Cross Reference: /sssd-io/src/providers/ldap/sdap_async

History log of /sssd-io/src/providers/ldap/sdap_async_sudo.c
Revision	Date	Author	Comments Expand
47ad0778be72994a2294b2e73cc5c670be6811a7	04-Apr-2018	Pavel Březina <pbrezina@redhat.com>	sudo ldap: do not store rules without sudoHost attribute Unless it is cn=defaults. Resolves: https://pagure.io/SSSD/sssd/issue/3558 Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> sdap_async_sudo.c
2ee201dcf6bbe52abbbed3c2fc4c35ca2e0c8a43	31-Oct-2017	Pavel Březina <pbrezina@redhat.com>	sudo: always use srv_opts from id context Prior this patch, we remember id_ctx->srv_opts in sudo request to switch the latest usn values. This works fine most of the time but it may cause a crash. If we have two concurrent sudo refresh and one of these fails, it causes failover to try the next server and possibly replacing the old srv_opts with new one and it causes an access after free in the other refresh. Resolves: https://pagure.io/SSSD/sssd/issue/3562 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> sdap_async_sudo.c
a02a5ed51178b2cbede0396d66aed716b8898096	25-Oct-2017	René Genz <liebundartig@freenet.de>	Fix minor spelling mistakes Merges: https://pagure.io/SSSD/sssd/pull-request/3556 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> /sssd-io/contrib/sssd.spec.in /sssd-io/src/db/sysdb_private.h /sssd-io/src/db/sysdb_views.c /sssd-io/src/examples/sssd-example.conf /sssd-io/src/lib/idmap/sss_idmap.doxy.in /sssd-io/src/man/sssd-secrets.5.xml /sssd-io/src/providers/ad/ad_gpo.c /sssd-io/src/providers/be_dyndns.c /sssd-io/src/providers/data_provider/dp_request.c /sssd-io/src/providers/krb5/krb5_child.c sdap_async_sudo.c /sssd-io/src/responder/kcm/kcmsrv_ccache_json.c /sssd-io/src/responder/kcm/kcmsrv_op_queue.c /sssd-io/src/sbus/sssd_dbus_connection.c /sssd-io/src/shared/safealign.h /sssd-io/src/sss_client/autofs/sss_autofs.c /sssd-io/src/sss_client/idmap/sss_nss_idmap.doxy.in /sssd-io/src/sss_client/libwbclient/wbc_pwd_sssd.c /sssd-io/src/sss_client/sudo/sss_sudo.h /sssd-io/src/tests/cmocka/common_mock_resp_dp.c /sssd-io/src/tests/cmocka/test_sbus_opath.c /sssd-io/src/tools/common/sss_process.c /sssd-io/src/tools/common/sss_process.h /sssd-io/src/tools/sssctl/sssctl.c /sssd-io/src/tools/sssctl/sssctl_data.c /sssd-io/src/util/crypto/libcrypto/crypto_sha512crypt.c /sssd-io/src/util/crypto/nss/nss_sha512crypt.c /sssd-io/src/util/server.c /sssd-io/src/util/sss_ini.h /sssd-io/src/util/tev_curl.c /sssd-io/src/util/util_lock.c
bd769a08d18c791a18e913cf92f7f1651f56d3ff	07-Jul-2016	Jakub Hrozek <jhrozek@redhat.com>	LDAP: Qualify user and group names when saving the sudo users If the sudoUser values we fetch from LDAP correspond to a user or a group name per: http://www.sudo.ws/man/1.8.14/sudoers.ldap.man.html then we parse the usernames into (name,domain) tuples and store them qualified. This patch not only makes the sudo provider work with qualified names, but also makes it possible to use qualified names on the LDAP side, allowing for example AD users from different domains to access sudo rules. Reviewed-by: Sumit Bose <sbose@redhat.com> sdap_async_sudo.c /sssd-io/src/util/util.c /sssd-io/src/util/util.h
