summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/man/sssd-ldap.5.xml3
-rw-r--r--src/providers/ldap/ldap_auth.c6
-rw-r--r--src/providers/ldap/sdap_async.c6
-rw-r--r--src/providers/ldap/sdap_async.h3
4 files changed, 12 insertions, 6 deletions
diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml
index e598d70c5..a93e6dfe7 100644
--- a/src/man/sssd-ldap.5.xml
+++ b/src/man/sssd-ldap.5.xml
@@ -1236,7 +1236,8 @@
calls to synchronous LDAP APIs will abort if no
response is received. Also controls the timeout
when communicating with the KDC in case of SASL
- bind and the timeout of an LDAP bind operation.
+ bind, the timeout of an LDAP bind operation and
+ password change extended operation.
</para>
<para>
Default: 6
diff --git a/src/providers/ldap/ldap_auth.c b/src/providers/ldap/ldap_auth.c
index 3147b49b0..42899fd0e 100644
--- a/src/providers/ldap/ldap_auth.c
+++ b/src/providers/ldap/ldap_auth.c
@@ -1046,6 +1046,7 @@ static void sdap_auth4chpass_done(struct tevent_req *req)
} else {
const char *password;
const char *new_password;
+ int timeout;
ret = sss_authtok_get_password(state->pd->authtok,
&password, NULL);
@@ -1060,9 +1061,12 @@ static void sdap_auth4chpass_done(struct tevent_req *req)
goto done;
}
+ timeout = dp_opt_get_int(state->ctx->opts->basic, SDAP_OPT_TIMEOUT);
+
subreq = sdap_exop_modify_passwd_send(state, be_ctx->ev,
state->sh, state->dn,
- password, new_password);
+ password, new_password,
+ timeout);
if (!subreq) {
DEBUG(SSSDBG_OP_FAILURE,
"Failed to change password for %s\n", state->username);
diff --git a/src/providers/ldap/sdap_async.c b/src/providers/ldap/sdap_async.c
index c30a4578e..c979fbeac 100644
--- a/src/providers/ldap/sdap_async.c
+++ b/src/providers/ldap/sdap_async.c
@@ -494,7 +494,8 @@ struct tevent_req *sdap_exop_modify_passwd_send(TALLOC_CTX *memctx,
struct sdap_handle *sh,
char *user_dn,
const char *password,
- const char *new_password)
+ const char *new_password,
+ int timeout)
{
struct tevent_req *req = NULL;
struct sdap_exop_modify_passwd_state *state;
@@ -562,9 +563,8 @@ struct tevent_req *sdap_exop_modify_passwd_send(TALLOC_CTX *memctx,
DEBUG(SSSDBG_TRACE_INTERNAL,
"ldap_extended_operation sent, msgid = %d\n", msgid);
- /* FIXME: get timeouts from configuration, for now 5 secs. */
ret = sdap_op_add(state, ev, state->sh, msgid,
- sdap_exop_modify_passwd_done, req, 5, &state->op);
+ sdap_exop_modify_passwd_done, req, timeout, &state->op);
if (ret) {
DEBUG(SSSDBG_CRIT_FAILURE, "Failed to set up operation!\n");
ret = ERR_INTERNAL;
diff --git a/src/providers/ldap/sdap_async.h b/src/providers/ldap/sdap_async.h
index 941b81a41..29afd8e1a 100644
--- a/src/providers/ldap/sdap_async.h
+++ b/src/providers/ldap/sdap_async.h
@@ -145,7 +145,8 @@ struct tevent_req *sdap_exop_modify_passwd_send(TALLOC_CTX *memctx,
struct sdap_handle *sh,
char *user_dn,
const char *password,
- const char *new_password);
+ const char *new_password,
+ int timeout);
errno_t sdap_exop_modify_passwd_recv(struct tevent_req *req,
TALLOC_CTX *mem_ctx,
char **user_error_msg);