410-afb5-c4e39611909c
* initialise database modules only once after parsing configArthur de Jong2009-05-2413-15/+37
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@893 ef36b2f9-881f-0410-afb5-c4e39611909c
* support multiple search bases, partially based on a ↵Arthur de Jong2009-05-2415-109/+156
| | | | | | patch by Leigh Wedding <lwedding@bigpond.com> git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@892 ef36b2f9-881f-0410-afb5-c4e39611909c
* according to autoupdate RETSIGTYPE can be considered ↵Arthur de Jong2009-05-091-2/+2
| | | | | | void always git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@872 ef36b2f9-881f-0410-afb5-c4e39611909c
* prefix NETGROUP_TYPE macros with NSLCD_Arthur de Jong2009-05-081-2/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@864 ef36b2f9-881f-0410-afb5-c4e39611909c
* set most SSL/TLS related options globally instead of per ↵Arthur de Jong2009-05-013-80/+44
| | | | | | connection git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@853 ef36b2f9-881f-0410-afb5-c4e39611909c
* move debugging initialisation to myldap_set_debuglevel() ↵Arthur de Jong2009-04-305-37/+51
| | | | | | function git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@852 ef36b2f9-881f-0410-afb5-c4e39611909c
* produce more logging and get OpenLDAP logging working by ↵Arthur de Jong2009-04-251-10/+55
| | | | | | logging to stderr (and implement temporary workaround for reqcert problems) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@850 ef36b2f9-881f-0410-afb5-c4e39611909c
* include ldap.h to ensure that struct ldap_config will be ↵Arthur de Jong2009-04-251-1/+2
| | | | | | the same in every file git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@849 ef36b2f9-881f-0410-afb5-c4e39611909c
* clear errno before ldap calls to get usable returned errnoArthur de Jong2009-04-251-0/+4
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@848 ef36b2f9-881f-0410-afb5-c4e39611909c
* clear up protocol description in nslcd.h, renaming ↵Arthur de Jong2009-04-1911-12/+12
| | | | | | NSLCD_RESULT_SUCCESS to NSLCD_RESULT_BEGIN git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@834 ef36b2f9-881f-0410-afb5-c4e39611909c
* update copyright yearArthur de Jong2009-03-221-2/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@823 ef36b2f9-881f-0410-afb5-c4e39611909c
* check user and group names against LOGIN_NAME_MAX if it ↵Arthur de Jong2009-02-271-1/+6
| | | | | | is defined git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@810 ef36b2f9-881f-0410-afb5-c4e39611909c
* add some more documentationArthur de Jong2009-02-271-1/+12
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@808 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename the tls_checkpeer option to tls_reqcert, ↵Arthur de Jong2008-12-063-7/+39
| | | | | | deprecating the old name and supporting all options that OpenLDAP supports for that value git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@805 ef36b2f9-881f-0410-afb5-c4e39611909c
* allow backslashes in names execpt as first or last characterArthur de Jong2008-12-031-2/+3
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@804 ef36b2f9-881f-0410-afb5-c4e39611909c
* clean the environment and set LDAPNOINIT to disable ↵Arthur de Jong2008-12-031-2/+30
| | | | | | parsing of LDAP configfiles (.ldaprc, /etc/ldap/ldap.conf, etc) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@803 ef36b2f9-881f-0410-afb5-c4e39611909c
* use tls_* options also for StartTLS connectionsArthur de Jong2008-11-291-36/+36
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@802 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove sslpath option because it wasn't used for anythingArthur de Jong2008-11-292-10/+0
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@801 ef36b2f9-881f-0410-afb5-c4e39611909c
* also allow spaces in user and group names because it was ↵Arthur de Jong2008-10-011-1/+1
| | | | | | causing problems in some environments git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@788 ef36b2f9-881f-0410-afb5-c4e39611909c
* also retry if ldap_result() failed and getting error ↵Arthur de Jong2008-09-241-1/+1
| | | | | | number returned LDAP_SUCCESS git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@787 ef36b2f9-881f-0410-afb5-c4e39611909c
* log option name instead of option value for ↵Arthur de Jong2008-09-241-1/+1
| | | | | | ldap_set_option() value git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@786 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename get_base_from_dse() to get_base_from_rootdse()Arthur de Jong2008-07-201-5/+5
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@777 ef36b2f9-881f-0410-afb5-c4e39611909c
* make the get_base_from_dse() function cleaner and add a ↵Arthur de Jong2008-07-201-5/+11
