From 02e38eae1b9cb5df2036a707dafd86f6047c17de Mon Sep 17 00:00:00 2001 From: Sumit Bose Date: Mon, 19 Apr 2010 11:59:09 +0200 Subject: Add support for delayed kinit if offline If the configuration option krb5_store_password_if_offline is set to true and the backend is offline the plain text user password is stored and used to request a TGT if the backend becomes online. If available the Linux kernel key retention service is used. --- src/db/sysdb_ops.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'src/db/sysdb_ops.c') diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c index 00b74c6a4..7f454311e 100644 --- a/src/db/sysdb_ops.c +++ b/src/db/sysdb_ops.c @@ -1988,6 +1988,7 @@ int sysdb_cache_auth(TALLOC_CTX *mem_ctx, const uint8_t *authtok, size_t authtok_size, struct confdb_ctx *cdb, + bool just_check, time_t *_expire_date, time_t *_delayed_until) { @@ -2120,6 +2121,11 @@ int sysdb_cache_auth(TALLOC_CTX *mem_ctx, DEBUG(4, ("Hashes do match!\n")); authentication_successful = true; + if (just_check) { + ret = EOK; + goto done; + } + ret = sysdb_attrs_add_time_t(update_attrs, SYSDB_LAST_LOGIN, time(NULL)); if (ret != EOK) { @@ -2168,8 +2174,12 @@ int sysdb_cache_auth(TALLOC_CTX *mem_ctx, } done: - *_expire_date = expire_date; - *_delayed_until = delayed_until; + if (_expire_date != NULL) { + *_expire_date = expire_date; + } + if (_delayed_until != NULL) { + *_delayed_until = delayed_until; + } if (password) for (i = 0; password[i]; i++) password[i] = 0; if (ret) { ldb_transaction_cancel(sysdb->ldb); -- cgit