| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Fixes: #296
|
|
To avoid blocking in a synchronous call, the TGT is saved in a separate
process
Fixes: #277
|
|
|
|
The retun values are still not directly used with ldap libraries that still do
their own name resolution, but this patch introduces a very basic framework to
have a multiple providers in one domain use and share a single failover
service if they want to.
|
|
With the previous code in domains with many users and enumeration enable we
would eventually end up making thousands of individual searches for entries in
the clean-up process.
Change the code to do a full enumeration before a cleanup so we do one single
big search to update all entries and only then search for entries to purge.
This also fixes the fact that the cleanup task was running at every enumeration
instead of running every "ldap_purge_cache_timeout" seconds.
|
|
|
|
Split enum task in a separate file.
|
|
Also fic sdap_get_generic_send() to be a bit more "generic" :-)
Also figs bugs within it.
This patch allow us 2 good things.
A) we check that the server effectively supports GSSAPI auth before we try to
use it.
B) against IPA it substantially cuts delays when the server is offline because
it uses a 5 second async timeout on the connection and doesn't try to do a
slow synchronous kinit+sasl_bind if the server is not even available.
|
|
Put all init functions in their own file so that the other files can be reused in
other providers w/o having them in the way.
|
|
|
