summaryrefslogtreecommitdiff
path: root/src/providers/ldap
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2012-11-17 19:53:42 +0100
committerJakub Hrozek <jhrozek@redhat.com>2012-11-18 18:10:18 +0100
commitc96905018f6bb1c22a937bbcbea21cbd7e556743 (patch)
treea5a2b3c4a7a43f0bb424794f233033b46cbed84e /src/providers/ldap
parenta7b3c030510277e16baf4cc0619c877a584b2eec (diff)
downloadsssd-c96905018f6bb1c22a937bbcbea21cbd7e556743.tar.gz
sssd-c96905018f6bb1c22a937bbcbea21cbd7e556743.tar.bz2
sssd-c96905018f6bb1c22a937bbcbea21cbd7e556743.zip
LDAP: Expire even non authenticated connections
The connections request was terminated before setting the expiry timeout in case no authentication was set. https://fedorahosted.org/sssd/ticket/1649
Diffstat (limited to 'src/providers/ldap')
-rw-r--r--src/providers/ldap/sdap_async_connection.c19
1 files changed, 11 insertions, 8 deletions
diff --git a/src/providers/ldap/sdap_async_connection.c b/src/providers/ldap/sdap_async_connection.c
index 79ad3b8e..ff992484 100644
--- a/src/providers/ldap/sdap_async_connection.c
+++ b/src/providers/ldap/sdap_async_connection.c
@@ -1599,22 +1599,25 @@ static void sdap_cli_auth_step(struct tevent_req *req)
const char *user_dn = dp_opt_get_string(state->opts->basic,
SDAP_DEFAULT_BIND_DN);
- if (!state->do_auth ||
- (sasl_mech == NULL && user_dn == NULL)) {
- DEBUG(SSSDBG_TRACE_LIBS,
- ("No authentication requested or SASL auth forced off\n"));
- tevent_req_done(req);
- return;
- }
-
/* Set the LDAP expiration time
* If SASL has already set it, use the sooner of the two
*/
now = time(NULL);
expire_timeout = dp_opt_get_int(state->opts->basic, SDAP_EXPIRE_TIMEOUT);
+ DEBUG(SSSDBG_CONF_SETTINGS, ("expire timeout is %d\n", expire_timeout));
if (!state->sh->expire_time
|| (state->sh->expire_time > (now + expire_timeout))) {
state->sh->expire_time = now + expire_timeout;
+ DEBUG(SSSDBG_TRACE_LIBS,
+ ("the connection will expire at %d\n", state->sh->expire_time));
+ }
+
+ if (!state->do_auth ||
+ (sasl_mech == NULL && user_dn == NULL)) {
+ DEBUG(SSSDBG_TRACE_LIBS,
+ ("No authentication requested or SASL auth forced off\n"));
+ tevent_req_done(req);
+ return;
}
subreq = sdap_auth_send(state,