summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2010-11-16 16:05:50 -0500
committerStephen Gallagher <sgallagh@redhat.com>2010-11-18 08:34:55 -0500
commit2c59666e045b5edc1fa15049724eb20bd3a7e04a (patch)
tree30659ac2540bafe98628322390a8e6b33b08bb9e
parent001e8f2607e7c11516f51aff8cbce7a6e3445684 (diff)
downloadsssd-2c59666e045b5edc1fa15049724eb20bd3a7e04a.tar.gz
sssd-2c59666e045b5edc1fa15049724eb20bd3a7e04a.tar.xz
sssd-2c59666e045b5edc1fa15049724eb20bd3a7e04a.zip
Fix authentication queue code for proxy auth
We weren't decrementing the count of in-progress authentication request child processes when they completed successfully. With this patch, we will now guarantee that the process count is accurate and that queued requests will be started when a slot is freed up.
-rw-r--r--src/providers/proxy/proxy_auth.c31
1 files changed, 19 insertions, 12 deletions
diff --git a/src/providers/proxy/proxy_auth.c b/src/providers/proxy/proxy_auth.c
index 64b38cbed..b3b878cf6 100644
--- a/src/providers/proxy/proxy_auth.c
+++ b/src/providers/proxy/proxy_auth.c
@@ -718,23 +718,30 @@ static void proxy_child_done(struct tevent_req *req)
ret = proxy_child_recv(req, client_ctx, &pd);
talloc_zfree(req);
- if (ret != EOK) {
- /* Pam child failed */
- client_ctx->auth_ctx->running--;
- proxy_reply(client_ctx->be_req, DP_ERR_FATAL, ret,
- "PAM child failed");
-
- /* Start the next auth in the queue, if any */
- imm = tevent_create_immediate(client_ctx->be_req->be_ctx->ev);
- if (imm == NULL) {
- DEBUG(1, ("tevent_create_immediate failed.\n"));
- return;
- }
+ /* Start the next auth in the queue, if any */
+ client_ctx->auth_ctx->running--;
+ imm = tevent_create_immediate(client_ctx->be_req->be_ctx->ev);
+ if (imm == NULL) {
+ DEBUG(1, ("tevent_create_immediate failed.\n"));
+ /* We'll still finish the current request, but we're
+ * likely to have problems if there are queued events
+ * if we've gotten into this state.
+ * Hopefully this is impossible, since freeing req
+ * above should guarantee that we have enough memory
+ * to create this immediate event.
+ */
+ } else {
tevent_schedule_immediate(imm,
client_ctx->be_req->be_ctx->ev,
run_proxy_child_queue,
client_ctx->auth_ctx);
+ }
+
+ if (ret != EOK) {
+ /* Pam child failed */
+ proxy_reply(client_ctx->be_req, DP_ERR_FATAL, ret,
+ "PAM child failed");
return;
}