summaryrefslogtreecommitdiff
path: root/nslcd/shadow.c
AgeCommit message (Collapse)Author
2014-10-04fooLuke Shumaker
2014-05-04Make buffer size error logging consistentArthur de Jong
This adds logging of most cases where a defined buffer is not large enough to hold provided data on error log level.
2014-01-25Update shadow.c to resolve pwdLastSet issuejoshuashire
We read the date into the buffer to the specified length to get it to the Unix time (i.e. seconds) from its AD value of nanoseconds, then convert it to days for shadow. If we use date rather than buffer we end up trying to convert the original nanosecond value.
2013-12-18Centralise buffer sizesArthur de Jong
Common buffer sizes are now stored centrally so it can be easily and consistently updated if required. Some buffers remain with locally defined sizes that do not match a global buffer size.
2013-08-28Increase password buffer sizeBersl
With the smaller buffers some password hashes would be truncated.
2013-08-21Return partial shadow information to non-root usersArthur de Jong
This also returns everything except the password hash from the shadow database to non-root users (nothing was returned before). This allows non-root users to do PAM authentication in some configurations. On some systems there is a setgid executable that is allowed to read /etc/shadow for authentication by e.g. screensavers. Returning no shadow information will cause pam_unix to deny authorisation in common configurations. See: http://bugs.debian.org/706913
2013-03-01move update_lastchange() function from shadow to pam codeArthur de Jong
2013-01-12check result of set_tolist() to ensure that memory allocation problems are ↵Arthur de Jong
logged git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1911 ef36b2f9-881f-0410-afb5-c4e39611909c
2012-12-30remove the ldc_ prefix from struct ldap_config fieldsArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1887 ef36b2f9-881f-0410-afb5-c4e39611909c
2012-12-23move the action argument to NSLCD_HANDLE to the frontArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1877 ef36b2f9-881f-0410-afb5-c4e39611909c
2012-12-22update C coding style to a more commonly used styleArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1873 ef36b2f9-881f-0410-afb5-c4e39611909c
2012-09-14grow all search filter buffers to 4096 bytes (thanks flavio)Arthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1763 ef36b2f9-881f-0410-afb5-c4e39611909c
2012-05-20implement extra range checking of all numeric valuesArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1694 ef36b2f9-881f-0410-afb5-c4e39611909c
2012-03-13make whether or not to do case-sensitive filtering configurable (patch by ↵Arthur de Jong
Matthew L. Dailey) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1634 ef36b2f9-881f-0410-afb5-c4e39611909c
2011-09-30Use an explicit base of 10 for strtouid()/strtogid()/strtol() callsJakub Hrozek
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1547 ef36b2f9-881f-0410-afb5-c4e39611909c
2011-09-09make validation log messages consistentArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1542 ef36b2f9-881f-0410-afb5-c4e39611909c
2011-08-27check errno after calls to strtol() to ensure that numbers that are too ↵Arthur de Jong
large for type will be reported (thanks Jakub Hrozek) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1523 ef36b2f9-881f-0410-afb5-c4e39611909c
2011-07-02make buffer sizes consistent, grow gidNumber buffer to hold larger numbers ↵Arthur de Jong
and small consistency improvements git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1476 ef36b2f9-881f-0410-afb5-c4e39611909c
2011-04-30check shadow properties (similarly to what pam_unix does) in the PAM ↵Arthur de Jong
handling code git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1446 ef36b2f9-881f-0410-afb5-c4e39611909c
2011-04-30move code for getting shadow expiry properties to a separate functionArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1442 ef36b2f9-881f-0410-afb5-c4e39611909c
2011-04-29set maxdays to -1 to indicate no expiry (instead of a long time)Arthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1439 ef36b2f9-881f-0410-afb5-c4e39611909c
2011-03-23fix descriptions of filesArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1405 ef36b2f9-881f-0410-afb5-c4e39611909c
2010-12-28allow attribute mapping with an expression for the userPassword attribute ↵Arthur de Jong
for passwd, group and shadow entries and by default map it to the unmatchable password ("*") to avoid accidentally leaking password information git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1346 ef36b2f9-881f-0410-afb5-c4e39611909c
2010-12-26try to update the shadowLastChange attribute of a user on password change ↵Arthur de Jong
(the update is only tried if the attribute is present to begin with) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1345 ef36b2f9-881f-0410-afb5-c4e39611909c
