diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2012-03-07 17:08:52 +0100 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2012-06-04 14:16:13 -0400 |
commit | 14b463120f867bb41ce4a7575fb668f66817534c (patch) | |
tree | 03c47d5e09d6a41747a90620647374010a277d6a /src | |
parent | 29354a2741ae120c084929b436099eba8c68de35 (diff) | |
download | sssd-14b463120f867bb41ce4a7575fb668f66817534c.tar.gz sssd-14b463120f867bb41ce4a7575fb668f66817534c.tar.xz sssd-14b463120f867bb41ce4a7575fb668f66817534c.zip |
Detect cycle in the fail over on subsequent resolve requests only
Diffstat (limited to 'src')
-rw-r--r-- | src/providers/data_provider_fo.c | 7 | ||||
-rw-r--r-- | src/providers/dp_backend.h | 3 | ||||
-rw-r--r-- | src/providers/krb5/krb5_auth.c | 32 | ||||
-rw-r--r-- | src/providers/ldap/ldap_auth.c | 3 | ||||
-rw-r--r-- | src/providers/ldap/sdap_async_connection.c | 6 |
5 files changed, 28 insertions, 23 deletions
diff --git a/src/providers/data_provider_fo.c b/src/providers/data_provider_fo.c index 5d634cab9..d5cb0a476 100644 --- a/src/providers/data_provider_fo.c +++ b/src/providers/data_provider_fo.c @@ -352,6 +352,7 @@ struct be_resolve_server_state { int attempts; struct fo_server *srv; + bool first_try; }; static void be_resolve_server_done(struct tevent_req *subreq); @@ -359,7 +360,8 @@ static void be_resolve_server_done(struct tevent_req *subreq); struct tevent_req *be_resolve_server_send(TALLOC_CTX *memctx, struct tevent_context *ev, struct be_ctx *ctx, - const char *service_name) + const char *service_name, + bool first_try) { struct tevent_req *req, *subreq; struct be_resolve_server_state *state; @@ -380,6 +382,7 @@ struct tevent_req *be_resolve_server_send(TALLOC_CTX *memctx, state->svc = svc; state->attempts = 0; + state->first_try = first_try; subreq = fo_resolve_service_send(state, ev, ctx->be_fo->resolv, @@ -452,7 +455,7 @@ static void be_resolve_server_done(struct tevent_req *subreq) } /* all fine we got the server */ - if (state->svc->first_resolved == NULL) { + if (state->svc->first_resolved == NULL || state->first_try == true) { DEBUG(7, ("Saving the first resolved server\n")); state->svc->first_resolved = state->srv; } else if (state->svc->first_resolved == state->srv) { diff --git a/src/providers/dp_backend.h b/src/providers/dp_backend.h index 5d75287ea..27ae9d73c 100644 --- a/src/providers/dp_backend.h +++ b/src/providers/dp_backend.h @@ -183,7 +183,8 @@ int be_fo_add_server(struct be_ctx *ctx, const char *service_name, struct tevent_req *be_resolve_server_send(TALLOC_CTX *memctx, struct tevent_context *ev, struct be_ctx *ctx, - const char *service_name); + const char *service_name, + bool first_try); int be_resolve_server_recv(struct tevent_req *req, struct fo_server **srv); void be_fo_set_port_status(struct be_ctx *ctx, diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c index f2777f2f9..24a6a4a4e 100644 --- a/src/providers/krb5/krb5_auth.c +++ b/src/providers/krb5/krb5_auth.c @@ -324,6 +324,9 @@ int krb5_auth_recv(struct tevent_req *req, int *pam_status, int *dp_err) return EOK; } +static struct tevent_req *krb5_next_kdc(struct tevent_req *req); +static struct tevent_req *krb5_next_kpasswd(struct tevent_req *req); + struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, struct be_ctx *be_ctx, @@ -511,16 +514,14 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, kr->srv = NULL; kr->kpasswd_srv = NULL; - subreq = be_resolve_server_send(state, state->ev, state->be_ctx, - krb5_ctx->service->name); - if (subreq == NULL) { - DEBUG(1, ("be_resolve_server_send failed.