Add ldap_krb5_ticket_lifetime option

author: Sumit Bose <sbose@redhat.com> 2010-05-11 17:51:02 +0200
committer: Stephen Gallagher <sgallagh@redhat.com> 2010-05-16 13:28:15 -0400
commit: ebb6e30d687a4d6626c735234c85cbb5b06a26aa (patch)
tree: 3a925d3c8237c08d0959523858e6ec0ba71ad8a1 /src/providers/ldap/sdap_async_connection.c
parent: e6ae55d5423434d5dc6c236e8647b33610d30e2e (diff)
download: sssd-ebb6e30d687a4d6626c735234c85cbb5b06a26aa.tar.gz
sssd-ebb6e30d687a4d6626c735234c85cbb5b06a26aa.tar.xz
sssd-ebb6e30d687a4d6626c735234c85cbb5b06a26aa.zip
1 files changed, 14 insertions, 4 deletions
diff --git a/src/providers/ldap/sdap_async_connection.c b/src/providers/ldap/sdap_async_connection.c
index bd8d4e960..2748ed51b 100644
--- a/src/providers/ldap/sdap_async_connection.c
+++ b/src/providers/ldap/sdap_async_connection.c
@@ -607,14 +607,21 @@ struct tevent_req *sdap_kinit_send(TALLOC_CTX *memctx,
                                    int    timeout,
                                    const char *keytab,
                                    const char *principal,
-                                   const char *realm)
+                                   const char *realm,
+                                   int lifetime)
 {
     struct tevent_req *req;
     struct tevent_req *subreq;
     struct sdap_kinit_state *state;
     int ret;
 
-    DEBUG(6, ("Attempting kinit (%s, %s, %s)\n", keytab, principal, realm));
+    DEBUG(6, ("Attempting kinit (%s, %s, %s, %d)\n", keytab, principal, realm,
+                                                     lifetime));
+
+    if (lifetime < 0 || lifetime > INT32_MAX) {
+        DEBUG(1, ("Ticket lifetime out of range.\n"));
+        return NULL;
+    }
 
     req = tevent_req_create(memctx, &state, struct sdap_kinit_state);
     if (!req) return NULL;
@@ -629,7 +636,8 @@ struct tevent_req *sdap_kinit_send(TALLOC_CTX *memctx,
         }
     }
 
-    subreq = sdap_get_tgt_send(state, ev, realm, principal, keytab, timeout);
+    subreq = sdap_get_tgt_send(state, ev, realm, principal, keytab, lifetime,
+                               timeout);
     if (!subreq) {
         talloc_zfree(req);
         return NULL;
@@ -1055,7 +1063,9 @@ static void sdap_cli_kinit_step(struct tevent_req *req)
                         dp_opt_get_string(state->opts->basic,
                                                    SDAP_SASL_AUTHID),
                         dp_opt_get_string(state->opts->basic,
-                                                   SDAP_KRB5_REALM));
+                                                   SDAP_KRB5_REALM),
+                        dp_opt_get_int(state->opts->basic,
+                                                   SDAP_KRB5_TICKET_LIFETIME));
     if (!subreq) {
         tevent_req_error(req, ENOMEM);
         return;
author	Sumit Bose <sbose@redhat.com>	2010-05-11 17:51:02 +0200
committer	Stephen Gallagher <sgallagh@redhat.com>	2010-05-16 13:28:15 -0400
commit	ebb6e30d687a4d6626c735234c85cbb5b06a26aa (patch)
tree	3a925d3c8237c08d0959523858e6ec0ba71ad8a1 /src/providers/ldap/sdap_async_connection.c
parent	e6ae55d5423434d5dc6c236e8647b33610d30e2e (diff)
download	sssd-ebb6e30d687a4d6626c735234c85cbb5b06a26aa.tar.gz sssd-ebb6e30d687a4d6626c735234c85cbb5b06a26aa.tar.xz sssd-ebb6e30d687a4d6626c735234c85cbb5b06a26aa.zip