summaryrefslogtreecommitdiff
path: root/src/providers/krb5
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2012-03-07 17:08:52 +0100
committerJan Zeleny <jzeleny@redhat.com>2012-03-08 10:58:15 +0100
commit606d2d03833903f00d40f9810d4dccd04a752e76 (patch)
tree41fc8ff0f0fb69aeea5b2cd425d515e219c5f259 /src/providers/krb5
parent9729b24935f9b717234728b2d2cfb4ca49df307b (diff)
downloadsssd-606d2d03833903f00d40f9810d4dccd04a752e76.tar.gz
sssd-606d2d03833903f00d40f9810d4dccd04a752e76.tar.bz2
sssd-606d2d03833903f00d40f9810d4dccd04a752e76.zip
Detect cycle in the fail over on subsequent resolve requests only
Diffstat (limited to 'src/providers/krb5')
-rw-r--r--src/providers/krb5/krb5_auth.c32
1 files changed, 15 insertions, 17 deletions
diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c
index 72992ba7..0306426c 100644
--- a/src/providers/krb5/krb5_auth.c
+++ b/src/providers/krb5/krb5_auth.c
@@ -320,6 +320,9 @@ int krb5_auth_recv(struct tevent_req *req, int *pam_status, int *dp_err)
return EOK;
}
+static struct tevent_req *krb5_next_kdc(struct tevent_req *req);
+static struct tevent_req *krb5_next_kpasswd(struct tevent_req *req);
+
struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct be_ctx *be_ctx,
@@ -507,16 +510,14 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx,
kr->srv = NULL;
kr->kpasswd_srv = NULL;
- subreq = be_resolve_server_send(state, state->ev, state->be_ctx,
- krb5_ctx->service->name);
- if (subreq == NULL) {
- DEBUG(1, ("be_resolve_server_send failed.\n"));
- ret = ENOMEM;
+
+ subreq = krb5_next_kdc(req);
+ if (!subreq) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("krb5_next_kdc failed.\n"));
+ ret = EIO;
goto done;
}
- tevent_req_set_callback(subreq, krb5_resolve_kdc_done, req);
-
return req;
done:
@@ -557,16 +558,12 @@ static void krb5_resolve_kdc_done(struct tevent_req *subreq)
}
} else {
if (kr->krb5_ctx->kpasswd_service != NULL) {
- subreq = be_resolve_server_send(state, state->ev, state->be_ctx,
- kr->krb5_ctx->kpasswd_service->name);
+ subreq = krb5_next_kpasswd(req);
if (subreq == NULL) {
- DEBUG(1, ("be_resolve_server_send failed.\n"));
- ret = ENOMEM;
+ DEBUG(SSSDBG_CRIT_FAILURE, ("krb5_next_kpasswd failed.\n"));
+ ret = EIO;
goto failed;
}
-
- tevent_req_set_callback(subreq, krb5_resolve_kpasswd_done, req);
-
return;
}
}
@@ -718,7 +715,6 @@ done:
}
static struct tevent_req *krb5_next_server(struct tevent_req *req);
-static struct tevent_req *krb5_next_kdc(struct tevent_req *req);
static struct tevent_req *krb5_next_kpasswd(struct tevent_req *req);
static void krb5_child_done(struct tevent_req *subreq)
@@ -1004,7 +1000,8 @@ static struct tevent_req *krb5_next_kdc(struct tevent_req *req)
next_req = be_resolve_server_send(state, state->ev,
state->be_ctx,
- state->krb5_ctx->service->name);
+ state->krb5_ctx->service->name,
+ state->kr->srv == NULL ? true : false);
if (next_req == NULL) {
DEBUG(1, ("be_resolve_server_send failed.\n"));
return NULL;
@@ -1021,7 +1018,8 @@ static struct tevent_req *krb5_next_kpasswd(struct tevent_req *req)
next_req = be_resolve_server_send(state, state->ev,
state->be_ctx,
- state->krb5_ctx->kpasswd_service->name);
+ state->krb5_ctx->kpasswd_service->name,
+ state->kr->kpasswd_srv == NULL ? true : false);
if (next_req == NULL) {
DEBUG(1, ("be_resolve_server_send failed.\n"));
return NULL;