diff options
author | Simo Sorce <ssorce@redhat.com> | 2009-09-12 00:05:55 -0400 |
---|---|---|
committer | Simo Sorce <ssorce@redhat.com> | 2009-09-14 11:20:15 -0400 |
commit | a0b02295b0e0c55174b37ad3b231d28e0e1d1f50 (patch) | |
tree | 685866761c5d3a6a2df5b985de50711e42d589da /server/providers/ldap | |
parent | f65550115e78a66a35b074a5b80394a6d9ff21fd (diff) | |
download | sssd-a0b02295b0e0c55174b37ad3b231d28e0e1d1f50.tar.gz sssd-a0b02295b0e0c55174b37ad3b231d28e0e1d1f50.tar.bz2 sssd-a0b02295b0e0c55174b37ad3b231d28e0e1d1f50.zip |
Make the offline status backend-global
Add helpers functions to query/set the offline status per backend.
Now all providers share the same offline status.
Diffstat (limited to 'server/providers/ldap')
-rw-r--r-- | server/providers/ldap/ldap_auth.c | 29 | ||||
-rw-r--r-- | server/providers/ldap/ldap_id.c | 55 |
2 files changed, 29 insertions, 55 deletions
diff --git a/server/providers/ldap/ldap_auth.c b/server/providers/ldap/ldap_auth.c index 47ed0f0d..51afee36 100644 --- a/server/providers/ldap/ldap_auth.c +++ b/server/providers/ldap/ldap_auth.c @@ -40,7 +40,7 @@ #include "providers/ldap/sdap_async.h" struct sdap_auth_ctx { - struct be_ctx *bectx; + struct be_ctx *be; struct sdap_options *opts; }; @@ -87,8 +87,8 @@ struct tevent_req *get_user_dn_send(TALLOC_CTX *memctx, /* this sysdb call uses a sysdn operation, which means it will be * schedule only after we return, no timer hack needed */ - ret = sysdb_get_user_attr(state, state->ctx->bectx->sysdb, - state->ctx->bectx->domain, state->name, + ret = sysdb_get_user_attr(state, state->ctx->be->sysdb, + state->ctx->be->domain, state->name, state->attrs, get_user_dn_done, req); if (ret) { tevent_req_error(req, ret); @@ -292,7 +292,7 @@ int auth_recv(struct tevent_req *req, enum sdap_result *result, uint64_t err; if (tevent_req_is_error(req, &tstate, &err)) { - if (err == EAGAIN) *result = SDAP_UNAVAIL; + if (err == ETIMEDOUT) *result = SDAP_UNAVAIL; else *result = SDAP_ERROR; return EOK; } @@ -338,6 +338,12 @@ static void sdap_pam_chpass_send(struct be_req *breq) struct sdap_auth_ctx); pd = talloc_get_type(breq->req_data, struct pam_data); + if (be_is_offline(ctx->be)) { + DEBUG(4, ("Backend is marked offline, retry later!\n")); + pd->pam_status = PAM_AUTHINFO_UNAVAIL; + goto done; + } + DEBUG(2, ("starting password change request for user [%s].\n", pd->user)); pd->pam_status = PAM_SYSTEM_ERR; @@ -466,6 +472,12 @@ static void sdap_pam_auth_send(struct be_req *breq) ctx = talloc_get_type(breq->be_ctx->bet_info[BET_AUTH].pvt_bet_data, struct sdap_auth_ctx); pd = talloc_get_type(breq->req_data, struct pam_data); + if (be_is_offline(ctx->be)) { + DEBUG(4, ("Backend is marked offline, retry later!\n")); + pd->pam_status = PAM_AUTHINFO_UNAVAIL; + goto done; + } + pd->pam_status = PAM_SYSTEM_ERR; switch (pd->cmd) { @@ -531,6 +543,11 @@ static void sdap_pam_auth_done(struct tevent_req *req) state->pd->pam_status = PAM_SYSTEM_ERR; } + if (result == SDAP_UNAVAIL) { + be_mark_offline(state->breq->be_ctx); + goto done; + } + if (result == SDAP_AUTH_SUCCESS && state->breq->be_ctx->domain->cache_credentials) { @@ -589,13 +606,11 @@ static void sdap_shutdown(struct be_req *req) } struct bet_ops sdap_auth_ops = { - .check_online = NULL, .handler = sdap_pam_auth_send, .finalize = sdap_shutdown }; struct bet_ops sdap_chpass_ops = { - .check_online = NULL, .handler = sdap_pam_chpass_send, .finalize = sdap_shutdown }; @@ -612,7 +627,7 @@ int sssm_ldap_auth_init(struct be_ctx *bectx, ctx = talloc(bectx, struct sdap_auth_ctx); if (!ctx) return ENOMEM; - ctx->bectx = bectx; + ctx->be = bectx; ret = sdap_get_options(ctx, bectx->cdb, bectx->conf_path, &ctx->opts); diff --git a/server/providers/ldap/ldap_id.c b/server/providers/ldap/ldap_id.c index bebeea22..1984582d 100644 --- a/server/providers/ldap/ldap_id.c +++ b/server/providers/ldap/ldap_id.c @@ -39,9 +39,6 @@ struct sdap_id_ctx { /* global sdap handler */ struct sdap_handle *gsh; - time_t went_offline; - bool offline; - /* enumeration loop timer */ struct timeval last_run; @@ -54,43 +51,6 @@ static void sdap_req_done(struct be_req *req, int ret, const char *err) return req->fn(req, ret, err); } -static bool is_offline(struct sdap_id_ctx *ctx) -{ - time_t now = time(NULL); - - /* check if we are past the offline blackout timeout */ - if (ctx->went_offline + ctx->opts->offline_timeout < now) { - ctx->offline = false; - } - - return ctx->offline; -} - -static void mark_offline(struct sdap_id_ctx *ctx) -{ - DEBUG(8, ("Going offline!\n")); - - ctx->went_offline = time(NULL); - ctx->offline = true; -} - -static void sdap_check_online(struct be_req *req) -{ - struct be_online_req *oreq; - struct sdap_id_ctx *ctx; - - ctx = talloc_get_type(req->be_ctx->bet_info[BET_ID].pvt_bet_data, struct sdap_id_ctx); - oreq = talloc_get_type(req->req_data, struct be_online_req); - - if (is_offline(ctx)) { - oreq->online = MOD_OFFLINE; - } else { - oreq->online = MOD_ONLINE; - } - - sdap_req_done(req, EOK, NULL); -} - static int build_attrs_from_map(TALLOC_CTX *memctx, struct sdap_id_map *map, size_t size, @@ -403,7 +363,7 @@ static void users_get_done(struct tevent_req *req) if (ret == ETIMEDOUT) { ctx = talloc_get_type(breq->be_ctx->bet_info[BET_ID].pvt_bet_data, struct sdap_id_ctx); - mark_offline(ctx); + be_mark_offline(ctx->be); } } @@ -568,7 +528,7 @@ static void groups_get_done(struct tevent_req *req) if (ret == ETIMEDOUT) { ctx = talloc_get_type(breq->be_ctx->bet_info[BET_ID].pvt_bet_data, struct sdap_id_ctx); - mark_offline(ctx); + be_mark_offline(ctx->be); } } @@ -708,7 +668,7 @@ static void groups_by_user_done(struct tevent_req *req) if (ret == ETIMEDOUT) { ctx = talloc_get_type(breq->be_ctx->bet_info[BET_ID].pvt_bet_data, struct sdap_id_ctx); - mark_offline(ctx); + be_mark_offline(ctx->be); } } @@ -731,7 +691,7 @@ static void sdap_get_account_info(struct be_req *breq) ctx = talloc_get_type(breq->be_ctx->bet_info[BET_ID].pvt_bet_data, struct sdap_id_ctx); - if (is_offline(ctx)) { + if (be_is_offline(ctx->be)) { return sdap_req_done(breq, EAGAIN, "Offline"); } @@ -830,7 +790,7 @@ static void ldap_id_enumerate(struct tevent_context *ev, struct tevent_timer *timeout; struct tevent_req *req; - if (is_offline(ctx)) { + if (be_is_offline(ctx->be)) { DEBUG(4, ("Backend is marked offline, retry later!\n")); /* schedule starting from now, not the last run */ ldap_id_enumerate_set_timer(ctx, tevent_timeval_current()); @@ -971,7 +931,7 @@ fail: (int)err, strerror(err))); if (err == ETIMEDOUT) { - mark_offline(state->ctx); + be_mark_offline(state->ctx->be); } } @@ -998,7 +958,7 @@ static void ldap_id_enum_groups_done(struct tevent_req *subreq) fail: if (err == ETIMEDOUT) { - mark_offline(state->ctx); + be_mark_offline(state->ctx->be); } DEBUG(1, ("Failed to enumerate groups, retrying later!\n")); @@ -1312,7 +1272,6 @@ static void sdap_shutdown(struct be_req *req) } struct bet_ops sdap_id_ops = { - .check_online = sdap_check_online, .handler = sdap_get_account_info, .finalize = sdap_shutdown }; |