[INI] Patches for ding-libs: Merging config sections, handling metadata, remaining Coverity issues...
by Dmitri Pal
Please see the attached patches. I tried to split the patches logically
into manageable sets.
Unfortunately I made a minor mistake and I am afraid I will do something
wrong to fix it.
I merged two wrong patches. Fortunately it was three liner with 1 liner
so it is not a big of the deal but I am really scared that I will do
something wrong and loose the work I have done.
So I hope it is Ok to send it as is.
0001--INI-Making-Coverity-happy.patch <- this is the patch I submitted
earlier that I merged by mistake. I was supposed to merge it with patch
25 but picked the wrong one instead.
Patch 25 addresses the real issue found by Coverity as mentioned in
Stephen's review mail but it did not apply cleanly since it relies on
some code from the patches in the middle.
0002--INI-Adding-missing-function-declararion.patch <- this is the
patch that was rejected from the second set sent earlier. Fixed
according to review comment.
0003--BUILD-Allow-trace-per-component.patch <- This patch allows tracing
per component
The following set of patches introduces the merging of sections during
the reading of the file:
0004--INI-New-error-codes-and-messages.patch
0005--INI-New-merge-flags.patch
0006--INI-Add-new-vars-to-parse-structure.patch
0007--INI-Add-save_error-function.patch
0008--INI-Change-parse_error-to-use-save_error.patch
0009--INI-Preparing-for-merging-sections.patch
0010--INI-Enhance-value-processing.patch
0011--INI-Use-section-line-number.patch
0012--INI-Refactor-section-processing.patch
0013--INI-Return-error-in-DETECT-mode.patch
0014--INI-New-test-files-for-section-merge.patch
0015--INI-Test-DETECT-mode-and-use-new-file.patch
0016--INI-Test-for-all-section-merge-modes.patch
Patches related porting of the meta data from old way of doing things to
the new way of doing things:
0017--INI-Separate-close-and-destroy.patch
0018--INI-Function-to-reopen-file.patch
0019--INI-Metadata-collection-is-gone.patch
0020--INI-Check-access-function.patch
0021--INI-Avoid-double-free.patch <- patch related to 17 (missed check)
0022--INI-Function-to-check-for-changes.patch
0023--INI-Tests-for-access-and-changes.patch
0024--INI-Rename-error-print-function.patch <- rename error printing
function for consistency with new interface
0025--INI-Initialize-variables-in-loops.patch <- Coverity issue
addressed. Related to patch 0001.
0026--INI-Exposing-functions.patch <- Make some internal functions reusable
There is also patch 27. It is a piece of new functionality. It is a
preview. Please see the comment before reviewing it.
Do I need to split it into multiple patches or it is Ok as is? It is
pretty big but all changes are in one file and logically related.
The UNIT test is missing so I am not claiming it actually works as
expected.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IPA project,
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
11 years, 5 months
[PATCH] Last USN patches
by Jan Zelený
I'm sending two patches related to the last USN detection (ticket #734). I did
some testing and they seem to work just fine. The only thing I'm not sure about
is if I got right what Simo exactly meant by the ticket, but I hope I got it
right.
Thanks
Jan
12 years, 4 months
[PATCH] Select principal for GSSAPI authentication
by Jan Zelený
I'm sending two patches solving selection of appropriate principal for GSSAPI
authentication from keytab file.
A part of the first patch is a fix of an error present in the documentation. I
did that early in the development phase of the patch and I didn't want to
tamper with the finished patch any more. Sorry for this inconsistency.
Jan
12 years, 5 months
[PATCH] Fall back to cn if gecos is not available
by Stephen Gallagher
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
We were not fully compliant with section 5.3 of RFC 2307 which
states:
An account's GECOS field is preferably determined by a value of the
gecos attribute. If no gecos attribute exists, the value of the cn
attribute MUST be used. (The existence of the gecos attribute allows
information embedded in the GECOS field, such as a user's telephone
number, to be returned to the client without overloading the cn
attribute. It also accommodates directories where the common name
does not contain the user's full name.)
Fixes https://fedorahosted.org/sssd/ticket/703
- --
Stephen Gallagher
RHCE 804006346421761
Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk2SMBgACgkQeiVVYja6o6OzmwCeNqCsQq1AQUQiVR+nVeXJqMGv
3HUAoKClxslcIUvI5aYwPLqApp+UAmlT
=seDS
-----END PGP SIGNATURE-----
12 years, 6 months
[PATCHES] Do not leave a transaction open on errors in RFC2307 group processing
by Stephen Gallagher
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Fixes https://fedorahosted.org/sssd/ticket/827
Patch 0001: Always complete the transaction in
sdap_process_group_members_2307
If the loop ran through at least one
sdap_process_missing_member_2307() call and errored out later, we
were not canceling the transaction.
Patch 0002: Ignore zero-length member names in group lookups
RFC2307bis and IPA schemas were unaffected.
- --
Stephen Gallagher
RHCE 804006346421761
Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk2MzEMACgkQeiVVYja6o6O2AQCaAwfy3vFQoICfkbMxG2/Pw0ew
fwUAn0X8chIGvD06JiMoQPRNXpQVG4fd
=fiLW
-----END PGP SIGNATURE-----
12 years, 6 months
Announcing the release of SSSD 1.5.4
by Stephen Gallagher
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The SSSD team is proud to announce the release of the version 1.5.4
bugfix release of the System Security Services Daemon.
As always, it can be downloaded at https://fedorahosted.org/sssd
== Highlights ==
* Fixes for Active Directory when not all users and groups have POSIX
attributes
* Fixes for handling users and groups that have name aliases (aliases
are ignored)
* Fix group memberships after initgroups in the IPA provider
== Detailed Changelog ==
Jakub Hrozek (4):
* Fix LDAP search filter for nested initgroups
* Add originalDN to fake groups
* Use fake groups during IPA schema initgroups
* Return from functions in LDAP provider after marking request as failed
Stephen Gallagher (19):
* Update version to 1.5.4
* Require existence of GID number and name in group searches
* Require existence of username, uid and gid for user enumeration
* Add support for krb5 access provider to SSSDConfig API
* Fix incorrect return value check
* Create sysdb_get_rdn() function
* Add sysdb_attrs_primary_name()
* Ignore aliases for users
* RFC2307: Ignore aliases for groups
* RFC2307bis: Ignore aliases for groups
* Use sysdb_attrs_primary_name() in sdap_initgr_nested_store_group
* Add sysdb_attrs_primary_name_list() routine
* Don't crash if we get a multivalued name without an origDN
* Don't crash on error if _name parameter unspecified
* Check result of talloc_strdup() properly
* sss_obfuscate: Avoid traceback on ctrl+d
* sss_obfuscate: abort on ctrl+c
* Add transifex_client configuration
* Adding new translations
Sumit Bose (1):
* Sanitize DN when searching the original DN in the cache
- --
Stephen Gallagher
RHCE 804006346421761
Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk2LlvUACgkQeiVVYja6o6OSzQCdG5ihYRqwTcUf0JhELK6DTsPT
tfwAoJTFkfxCNs+jN6bwhJGDaN6FOcyg
=hBAu
-----END PGP SIGNATURE-----
12 years, 6 months
