summaryrefslogtreecommitdiff
path: root/nslcd/passwd.c
AgeCommit message (Collapse)Author
2014-10-04fooLuke Shumaker
2014-05-04Make buffer size error logging consistentArthur de Jong
This adds logging of most cases where a defined buffer is not large enough to hold provided data on error log level.
2013-12-21Use dn2uid cache optionsArthur de Jong
The configuration values are used in the cache to determine positive and negative hit TTLs. This also allows completely disabling the cache.
2013-12-21Have positive and negative cache timeoutsArthur de Jong
The positive value determines the time a found entry is valid, the negative timeout determines the lifetime of not found entries.
2013-12-18Centralise buffer sizesArthur de Jong
Common buffer sizes are now stored centrally so it can be easily and consistently updated if required. Some buffers remain with locally defined sizes that do not match a global buffer size.
2013-08-28Increase password buffer sizeBersl
With the smaller buffers some password hashes would be truncated.
2013-01-12check result of set_tolist() to ensure that memory allocation problems are ↵Arthur de Jong
logged git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1911 ef36b2f9-881f-0410-afb5-c4e39611909c
2012-12-30remove the ldc_ prefix from struct ldap_config fieldsArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1887 ef36b2f9-881f-0410-afb5-c4e39611909c
2012-12-23move the action argument to NSLCD_HANDLE to the frontArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1877 ef36b2f9-881f-0410-afb5-c4e39611909c
2012-12-22update C coding style to a more commonly used styleArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1873 ef36b2f9-881f-0410-afb5-c4e39611909c
2012-12-20don't process the passwd_byuid request at all for uids < nss_min_uidArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1870 ef36b2f9-881f-0410-afb5-c4e39611909c
2012-12-16switch protocol from host byte order to network byte order and switch use of ↵Arthur de Jong
uid_t and gid_t in the protocol to int32 git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1864 ef36b2f9-881f-0410-afb5-c4e39611909c
2012-11-25move all nsswitch-parsing related functions to nsswitch.cArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1840 ef36b2f9-881f-0410-afb5-c4e39611909c
2012-11-22ensure that values are logged as unsigned numbersArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1838 ef36b2f9-881f-0410-afb5-c4e39611909c
2012-09-16fix problem storing negative hit to dn2uid cache (thanks scan-build)Arthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1771 ef36b2f9-881f-0410-afb5-c4e39611909c
2012-09-15only check nsswitch.conf for shadow mapping on glibc (Solaris shadow map ↵Arthur de Jong
follows passwd's mapping and FreeBSD doesn't have shadow at all) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1768 ef36b2f9-881f-0410-afb5-c4e39611909c
2012-09-14grow all search filter buffers to 4096 bytes (thanks flavio)Arthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1763 ef36b2f9-881f-0410-afb5-c4e39611909c
2012-05-20implement extra range checking of all numeric valuesArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1694 ef36b2f9-881f-0410-afb5-c4e39611909c
2012-03-13make whether or not to do case-sensitive filtering configurable (patch by ↵Arthur de Jong
Matthew L. Dailey) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1634 ef36b2f9-881f-0410-afb5-c4e39611909c
2011-11-30ensure that /etc/nsswitch.conf is only loaded once after start-upArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1557 ef36b2f9-881f-0410-afb5-c4e39611909c
2011-09-30Use an explicit base of 10 for strtouid()/strtogid()/strtol() callsJakub Hrozek
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1547 ef36b2f9-881f-0410-afb5-c4e39611909c
2011-09-09make validation log messages consistentArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1542 ef36b2f9-881f-0410-afb5-c4e39611909c
2011-09-08grow gecos buffer size and consistency improvements to other buffersArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1540 ef36b2f9-881f-0410-afb5-c4e39611909c
2011-08-27provide strtouid() and strtogid() functions that use strtoul() or strtoull() ↵Arthur de Jong
(thanks Jakub Hrozek) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1524 ef36b2f9-881f-0410-afb5-c4e39611909c
2011-08-27check errno after calls to strtol() to ensure that numbers that are too ↵Arthur de Jong
large for type will be reported (thanks Jakub Hrozek) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1523 ef36b2f9-881f-0410-afb5-c4e39611909c
2011-08-09check nsswitch.conf mtime to see whether file should be reloadedArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1495 ef36b2f9-881f-0410-afb5-c4e39611909c
2011-08-05check whether the NSS shadow map queries LDAP before returning x as a ↵Arthur de Jong
password has for shadow users git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1487 ef36b2f9-881f-0410-afb5-c4e39611909c
