summaryrefslogtreecommitdiff
path: root/server/providers/ldap
diff options
context:
space:
mode:
authorSimo Sorce <ssorce@redhat.com>2009-09-12 00:05:55 -0400
committerSimo Sorce <ssorce@redhat.com>2009-09-14 11:20:15 -0400
commita0b02295b0e0c55174b37ad3b231d28e0e1d1f50 (patch)
tree685866761c5d3a6a2df5b985de50711e42d589da /server/providers/ldap
parentf65550115e78a66a35b074a5b80394a6d9ff21fd (diff)
downloadsssd-a0b02295b0e0c55174b37ad3b231d28e0e1d1f50.tar.gz
sssd-a0b02295b0e0c55174b37ad3b231d28e0e1d1f50.tar.bz2
sssd-a0b02295b0e0c55174b37ad3b231d28e0e1d1f50.zip
Make the offline status backend-global
Add helpers functions to query/set the offline status per backend. Now all providers share the same offline status.
Diffstat (limited to 'server/providers/ldap')
-rw-r--r--server/providers/ldap/ldap_auth.c29
-rw-r--r--server/providers/ldap/ldap_id.c55
2 files changed, 29 insertions, 55 deletions
diff --git a/server/providers/ldap/ldap_auth.c b/server/providers/ldap/ldap_auth.c
index 47ed0f0d..51afee36 100644
--- a/server/providers/ldap/ldap_auth.c
+++ b/server/providers/ldap/ldap_auth.c
@@ -40,7 +40,7 @@
#include "providers/ldap/sdap_async.h"
struct sdap_auth_ctx {
- struct be_ctx *bectx;
+ struct be_ctx *be;
struct sdap_options *opts;
};
@@ -87,8 +87,8 @@ struct tevent_req *get_user_dn_send(TALLOC_CTX *memctx,
/* this sysdb call uses a sysdn operation, which means it will be
* schedule only after we return, no timer hack needed */
- ret = sysdb_get_user_attr(state, state->ctx->bectx->sysdb,
- state->ctx->bectx->domain, state->name,
+ ret = sysdb_get_user_attr(state, state->ctx->be->sysdb,
+ state->ctx->be->domain, state->name,
state->attrs, get_user_dn_done, req);
if (ret) {
tevent_req_error(req, ret);
@@ -292,7 +292,7 @@ int auth_recv(struct tevent_req *req, enum sdap_result *result,
uint64_t err;
if (tevent_req_is_error(req, &tstate, &err)) {
- if (err == EAGAIN) *result = SDAP_UNAVAIL;
+ if (err == ETIMEDOUT) *result = SDAP_UNAVAIL;
else *result = SDAP_ERROR;
return EOK;
}
@@ -338,6 +338,12 @@ static void sdap_pam_chpass_send(struct be_req *breq)
struct sdap_auth_ctx);
pd = talloc_get_type(breq->req_data, struct pam_data);
+ if (be_is_offline(ctx->be)) {
+ DEBUG(4, ("Backend is marked offline, retry later!\n"));
+ pd->pam_status = PAM_AUTHINFO_UNAVAIL;
+ goto done;
+ }
+
DEBUG(2, ("starting password change request for user [%s].\n", pd->user));
pd->pam_status = PAM_SYSTEM_ERR;
@@ -466,6 +472,12 @@ static void sdap_pam_auth_send(struct be_req *breq)
ctx = talloc_get_type(breq->be_ctx->bet_info[BET_AUTH].pvt_bet_data, struct sdap_auth_ctx);
pd = talloc_get_type(breq->req_data, struct pam_data);
+ if (be_is_offline(ctx->be)) {
+ DEBUG(4, ("Backend is marked offline, retry later!\n"));
+ pd->pam_status = PAM_AUTHINFO_UNAVAIL;
+ goto done;
+ }
+
pd->pam_status = PAM_SYSTEM_ERR;
switch (pd->cmd) {
@@ -531,6 +543,11 @@ static void sdap_pam_auth_done(struct tevent_req *req)
state->pd->pam_status = PAM_SYSTEM_ERR;
}
+ if (result == SDAP_UNAVAIL) {
+ be_mark_offline(state->breq->be_ctx);
+ goto done;
+ }
+
if (result == SDAP_AUTH_SUCCESS &&
state->breq->be_ctx->domain->cache_credentials) {
@@ -589,13 +606,11 @@ static void sdap_shutdown(struct be_req *req)
}
struct bet_ops sdap_auth_ops = {
- .check_online = NULL,
.handler = sdap_pam_auth_send,
.finalize = sdap_shutdown
};
struct bet_ops sdap_chpass_ops = {
- .check_online = NULL,
.handler = sdap_pam_chpass_send,
.finalize = sdap_shutdown
};
@@ -612,7 +627,7 @@ int sssm_ldap_auth_init(struct be_ctx *bectx,
