November 2018 - sssd-devel - Fedora Mailing-Lists

[sssd PR#695][opened] sss_iface: prevent from using invalid names that start with digits

by pbrezina

URL: https://github.com/SSSD/sssd/pull/695 Author: pbrezina Title: #695: sss_iface: prevent from using invalid names that start with digits Action: opened PR body: """ From: https://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol... - Bus names that start with a colon (':') character are unique connection names. Other bus names are called well-known bus names. - Bus names are composed of 1 or more elements separated by a period ('.') character. All elements must contain at least one character. - Each element must only contain the ASCII characters "[A-Z][a-z][0-9]_-", with "-" discouraged in new bus names. Only elements that are part of a unique connection name may begin with a digit, elements in other bus names must not begin with a digit. - Bus names must contain at least one '.' (period) character (and thus at least two elements). - Bus names must not begin with a '.' (period) character. - Bus names must not exceed the maximum name length (255). Resolves: https://pagure.io/SSSD/sssd/issue/3872 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/695/head:pr695 git checkout pr695

5 years, 4 months

2
5
0 / 0

[sssd PR#690][opened] DYNDNS: Convert dyndns timer to be_ptask

by thalman

URL: https://github.com/SSSD/sssd/pull/690 Author: thalman Title: #690: DYNDNS: Convert dyndns timer to be_ptask Action: opened PR body: """ We have API for periodic tasks and we want to use it instead of tevent timers. Resolves: https://pagure.io/SSSD/sssd/issue/1944 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/690/head:pr690 git checkout pr690

5 years, 4 months

3
15
0 / 0

[sssd PR#700][opened] LDAP: Only authenticate the auth connection if we need to look up user information

by jhrozek

URL: https://github.com/SSSD/sssd/pull/700 Author: jhrozek Title: #700: LDAP: Only authenticate the auth connection if we need to look up user information Action: opened PR body: """ Related: https://pagure.io/SSSD/sssd/issue/3451 Commit add72860c7a7a2c418f4d8b6790b5caeaf7dfb7b initially addressed #3451 by using the full sdap_cli_connect() request during LDAP authentication. This was a good idea as it addressed the case where the authentication connection must also look up some user information (typically with id_provider=proxy where you don't know the DN to bind as during authentication), but this approach also broke the use-case of id_provider=ldap and auth_provider=ldap with ldap_sasl_auth=gssapi. This is because (for reason I don't know) AD doesn't like if you use both GSSAPI and startTLS on the same connection. But the code would force TLS during the authentication as a general measure to not transmit passwords in the clear, but then, the connection would also see that ldap_sasl_auth=gssapi is set and also bind with GSSAPI. This patch checks if the user DN is already known and if yes, then doesn't authenticate the connection as the connection will then only be used for the user simple bind. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/700/head:pr700 git checkout pr700

5 years, 4 months

2
19
0 / 0

[sssd PR#699][opened] Fixes for MIT Kerberos 1.17 and valgind CI runs

by sumit-bose

URL: https://github.com/SSSD/sssd/pull/699 Author: sumit-bose Title: #699: Fixes for MIT Kerberos 1.17 and valgind CI runs Action: opened PR body: """ None """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/699/head:pr699 git checkout pr699

5 years, 4 months

2
5
0 / 0

[sssd PR#644][opened] When multiple UIDs exist, use the username provided by the user as the first lookup

by joeFischetti

URL: https://github.com/SSSD/sssd/pull/644 Author: joeFischetti Title: #644: When multiple UIDs exist, use the username provided by the user as the first lookup Action: opened PR body: """ The current state of the code has no way of determining the "correct" UID to use when there are multiple values. If there are multiple values, and the RDN doesn't match, this update checks the UID's returned against the username that was provided by the user at the prompt. If that matches, it's used. If that doesn't match, it falls back to the existing code. Example: My ldap record includes multiple uid values, ["genericemployee1", "itstaff1"] I need access to machines as "itstaff1". "genericemployee1" is used as an identifier in other systems/services. If I log in with "itstaff1" at the prompt, and my ldap lookup with filter (uid=itstaff1) is successful, the array of UID's are checked against "itstaff1" and that's what *_primary is set to. With the current code, if I try to log in with "itstaff1" at the prompt, I'm actually logged into the system as "genericemployee1". Based on the order that the values are returned... some other staff are logged into their "genericemployee" or the "itstaff" accounts. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/644/head:pr644 git checkout pr644

5 years, 4 months

4
17
0 / 0

[sssd PR#698][opened] Add support for EC keys

by sumit-bose

URL: https://github.com/SSSD/sssd/pull/698 Author: sumit-bose Title: #698: Add support for EC keys Action: opened PR body: """ This patch set adds support for elliptic curve (EC) keys to p11_child and the ssh key extraction code. Related to https://pagure.io/SSSD/sssd/issue/3887 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/698/head:pr698 git checkout pr698

5 years, 4 months

2
5
0 / 0

[sssd PR#697][opened] RESPONDER: Log failures from bind() and listen()

by jhrozek

URL: https://github.com/SSSD/sssd/pull/697 Author: jhrozek Title: #697: RESPONDER: Log failures from bind() and listen() Action: opened PR body: """ We've seen reports from users where SSSD (for a reason which is not known at the moment) couldn't bind to the created socket. This patch just logs the errno which should help in debugging issues like that in the future. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/697/head:pr697 git checkout pr697

5 years, 4 months

2
11
0 / 0

[sssd PR#694][opened] SSSCTL: user-show says that user is expired

by thalman

URL: https://github.com/SSSD/sssd/pull/694 Author: thalman Title: #694: SSSCTL: user-show says that user is expired Action: opened PR body: """ sssctl user-show says that user is expired if the user comes from files provider. This is ok because files user's expiration time is always set to 0 but we should print a better, less confusing message. The same change apply to groups. Resolves: https://pagure.io/SSSD/sssd/issue/3858 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/694/head:pr694 git checkout pr694

5 years, 4 months

4
17
0 / 0

[sssd PR#686][opened] nss: use enumeration context as talloc parent for cache req result

by pbrezina

URL: https://github.com/SSSD/sssd/pull/686 Author: pbrezina Title: #686: nss: use enumeration context as talloc parent for cache req result Action: opened PR body: """ Otherwise we end up with memory leak since the result is never freed. Resolves: https://pagure.io/SSSD/sssd/issue/3870 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/686/head:pr686 git checkout pr686

5 years, 4 months

2
9
0 / 0

[sssd PR#680][opened] pytest: Add test case for Expired sudo rule

by mrniranjan

URL: https://github.com/SSSD/sssd/pull/680 Author: mrniranjan Title: #680: pytest: Add test case for Expired sudo rule Action: opened PR body: """ """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/680/head:pr680 git checkout pr680

5 years, 4 months

2
14
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

sssd-devel November 2018