Add support for delayed kinit if offline

If the configuration option krb5_store_password_if_offline is set to true and the backend is offline the plain text user password is stored and used to request a TGT if the backend becomes online. If available the Linux kernel key retention service is used.
author: Sumit Bose <sbose@redhat.com> 2010-04-19 11:59:09 +0200
committer: Stephen Gallagher <sgallagh@redhat.com> 2010-05-07 16:38:23 -0400
commit: fc7ec12f1b851bab1eedf3ecdcb094ea80b46dd2 (patch)
tree: 9aa674b262b92ebe2f66c745a42f6cec4a0a1c18 /src/db
parent: ca6aa84e20e445fb04dfce416a8c3a1912b26451 (diff)
download: sssd-fc7ec12f1b851bab1eedf3ecdcb094ea80b46dd2.tar.gz
sssd-fc7ec12f1b851bab1eedf3ecdcb094ea80b46dd2.tar.xz
sssd-fc7ec12f1b851bab1eedf3ecdcb094ea80b46dd2.zip
2 files changed, 11 insertions, 2 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h
index cf97ed62d..d6780c365 100644
--- a/src/db/sysdb.h
+++ b/src/db/sysdb.h
@@ -557,7 +557,8 @@ struct tevent_req *sysdb_cache_auth_send(TALLOC_CTX *mem_ctx,
                                          const char *name,
                                          const uint8_t *authtok,
                                          size_t authtok_size,
-                                         struct confdb_ctx *cdb);
+                                         struct confdb_ctx *cdb,
+                                         bool just_check);
 int sysdb_cache_auth_recv(struct tevent_req *req, time_t *expire_date,
                           time_t *delayed_until);
 
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index 618b81086..6fcc95b19 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -4645,6 +4645,7 @@ struct sysdb_cache_auth_state {
     struct sss_domain_info *domain;
     struct sysdb_ctx *sysdb;
     struct confdb_ctx *cdb;
+    bool just_check;
     struct sysdb_attrs *update_attrs;
     bool authentication_successful;
     struct sysdb_handle *handle;
@@ -4724,7 +4725,8 @@ struct tevent_req *sysdb_cache_auth_send(TALLOC_CTX *mem_ctx,
                                          const char *name,
                                          const uint8_t *authtok,
                                          size_t authtok_size,
-                                         struct confdb_ctx *cdb)
+                                         struct confdb_ctx *cdb,
+                                         bool just_check)
 {
     struct tevent_req *req;
     struct tevent_req *subreq;
@@ -4774,6 +4776,7 @@ struct tevent_req *sysdb_cache_auth_send(TALLOC_CTX *mem_ctx,
     state->domain = domain;
     state->sysdb = sysdb;
     state->cdb = cdb;
+    state->just_check = just_check;
     state->update_attrs = NULL;
     state->authentication_successful = false;
     state->handle = NULL;
@@ -4888,6 +4891,11 @@ static void sysdb_cache_auth_get_attrs_done(struct tevent_req *subreq)
         DEBUG(4, ("Hashes do match!\n"));
         state->authentication_successful = true;
 
+        if (state->just_check) {
+            ret = EOK;
+            goto done;
+        }
+
         ret = sysdb_attrs_add_time_t(state->update_attrs, SYSDB_LAST_LOGIN,
                                      time(NULL));
         if (ret != EOK) {
author	Sumit Bose <sbose@redhat.com>	2010-04-19 11:59:09 +0200
committer	Stephen Gallagher <sgallagh@redhat.com>	2010-05-07 16:38:23 -0400
commit	fc7ec12f1b851bab1eedf3ecdcb094ea80b46dd2 (patch)
tree	9aa674b262b92ebe2f66c745a42f6cec4a0a1c18 /src/db
parent	ca6aa84e20e445fb04dfce416a8c3a1912b26451 (diff)
download	sssd-fc7ec12f1b851bab1eedf3ecdcb094ea80b46dd2.tar.gz sssd-fc7ec12f1b851bab1eedf3ecdcb094ea80b46dd2.tar.xz sssd-fc7ec12f1b851bab1eedf3ecdcb094ea80b46dd2.zip