ctx = talloc(bectx, struct sdap_auth_ctx);
if (!ctx) return ENOMEM;
- ctx->bectx = bectx;
+ ctx->be = bectx;
ret = sdap_get_options(ctx, bectx->cdb, bectx->conf_path,
&ctx->opts);
diff --git a/server/providers/ldap/ldap_id.c b/server/providers/ldap/ldap_id.c
index bebeea22..1984582d 100644
--- a/server/providers/ldap/ldap_id.c
+++ b/server/providers/ldap/ldap_id.c
@@ -39,9 +39,6 @@ struct sdap_id_ctx {
/* global sdap handler */
struct sdap_handle *gsh;
- time_t went_offline;
- bool offline;
-
/* enumeration loop timer */
struct timeval last_run;
@@ -54,43 +51,6 @@ static void sdap_req_done(struct be_req *req, int ret, const char *err)
return req->fn(req, ret, err);
}
-static bool is_offline(struct sdap_id_ctx *ctx)
-{
- time_t now = time(NULL);
-
- /* check if we are past the offline blackout timeout */
- if (ctx->went_offline + ctx->opts->offline_timeout < now) {
- ctx->offline = false;
- }
-
- return ctx->offline;
-}
-
-static void mark_offline(struct sdap_id_ctx *ctx)
-{
- DEBUG(8, ("Going offline!\n"));
-
- ctx->went_offline = time(NULL);
- ctx->offline = true;
-}
-
-static void sdap_check_online(struct be_req *req)
-{
- struct be_online_req *oreq;
- struct sdap_id_ctx *ctx;
-
- ctx = talloc_get_type(req->be_ctx->bet_info[BET_ID].pvt_bet_data, struct sdap_id_ctx);
- oreq = talloc_get_type(req->req_data, struct be_online_req);
-
- if (is_offline(ctx)) {
- oreq->online = MOD_OFFLINE;
- } else {
- oreq->online = MOD_ONLINE;
- }
-
- sdap_req_done(req, EOK, NULL);
-}
-
static int build_attrs_from_map(TALLOC_CTX *memctx,
struct sdap_id_map *map,
size_t size,
@@ -403,7 +363,7 @@ static void users_get_done(struct tevent_req *req)
if (ret == ETIMEDOUT) {
ctx = talloc_get_type(breq->be_ctx->bet_info[BET_ID].pvt_bet_data,
struct sdap_id_ctx);
- mark_offline(ctx);
+ be_mark_offline(ctx->be);
}
}
@@ -568,7 +528,7 @@ static void groups_get_done(struct tevent_req *req)
if (ret == ETIMEDOUT) {
ctx = talloc_get_type(breq->be_ctx->bet_info[BET_ID].pvt_bet_data,
struct sdap_id_ctx);
- mark_offline(ctx);
+ be_mark_offline(ctx->be);
}
}
@@ -708,7 +668,7 @@ static void groups_by_user_done(struct tevent_req *req)
if (ret == ETIMEDOUT) {
ctx = talloc_get_type(breq->be_ctx->bet_info[BET_ID].pvt_bet_data,
struct sdap_id_ctx);
- mark_offline(ctx);
+ be_mark_offline(ctx->be);
}
}
@@ -731,7 +691,7 @@ static void sdap_get_account_info(struct be_req *breq)
ctx = talloc_get_type(breq->be_ctx->bet_info[BET_ID].pvt_bet_data, struct sdap_id_ctx);
- if (is_offline(ctx)) {
+ if (be_is_offline(ctx->be)) {
return sdap_req_done(breq, EAGAIN, "Offline");
}
@@ -830,7 +790,7 @@ static void ldap_id_enumerate(struct tevent_context *ev,
struct tevent_timer *timeout;
struct tevent_req *req;
- if (is_offline(ctx)) {
+ if (be_is_offline(ctx->be)) {
DEBUG(4, ("Backend is marked offline, retry later!\n"));
/* schedule starting from now, not the last run */
ldap_id_enumerate_set_timer(ctx, tevent_timeval_current());
@@ -971,7 +931,7 @@ fail:
(int)err, strerror(err)));
if (err == ETIMEDOUT) {
- mark_offline(state->ctx);
+ be_mark_offline(state->ctx->be);
}
}
@@ -998,7 +958,7 @@ static void ldap_id_enum_groups_done(struct tevent_req *subreq)
fail:
if (err == ETIMEDOUT) {
- mark_offline(state->ctx);
+ be_mark_offline(state->ctx->be);
}
DEBUG(1, ("Failed to enumerate groups, retrying later!\n"));
@@ -1312,7 +1272,6 @@ static void sdap_shutdown(struct be_req *req)
}
struct bet_ops sdap_id_ops = {
- .check_online = sdap_check_online,
.handler = sdap_get_account_info,
.finalize = sdap_shutdown
};