diff options
author | Jan Zeleny <jzeleny@redhat.com> | 2012-03-14 06:25:44 -0400 |
---|---|---|
committer | Jan Zeleny <jzeleny@redhat.com> | 2012-05-22 11:16:10 -0400 |
commit | e9fe642b3b26ce3221d996f3f9bd5f27cb749ed6 (patch) | |
tree | f74c6014f5bb853e92f0a28118d7cb903120bbe2 /src/providers/krb5/krb5_renew_tgt.c | |
parent | 409df325ce3add837139408c8375d39f851e8866 (diff) | |
download | sssd-e9fe642b3b26ce3221d996f3f9bd5f27cb749ed6.tar.gz sssd-e9fe642b3b26ce3221d996f3f9bd5f27cb749ed6.tar.xz sssd-e9fe642b3b26ce3221d996f3f9bd5f27cb749ed6.zip |
Accept be_req instead of be_ctx in krb5 auth provider
Diffstat (limited to 'src/providers/krb5/krb5_renew_tgt.c')
-rw-r--r-- | src/providers/krb5/krb5_renew_tgt.c | 29 |
1 files changed, 26 insertions, 3 deletions
diff --git a/src/providers/krb5/krb5_renew_tgt.c b/src/providers/krb5/krb5_renew_tgt.c index 2ad5592e9..bde6bf26f 100644 --- a/src/providers/krb5/krb5_renew_tgt.c +++ b/src/providers/krb5/krb5_renew_tgt.c @@ -48,7 +48,7 @@ struct renew_data { }; struct auth_data { - struct be_ctx *be_ctx; + struct be_req *breq; struct krb5_ctx *krb5_ctx; struct pam_data *pd; struct renew_data *renew_data; @@ -65,7 +65,7 @@ static void renew_tgt(struct tevent_context *ev, struct tevent_timer *te, struct auth_data); struct tevent_req *req; - req = krb5_auth_send(auth_data, ev, auth_data->be_ctx, auth_data->pd, + req = krb5_auth_send(auth_data, ev, auth_data->breq, auth_data->pd, auth_data->krb5_ctx); if (req == NULL) { DEBUG(1, ("krb5_auth_send failed.\n")); @@ -156,6 +156,7 @@ static errno_t renew_all_tgts(struct renew_tgt_ctx *renew_tgt_ctx) size_t c; time_t now; struct auth_data *auth_data; + struct be_req *breq; struct renew_data *renew_data; struct tevent_timer *te; @@ -189,9 +190,30 @@ static errno_t renew_all_tgts(struct renew_tgt_ctx *renew_tgt_ctx) * auth_data to allow a new renewal attempt. */ auth_data->pd = talloc_move(auth_data, &renew_data->pd); auth_data->krb5_ctx = renew_tgt_ctx->krb5_ctx; - auth_data->be_ctx = renew_tgt_ctx->be_ctx; auth_data->table = renew_tgt_ctx->tgt_table; auth_data->renew_data = renew_data; + + /* Create a stub of be_req for krb5_auth_send() */ + auth_data->breq = talloc_zero(auth_data, + struct be_req); + if (auth_data->breq == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_zero failed\n")); + return ENOMEM; + } + breq = auth_data->breq; + breq->be_ctx = renew_tgt_ctx->be_ctx; + if (strcmp(auth_data->pd->domain, + breq->be_ctx->domain->name) != 0) { + breq->domain = new_subdomain(breq, breq->be_ctx->domain, + auth_data->pd->domain, NULL, NULL); + if (breq->domain == NULL) { + return ENOMEM; + } + } else { + breq->domain = breq->be_ctx->domain; + } + breq->sysdb = breq->domain->sysdb; + auth_data->key.type = entries[c].key.type; auth_data->key.str = talloc_strdup(auth_data, entries[c].key.str); @@ -389,6 +411,7 @@ static errno_t check_ccache_files(struct renew_tgt_ctx *renew_tgt_ctx) return ENOMEM; } + /* TODO: this HAS to be fixed - the routine has to go through all subdomains */ ret = sysdb_search_users(tmp_ctx, renew_tgt_ctx->be_ctx->sysdb, ccache_filter, ccache_attrs, &msgs_count, &msgs); if (ret != EOK) { |