\n")); - ret = ENOMEM; + + subreq = krb5_next_kdc(req); + if (!subreq) { + DEBUG(1, ("krb5_next_kdc failed.\n")); + ret = EIO; goto done; } - tevent_req_set_callback(subreq, krb5_resolve_kdc_done, req); - return req; done: @@ -551,16 +552,12 @@ static void krb5_resolve_kdc_done(struct tevent_req *subreq) kr->is_offline = true; } else { if (kr->krb5_ctx->kpasswd_service != NULL) { - subreq = be_resolve_server_send(state, state->ev, state->be_ctx, - kr->krb5_ctx->kpasswd_service->name); + subreq = krb5_next_kpasswd(req); if (subreq == NULL) { - DEBUG(1, ("be_resolve_server_send failed.\n")); - ret = ENOMEM; + DEBUG(1, ("krb5_next_kpasswd failed.\n")); + ret = EIO; goto failed; } - - tevent_req_set_callback(subreq, krb5_resolve_kpasswd_done, req); - return; } } @@ -710,7 +707,6 @@ done: } static struct tevent_req *krb5_next_server(struct tevent_req *req); -static struct tevent_req *krb5_next_kdc(struct tevent_req *req); static struct tevent_req *krb5_next_kpasswd(struct tevent_req *req); static void krb5_child_done(struct tevent_req *subreq) @@ -1005,7 +1001,8 @@ static struct tevent_req *krb5_next_kdc(struct tevent_req *req) next_req = be_resolve_server_send(state, state->ev, state->be_ctx, - state->krb5_ctx->service->name); + state->krb5_ctx->service->name, + state->kr->srv == NULL ? true : false); if (next_req == NULL) { DEBUG(1, ("be_resolve_server_send failed.\n")); return NULL; @@ -1022,7 +1019,8 @@ static struct tevent_req *krb5_next_kpasswd(struct tevent_req *req) next_req = be_resolve_server_send(state, state->ev, state->be_ctx, - state->krb5_ctx->kpasswd_service->name); + state->krb5_ctx->kpasswd_service->name, + state->kr->kpasswd_srv == NULL ? true : false); if (next_req == NULL) { DEBUG(1, ("be_resolve_server_send failed.\n")); return NULL; diff --git a/src/providers/ldap/ldap_auth.c b/src/providers/ldap/ldap_auth.c index a1b0acd10..9b3abcb10 100644 --- a/src/providers/ldap/ldap_auth.c +++ b/src/providers/ldap/ldap_auth.c @@ -517,7 +517,8 @@ static struct tevent_req *auth_get_server(struct tevent_req *req) next_req = be_resolve_server_send(state, state->ev, state->ctx->be, - state->sdap_service->name); + state->sdap_service->name, + state->srv == NULL ? true : false); if (!next_req) { DEBUG(1, ("be_resolve_server_send failed.\n")); return NULL; diff --git a/src/providers/ldap/sdap_async_connection.c b/src/providers/ldap/sdap_async_connection.c index 321078478..63250d618 100644 --- a/src/providers/ldap/sdap_async_connection.c +++ b/src/providers/ldap/sdap_async_connection.c @@ -852,7 +852,8 @@ static struct tevent_req *sdap_kinit_next_kdc(struct tevent_req *req) next_req = be_resolve_server_send(state, state->ev, state->be, - state->krb_service_name); + state->krb_service_name, + state->kdc_srv == NULL ? true : false); if (next_req == NULL) { DEBUG(1, ("be_resolve_server_send failed.\n")); return NULL; @@ -1178,7 +1179,8 @@ static int sdap_cli_resolve_next(struct tevent_req *req) /* NOTE: this call may cause service->uri to be refreshed * with a new valid server. Do not use service->uri before */ subreq = be_resolve_server_send(state, state->ev, - state->be, state->service->name); + state->be, state->service->name, + state->srv == NULL ? true : false); if (!subreq) { return ENOMEM; } |