Make the offline status backend-global

Add helpers functions to query/set the offline status per backend. Now all providers share the same offline status.
author: Simo Sorce <ssorce@redhat.com> 2009-09-12 00:05:55 -0400
committer: Simo Sorce <ssorce@redhat.com> 2009-09-14 11:20:15 -0400
commit: a0b02295b0e0c55174b37ad3b231d28e0e1d1f50 (patch)
tree: 685866761c5d3a6a2df5b985de50711e42d589da /server/providers/krb5
parent: f65550115e78a66a35b074a5b80394a6d9ff21fd (diff)
download: sssd-a0b02295b0e0c55174b37ad3b231d28e0e1d1f50.tar.gz
sssd-a0b02295b0e0c55174b37ad3b231d28e0e1d1f50.tar.xz
sssd-a0b02295b0e0c55174b37ad3b231d28e0e1d1f50.zip
1 files changed, 13 insertions, 4 deletions
diff --git a/server/providers/krb5/krb5_auth.c b/server/providers/krb5/krb5_auth.c
index 73d3ccdc7..14562760e 100644
--- a/server/providers/krb5/krb5_auth.c
+++ b/server/providers/krb5/krb5_auth.c
@@ -489,6 +489,12 @@ static void krb5_pam_handler(struct be_req *be_req)
 
     pd = talloc_get_type(be_req->req_data, struct pam_data);
 
+    if (be_is_offline(be_req->be_ctx)) {
+        DEBUG(4, ("Backend is marked offline, retry later!\n"));
+        pam_status = PAM_AUTHINFO_UNAVAIL;
+        goto done;
+    }
+
     if (pd->cmd != SSS_PAM_AUTHENTICATE && pd->cmd != SSS_PAM_CHAUTHTOK) {
         DEBUG(4, ("krb5 does not handles pam task %d.\n", pd->cmd));
         pam_status = PAM_SUCCESS;
@@ -653,6 +659,11 @@ static void krb5_pam_handler_done(struct tevent_req *req)
 
     pd->pam_status = *msg_status;
 
+    if (pd->pam_status == PAM_AUTHINFO_UNAVAIL) {
+        be_mark_offline(be_req->be_ctx);
+        goto done;
+    }
+
     if (pd->pam_status == PAM_SUCCESS && pd->cmd == SSS_PAM_AUTHENTICATE) {
         env = talloc_asprintf(pd, "%s=%s", SSSD_REALM, krb5_ctx->realm);
         if (env == NULL) {
@@ -741,20 +752,18 @@ static void krb5_pam_handler_cache_done(struct tevent_req *subreq)
 }
 
 struct bet_ops krb5_auth_ops = {
-    .check_online = NULL,
     .handler = krb5_pam_handler,
     .finalize = NULL,
 };
 
 struct bet_ops krb5_chpass_ops = {
-    .check_online = NULL,
     .handler = krb5_pam_handler,
     .finalize = NULL,
 };
 
 
-int sssm_krb5_auth_init(struct be_ctx *bectx, struct bet_ops **ops,
-                   void **pvt_auth_data)
+int sssm_krb5_auth_init(struct be_ctx *bectx,
+                        struct bet_ops **ops, void **pvt_auth_data)
 {
     struct krb5_ctx *ctx = NULL;
     char *value = NULL;
author	Simo Sorce <ssorce@redhat.com>	2009-09-12 00:05:55 -0400
committer	Simo Sorce <ssorce@redhat.com>	2009-09-14 11:20:15 -0400
commit	a0b02295b0e0c55174b37ad3b231d28e0e1d1f50 (patch)
tree	685866761c5d3a6a2df5b985de50711e42d589da /server/providers/krb5
parent	f65550115e78a66a35b074a5b80394a6d9ff21fd (diff)
download	sssd-a0b02295b0e0c55174b37ad3b231d28e0e1d1f50.tar.gz sssd-a0b02295b0e0c55174b37ad3b231d28e0e1d1f50.tar.xz sssd-a0b02295b0e0c55174b37ad3b231d28e0e1d1f50.zip