SECRETS: Use HTTP error code 504 when a proxy server cannot be reached

Previously, a generic 500 error code was returned. This patch adds a new error message on a failure to contact the proxy server and returns 504, "Gateway timeout" instead. Resolves: https://fedorahosted.org/sssd/ticket/3212 Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
author: Jakub Hrozek <jhrozek@redhat.com> 2016-10-03 16:58:42 +0200
committer: Jakub Hrozek <jhrozek@redhat.com> 2016-10-04 21:26:09 +0200
commit: 41cd6072648bb7a9e14e56ed38004a2947f67657 (patch)
tree: cd7cc26222ba8bca1ac87f18455f9ee7ee4644c9 /src/responder/secrets
parent: f931864f46cb19346be45f3b6f55da54c8dc7078 (diff)
download: sssd-41cd6072648bb7a9e14e56ed38004a2947f67657.tar.gz
sssd-41cd6072648bb7a9e14e56ed38004a2947f67657.tar.xz
sssd-41cd6072648bb7a9e14e56ed38004a2947f67657.zip
3 files changed, 6 insertions, 1 deletions
diff --git a/src/responder/secrets/providers.c b/src/responder/secrets/providers.c
index 404d08277..8cbc6152b 100644
--- a/src/responder/secrets/providers.c
+++ b/src/responder/secrets/providers.c
@@ -180,6 +180,8 @@ static struct sec_http_status_format_table {
       "The requested resource already exists." },
     { 500, "Internal Server Error",
       "The server encountered an internal error." },
+    { 504, "Gateway timeout",
+      "No response from a proxy server." },
 };
 
 int sec_http_status_reply(TALLOC_CTX *mem_ctx, struct sec_data *reply,
@@ -348,6 +350,8 @@ enum sec_http_status_codes sec_errno_to_http_status(errno_t err)
         return STATUS_406;
     case EEXIST:
         return STATUS_409;
+    case ERR_SEC_NO_PROXY:
+        return STATUS_504;
     default:
         return STATUS_500;
     }
diff --git a/src/responder/secrets/proxy.c b/src/responder/secrets/proxy.c
index 3d3cae87d..3ed03e608 100644
--- a/src/responder/secrets/proxy.c
+++ b/src/responder/secrets/proxy.c
@@ -494,7 +494,7 @@ static void proxy_http_req_connect_step(struct tevent_req *req)
 
     if (!state->hostent->addr_list[state->hostidx]) {
         DEBUG(SSSDBG_CRIT_FAILURE, "No more addresses to try.\n");
-        ret = ENXIO;
+        ret = ERR_SEC_NO_PROXY;
         goto done;
     }
 
diff --git a/src/responder/secrets/secsrv_private.h b/src/responder/secrets/secsrv_private.h
index c3b663996..ef7e299d5 100644
--- a/src/responder/secrets/secsrv_private.h
+++ b/src/responder/secrets/secsrv_private.h
@@ -47,6 +47,7 @@ enum sec_http_status_codes {
     STATUS_406,
     STATUS_409,
     STATUS_500,
+    STATUS_504,
 };
 
 struct sec_proto_ctx {
author	Jakub Hrozek <jhrozek@redhat.com>	2016-10-03 16:58:42 +0200
committer	Jakub Hrozek <jhrozek@redhat.com>	2016-10-04 21:26:09 +0200
commit	41cd6072648bb7a9e14e56ed38004a2947f67657 (patch)
tree	cd7cc26222ba8bca1ac87f18455f9ee7ee4644c9 /src/responder/secrets
parent	f931864f46cb19346be45f3b6f55da54c8dc7078 (diff)
download	sssd-41cd6072648bb7a9e14e56ed38004a2947f67657.tar.gz sssd-41cd6072648bb7a9e14e56ed38004a2947f67657.tar.xz sssd-41cd6072648bb7a9e14e56ed38004a2947f67657.zip