diff options
| author | Sumit Bose <sbose@redhat.com> | 2010-12-13 22:38:21 +0100 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-12-20 09:39:55 -0500 |
| commit | 7d436b1bd6bcca29aa9874adc11bdfb862139cd8 (patch) | |
| tree | 428ef49bb979c8ecddd70dfdafd9de5ca27bd1a3 /src/providers/krb5/krb5_auth.c | |
| parent | 589dd0f6600515926e4e514442c62366db0a62b3 (diff) | |
| download | sssd-7d436b1bd6bcca29aa9874adc11bdfb862139cd8.tar.gz sssd-7d436b1bd6bcca29aa9874adc11bdfb862139cd8.tar.xz sssd-7d436b1bd6bcca29aa9874adc11bdfb862139cd8.zip | |
Serialize requests of the same user in the krb5 provider
Diffstat (limited to 'src/providers/krb5/krb5_auth.c')
| -rw-r--r-- | src/providers/krb5/krb5_auth.c | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c index a0ac0e92f..ce3dea761 100644 --- a/src/providers/krb5/krb5_auth.c +++ b/src/providers/krb5/krb5_auth.c @@ -1093,6 +1093,7 @@ void krb5_pam_handler(struct be_req *be_req) struct pam_data *pd; struct krb5_ctx *krb5_ctx; int dp_err = DP_ERR_FATAL; + int ret; pd = talloc_get_type(be_req->req_data, struct pam_data); pd->pam_status = PAM_SYSTEM_ERR; @@ -1108,6 +1109,19 @@ void krb5_pam_handler(struct be_req *be_req) case SSS_CMD_RENEW: case SSS_PAM_CHAUTHTOK_PRELIM: case SSS_PAM_CHAUTHTOK: + ret = add_to_wait_queue(be_req, pd, krb5_ctx); + if (ret == EOK) { + DEBUG(7, ("Request successfully added to wait queue " + "of user [%s].\n", pd->user)); + return; + } else if (ret == ENOENT) { + DEBUG(7, ("Wait queue of user [%s] is empty, " + "running request immediately.\n", pd->user)); + } else { + DEBUG(7, ("Failed to add request to wait queue of user [%s], " + "running request immediately.\n", pd->user)); + } + req = krb5_auth_send(be_req, be_req->be_ctx->ev, be_req->be_ctx, pd, krb5_ctx); if (req == NULL) { @@ -1154,6 +1168,7 @@ void krb5_auth_done(struct tevent_req *req) int pam_status; int dp_err; struct pam_data *pd; + struct krb5_ctx *krb5_ctx; pd = talloc_get_type(be_req->req_data, struct pam_data); @@ -1166,6 +1181,13 @@ void krb5_auth_done(struct tevent_req *req) pd->pam_status = pam_status; } + krb5_ctx = get_krb5_ctx(be_req); + if (krb5_ctx == NULL) { + DEBUG(1, ("Kerberos context not available.\n")); + } + + check_wait_queue(krb5_ctx, pd->user); + krb_reply(be_req, dp_err, pd->pam_status); } |