2010-11-07log the request with any logged messagesArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1301 ef36b2f9-881f-0410-afb5-c4e39611909c
2010-05-07tune some buffer sizes and small cleanupsArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1087 ef36b2f9-881f-0410-afb5-c4e39611909c
2009-12-28implement attribute mapping using shell-like expressionsArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1041 ef36b2f9-881f-0410-afb5-c4e39611909c
2009-12-27fix log messageArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1036 ef36b2f9-881f-0410-afb5-c4e39611909c
2009-11-01give search filter escaping buffers more logical namesArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1014 ef36b2f9-881f-0410-afb5-c4e39611909c
2009-08-31rename software to nss-pam-ldapdArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@978 ef36b2f9-881f-0410-afb5-c4e39611909c
2009-06-06implement case-sensitive filtering for group, netgroup, passwd, protocols, ↵Arthur de Jong
rpc, services and shadow lookups git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@934 ef36b2f9-881f-0410-afb5-c4e39611909c
2009-05-29refactor protocol reading and writing macros to the common directory, use ↵Arthur de Jong
more logical names and in the PAM module no longer use NSS status codes (import of r887 from nss-pam-ldapd) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@904 ef36b2f9-881f-0410-afb5-c4e39611909c
2009-05-24initialise database modules only once after parsing configArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@893 ef36b2f9-881f-0410-afb5-c4e39611909c
2009-05-24support multiple search bases, partially based on a patch by Leigh Wedding ↵Arthur de Jong
<lwedding@bigpond.com> git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@892 ef36b2f9-881f-0410-afb5-c4e39611909c
2009-04-19clear up protocol description in nslcd.h, renaming NSLCD_RESULT_SUCCESS to ↵Arthur de Jong
NSLCD_RESULT_BEGIN git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@834 ef36b2f9-881f-0410-afb5-c4e39611909c
2008-04-05partial support for reading AD date format for pwdLastSet attributeArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@657 ef36b2f9-881f-0410-afb5-c4e39611909c
2007-12-31fix incorrect references to attribute map entriesArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@545 ef36b2f9-881f-0410-afb5-c4e39611909c
2007-12-20rewrite GET_OPTIONAL_DATE() as an extension to GET_OPTIONAL_LONG()Arthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@505 ef36b2f9-881f-0410-afb5-c4e39611909c
2007-12-09switch to new LDAP entry parsing code that is much simpler and more readableArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@488 ef36b2f9-881f-0410-afb5-c4e39611909c
2007-10-28first step to use the new myldap interfaceArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@468 ef36b2f9-881f-0410-afb5-c4e39611909c
2007-09-15do not pass useless errnos around because they aren't used anymoreArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@404 ef36b2f9-881f-0410-afb5-c4e39611909c
2007-09-14move the two remaining useful functions from util.c to ldap-nss.cArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@400 ef36b2f9-881f-0410-afb5-c4e39611909c
2007-09-14do not flush streams: our caller closes the streams flusing themArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@396 ef36b2f9-881f-0410-afb5-c4e39611909c
2007-09-14make use of write_*ent() functions consistentArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@395 ef36b2f9-881f-0410-afb5-c4e39611909c
2007-09-14remove mutex from all LDAP operations because we now have a session and a ↵Arthur de Jong
connection per thread git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@392 ef36b2f9-881f-0410-afb5-c4e39611909c
2007-09-14get rid of global session and instead pass the session as a parameter with ↵Arthur de Jong
every request and allocate a session per thread git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@391 ef36b2f9-881f-0410-afb5-c4e39611909c
2007-09-08move base and scope handling to database specific modules, gettting rid of ↵Arthur de Jong
ldap_service_search_descriptor git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@384 ef36b2f9-881f-0410-afb5-c4e39611909c
2007-09-08move filters definitions to the database modules themselves (and already ↵Arthur de Jong
define base and scope but don't use them yet) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@383 ef36b2f9-881f-0410-afb5-c4e39611909c
2007-09-07make handling of ent_context consistent and simplerArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@382 ef36b2f9-881f-0410-afb5-c4e39611909c
2007-09-07properly initialize all contextsArthur de Jong
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@381 ef36b2f9-881f-0410-afb5-c4e39611909c
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2025-08-08 23:23:31 +0000