summaryrefslogtreecommitdiff
path: root/usr.sbin/ypldap
AgeCommit message (Collapse)Author
2013-04-30ignore SIGPIPE so we don't fall over if an ldap connection breaksJonathan Matthew
ok dlg@
2013-03-06as done in ospf{,6}d/relayd, sync yyerror in various other daemons withStuart Henderson
that from bgpd, so that it logs to syslog when daemonized.
2012-04-30Use paged searches so we can handle larger directories. Servers that don'tJonathan Matthew
understand paging, such as ldapd(8), ignore it and return a single set of results as before. from Jim Smith, some tweaks and fixes by me, ok dlg@
2012-04-30add 'groupdn' option for specifying a separate base DN for group searches.Jonathan Matthew
from Jim Smith, ok dlg@
2012-04-24take a stab at documenting when arguments need quoted, and valid macroJason McIntyre
characters; prompted by a diff from robert peichaer org thanks gilles and henning for feedback ok deraadt zinke
2012-03-16don't leak ypldap_addr structures when doing dns lookupsJonathan Matthew
ok dlg@
2012-03-15Accept empty/nonexistant ldap attributes when we want a list. This allowsJonathan Matthew
empty groups to show up, which is helpful if they're used as primary groups. ok dlg@
2012-03-15don't leak ue_netid_line when freeing the old user treeJonathan Matthew
ok dlg@
2012-03-10ldap doesnt necessarily do referential checks on the users in aDavid Gwynne
group, so it is possible for them to list users that dont exist as members. they should just skip such entries instead of fail horribly. diff from jim smith ok aschrijver@
2011-08-28Use the correct terminology, replace the term "entry" with the term ↵aschrijver
"attribute" where applicable. OK martinh@ pyr@
2011-08-28Add support for the netid.byname YP map. This map is used by getgrouplist(3),aschrijver
which is used by (amongst other things) initgroups(3) to set the supplemantary groups on login. OK pyr@
2011-07-07Install a default ypldap.conf(5) based on the one from the man pageAntoine Jacoutot
(which we remove now) with a couple of tweaks; use the same base DN and admin user as our default ldap.conf(5).
2011-04-06Avoid using NULL in non-pointer contexts: use 0 for integer values and '\0'Miod Vallat
for chars.
2011-01-17Refactor ldap searches for passwd and group queries into a commonMartin Hedenfal
client_search_idm function. ok pyr@
2011-01-17extract common code for building the idm_req struct for passwordsMartin Hedenfal
and groups in a new function client_build_req ok pyr@ CV: ----------------------------------------------------------------------
2011-01-13Remove forward declarations of non-existant functions.Martin Hedenfal
ok pyr@
2011-01-13Remove double 'to' in comment, ok pyr@Martin Hedenfal
2011-01-13Log match requests at debug level.Martin Hedenfal
ok pyr@
2011-01-13Extract common preparation of key in ypmatch handling, and check theMartin Hedenfal
argument length. ok pyr@
2010-11-20clean up cases of ;;Theo de Raadt
2010-10-11zap unused definitionsPierre-Yves Ritschard
2010-08-03fix linecount bug with comments spanning multiple linesHenning Brauer
problem reported with the obvious fix for bgpd by Sebastian Benoit <benoit-lists at fb12.de>, also PR 6432 applied to all the others by yours truly. ok theo isn't it amazing how far this parser (and more) spread?
