68ef824a5f
And also ...
- Related: upstream#941 - return multiple server addresses to the Kerberos
locator plugin
- Related: upstream#3652 - kdcinfo doesn't get populated for other domains
- Resolves: upstream#3747 - sss_ssh_authorizedkeys exits abruptly if SSHD
closes its end of the pipe before reading all the
SSH keys
- Resolves: upstream#3607 - Handle conflicting e-mail addresses more gracefully
- Resolves: upstream#3754 - SSSD AD uses LDAP filter to detect POSIX attributes
stored in AD GC also for regular AD DC queries
- Related: upstream#3219 - [RFE] Regular expression used in sssd.conf not being
able to consume an @-sign in the user/group name.
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
87 lines
3.0 KiB
Diff
87 lines
3.0 KiB
Diff
From 54ea4576ba8cb8dfbefdd3ced29fc35f836afc61 Mon Sep 17 00:00:00 2001
|
|
From: Sumit Bose <sbose@redhat.com>
|
|
Date: Fri, 8 Jun 2018 08:29:04 +0200
|
|
Subject: [PATCH] krb5_common: add callback only once
|
|
|
|
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
|
(cherry picked from commit 4759a482781bcecdb0ad1119e74dcefa1fe94337)
|
|
---
|
|
src/providers/krb5/krb5_common.c | 12 +++++++++++-
|
|
src/providers/krb5/krb5_common.h | 2 ++
|
|
2 files changed, 13 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/src/providers/krb5/krb5_common.c b/src/providers/krb5/krb5_common.c
|
|
index c6896a6cd663da896075e72aa0a0602c198b45e8..d064a09ac3726c4185c2fa1eeac76ef6c261d33b 100644
|
|
--- a/src/providers/krb5/krb5_common.c
|
|
+++ b/src/providers/krb5/krb5_common.c
|
|
@@ -399,6 +399,7 @@ static int remove_info_files_destructor(void *p)
|
|
if (ret != EOK) {
|
|
DEBUG(SSSDBG_CRIT_FAILURE, "remove_krb5_info_files failed.\n");
|
|
}
|
|
+ ctx->krb5_service->removal_callback_available = false;
|
|
|
|
return 0;
|
|
}
|
|
@@ -407,7 +408,7 @@ static errno_t
|
|
krb5_add_krb5info_offline_callback(struct krb5_service *krb5_service)
|
|
{
|
|
int ret;
|
|
- struct remove_info_files_ctx *ctx;
|
|
+ struct remove_info_files_ctx *ctx = NULL;
|
|
|
|
if (krb5_service == NULL || krb5_service->name == NULL
|
|
|| krb5_service->realm == NULL
|
|
@@ -416,6 +417,13 @@ krb5_add_krb5info_offline_callback(struct krb5_service *krb5_service)
|
|
return EINVAL;
|
|
}
|
|
|
|
+ if (krb5_service->removal_callback_available) {
|
|
+ DEBUG(SSSDBG_TRACE_ALL,
|
|
+ "Removal callback already available for service [%s].\n",
|
|
+ krb5_service->name);
|
|
+ return EOK;
|
|
+ }
|
|
+
|
|
ctx = talloc_zero(krb5_service->be_ctx, struct remove_info_files_ctx);
|
|
if (ctx == NULL) {
|
|
DEBUG(SSSDBG_CRIT_FAILURE, "talloc_zfree failed.\n");
|
|
@@ -430,6 +438,7 @@ krb5_add_krb5info_offline_callback(struct krb5_service *krb5_service)
|
|
}
|
|
|
|
ctx->be_ctx = krb5_service->be_ctx;
|
|
+ ctx->krb5_service = krb5_service;
|
|
ctx->kdc_service_name = talloc_strdup(ctx, krb5_service->name);
|
|
if (ctx->kdc_service_name == NULL) {
|
|
DEBUG(SSSDBG_CRIT_FAILURE, "talloc_strdup failed!\n");
|
|
@@ -445,6 +454,7 @@ krb5_add_krb5info_offline_callback(struct krb5_service *krb5_service)
|
|
}
|
|
|
|
talloc_set_destructor((TALLOC_CTX *) ctx, remove_info_files_destructor);
|
|
+ krb5_service->removal_callback_available = true;
|
|
|
|
ret = EOK;
|
|
|
|
diff --git a/src/providers/krb5/krb5_common.h b/src/providers/krb5/krb5_common.h
|
|
index a2e47b0605debdffa28305dab4f7674707f713ac..3529d740b89fee91281f936fdafd1bdb99e95bd7 100644
|
|
--- a/src/providers/krb5/krb5_common.h
|
|
+++ b/src/providers/krb5/krb5_common.h
|
|
@@ -71,6 +71,7 @@ struct krb5_service {
|
|
char *name;
|
|
char *realm;
|
|
bool write_kdcinfo;
|
|
+ bool removal_callback_available;
|
|
};
|
|
|
|
struct fo_service;
|
|
@@ -146,6 +147,7 @@ struct remove_info_files_ctx {
|
|
struct be_ctx *be_ctx;
|
|
const char *kdc_service_name;
|
|
const char *kpasswd_service_name;
|
|
+ struct krb5_service *krb5_service;
|
|
};
|
|
|
|
errno_t sss_krb5_check_options(struct dp_option *opts,
|
|
--
|
|
2.17.1
|
|
|