| | | | | | comment describing the function git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@776 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement looking up search base in DSE of LDAP serverArthur de Jong2008-07-201-0/+53
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@775 ef36b2f9-881f-0410-afb5-c4e39611909c
* LDAP_OPT_X_TLS_REQUIRE_CERT is not a booleanArthur de Jong2008-07-101-4/+5
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@773 ef36b2f9-881f-0410-afb5-c4e39611909c
* replace https:// by ldaps:// (stupid typo)Arthur de Jong2008-06-172-4/+4
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@770 ef36b2f9-881f-0410-afb5-c4e39611909c
* give pidfile and socket creation functions more logical ↵Arthur de Jong2008-06-151-4/+4
| | | | | | names git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@763 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement SASL authentication based on a patch by Dan ↵Arthur de Jong2008-06-143-30/+82
| | | | | | White <dwhite@olp.net> git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@762 ef36b2f9-881f-0410-afb5-c4e39611909c
* combine isvalidusername() and isvalidgroupname() into ↵Arthur de Jong2008-06-134-90/+43
| | | | | | isvalidname() because they are similar enough and we just want to check to see if it is a reasonable name (e.g. not a DN) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@759 ef36b2f9-881f-0410-afb5-c4e39611909c
* don't perform SSL/TLS sanity checks if it isn't ↵Arthur de Jong2008-06-121-0/+4
| | | | | | available on the platform git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@757 ef36b2f9-881f-0410-afb5-c4e39611909c
* remove warning on using ssl optionArthur de Jong2008-06-061-1/+0
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@751 ef36b2f9-881f-0410-afb5-c4e39611909c
* check that all URLs start with https:// if "ssl on" is ↵Arthur de Jong2008-06-061-0/+12
| | | | | | specified git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@750 ef36b2f9-881f-0410-afb5-c4e39611909c
* also set TLS options if an ldaps:// URL is specifiedArthur de Jong2008-06-061-2/+4
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@749 ef36b2f9-881f-0410-afb5-c4e39611909c
* add uid and gid configuration keywords that set the user ↵Arthur de Jong2008-06-063-10/+84
| | | | | | id and group id of the running nslcd process git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@745 ef36b2f9-881f-0410-afb5-c4e39611909c
* environ is defined in unistd.hArthur de Jong2008-06-061-3/+0
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@744 ef36b2f9-881f-0410-afb5-c4e39611909c
* increase write buffer size in nslcd to free up threads ↵Arthur de Jong2008-06-061-2/+2
| | | | | | earlier and increase timeout for nslcd to nss communication to one minute (at both places) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@743 ef36b2f9-881f-0410-afb5-c4e39611909c
* miscellaneous portability improvementsArthur de Jong2008-06-063-3/+12
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@742 ef36b2f9-881f-0410-afb5-c4e39611909c
* include a random string in every log message to be able ↵Arthur de Jong2008-05-163-5/+48
| | | | | | to group log messages for a single request git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@739 ef36b2f9-881f-0410-afb5-c4e39611909c
* add sanity checks to sleep calls to never sleep too long ↵Arthur de Jong2008-05-161-0/+2
| | | | | | (problems could occur when the clock moves backwards) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@738 ef36b2f9-881f-0410-afb5-c4e39611909c
* improve documentation for myldap_get_rdn_value() functionArthur de Jong2008-05-151-5/+5
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@734 ef36b2f9-881f-0410-afb5-c4e39611909c
* close the connection and retry the search (once) if the ↵Arthur de Jong2008-05-111-0/+24
| | | | | | search fails with the first call to myldap_get_entry() (starting a search doesn't always give an error when the connection has been broken) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@733 ef36b2f9-881f-0410-afb5-c4e39611909c
* split retry mechanism of myldap_search() into a new ↵Arthur de Jong2008-05-111-45/+58
| | | | | | do_retry_search() function git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@732 ef36b2f9-881f-0410-afb5-c4e39611909c
* allocate the search memory region in myldap_search() ↵Arthur de Jong2008-05-111-31/+27
| | | | | | instead of in do_try_search() and have the latter return an LDAP status code git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@731 ef36b2f9-881f-0410-afb5-c4e39611909c
* also allow closing of searches that no longer have a ↵Arthur de Jong2008-05-111-19/+13
| | | | | | valid connection and integrate myldap_search_free() into myldap_search_close() git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@730 ef36b2f9-881f-0410-afb5-c4e39611909c