cc2d77d5218c188119fa954c856e858cbde76947	20-Jun-2016	Pavel Březina <pbrezina@redhat.com>	Rename dp_backend.h to backend.h Reviewed-by: Sumit Bose <sbose@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> /sssd-io/Makefile.am /sssd-io/src/p11_child/p11_child_nss.c /sssd-io/src/providers/ad/ad_access.c /sssd-io/src/providers/ad/ad_gpo.c /sssd-io/src/providers/ad/ad_gpo_child.c /sssd-io/src/providers/ad/ad_srv.c /sssd-io/src/providers/ad/ad_subdomains.h /sssd-io/src/providers/backend.h /sssd-io/src/providers/be_dyndns.c /sssd-io/src/providers/be_ptask.c /sssd-io/src/providers/be_refresh.c /sssd-io/src/providers/data_provider_be.c /sssd-io/src/providers/data_provider_callbacks.c /sssd-io/src/providers/data_provider_fo.c /sssd-io/src/providers/ipa/ipa_auth.h /sssd-io/src/providers/ipa/ipa_dyndns.h /sssd-io/src/providers/ipa/ipa_subdomains.h /sssd-io/src/providers/ipa/selinux_child.c /sssd-io/src/providers/krb5/krb5_auth.h /sssd-io/src/providers/krb5/krb5_child.c /sssd-io/src/providers/krb5/krb5_common.c /sssd-io/src/providers/krb5/krb5_common.h ldap_access.c ldap_child.c ldap_common.h sdap.h sdap_access.c sdap_access.h sdap_async.h sdap_async_sudo.c sdap_autofs.c sdap_dyndns.c sdap_dyndns.h sdap_sudo.c sdap_sudo.h sdap_sudo_shared.h /sssd-io/src/providers/proxy/proxy.h /sssd-io/src/providers/proxy/proxy_child.c /sssd-io/src/providers/simple/simple_access.c /sssd-io/src/providers/simple/simple_access_check.c /sssd-io/src/tests/cmocka/test_be_ptask.c /sssd-io/src/tests/cmocka/test_data_provider_be.c
cad751beaa12e34e15565bc413442b1e80ac0c29	19-Jan-2016	Pavel Březina <pbrezina@redhat.com>	SUDO: fail on failed request that cannot be retry Reviewed-by: Sumit Bose <sbose@redhat.com> sdap_async_sudo.c
85feb8d77a2c832787880944e02104846c4d5376	19-Jan-2016	Pavel Březina <pbrezina@redhat.com>	SUDO: move code shared between ldap and ipa to separate module Reviewed-by: Sumit Bose <sbose@redhat.com> /sssd-io/Makefile.am sdap_async_sudo.c sdap_sudo_refresh.c sdap_sudo_shared.c sdap_sudo_shared.h
68abbe716bed7c8d6790d9bec168ef44469306a1	19-Jan-2016	Pavel Březina <pbrezina@redhat.com>	SUDO: make sudo sysdb interface more reusable Reviewed-by: Sumit Bose <sbose@redhat.com> /sssd-io/Makefile.am /sssd-io/src/db/sysdb.c /sssd-io/src/db/sysdb.h /sssd-io/src/db/sysdb_sudo.c /sssd-io/src/db/sysdb_sudo.h sdap_async_sudo.c sdap_sudo.c sdap_sudo_cache.c sdap_sudo_cache.h
e9ae5cd285dcc8fa232e16f9c7a29f18537272f2	19-Jan-2016	Pavel Březina <pbrezina@redhat.com>	SUDO: use sdap_search_bases instead custom sb iterator Removes code duplication. Reviewed-by: Sumit Bose <sbose@redhat.com> sdap_async_sudo.c
92ec40e6aa25f75903ffdb166a8ec56b67bfd77d	19-Jan-2016	Pavel Březina <pbrezina@redhat.com>	SDAP: rename sdap_get_id_specific_filter More generic name is used now since it is not used only for id filters. Probably all references will be deleted when the code uses sdap_search_in_bases istead of custom search base iterators. Reviewed-by: Sumit Bose <sbose@redhat.com> /sssd-io/src/providers/ipa/ipa_hbac_rules.c /sssd-io/src/providers/ipa/ipa_hbac_services.c /sssd-io/src/providers/ipa/ipa_hosts.c /sssd-io/src/providers/ipa/ipa_netgroups.c /sssd-io/src/providers/ipa/ipa_selinux_maps.c /sssd-io/src/providers/ipa/ipa_subdomains.c ldap_common.h sdap_async_autofs.c sdap_async_groups.c sdap_async_groups_ad.c sdap_async_initgroups.c sdap_async_initgroups_ad.c sdap_async_nested_groups.c sdap_async_netgroups.c sdap_async_services.c sdap_async_sudo.c sdap_async_users.c
