diff options
| author | Jakub Hrozek <jhrozek@redhat.com> | 2012-03-07 17:08:52 +0100 |
|---|---|---|
| committer | Jan Zeleny <jzeleny@redhat.com> | 2012-03-08 11:00:39 +0100 |
| commit | 8e59877b7c5294d5c88623caed4693ffe11e19e1 (patch) | |
| tree | 90d820a7c56970caf932cc67dfc802b54703b8cd /src | |
| parent | 9027034fcfe8d967c9250eb78a78edcc0811c805 (diff) | |
| download | sssd-8e59877b7c5294d5c88623caed4693ffe11e19e1.tar.gz sssd-8e59877b7c5294d5c88623caed4693ffe11e19e1.tar.xz sssd-8e59877b7c5294d5c88623caed4693ffe11e19e1.zip | |
Detect cycle in the fail over on subsequent resolve requests only
Diffstat (limited to 'src')
| -rw-r--r-- | src/providers/data_provider_fo.c | 7 | ||||
| -rw-r--r-- | src/providers/dp_backend.h | 3 | ||||
| -rw-r--r-- | src/providers/krb5/krb5_auth.c | 32 | ||||
| -rw-r--r-- | src/providers/ldap/ldap_auth.c | 3 | ||||
| -rw-r--r-- | src/providers/ldap/sdap_async_connection.c | 6 |
5 files changed, 28 insertions, 23 deletions
diff --git a/src/providers/data_provider_fo.c b/src/providers/data_provider_fo.c index 36300fb38..ada41a3ac 100644 --- a/src/providers/data_provider_fo.c +++ b/src/providers/data_provider_fo.c @@ -343,6 +343,7 @@ struct be_resolve_server_state { int attempts; struct fo_server *srv; + bool first_try; }; static void be_resolve_server_done(struct tevent_req *subreq); @@ -350,7 +351,8 @@ static void be_resolve_server_done(struct tevent_req *subreq); struct tevent_req *be_resolve_server_send(TALLOC_CTX *memctx, struct tevent_context *ev, struct be_ctx *ctx, - const char *service_name) + const char *service_name, + bool first_try) { struct tevent_req *req, *subreq; struct be_resolve_server_state *state; @@ -371,6 +373,7 @@ struct tevent_req *be_resolve_server_send(TALLOC_CTX *memctx, state->svc = svc; state->attempts = 0; + state->first_try = first_try; subreq = fo_resolve_service_send(state, ev, ctx->be_fo->resolv, @@ -444,7 +447,7 @@ static void be_resolve_server_done(struct tevent_req *subreq) } /* all fine we got the server */ - if (state->svc->first_resolved == NULL) { + if (state->svc->first_resolved == NULL || state->first_try == true) { DEBUG(SSSDBG_TRACE_LIBS, ("Saving the first resolved server\n")); state->svc->first_resolved = state->srv; } else if (state->svc->first_resolved == state->srv) { diff --git a/src/providers/dp_backend.h b/src/providers/dp_backend.h index 96c774783..6e98e7ef3 100644 --- a/src/providers/dp_backend.h +++ b/src/providers/dp_backend.h @@ -207,7 +207,8 @@ int be_fo_add_server(struct be_ctx *ctx, const char *service_name, struct tevent_req *be_resolve_server_send(TALLOC_CTX *memctx, struct tevent_context *ev, struct be_ctx *ctx, - const char *service_name); + const char *service_name, + bool first_try); int be_resolve_server_recv(struct tevent_req *req, struct fo_server **srv); void be_fo_set_port_status(struct be_ctx *ctx, diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c index 72992ba75..0306426cc 100644 --- a/src/providers/krb5/krb5_auth.c +++ b/src/providers/krb5/krb5_auth.c @@ -320,6 +320,9 @@ int krb5_auth_recv(struct tevent_req *req, int *pam_status, int *dp_err) return EOK; } +static struct tevent_req *krb5_next_kdc(struct tevent_req *req); +static struct tevent_req *krb5_next_kpasswd(struct tevent_req *req); + struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, struct be_ctx *be_ctx, @@ -507,16 +510,14 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, kr->srv = NULL; kr->kpasswd_srv = NULL; - subreq = be_resolve_server_send(state, state->ev, state->be_ctx, - krb5_ctx->service->name); - if (subreq == NULL) { - DEBUG(1, ("be_resolve_server_send failed.