| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | capabilities: Handle ERANGE in user and group lookups | Tobias Brunner | 2015-06-23 | 1 | -12/+48 |
| | | | | | | | | | | | | | | | As it turns out, getpwnam_r, getgrnam_r, and friends will return ERANGE if _any_ user or group on the system is larger than will fit into the scratch buffer you pass to them. This reworks the resolve_uid and resolve_gid methods plus init_supplementary_groups to use a variable-size buffer that is grown until the results fit. Based on a patch by Evan Broder. Closes strongswan/strongswan#12. | ||||
| * | capabilities: Add build support for Windows | Martin Willi | 2014-06-04 | 1 | -3/+37 |
| | | | | | We might extend it in the future using some Windows rights management. | ||||
| * | capabilities: Proper error handling when reading groups | Tobias Brunner | 2013-07-24 | 1 | -1/+8 |
| | | |||||
| * | capabilities: Add function to check if a capability is held, without keeping it | Tobias Brunner | 2013-07-18 | 1 | -45/+63 |
| | | | | | | This can be useful if capabilities are not required anymore after dropping privileges. | ||||
| * | capabilities: Return effective UID/GID if user did not configure anything | Tobias Brunner | 2013-06-25 | 1 | -2/+2 |
| | | |||||
| * | capabilities: Report effective UID/GID after dropping capabilities | Tobias Brunner | 2013-06-25 | 1 | -1/+1 |
| | | |||||
| * | capabilities: Handle CAP_CHOWN specially as it might not be required | Tobias Brunner | 2013-06-25 | 1 | -2/+60 |
| | | |||||
| * | capabilities: Check effective UID as fallback if capabilities are not supported | Tobias Brunner | 2013-06-25 | 1 | -1/+1 |
| | | |||||
| * | capabilities: Ensure required capabilities are actually held by the process/user | Tobias Brunner | 2013-06-25 | 1 | -2/+51 |
| | | |||||
| * | capabilities: leak-detective using dlsym() does not need CAP_SYS_NICE anymore | Martin Willi | 2013-05-15 | 1 | -6/+0 |
| | | |||||
| * | capabilities: initialize supplementary groups only when doing a setuid() | Martin Willi | 2013-05-15 | 1 | -1/+1 |
| | | |||||
| * | When running with an unprivileged user, initialize supplementary groups | Martin Willi | 2013-03-01 | 1 | -1/+37 |
| | | |||||
| * | Moved debug.[ch] to utils folder | Tobias Brunner | 2012-10-24 | 1 | -1/+1 |
| | | |||||
| * | getpwnam_r and getgrnam_r are not supported by the Android NDK | Tobias Brunner | 2012-07-09 | 1 | -24/+69 |
| | | |||||
| * | Refactored heavily #ifdefd capability code to its own libstrongswan class | Martin Willi | 2012-07-04 | 1 | -0/+246 |
 |
index : tteras/strongswan | |
| tteras' strongSwan tree | gitolite |
| aboutsummaryrefslogtreecommitdiffstats |