6b83f562fbd67cf61a7167c6057764fd08146241	15-Dec-2015	Pavel Březina <pbrezina@redhat.com>	SUDO: get srv_opts after we are connected It may be NULL in _send if SSSD has not been connected to LDAP so far. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> sdap_async_sudo.c
15ebeedaad83cc5dcf896cfcdea850227fdc46b5	15-Dec-2015	Pavel Březina <pbrezina@redhat.com>	SUDO: use size_t instead of int in for cycles So we compare proper data types. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> sdap_async_sudo.c
cb235ec146f1ba81c211f8506736edea436be28a	15-Dec-2015	Pavel Březina <pbrezina@redhat.com>	SUDO: obtain host information when going online Resolves: https://fedorahosted.org/sssd/ticket/2672 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> sdap_async_sudo.c sdap_sudo.c sdap_sudo.h
c0000a8cc9eccdf5cd8dd72fd6e9bc09d8c7cf00	15-Dec-2015	Pavel Březina <pbrezina@redhat.com>	SUDO: do not imitate full refresh if usn is unknown in smart refresh USN value should be always known now if at least one full refresh was successful. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> sdap_async_sudo.c sdap_sudo_refresh.c
1ab2b07c71da6c19c3855e390d10156d598c06a2	15-Dec-2015	Pavel Březina <pbrezina@redhat.com>	SUDO: built host filter inside sdap_sudo_refresh request Preparation for: https://fedorahosted.org/sssd/ticket/2672 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> sdap_async_sudo.c sdap_sudo.h sdap_sudo_refresh.c
a00c89f23bd50d4fd9cf24aa09037c997781b8c9	15-Dec-2015	Pavel Březina <pbrezina@redhat.com>	SUDO: set USN inside sdap_sudo_refresh request Reduce code duplication. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> sdap_async_sudo.c sdap_sudo.h sdap_sudo_refresh.c
d103c2e4a704b1dfffd39fea2b601c2f337d06d5	15-Dec-2015	Pavel Březina <pbrezina@redhat.com>	SUDO: sdap_sudo_load_sudoers improve iterator The old search base iterator was difficult to read since its logic spread through all functions. This patch also shorten names. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> sdap_async_sudo.c
24eac34a8c1f0a284cb697e8d5c09ff049181691	15-Dec-2015	Pavel Březina <pbrezina@redhat.com>	SUDO: fix tevent style Rearrage and rename functions in sdap_async_sudo.c to obey tevent style and improve readability. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> sdap_async_sudo.c sdap_sudo.c sdap_sudo.h sdap_sudo_refresh.c
7e0158f9fdb1d299ab2d018e9d81cc71eed98c15	15-Dec-2015	Pavel Březina <pbrezina@redhat.com>	SUDO: fix sdap_id_op logic Adds missing sdap_id_op_done call and retry logic. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> sdap_async_sudo.c
fc19031212369d69a9693ac8777ce1e61a16fe93	15-Dec-2015	Pavel Březina <pbrezina@redhat.com>	SUDO: simplify error handling This patch removes state->error and uses only ret instead since state->error was only duplication anyway. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> sdap_async_sudo.c sdap_sudo.c sdap_sudo.h sdap_sudo_refresh.c
81f135f9e83031c4a021a3d19009b2bc179c8468	15-Dec-2015	Pavel Březina <pbrezina@redhat.com>	SUDO: move offline check to handler We let sdap_id_op decide if we are offline or not here but we should not get to this code since ptask is disabled and we will not get through sudo handler if offline. This simplyfies the code and make it more similar to other providers. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> sdap_async_sudo.c sdap_sudo.c