2010-08-03Fix a leak in ypldap. Found (and correct diff) fromPierre-Yves Ritschard
plalonde (at) overnet.qc.ca Prompted by deraadt@
2010-07-21Search filter BER tags use a context-specific class, not an applicationMartin Hedenfal
class. This allows ypldap to talk to ldapd, which otherwise refuses the search filter. ok gilles@
2010-07-21fix NULL-deref, ok martinh@Gilles Chehade
2010-07-09use macro defines for magical numbers, instead hardcoded valueszinovik
ok krw@
2010-07-05original `for' loop has bug `use after free'. At first iteration we arezinovik
checking h != NULL, then we free(h) and then we do `h = h->next', but `h' is not valid anymore. ok @krw
2010-06-14Fixes unlinking the first element inside a set or a sequence, andMartin Hedenfal
fix reading empty sequences/sets. This minimizes the changes against ldapd. "looks good" pyr@, ok reyk@
2010-06-14fix a memory leak, from aschrivjerPierre-Yves Ritschard
2010-06-12at line 445 `al' is allocated via `aldap_init' in `client_aldap_open'zinovik
function, but when further in code we might do `goto bad', `al' is not freed with `aldap_close', so plug memory leak on error path tested by jasper@ ok pyr@, jasper@
2010-06-08ber_calc_len() is not an internal function, so adjust the comment.Martin Hedenfal
from Dawe
2010-06-03Don't hardcode /bin/ksh in the example, but use "loginShell" instead.Antoine Jacoutot
ok pyr@
2010-05-26Move imsg into libutil and add a man page.Nicholas Marriott
Minor bump for libutil. Previous versions of this diff and man page looked at by various people. "you should just commit" deraadt
2010-05-26Rename some imsg bits to make namespace collisions less likely buf toNicholas Marriott
ibuf, buf_read to ibuf_read, READ_BUF_SIZE to IBUF_READ_SIZE. ok henning gilles claudio jacekm deraadt
2010-05-24now that we can handle >9 args, put "-D name=value" on one line: it's a bitJason McIntyre
more readable, and fixes a spacing bug we had in smtpd.8;
2010-05-06Use YPMAXRECORD instead of _PW_NAME_LEN here too.Antoine Jacoutot
ok robert@ pyr@
2010-04-28- plug memleak (in #if 0'd code)Jasper Lievisse Adriaanse
ok pyr@
2010-04-27imsg.h does not need sys/tree.h.Nicholas Marriott
ok eric
2010-04-07Remove XXX comment and just close received fd if calloc() fails.Nicholas Marriott
If this happens the imsg may no longer be usable as there may be queued messages, but this is a) already the case with the code now, and b) would be the case if recvmsg() fails anyway, so we can document that -1 from imsg_read() invalidates the struct imsgbuf. discussed with and ok eric
2010-04-01fix fatal calls, that they will report function names from which they arezinovik
called, in case of failure developer will be digging for a bug in wrong place ok krw@, pyr@
2010-02-24match code and doc; ok claudioJason McIntyre
2010-02-23Fix .Oo .Xo .Oc .Xc mis-nesting by just dropping the .Xo and .Xc which,Ingo Schwarze
in these cases, is useless anyway. Found by and fixing the build with mandoc; still fine with both old and new groff. ok jmc@
2010-02-07A few visual cleanups, and clarify a comment.Bret Lambert
Also: for (i = 0; i >= 0 && foo; i++) is functionally equivalent to: for (i = 0; foo; i++) so use the clearer construct where appropriate. ok pyr@
2010-02-06Simplify LDAP URL handling (currently unused):Bret Lambert
instead of strdup()'ing multiple values from an already strdup'ed buffer (none of which were checked for NULL upon return, which is also fixed in this), just use a buffer attached to the aldap_url struct. Add an aldap_search_url() function, which is a wrapper around aldap_parse_url and aldap_search. Finally, since the URL bits are unused, wrap them in #if 0 for now. ok pyr@, whose heart was a little broken by the #if 0 (temporary, I swear!)
2010-01-02The .Rs macro must be followed by .Re, and empty .Rs is useless anyway.Ingo Schwarze
Markup syntax error found by mandoc(1), also required to fix the mandoc build. ok jmc@ sobrado@
2009-12-19- "cost" is not a good example of a macro name; from Rogier KriegerJason McIntyre
- zap an unneccessary .Pp whilst here
2009-12-16knf and unused variablesTheo de Raadt
2009-11-12accessses 1 entry too far, found by parfait, ok jsg claudioTheo de Raadt
2009-10-10The YP protocol permits any string to be at least as long asRobert Nagy
YPMAXRECORD, so use that instead of _PW_NAME_LEN. with help from deraadt@
2009-09-15Enclose repeated buffer draining code in a new msgbuf_drain()Jacek Masiulaniec
function, which is additionally exported for use by others. It will be needed by smtpd's SSL module when the SMTP client code is changed to replace libevent's evbuffers with our msgbuf_* API. ok gilles@ henning@ guenther@ eric@