[packages/autofs.git] / autofs-5.0.4-renew-sasl-creds-upon-reconnect-fail.patch

autofs-5.0.4 - renew sasl creds upon reconnect fail

From: Ian Kent <raven@themaw.net>

If a server re-connect fails it could be due to the authentication
credentail having timed out. So we need to dispose of this and retry
the connection including refreshing re-authenticating.
---

 CHANGELOG             |    1 +
 modules/lookup_ldap.c |   17 +++++++++++++++++
 2 files changed, 18 insertions(+), 0 deletions(-)


diff --git a/CHANGELOG b/CHANGELOG
index b093451..7dee674 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -11,6 +11,7 @@
 - use CLOEXEC flag for setmntent also.
 - fix hosts map use after free.
 - fix uri list locking (again).
+- check for stale SASL credentials upon connect fail.
 
 4/11/2008 autofs-5.0.4
 -----------------------
diff --git a/modules/lookup_ldap.c b/modules/lookup_ldap.c
index b6784e1..bee97ae 100644
--- a/modules/lookup_ldap.c
+++ b/modules/lookup_ldap.c
@@ -675,6 +675,13 @@ static LDAP *do_reconnect(unsigned logopt, struct lookup_context *ctxt)
 
 	if (ctxt->server || !ctxt->uris) {
 		ldap = do_connect(logopt, ctxt->server, ctxt);
+#ifdef WITH_SASL
+		/* Dispose of the sasl authentication connection and try again. */
+		if (!ldap) {
+			autofs_sasl_dispose(ctxt);
+			ldap = connect_to_server(logopt, ctxt->server, ctxt);
+		}
+#endif
 		return ldap;
 	}
 
@@ -682,6 +689,16 @@ static LDAP *do_reconnect(unsigned logopt, struct lookup_context *ctxt)
 	this = ctxt->uri;
 	uris_mutex_unlock(ctxt);
 	ldap = do_connect(logopt, this->uri, ctxt);
+#ifdef WITH_SASL
+	/*
+	 * Dispose of the sasl authentication connection and try the
+	 * current server again before trying other servers in the list.
+	 */
+	if (!ldap) {
+		autofs_sasl_dispose(ctxt);
+		ldap = connect_to_server(logopt, this->uri, ctxt);
+	}
+#endif
 	if (ldap)
 		return ldap;
Commit	Line	Data
e5fd101c PS	1	autofs-5.0.4 - renew sasl creds upon reconnect fail
	2
	3	From: Ian Kent <raven@themaw.net>
	4
	5	If a server re-connect fails it could be due to the authentication
	6	credentail having timed out. So we need to dispose of this and retry
	7	the connection including refreshing re-authenticating.
	8	---
	9
	10	CHANGELOG \| 1 +
	11	modules/lookup_ldap.c \| 17 +++++++++++++++++
	12	2 files changed, 18 insertions(+), 0 deletions(-)
	13
	14
	15	diff --git a/CHANGELOG b/CHANGELOG
	16	index b093451..7dee674 100644
	17	--- a/CHANGELOG
	18	+++ b/CHANGELOG
	19	@@ -11,6 +11,7 @@
	20	- use CLOEXEC flag for setmntent also.
	21	- fix hosts map use after free.
	22	- fix uri list locking (again).
	23	+- check for stale SASL credentials upon connect fail.
	24
	25	4/11/2008 autofs-5.0.4
	26	-----------------------
	27	diff --git a/modules/lookup_ldap.c b/modules/lookup_ldap.c
	28	index b6784e1..bee97ae 100644
	29	--- a/modules/lookup_ldap.c
	30	+++ b/modules/lookup_ldap.c
	31	@@ -675,6 +675,13 @@ static LDAP do_reconnect(unsigned logopt, struct lookup_context ctxt)
	32
	33	if (ctxt->server \|\| !ctxt->uris) {
	34	ldap = do_connect(logopt, ctxt->server, ctxt);
	35	+#ifdef WITH_SASL
	36	+ /* Dispose of the sasl authentication connection and try again. */
	37	+ if (!ldap) {
	38	+ autofs_sasl_dispose(ctxt);
	39	+ ldap = connect_to_server(logopt, ctxt->server, ctxt);
	40	+ }
	41	+#endif
	42	return ldap;
	43	}
	44
	45	@@ -682,6 +689,16 @@ static LDAP do_reconnect(unsigned logopt, struct lookup_context ctxt)
	46	this = ctxt->uri;
	47	uris_mutex_unlock(ctxt);
	48	ldap = do_connect(logopt, this->uri, ctxt);
	49	+#ifdef WITH_SASL
	50	+ /*
	51	+ * Dispose of the sasl authentication connection and try the
	52	+ * current server again before trying other servers in the list.
	53	+ */
	54	+ if (!ldap) {
	55	+ autofs_sasl_dispose(ctxt);
	56	+ ldap = connect_to_server(logopt, this->uri, ctxt);
	57	+ }
	58	+#endif
	59	if (ldap)
	60	return ldap;
	61