a3c8390d19593b1e5277d95bfb4ab206d4785150	12-Feb-2014	Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>	Make DEBUG macro invocations variadic Use a script to update DEBUG macro invocations to use it as a variadic macro, supplying format string and its arguments directly, instead of wrapping them in parens. This script was used to update the code: grep -rwl --include '.[hc]' DEBUG . \| while read f; do mv "$f"{,.orig} perl -e \ 'use strict; use File::Slurp; my $text=read_file(\STDIN); $text=~s#(\bDEBUG\s$[^(]+)\((.?)$\s\)\s;#$1$2);#gs; print $text;' < "$f.orig" > "$f" rm "$f.orig" done Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Stephen Gallagher <sgallagh@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> /sssd-io/src/confdb/confdb.c /sssd-io/src/confdb/confdb_setup.c /sssd-io/src/db/sysdb.c /sssd-io/src/db/sysdb_autofs.c /sssd-io/src/db/sysdb_idmap.c /sssd-io/src/db/sysdb_ops.c /sssd-io/src/db/sysdb_ranges.c /sssd-io/src/db/sysdb_search.c /sssd-io/src/db/sysdb_selinux.c /sssd-io/src/db/sysdb_services.c /sssd-io/src/db/sysdb_ssh.c /sssd-io/src/db/sysdb_subdomains.c /sssd-io/src/db/sysdb_sudo.c /sssd-io/src/db/sysdb_upgrade.c /sssd-io/src/monitor/monitor.c /sssd-io/src/monitor/monitor_netlink.c /sssd-io/src/monitor/monitor_sbus.c /sssd-io/src/providers/ad/ad_access.c /sssd-io/src/providers/ad/ad_common.c /sssd-io/src/providers/ad/ad_domain_info.c /sssd-io/src/providers/ad/ad_dyndns.c /sssd-io/src/providers/ad/ad_id.c /sssd-io/src/providers/ad/ad_init.c /sssd-io/src/providers/ad/ad_srv.c /sssd-io/src/providers/ad/ad_subdomains.c /sssd-io/src/providers/data_provider_be.c /sssd-io/src/providers/data_provider_callbacks.c /sssd-io/src/providers/data_provider_fo.c /sssd-io/src/providers/data_provider_opts.c /sssd-io/src/providers/dp_auth_util.c /sssd-io/src/providers/dp_dyndns.c /sssd-io/src/providers/dp_pam_data_util.c /sssd-io/src/providers/dp_ptask.c /sssd-io/src/providers/dp_refresh.c /sssd-io/src/providers/fail_over.c /sssd-io/src/providers/fail_over_srv.c /sssd-io/src/providers/ipa/ipa_access.c /sssd-io/src/providers/ipa/ipa_auth.c /sssd-io/src/providers/ipa/ipa_autofs.c /sssd-io/src/providers/ipa/ipa_common.c /sssd-io/src/providers/ipa/ipa_config.c /sssd-io/src/providers/ipa/ipa_dyndns.c /sssd-io/src/providers/ipa/ipa_hbac_common.c /sssd-io/src/providers/ipa/ipa_hbac_hosts.c /sssd-io/src/providers/ipa/ipa_hbac_rules.c /sssd-io/src/providers/ipa/ipa_hbac_services.c /sssd-io/src/providers/ipa/ipa_hbac_users.c /sssd-io/src/providers/ipa/ipa_hostid.c /sssd-io/src/providers/ipa/ipa_hosts.c /sssd-io/src/providers/ipa/ipa_id.c /sssd-io/src/providers/ipa/ipa_idmap.c /sssd-io/src/providers/ipa/ipa_init.c /sssd-io/src/providers/ipa/ipa_netgroups.c /sssd-io/src/providers/ipa/ipa_s2n_exop.c /sssd-io/src/providers/ipa/ipa_selinux.c /sssd-io/src/providers/ipa/ipa_selinux_maps.c /sssd-io/src/providers/ipa/ipa_srv.c /sssd-io/src/providers/ipa/ipa_subdomains.c /sssd-io/src/providers/ipa/ipa_subdomains_ext_groups.c /sssd-io/src/providers/ipa/ipa_subdomains_id.c /sssd-io/src/providers/ipa/ipa_sudo.c /sssd-io/src/providers/krb5/krb5_access.c /sssd-io/src/providers/krb5/krb5_auth.c /sssd-io/src/providers/krb5/krb5_become_user.c /sssd-io/src/providers/krb5/krb5_child.c /sssd-io/src/providers/krb5/krb5_child_handler.c /sssd-io/src/providers/krb5/krb5_common.c /sssd-io/src/providers/krb5/krb5_delayed_online_authentication.c /sssd-io/src/providers/krb5/krb5_init.c /sssd-io/src/providers/krb5/krb5_init_shared.c /sssd-io/src/providers/krb5/krb5_renew_tgt.c /sssd-io/src/providers/krb5/krb5_utils.c /sssd-io/src/providers/krb5/krb5_wait_queue.c ldap_access.c ldap_auth.c ldap_child.c ldap_common.c ldap_id.c ldap_id_cleanup.c ldap_id_enum.c ldap_id_netgroup.c ldap_id_services.c ldap_init.c sdap.c sdap_access.c sdap_async.c sdap_async_autofs.c sdap_async_connection.c sdap_async_enum.c sdap_async_groups.c sdap_async_groups_ad.c sdap_async_initgroups.c sdap_async_initgroups_ad.c sdap_async_nested_groups.c sdap_async_netgroups.c sdap_async_services.c sdap_async_sudo.c sdap_async_sudo_hostinfo.c sdap_async_sudo_timer.c sdap_async_users.c sdap_autofs.c sdap_child_helpers.c sdap_dyndns.c sdap_fd_events.c sdap_id_op.c sdap_idmap.c sdap_range.c sdap_refresh.c sdap_reinit.c sdap_sudo.c sdap_sudo_cache.c /sssd-io/src/providers/proxy/proxy_auth.c /sssd-io/src/providers/proxy/proxy_child.c /sssd-io/src/providers/proxy/proxy_id.c /sssd-io/src/providers/proxy/proxy_init.c /sssd-io/src/providers/proxy/proxy_netgroup.c /sssd-io/src/providers/proxy/proxy_services.c /sssd-io/src/providers/simple/simple_access.c /sssd-io/src/providers/simple/simple_access_check.c /sssd-io/src/resolv/async_resolv.c /sssd-io/src/resolv/async_resolv_utils.c /sssd-io/src/responder/autofs/autofssrv.c /sssd-io/src/responder/autofs/autofssrv_cmd.c /sssd-io/src/responder/autofs/autofssrv_dp.c /sssd-io/src/responder/common/negcache.c /sssd-io/src/responder/common/responder_cmd.c /sssd-io/src/responder/common/responder_common.c /sssd-io/src/responder/common/responder_dp.c /sssd-io/src/responder/common/responder_get_domains.c /sssd-io/src/responder/nss/nsssrv.c /sssd-io/src/responder/nss/nsssrv_cmd.c /sssd-io/src/responder/nss/nsssrv_mmap_cache.c /sssd-io/src/responder/nss/nsssrv_netgroup.c /sssd-io/src/responder/nss/nsssrv_private.h /sssd-io/src/responder/nss/nsssrv_services.c /sssd-io/src/responder/pac/pacsrv.c /sssd-io/src/responder/pac/pacsrv_cmd.c /sssd-io/src/responder/pac/pacsrv_utils.c /sssd-io/src/responder/pam/pam_LOCAL_domain.c /sssd-io/src/responder/pam/pam_helpers.c /sssd-io/src/responder/pam/pamsrv.c /sssd-io/src/responder/pam/pamsrv_cmd.c /sssd-io/src/responder/pam/pamsrv_dp.c /sssd-io/src/responder/ssh/sshsrv.c /sssd-io/src/responder/ssh/sshsrv_cmd.c /sssd-io/src/responder/ssh/sshsrv_dp.c /sssd-io/src/responder/sudo/sudosrv.c /sssd-io/src/responder/sudo/sudosrv_cmd.c /sssd-io/src/responder/sudo/sudosrv_dp.c /sssd-io/src/responder/sudo/sudosrv_get_sudorules.c /sssd-io/src/responder/sudo/sudosrv_query.c /sssd-io/src/sbus/sbus_client.c /sssd-io/src/sbus/sssd_dbus_common.c /sssd-io/src/sbus/sssd_dbus_connection.c /sssd-io/src/sbus/sssd_dbus_server.c /sssd-io/src/sss_client/ssh/sss_ssh_authorizedkeys.c /sssd-io/src/sss_client/ssh/sss_ssh_knownhostsproxy.c /sssd-io/src/tests/auth-tests.c /sssd-io/src/tests/cmocka/test_dyndns.c /sssd-io/src/tests/cmocka/test_fqnames.c /sssd-io/src/tests/cmocka/test_nss_srv.c /sssd-io/src/tests/cmocka/test_utils.c /sssd-io/src/tests/common_dom.c /sssd-io/src/tests/common_tev.c /sssd-io/src/tests/debug-tests.c /sssd-io/src/tests/files-tests.c /sssd-io/src/tests/krb5_child-test.c /sssd-io/src/tests/resolv-tests.c /sssd-io/src/tests/simple_access-tests.c /sssd-io/src/tests/sysdb-tests.c /sssd-io/src/tests/sysdb_ssh-tests.c /sssd-io/src/tools/files.c /sssd-io/src/tools/selinux.c /sssd-io/src/tools/sss_cache.c /sssd-io/src/tools/sss_debuglevel.c /sssd-io/src/tools/sss_groupadd.c /sssd-io/src/tools/sss_groupdel.c /sssd-io/src/tools/sss_groupmod.c /sssd-io/src/tools/sss_groupshow.c /sssd-io/src/tools/sss_seed.c /sssd-io/src/tools/sss_sync_ops.c /sssd-io/src/tools/sss_useradd.c /sssd-io/src/tools/sss_userdel.c /sssd-io/src/tools/sss_usermod.c /sssd-io/src/tools/tools_mc_util.c /sssd-io/src/tools/tools_util.c /sssd-io/src/tools/tools_util.h /sssd-io/src/util/authtok.c /sssd-io/src/util/backup_file.c /sssd-io/src/util/check_and_open.c /sssd-io/src/util/child_common.c /sssd-io/src/util/crypto/libcrypto/crypto_base64.c /sssd-io/src/util/crypto/libcrypto/crypto_obfuscate.c /sssd-io/src/util/crypto/nss/nss_obfuscate.c /sssd-io/src/util/crypto/nss/nss_util.c /sssd-io/src/util/debug.c /sssd-io/src/util/domain_info_utils.c /sssd-io/src/util/find_uid.c /sssd-io/src/util/nscd.c /sssd-io/src/util/server.c /sssd-io/src/util/signal.c /sssd-io/src/util/sss_ini.c /sssd-io/src/util/sss_krb5.c /sssd-io/src/util/sss_krb5.h /sssd-io/src/util/sss_ldap.c /sssd-io/src/util/sss_nss.c /sssd-io/src/util/sss_selinux.c /sssd-io/src/util/sss_ssh.c /sssd-io/src/util/sss_tc_utf8.c /sssd-io/src/util/user_info_msg.c /sssd-io/src/util/usertools.c /sssd-io/src/util/util.c /sssd-io/src/util/util.h /sssd-io/src/util/util_lock.c /sssd-io/src/util/well_known_sids.c
6a31a971a376a992afb838fe60b311360c970267	15-Nov-2013	Jakub Hrozek <jhrozek@redhat.com>	SYSDB: Drop the sysdb_ctx parameter from the sysdb_sudo.c module /sssd-io/src/db/sysdb_sudo.c /sssd-io/src/db/sysdb_sudo.h sdap_async_sudo.c sdap_sudo.c sdap_sudo_cache.c sdap_sudo_cache.h /sssd-io/src/responder/sudo/sudosrv_get_sudorules.c
0e65abe5cf2abf5d4b431cf6bd161b419f07901d	11-Sep-2013	Lukas Slebodnik <lslebodn@redhat.com>	Fix formating of variables with type: size_t /sssd-io/src/db/sysdb_autofs.c /sssd-io/src/db/sysdb_ops.c /sssd-io/src/db/sysdb_search.c /sssd-io/src/providers/ad/ad_srv.c /sssd-io/src/providers/fail_over_srv.c /sssd-io/src/providers/ipa/ipa_config.c /sssd-io/src/providers/ipa/ipa_idmap.c /sssd-io/src/providers/ipa/ipa_netgroups.c /sssd-io/src/providers/ipa/ipa_selinux.c /sssd-io/src/providers/ipa/ipa_selinux_maps.c /sssd-io/src/providers/ipa/ipa_srv.c /sssd-io/src/providers/ipa/ipa_subdomains_ext_groups.c /sssd-io/src/providers/krb5/krb5_child.c /sssd-io/src/providers/krb5/krb5_child_handler.c /sssd-io/src/providers/krb5/krb5_renew_tgt.c ldap_child.c ldap_id_cleanup.c sdap_access.c sdap_async_autofs.c sdap_async_groups.c sdap_async_groups_ad.c sdap_async_initgroups.c sdap_async_initgroups_ad.c sdap_async_nested_groups.c sdap_async_netgroups.c sdap_async_services.c sdap_async_sudo.c sdap_async_users.c sdap_child_helpers.c /sssd-io/src/providers/simple/simple_access_check.c /sssd-io/src/responder/nss/nsssrv_mmap_cache.c /sssd-io/src/responder/pam/pamsrv_cmd.c /sssd-io/src/util/child_common.c
