diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2015-06-30 19:40:46 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-07-06 15:23:44 +0200 |
commit | 01ec08efd0e166ac6f390f8627c6d08dcc63ccc4 (patch) | |
tree | 5a95a8a7b36db9baaf18fad0ca0c22eb7a2cc32d /src/providers/krb5/krb5_auth.h | |
parent | eca74a9559ce1b0f123c14906ad8394fc303f468 (diff) | |
download | sssd-01ec08efd0e166ac6f390f8627c6d08dcc63ccc4.tar.gz sssd-01ec08efd0e166ac6f390f8627c6d08dcc63ccc4.tar.xz sssd-01ec08efd0e166ac6f390f8627c6d08dcc63ccc4.zip |
KRB5: Add and use krb5_auth_queue_send to queue requests by default
Resolves:
https://fedorahosted.org/sssd/ticket/2701
Previously, only the krb5 provides used to queue requests, which
resulted in concurrent authentication requests stepping on one another.
This patch queues requests by default.
Reviewed-by: Sumit Bose <sbose@redhat.com>
Diffstat (limited to 'src/providers/krb5/krb5_auth.h')
-rw-r--r-- | src/providers/krb5/krb5_auth.h | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/src/providers/krb5/krb5_auth.h b/src/providers/krb5/krb5_auth.h index a00f1d9d9..205e70665 100644 --- a/src/providers/krb5/krb5_auth.h +++ b/src/providers/krb5/krb5_auth.h @@ -66,6 +66,11 @@ errno_t krb5_setup(TALLOC_CTX *mem_ctx, struct pam_data *pd, void krb5_pam_handler(struct be_req *be_req); void krb5_pam_handler_auth_done(struct tevent_req *req); +/* Please use krb5_auth_send/recv *only* if you're certain there can't + * be concurrent logins happening. With some ccache back ends, the ccache + * files might clobber one another. Please use krb5_auth_queue_send() + * instead that queues the requests + */ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, struct be_ctx *be_ctx, @@ -114,7 +119,14 @@ struct tevent_req *krb5_access_send(TALLOC_CTX *mem_ctx, int krb5_access_recv(struct tevent_req *req, bool *access_allowed); /* krb5_wait_queue.c */ -errno_t add_to_wait_queue(struct be_req *be_req, struct pam_data *pd, - struct krb5_ctx *krb5_ctx); -void check_wait_queue(struct krb5_ctx *krb5_ctx, char *username); +struct tevent_req *krb5_auth_queue_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct be_ctx *be_ctx, + struct pam_data *pd, + struct krb5_ctx *krb5_ctx); + +int krb5_auth_queue_recv(struct tevent_req *req, + int *_pam_status, + int *_dp_err); + #endif /* __KRB5_AUTH_H__ */ |