\n")); - ret = ENOMEM; + + subreq = krb5_next_kdc(req); + if (!subreq) { + DEBUG(SSSDBG_CRIT_FAILURE, ("krb5_next_kdc failed.\n")); + ret = EIO; goto done; } - tevent_req_set_callback(subreq, krb5_resolve_kdc_done, req); - return req; done: @@ -557,16 +558,12 @@ static void krb5_resolve_kdc_done(struct tevent_req *subreq) } } else { if (kr->krb5_ctx->kpasswd_service != NULL) { - subreq = be_resolve_server_send(state, state->ev, state->be_ctx, - kr->krb5_ctx->kpasswd_service->name); + subreq = krb5_next_kpasswd(req); if (subreq == NULL) { - DEBUG(1, ("be_resolve_server_send failed.\n")); - ret = ENOMEM; + DEBUG(SSSDBG_CRIT_FAILURE, ("krb5_next_kpasswd failed.\n")); + ret = EIO; goto failed; } - - tevent_req_set_callback(subreq, krb5_resolve_kpasswd_done, req); - return; } } @@ -718,7 +715,6 @@ done: } static struct tevent_req *krb5_next_server(struct tevent_req *req); -static struct tevent_req *krb5_next_kdc(struct tevent_req *req); static struct tevent_req *krb5_next_kpasswd(struct tevent_req *req); static void krb5_child_done(struct tevent_req *subreq) @@ -1004,7 +1000,8 @@ static struct tevent_req *krb5_next_kdc(struct tevent_req *req) next_req = be_resolve_server_send(state, state->ev, state->be_ctx, - state->krb5_ctx->service->name); + state->krb5_ctx->service->name, + state->kr->srv == NULL ? true : false); if (next_req == NULL) { DEBUG(1, ("be_resolve_server_send failed.\n")); return NULL; @@ -1021,7 +1018,8 @@ static struct tevent_req *krb5_next_kpasswd(struct tevent_req *req) next_req = be_resolve_server_send(state, state->ev, state->be_ctx, - state->krb5_ctx->kpasswd_service->name); + state->krb5_ctx->kpasswd_service->name, + state->kr->kpasswd_srv == NULL ? true : false); if (next_req == NULL) { DEBUG(1, ("be_resolve_server_send failed.\n")); return NULL; diff --git a/src/providers/ldap/ldap_auth.c b/src/providers/ldap/ldap_auth.c index 8b6173e14..734249ced 100644 --- a/src/providers/ldap/ldap_auth.c +++ b/src/providers/ldap/ldap_auth.c @@ -517,7 +517,8 @@ static struct tevent_req *auth_get_server(struct tevent_req *req) next_req = be_resolve_server_send(state, state->ev, state->ctx->be, - state->sdap_service->name); + state->sdap_service->name, + state->srv == NULL ? true : false); if (!next_req) { DEBUG(1, ("be_resolve_server_send failed.\n")); return NULL; diff --git a/src/providers/ldap/sdap_async_connection.c b/src/providers/ldap/sdap_async_connection.c index 22aa4f91e..2b7f8c93d 100644 --- a/src/providers/ldap/sdap_async_connection.c +++ b/src/providers/ldap/sdap_async_connection.c @@ -884,7 +884,8 @@ static struct tevent_req *sdap_kinit_next_kdc(struct tevent_req *req) next_req = be_resolve_server_send(state, state->ev, state->be, - state->krb_service_name); + state->krb_service_name, + state->kdc_srv == NULL ? true : false); if (next_req == NULL) { DEBUG(1, ("be_resolve_server_send failed.\n")); return NULL; @@ -1215,7 +1216,8 @@ static int sdap_cli_resolve_next(struct tevent_req *req) /* NOTE: this call may cause service->uri to be refreshed * with a new valid server. Do not use service->uri before */ subreq = be_resolve_server_send(state, state->ev, - state->be, state->service->name); + state->be, state->service->name, + state->srv == NULL ? true : false); if (!subreq) { return ENOMEM; } |