749cfb5d3270b5daf389d51a0dbd3fd2aec6e05d	07-Jun-2013	Jakub Hrozek <jhrozek@redhat.com>	LDAP: new SDAP domain structure Previously an sdap_id_ctx was always tied to one domain with a single set of search bases. But with the introduction of Global Catalog lookups, primary domain and subdomains might have different search bases. This patch introduces a new structure sdap_domain that contains an sssd domain or subdomain and a set of search bases. With this patch, there is only one sdap_domain that describes the primary domain. /sssd-io/src/providers/ad/ad_common.c /sssd-io/src/providers/ad/ad_subdomains.c /sssd-io/src/providers/ipa/ipa_common.c /sssd-io/src/providers/ipa/ipa_netgroups.c ldap_common.c ldap_common.h ldap_id.c ldap_id_enum.c ldap_id_netgroup.c ldap_id_services.c ldap_init.c sdap.c sdap.h sdap_async.h sdap_async_autofs.c sdap_async_connection.c sdap_async_groups.c sdap_async_groups_ad.c sdap_async_initgroups.c sdap_async_initgroups_ad.c sdap_async_nested_groups.c sdap_async_netgroups.c sdap_async_private.h sdap_async_services.c sdap_async_sudo.c
df0596ec12bc5091608371e2977f3111241e8caf	21-Jan-2013	Simo Sorce <simo@redhat.com>	Remove sysdb as a be context structure member The sysdb context is already available through the 'domain' structure. /sssd-io/src/providers/data_provider_be.c /sssd-io/src/providers/dp_backend.h /sssd-io/src/providers/ipa/ipa_auth.c /sssd-io/src/providers/ipa/ipa_hostid.c /sssd-io/src/providers/ipa/ipa_id.c /sssd-io/src/providers/ipa/ipa_selinux.c /sssd-io/src/providers/ipa/ipa_subdomains.c /sssd-io/src/providers/krb5/krb5_access.c /sssd-io/src/providers/krb5/krb5_auth.c /sssd-io/src/providers/krb5/krb5_renew_tgt.c ldap_auth.c ldap_common.c ldap_id.c ldap_id_cleanup.c ldap_id_enum.c ldap_id_netgroup.c ldap_id_services.c sdap_async_initgroups.c sdap_async_services.c sdap_async_sudo.c sdap_autofs.c sdap_idmap.c sdap_sudo.c /sssd-io/src/providers/proxy/proxy_auth.c /sssd-io/src/providers/proxy/proxy_id.c /sssd-io/src/providers/simple/simple_access.c /sssd-io/src/providers/simple/simple_access.h
b0fa48b0d612b46a86e45f8e4b5d9feae9784c2b	15-Jan-2013	Simo Sorce <simo@redhat.com>	Add domain arguments to sysdb sudo functions /sssd-io/src/db/sysdb_sudo.c /sssd-io/src/db/sysdb_sudo.h sdap_async_sudo.c sdap_sudo.c sdap_sudo_cache.c sdap_sudo_cache.h /sssd-io/src/responder/sudo/sudosrv_get_sudorules.c
9675bccabff4e79d224f64611ad9ff3e073b488e	15-Jan-2013	Simo Sorce <simo@redhat.com>	Make sysdb_custom_subtree_dn() require a domain. /sssd-io/src/db/sysdb.c /sssd-io/src/db/sysdb.h /sssd-io/src/db/sysdb_ops.c /sssd-io/src/db/sysdb_sudo.c /sssd-io/src/db/sysdb_sudo.h /sssd-io/src/providers/ipa/ipa_access.c /sssd-io/src/providers/ipa/ipa_hbac_common.c sdap_async_sudo.c
55b8413d20d15f342a5c08a3077ca22028fd1a0d	07-Jan-2013	Simo Sorce <simo@redhat.com>	Fix tevent_req style for sdap_async_sudo. Use correct name for _done() function from the caller. Remove unneded initializzations to NULL for a lot of variables hat are going to be assigned as the first thing done in the functions. sdap_async_sudo.c
