Age | Commit message (Collapse) | Author | |
---|---|---|---|
2013-04-30 | ignore SIGPIPE so we don't fall over if an ldap connection breaks | Jonathan Matthew | |
ok dlg@ | |||
2013-03-06 | as done in ospf{,6}d/relayd, sync yyerror in various other daemons with | Stuart Henderson | |
that from bgpd, so that it logs to syslog when daemonized. | |||
2012-04-30 | Use paged searches so we can handle larger directories. Servers that don't | Jonathan Matthew | |
understand paging, such as ldapd(8), ignore it and return a single set of results as before. from Jim Smith, some tweaks and fixes by me, ok dlg@ | |||
2012-04-30 | add 'groupdn' option for specifying a separate base DN for group searches. | Jonathan Matthew | |
from Jim Smith, ok dlg@ | |||
2012-04-24 | take a stab at documenting when arguments need quoted, and valid macro | Jason McIntyre | |
characters; prompted by a diff from robert peichaer org thanks gilles and henning for feedback ok deraadt zinke | |||
2012-03-16 | don't leak ypldap_addr structures when doing dns lookups | Jonathan Matthew | |
ok dlg@ | |||
2012-03-15 | Accept empty/nonexistant ldap attributes when we want a list. This allows | Jonathan Matthew | |
empty groups to show up, which is helpful if they're used as primary groups. ok dlg@ | |||
2012-03-15 | don't leak ue_netid_line when freeing the old user tree | Jonathan Matthew | |
ok dlg@ | |||
2012-03-10 | ldap doesnt necessarily do referential checks on the users in a | David Gwynne | |
group, so it is possible for them to list users that dont exist as members. they should just skip such entries instead of fail horribly. diff from jim smith ok aschrijver@ | |||
2011-08-28 | Use the correct terminology, replace the term "entry" with the term ↵ | aschrijver | |
"attribute" where applicable. OK martinh@ pyr@ | |||
2011-08-28 | Add support for the netid.byname YP map. This map is used by getgrouplist(3), | aschrijver | |
which is used by (amongst other things) initgroups(3) to set the supplemantary groups on login. OK pyr@ | |||
2011-07-07 | Install a default ypldap.conf(5) based on the one from the man page | Antoine Jacoutot | |
(which we remove now) with a couple of tweaks; use the same base DN and admin user as our default ldap.conf(5). | |||
2011-04-06 | Avoid using NULL in non-pointer contexts: use 0 for integer values and '\0' | Miod Vallat | |
for chars. | |||
2011-01-17 | Refactor ldap searches for passwd and group queries into a common | Martin Hedenfal | |
client_search_idm function. ok pyr@ | |||
2011-01-17 | extract common code for building the idm_req struct for passwords | Martin Hedenfal | |
and groups in a new function client_build_req ok pyr@ CV: ---------------------------------------------------------------------- | |||
2011-01-13 | Remove forward declarations of non-existant functions. | Martin Hedenfal | |
ok pyr@ | |||
2011-01-13 | Remove double 'to' in comment, ok pyr@ | Martin Hedenfal | |
2011-01-13 | Log match requests at debug level. | Martin Hedenfal | |
ok pyr@ | |||
2011-01-13 | Extract common preparation of key in ypmatch handling, and check the | Martin Hedenfal | |
argument length. ok pyr@ | |||
2010-11-20 | clean up cases of ;; | Theo de Raadt | |
2010-10-11 | zap unused definitions | Pierre-Yves Ritschard | |
2010-08-03 | fix linecount bug with comments spanning multiple lines | Henning Brauer | |
problem reported with the obvious fix for bgpd by Sebastian Benoit <benoit-lists at fb12.de>, also PR 6432 applied to all the others by yours truly. ok theo isn't it amazing how far this parser (and more) spread? | |||
2010-08-03 | Fix a leak in ypldap. Found (and correct diff) from | Pierre-Yves Ritschard | |
plalonde (at) overnet.qc.ca Prompted by deraadt@ | |||
2010-07-21 | Search filter BER tags use a context-specific class, not an application | Martin Hedenfal | |
class. This allows ypldap to talk to ldapd, which otherwise refuses the search filter. ok gilles@ | |||
2010-07-21 | fix NULL-deref, ok martinh@ | Gilles Chehade | |
2010-07-09 | use macro defines for magical numbers, instead hardcoded values | zinovik | |
ok krw@ | |||
2010-07-05 | original `for' loop has bug `use after free'. At first iteration we are | zinovik | |
checking h != NULL, then we free(h) and then we do `h = h->next', but `h' is not valid anymore. ok @krw | |||
