These functions allow handling of auth tokens in a completely opaque way,
with clear semantics and accessor fucntions that guarantee consistency,
proper access to data and error conditions.
---
Makefile.am|2 +
src/util/authtok.c | 195 +
NOTE: this is just a rebase due to the dependency on the previous patcheset for
which some changes were requested,
The current way we handle with auth token is manual and very error prone.
The semanthics are also confusing and do not make clear how tokens are stored
such that manipulating them is
This is useful for wiping passwords, as it prevents the compiler from
optimizing out a memset to zero before a free()
---
src/util/util.c |9 +
src/util/util.h | 10 ++
2 files changed, 19 insertions(+), 0 deletions(-)
diff --git a/src/util/util.c b/src/util/util.c
index
b8
Make it clear to the API users that we can not take arbitrary auth tokens.
We can only take a password for now so simplify and clarify the interface.
---
src/db/sysdb.h |3 +--
src/db/sysdb_ops.c | 12 +---
src/providers/krb5/krb5_auth.c | 23 +++
Avoids hardcoding magic numbers everywhere and self documents why a
mask is being applied.
---
src/providers/data_provider.h |1 +
src/providers/ipa/ipa_id.c|2 +-
src/providers/ipa/ipa_subdomains_id.c |2 +-
src/providers/ldap/ldap_id.c |2 +-
src/prov
In particular note that we merge ipa_account_info_netgroups_done()
and ipa_account_info_users_done() into a single fucntion called
ipa_account_info_done() that handles both cases
We also remove the auxiliary function ipa_account_info_complete() that
unnecessarily violates the tevent_req style and
Also do not intermix two tevent_req sequences
---
src/providers/ipa/ipa_id.c | 151 +---
1 files changed, 71 insertions(+), 80 deletions(-)
diff --git a/src/providers/ipa/ipa_id.c b/src/providers/ipa/ipa_id.c
index
f61236b965b77ca1058a14cb7e425ac2ff65723e
No functionality changes,
just make the code respect the tevent_req style and naming conventions
and enhance readability by adding some helper functions.
---
src/providers/krb5/krb5_access.c |6 +-
src/providers/krb5/krb5_auth.c | 685 --
src/provider
---
src/providers/ipa/ipa_id.c|5 +-
src/providers/ipa/ipa_id.h| 10 ++--
src/providers/ipa/ipa_subdomains_id.c | 73 +
3 files changed, 36 insertions(+), 52 deletions(-)
diff --git a/src/providers/ipa/ipa_id.c b/src/providers/ipa/ip
While I was working on an unrelated patchset I couldn't help fixing some
of the code to properly use tevent_req style and naming conventions.
This will bring this code in line with our tevent_req coding style and
hopefully make it more readable to eyes used to the tevent_req style.
It also fixes u
On Tue, 2012-11-06 at 09:09 +0100, Jakub Hrozek wrote:
> On Wed, Oct 31, 2012 at 06:37:34PM -0400, Simo Sorce wrote:
> > ---
> > src/providers/ipa/ipa_id.c | 128
> >
> > 1 files changed, 69 insertions(+), 59 deletions(-)
> >
> > diff --git a/src/pro
On Tue, 2012-11-06 at 09:09 +0100, Jakub Hrozek wrote:
> On Wed, Oct 31, 2012 at 06:37:33PM -0400, Simo Sorce wrote:
> > Also do not intermix two tevent_req sequences
> > ---
> > src/providers/ipa/ipa_id.c | 151
> > +---
> > 1 files changed, 71 insertions
On Tue, 2012-11-06 at 09:07 +0100, Jakub Hrozek wrote:
> On Wed, Oct 31, 2012 at 06:37:30PM -0400, Simo Sorce wrote:
> > While I was working on an unrelated patchset I couldn't help fixing some
> > of the code to properly use tevent_req style and naming conventions.
> >
>
> I think the krb5_auth
On Tue, 2012-11-06 at 09:08 +0100, Jakub Hrozek wrote:
> On Wed, Oct 31, 2012 at 06:37:31PM -0400, Simo Sorce wrote:
> > No functionality changes,
[..]
> > +static void krb5_auth_cache_creds(struct krb5_ctx *krb5_ctx,
> > + struct sysdb_ctx *sysdb,
> > +
On Wed 07 Nov 2012 05:07:14 AM EST, Ondrej Kos wrote:
On 11/06/2012 11:07 PM, Dmitri Pal wrote:
On 11/06/2012 02:09 PM, Simo Sorce wrote:
On Tue, 2012-11-06 at 14:00 -0500, Stephen Gallagher wrote:
On Tue 06 Nov 2012 01:54:46 PM EST, Dmitri Pal wrote:
On 11/06/2012 01:45 PM, Simo Sorce wrote:
sss_cache did not accept fully quaified domain names.
https://fedorahosted.org/sssd/ticket/1620
Patch is in attachment.
Thanks
Michal
>From cb3d5adebe44fe1ac3f7dabe3e58a8387c771685 Mon Sep 17 00:00:00 2001
From: Michal Zidek
Date: Mon, 5 Nov 2012 16:53:46 +0100
Subject: [PATCH] sss_cache: fqdn
Hi,
this series of patches fixes https://fedorahosted.org/sssd/ticket/1604 .
To be precise only 0005 is the fix for the ticket, but the others add
some necessary improvements, especially the removal of a group
membership.
bye,
Sumit
From b84d722f4924190265b89dc69b6e3bb46aafb0b3 Mon Sep 17 00:00:0
On Wed, Nov 07, 2012 at 11:45:40AM +0100, Michal Židek wrote:
> Sumit found this bug in recently added util_lock.c. See patch
> description for more details.
>
> Thanks
> Michal
>
ACK
bye,
Sumit
___
sssd-devel mailing list
sssd-devel@lists.fedorahoste
Sumit found this bug in recently added util_lock.c. See patch
description for more details.
Thanks
Michal
>From 81cb8014aaaf1406720b45cc52df95a917940e3a Mon Sep 17 00:00:00 2001
From: Michal Zidek
Date: Wed, 7 Nov 2012 11:12:36 +0100
Subject: [PATCH] util_lock.c: sss_br_lock_file accepted inva
On 11/06/2012 09:45 PM, Sumit Bose wrote:
Hi,
+
+errno_t sss_br_lock_file(int fd, size_t start, size_t len,
+ int retries, useconds_t wait)
+{
+int ret;
+struct flock lock;
+int retries_left;
+
+lock.l_type = F_WRLCK;
+lock.l_whence = SEEK_SET;
+l
On 11/06/2012 11:07 PM, Dmitri Pal wrote:
On 11/06/2012 02:09 PM, Simo Sorce wrote:
On Tue, 2012-11-06 at 14:00 -0500, Stephen Gallagher wrote:
On Tue 06 Nov 2012 01:54:46 PM EST, Dmitri Pal wrote:
On 11/06/2012 01:45 PM, Simo Sorce wrote:
• If all lists are empty, access is
21 matches
Mail list logo