fc647b8eb5bca901658dedf3dbda2f35c63a86f2	02-Jan-2013	Pavel Březina <pbrezina@redhat.com>	set ret to EOK after for loop in sdap_sudo_purge_sudoers If we are unable to delete some rule from cache we print a debug message and ignore the error. Thus we should set ret to EOK after the for loop otherwise we return whether the last rule was deleted successfully or not. This also removes compilation warning that ret may be used uninitialized (when we don't go inside the loop at all). sdap_async_sudo.c
21d485184df986e1a123f70c689517386e51a5ce	23-Aug-2012	Michal Zidek <mzidek@redhat.com>	Unify usage of sysdb transactions Removing bad examples of usage of sysdb_transaction_start/commit/end functions and making it more consistent (all files except of src/db/sysdb_*.c). /sssd-io/src/providers/ipa/ipa_access.c /sssd-io/src/providers/ipa/ipa_hbac_common.c /sssd-io/src/providers/ipa/ipa_selinux.c /sssd-io/src/providers/ipa/ipa_selinux_common.c /sssd-io/src/providers/krb5/krb5_auth.c ldap_id_cleanup.c sdap_async_groups.c sdap_async_initgroups.c sdap_async_services.c sdap_async_sudo.c sdap_async_users.c /sssd-io/src/providers/proxy/proxy_id.c /sssd-io/src/providers/proxy/proxy_services.c /sssd-io/src/python/pysss.c /sssd-io/src/tools/sss_cache.c /sssd-io/src/tools/sss_groupadd.c /sssd-io/src/tools/sss_groupmod.c /sssd-io/src/tools/sss_seed.c /sssd-io/src/tools/sss_useradd.c /sssd-io/src/tools/sss_usermod.c
8bbf89c5ab798c112773fe23515c3a9df56dde71	18-Jul-2012	Nick Guay <nguay@redhat.com>	Fix uninitialized values https://fedorahosted.org/sssd/ticket/1379 /sssd-io/src/db/sysdb_selinux.c /sssd-io/src/db/sysdb_sudo.c /sssd-io/src/providers/ipa/ipa_session.c /sssd-io/src/providers/krb5/krb5_child_handler.c /sssd-io/src/providers/krb5/krb5_utils.c sdap_async_connection.c sdap_async_sudo.c sdap_sudo.c /sssd-io/src/responder/nss/nsssrv_services.c /sssd-io/src/responder/pam/pamsrv_cmd.c /sssd-io/src/responder/sudo/sudosrv_dp.c /sssd-io/src/sss_client/common.c
4684d427e7e10642ceff62128c3d22db87872c4c	29-Jun-2012	Pavel Březina <pbrezina@redhat.com>	sudo ldap provider: return number of downloaded rules in sdap_sudo_refresh_recv() sdap_async_sudo.c sdap_sudo.c sdap_sudo.h
6ea68b049dd507409d454100978ee125febc69ea	29-Jun-2012	Pavel Březina <pbrezina@redhat.com>	sudo ldap provider: when sysdb filter is NULL remove downloaded rules sdap_async_sudo.c
f143937efc6cbb1eb84042979c83dd5b3f23a40c	29-Jun-2012	Pavel Březina <pbrezina@redhat.com>	sudo ldap provider: find highest USN sdap_async_sudo.c sdap_sudo.c sdap_sudo.h sdap_sudo_cache.c sdap_sudo_cache.h
80357fbba7e8251c85aa884749f275eed28eb4eb	29-Jun-2012	Pavel Březina <pbrezina@redhat.com>	sudo ldap provider: add expiration time to each rule sdap_async_sudo.c sdap_sudo_cache.c sdap_sudo_cache.h
4cab4191f9e0d8d2cc04084964c71454a62852fe	29-Jun-2012	Pavel Březina <pbrezina@redhat.com>	sudo ldap provider: add domain info in sdap_sudo_refresh_state sdap_async_sudo.c
2b5b66499301dab74d2a96c3ecd1f3959de8392d	29-Jun-2012	Pavel Březina <pbrezina@redhat.com>	sudo ldap provider: add sysdb ctx in sdap_sudo_refresh_state sdap_async_sudo.c
751a7930d5af7c1a3c36936e3c5b9205189c6b92	29-Jun-2012	Pavel Březina <pbrezina@redhat.com>	sudo ldap provider: give sdap_sudo_refresh_send() search and purge filters sdap_async_sudo.c sdap_sudo.c sdap_sudo.h sdap_sudo_timer.c
0ca19d792b717456f334abdf35279acddf6d71c2	29-Jun-2012	Pavel Březina <pbrezina@redhat.com>	sudo ldap provider: move async routines to sdap_async_sudo.c /sssd-io/Makefile.am sdap_async_sudo.c sdap_sudo.c