diff options
author | Sumit Bose <sbose@redhat.com> | 2010-04-19 11:59:09 +0200 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-05-26 15:14:40 -0400 |
commit | 02e38eae1b9cb5df2036a707dafd86f6047c17de (patch) | |
tree | 970b10c1df9bfe101a3d84ec1ff87dedd5364186 /src/providers/krb5/krb5_init.c | |
parent | 06c03627c81a5252420931383a68eb67ba551667 (diff) | |
download | sssd-02e38eae1b9cb5df2036a707dafd86f6047c17de.tar.gz sssd-02e38eae1b9cb5df2036a707dafd86f6047c17de.tar.xz sssd-02e38eae1b9cb5df2036a707dafd86f6047c17de.zip |
Add support for delayed kinit if offline
If the configuration option krb5_store_password_if_offline is set to
true and the backend is offline the plain text user password is stored
and used to request a TGT if the backend becomes online. If available
the Linux kernel key retention service is used.
Diffstat (limited to 'src/providers/krb5/krb5_init.c')
-rw-r--r-- | src/providers/krb5/krb5_init.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/providers/krb5/krb5_init.c b/src/providers/krb5/krb5_init.c index 0ad589268..d0c8be544 100644 --- a/src/providers/krb5/krb5_init.c +++ b/src/providers/krb5/krb5_init.c @@ -121,6 +121,14 @@ int sssm_krb5_auth_init(struct be_ctx *bectx, } } + if (dp_opt_get_bool(ctx->opts, KRB5_STORE_PASSWORD_IF_OFFLINE)) { + ret = init_delayed_online_authentication(ctx, bectx, bectx->ev); + if (ret != EOK) { + DEBUG(1, ("init_delayed_online_authentication failed.\n")); + goto fail; + } + } + ret = check_and_export_options(ctx->opts, bectx->domain); if (ret != EOK) { DEBUG(1, ("check_and_export_options failed.\n")); |