2010-06-14 | Fixes unlinking the first element inside a set or a sequence, and | Martin Hedenfal | |
fix reading empty sequences/sets. This minimizes the changes against ldapd. "looks good" pyr@, ok reyk@ | |||
2010-06-14 | fix a memory leak, from aschrivjer | Pierre-Yves Ritschard | |
2010-06-12 | at line 445 `al' is allocated via `aldap_init' in `client_aldap_open' | zinovik | |
function, but when further in code we might do `goto bad', `al' is not freed with `aldap_close', so plug memory leak on error path tested by jasper@ ok pyr@, jasper@ | |||
2010-06-08 | ber_calc_len() is not an internal function, so adjust the comment. | Martin Hedenfal | |
from Dawe | |||
2010-06-03 | Don't hardcode /bin/ksh in the example, but use "loginShell" instead. | Antoine Jacoutot | |
ok pyr@ | |||
2010-05-26 | Move imsg into libutil and add a man page. | Nicholas Marriott | |
Minor bump for libutil. Previous versions of this diff and man page looked at by various people. "you should just commit" deraadt | |||
2010-05-26 | Rename some imsg bits to make namespace collisions less likely buf to | Nicholas Marriott | |
ibuf, buf_read to ibuf_read, READ_BUF_SIZE to IBUF_READ_SIZE. ok henning gilles claudio jacekm deraadt | |||
2010-05-24 | now that we can handle >9 args, put "-D name=value" on one line: it's a bit | Jason McIntyre | |
more readable, and fixes a spacing bug we had in smtpd.8; | |||
2010-05-06 | Use YPMAXRECORD instead of _PW_NAME_LEN here too. | Antoine Jacoutot | |
ok robert@ pyr@ | |||
2010-04-28 | - plug memleak (in #if 0'd code) | Jasper Lievisse Adriaanse | |
ok pyr@ | |||
2010-04-27 | imsg.h does not need sys/tree.h. | Nicholas Marriott | |
ok eric | |||
2010-04-07 | Remove XXX comment and just close received fd if calloc() fails. | Nicholas Marriott | |
If this happens the imsg may no longer be usable as there may be queued messages, but this is a) already the case with the code now, and b) would be the case if recvmsg() fails anyway, so we can document that -1 from imsg_read() invalidates the struct imsgbuf. discussed with and ok eric | |||
2010-04-01 | fix fatal calls, that they will report function names from which they are | zinovik | |
called, in case of failure developer will be digging for a bug in wrong place ok krw@, pyr@ | |||
2010-02-24 | match code and doc; ok claudio | Jason McIntyre | |
2010-02-23 | Fix .Oo .Xo .Oc .Xc mis-nesting by just dropping the .Xo and .Xc which, | Ingo Schwarze | |
in these cases, is useless anyway. Found by and fixing the build with mandoc; still fine with both old and new groff. ok jmc@ | |||
2010-02-07 | A few visual cleanups, and clarify a comment. | Bret Lambert | |
Also: for (i = 0; i >= 0 && foo; i++) is functionally equivalent to: for (i = 0; foo; i++) so use the clearer construct where appropriate. ok pyr@ | |||
2010-02-06 | Simplify LDAP URL handling (currently unused): | Bret Lambert | |
instead of strdup()'ing multiple values from an already strdup'ed buffer (none of which were checked for NULL upon return, which is also fixed in this), just use a buffer attached to the aldap_url struct. Add an aldap_search_url() function, which is a wrapper around aldap_parse_url and aldap_search. Finally, since the URL bits are unused, wrap them in #if 0 for now. ok pyr@, whose heart was a little broken by the #if 0 (temporary, I swear!) | |||
2010-01-02 | The .Rs macro must be followed by .Re, and empty .Rs is useless anyway. | Ingo Schwarze | |
Markup syntax error found by mandoc(1), also required to fix the mandoc build. ok jmc@ sobrado@ | |||
2009-12-19 | - "cost" is not a good example of a macro name; from Rogier Krieger | Jason McIntyre | |
- zap an unneccessary .Pp whilst here | |||
2009-12-16 | knf and unused variables | Theo de Raadt | |
2009-11-12 | accessses 1 entry too far, found by parfait, ok jsg claudio | Theo de Raadt | |
2009-10-10 | The YP protocol permits any string to be at least as long as | Robert Nagy | |
YPMAXRECORD, so use that instead of _PW_NAME_LEN. with help from deraadt@ | |||
2009-09-15 | Enclose repeated buffer draining code in a new msgbuf_drain() | Jacek Masiulaniec | |
function, which is additionally exported for use by others. It will be needed by smtpd's SSL module when the SMTP client code is changed to replace libevent's evbuffers with our msgbuf_* API. ok gilles@ henning@ guenther@ eric@ |