2011-08-05implementation of myldap_get_values_len() to use ldap_get_values_len() ↵Arthur de Jong
instead of ldap_get_values() to fix some problems with binary data in returned attribute values (patch by Wesley Mason) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1485 ef36b2f9-881f-0410-afb5-c4e39611909c
2011-07-02make buffer sizes consistent, grow gidNumber buffer to hold larger numbers ↵Arthur de Jong
and small consistency improvements git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1476 ef36b2f9-881f-0410-afb5-c4e39611909c
2011-04-15provide replacement implementation for strndup() for systems that don't have itArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1427 ef36b2f9-881f-0410-afb5-c4e39611909c
2011-04-15support using the objectSid attribute to provide numeric user and group ids, ↵Arthur de Jong
based on a patch by Wesley Mason git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1425 ef36b2f9-881f-0410-afb5-c4e39611909c
2011-04-03make user and group name validation errors a little more informativeArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1423 ef36b2f9-881f-0410-afb5-c4e39611909c
2011-03-09properly handle user-not-found errors when doing authentication (CVE-2011-0438)Arthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1382 ef36b2f9-881f-0410-afb5-c4e39611909c
2010-12-28allow attribute mapping with an expression for the userPassword attribute ↵Arthur de Jong
for passwd, group and shadow entries and by default map it to the unmatchable password ("*") to avoid accidentally leaking password information git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1346 ef36b2f9-881f-0410-afb5-c4e39611909c
2010-12-20implement a nss_min_uid option to filter user entries returned by LDAPArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1338 ef36b2f9-881f-0410-afb5-c4e39611909c
2010-11-17return correct PAM status code for when LDAP server is unavailable (based on ↵Arthur de Jong
a patch by Pierre Gambarotto) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1315 ef36b2f9-881f-0410-afb5-c4e39611909c
2010-11-07log the request with any logged messagesArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1301 ef36b2f9-881f-0410-afb5-c4e39611909c
2010-11-04avoid unneeded strdup()s by using a passed buffer to lookup_dn2uid() and ↵Arthur de Jong
using strcmp() in dn2uid() to see if the existing cached value is ok git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1297 ef36b2f9-881f-0410-afb5-c4e39611909c
2010-11-04fix race condition that could cause a memory leakArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1296 ef36b2f9-881f-0410-afb5-c4e39611909c
2010-05-07tune some buffer sizes and small cleanupsArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1087 ef36b2f9-881f-0410-afb5-c4e39611909c
2010-04-13also have myldap_search() return an LDAP status codeArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1078 ef36b2f9-881f-0410-afb5-c4e39611909c
2009-12-28implement attribute mapping using shell-like expressionsArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1041 ef36b2f9-881f-0410-afb5-c4e39611909c
2009-11-01give search filter escaping buffers more logical namesArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1014 ef36b2f9-881f-0410-afb5-c4e39611909c
2009-08-31rename software to nss-pam-ldapdArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@978 ef36b2f9-881f-0410-afb5-c4e39611909c
2009-08-12don't return password hashes at all for non-root users, based on a patch by ↵Arthur de Jong
Alexander V. Chernikov <melifaro@ipfw.ru> git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@969 ef36b2f9-881f-0410-afb5-c4e39611909c
2009-06-29fix off by one error in the maximum number of uidNumber attributes in an ↵Arthur de Jong
LDAP entry (thanks to David Binderman for finding this) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@956 ef36b2f9-881f-0410-afb5-c4e39611909c
2009-06-06implement case-sensitive filtering for group, netgroup, passwd, protocols, ↵Arthur de Jong
rpc, services and shadow lookups git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@934 ef36b2f9-881f-0410-afb5-c4e39611909c
2009-06-03make lookup_dn2uid() available to other modules and split uid2dn() into ↵Arthur de Jong
uid2entry() and uid2dn() (from nss-pam-ldapd branch) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@922 ef36b2f9-881f-0410-afb5-c4e39611909c
2009-05-29refactor protocol reading and writing macros to the common directory, use ↵Arthur de Jong
more logical names and in the PAM module no longer use NSS status codes (import of r887 from nss-pam-ldapd) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@904 ef36b2f9-881f-0410-afb5-c4e39611909c
2009-05-24initialise database modules only once after parsing configArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@893 ef36b2f9-881f-0410-afb5-c4e39611909c
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2025-08-09 22:04:13 +0000