diff options
| author | Simo Sorce <ssorce@redhat.com> | 2009-11-20 12:11:28 -0500 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2009-11-20 16:55:16 -0500 |
| commit | e115c25af2df3549fb44b260e516d8c93d2adc8a (patch) | |
| tree | ddae338c26e8fd39b29f4fb106fd831280ca23d5 /server/providers/ldap/ldap_auth.c | |
| parent | 74bd0f69d2ff2da63949e7660aa2f48f06734b90 (diff) | |
| download | sssd-e115c25af2df3549fb44b260e516d8c93d2adc8a.tar.gz sssd-e115c25af2df3549fb44b260e516d8c93d2adc8a.tar.xz sssd-e115c25af2df3549fb44b260e516d8c93d2adc8a.zip | |
Add initial failover support for ldap and ipa
The retun values are still not directly used with ldap libraries that still do
their own name resolution, but this patch introduces a very basic framework to
have a multiple providers in one domain use and share a single failover
service if they want to.
Diffstat (limited to 'server/providers/ldap/ldap_auth.c')
| -rw-r--r-- | server/providers/ldap/ldap_auth.c | 38 |
1 files changed, 36 insertions, 2 deletions
diff --git a/server/providers/ldap/ldap_auth.c b/server/providers/ldap/ldap_auth.c index a9f03a763..6a80df447 100644 --- a/server/providers/ldap/ldap_auth.c +++ b/server/providers/ldap/ldap_auth.c @@ -414,8 +414,11 @@ struct auth_state { char *dn; enum pwexpire pw_expire_type; void *pw_expire_data; + + struct fo_server *srv; }; +static void auth_resolve_done(struct tevent_req *subreq); static void auth_connect_done(struct tevent_req *subreq); static void auth_get_user_dn_done(struct tevent_req *subreq); static void auth_bind_user_done(struct tevent_req *subreq); @@ -436,11 +439,12 @@ static struct tevent_req *auth_send(TALLOC_CTX *memctx, state->ctx = ctx; state->username = username; state->password = password; + state->srv = NULL; - subreq = sdap_connect_send(state, ev, ctx->opts, true); + subreq = be_resolve_server_send(state, ev, ctx->be, ctx->service->name); if (!subreq) goto fail; - tevent_req_set_callback(subreq, auth_connect_done, req); + tevent_req_set_callback(subreq, auth_resolve_done, req); return req; @@ -449,6 +453,31 @@ fail: return NULL; } +static void auth_resolve_done(struct tevent_req *subreq) +{ + struct tevent_req *req = tevent_req_callback_data(subreq, + struct tevent_req); + struct auth_state *state = tevent_req_data(req, + struct auth_state); + int ret; + + ret = be_resolve_server_recv(subreq, &state->srv); + talloc_zfree(subreq); + if (ret) { + tevent_req_error(req, ret); + return; + } + + subreq = sdap_connect_send(state, state->ev, state->ctx->opts, + state->ctx->service->uri, true); + if (!subreq) { + tevent_req_error(req, ENOMEM); + return; + } + + tevent_req_set_callback(subreq, auth_connect_done, req); +} + static void auth_connect_done(struct tevent_req *subreq) { struct tevent_req *req = tevent_req_callback_data(subreq, @@ -460,6 +489,11 @@ static void auth_connect_done(struct tevent_req *subreq) ret = sdap_connect_recv(subreq, state, &state->sh); talloc_zfree(subreq); if (ret) { + if (state->srv) { + /* mark the server as bad if connection failed */ + fo_set_server_status(state->srv, SERVER_NOT_WORKING); + } + tevent_req_error(req, ret); return; } |