diff options
author | Sumit Bose <sbose@redhat.com> | 2010-04-19 11:59:09 +0200 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-05-07 16:38:23 -0400 |
commit | fc7ec12f1b851bab1eedf3ecdcb094ea80b46dd2 (patch) | |
tree | 9aa674b262b92ebe2f66c745a42f6cec4a0a1c18 /src/db | |
parent | ca6aa84e20e445fb04dfce416a8c3a1912b26451 (diff) | |
download | sssd-fc7ec12f1b851bab1eedf3ecdcb094ea80b46dd2.tar.gz sssd-fc7ec12f1b851bab1eedf3ecdcb094ea80b46dd2.tar.xz sssd-fc7ec12f1b851bab1eedf3ecdcb094ea80b46dd2.zip |
Add support for delayed kinit if offline
If the configuration option krb5_store_password_if_offline is set to
true and the backend is offline the plain text user password is stored
and used to request a TGT if the backend becomes online. If available
the Linux kernel key retention service is used.
Diffstat (limited to 'src/db')
-rw-r--r-- | src/db/sysdb.h | 3 | ||||
-rw-r--r-- | src/db/sysdb_ops.c | 10 |
2 files changed, 11 insertions, 2 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h index cf97ed62d..d6780c365 100644 --- a/src/db/sysdb.h +++ b/src/db/sysdb.h @@ -557,7 +557,8 @@ struct tevent_req *sysdb_cache_auth_send(TALLOC_CTX *mem_ctx, const char *name, const uint8_t *authtok, size_t authtok_size, - struct confdb_ctx *cdb); + struct confdb_ctx *cdb, + bool just_check); int sysdb_cache_auth_recv(struct tevent_req *req, time_t *expire_date, time_t *delayed_until); diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c index 618b81086..6fcc95b19 100644 --- a/src/db/sysdb_ops.c +++ b/src/db/sysdb_ops.c @@ -4645,6 +4645,7 @@ struct sysdb_cache_auth_state { struct sss_domain_info *domain; struct sysdb_ctx *sysdb; struct confdb_ctx *cdb; + bool just_check; struct sysdb_attrs *update_attrs; bool authentication_successful; struct sysdb_handle *handle; @@ -4724,7 +4725,8 @@ struct tevent_req *sysdb_cache_auth_send(TALLOC_CTX *mem_ctx, const char *name, const uint8_t *authtok, size_t authtok_size, - struct confdb_ctx *cdb) + struct confdb_ctx *cdb, + bool just_check) { struct tevent_req *req; struct tevent_req *subreq; @@ -4774,6 +4776,7 @@ struct tevent_req *sysdb_cache_auth_send(TALLOC_CTX *mem_ctx, state->domain = domain; state->sysdb = sysdb; state->cdb = cdb; + state->just_check = just_check; state->update_attrs = NULL; state->authentication_successful = false; state->handle = NULL; @@ -4888,6 +4891,11 @@ static void sysdb_cache_auth_get_attrs_done(struct tevent_req *subreq) DEBUG(4, ("Hashes do match!\n")); state->authentication_successful = true; + if (state->just_check) { + ret = EOK; + goto done; + } + ret = sysdb_attrs_add_time_t(state->update_attrs, SYSDB_LAST_LOGIN, time(NULL)); if (ret != EOK) { |