From 8c16bbb83193f84ca26eb24e10081fe3126ae7e2 Mon Sep 17 00:00:00 2001 From: Sumit Bose Date: Fri, 7 May 2010 15:28:21 +0200 Subject: [PATCH] Create kdcinfo and kpasswdinfo file at startup --- src/providers/ipa/ipa_common.c | 9 ++++++++ src/providers/krb5/krb5_common.c | 41 +++++++++++++++++++++++++++++++++++++- src/providers/krb5/krb5_common.h | 2 + 3 files changed, 51 insertions(+), 1 deletions(-) diff --git a/src/providers/ipa/ipa_common.c b/src/providers/ipa/ipa_common.c index 3a79eb4..00708f6 100644 --- a/src/providers/ipa/ipa_common.c +++ b/src/providers/ipa/ipa_common.c @@ -485,6 +485,7 @@ int ipa_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx, char *realm; int ret; int i; + struct tevent_req *req; tmp_ctx = talloc_new(memctx); if (!tmp_ctx) { @@ -579,6 +580,14 @@ int ipa_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx, goto done; } + req = be_resolve_server_send(memctx, ctx->ev, ctx, "IPA"); + if (req == NULL) { + DEBUG(1, ("be_resolve_server_send failed.\n")); + ret = ENOMEM; + goto done; + } + tevent_req_set_callback(req, krb5_init_resolve_done, service->krb5_service); + ret = EOK; done: diff --git a/src/providers/krb5/krb5_common.c b/src/providers/krb5/krb5_common.c index 9a2255f..53711b7 100644 --- a/src/providers/krb5/krb5_common.c +++ b/src/providers/krb5/krb5_common.c @@ -31,6 +31,8 @@ #include "providers/dp_backend.h" #include "providers/krb5/krb5_common.h" +#define DUMMY_ADDRESS "255.255.255.255" + struct dp_option default_krb5_opts[] = { { "krb5_kdcip", DP_OPT_STRING, NULL_STRING, NULL_STRING }, { "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING }, @@ -288,7 +290,6 @@ static void krb5_resolve_callback(void *private_data, struct fo_server *server) return; } - int krb5_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx, const char *service_name, const char *servers, const char *realm, struct krb5_service **_service) @@ -303,6 +304,7 @@ int krb5_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx, char *server_spec; char *endptr; struct servent *servent; + struct tevent_req *req; tmp_ctx = talloc_new(memctx); if (!tmp_ctx) { @@ -425,6 +427,14 @@ int krb5_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx, goto done; } + req = be_resolve_server_send(memctx, ctx->ev, ctx, service_name); + if (req == NULL) { + DEBUG(1, ("be_resolve_server_send failed.\n")); + ret = ENOMEM; + goto done; + } + tevent_req_set_callback(req, krb5_init_resolve_done, service); + ret = EOK; done: @@ -435,3 +445,32 @@ done: return ret; } +void krb5_init_resolve_done(struct tevent_req *req) +{ + struct krb5_service *krb5_service = tevent_req_callback_data(req, + struct krb5_service); + int ret; + struct fo_server *srv; + const char *service_name; + + ret = be_resolve_server_recv(req, &srv); + talloc_zfree(req); + if (ret) { + DEBUG(1, ("be_resolve_server request failed [%d][%s]. " + "Creating dummy info file.\n", ret, strerror(ret))); + + service_name = krb5_service->name; + if (strcmp(service_name, "IPA") == 0) { + service_name = SSS_KRB5KDC_FO_SRV; + } + ret = write_krb5info_file(krb5_service->realm, DUMMY_ADDRESS, + service_name); + if (ret != EOK) { + DEBUG(2, ("write_krb5info_file failed, " + "authentication might fail.\n")); + } + } + + return; +} + diff --git a/src/providers/krb5/krb5_common.h b/src/providers/krb5/krb5_common.h index 46d7a61..aa585b3 100644 --- a/src/providers/krb5/krb5_common.h +++ b/src/providers/krb5/krb5_common.h @@ -76,4 +76,6 @@ errno_t write_krb5info_file(const char *realm, const char *kdc, int krb5_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx, const char *service_name, const char *servers, const char *realm, struct krb5_service **_service); + +void krb5_init_resolve_done(struct tevent_req *req); #endif /* __KRB5_COMMON_H__ */ -- 1.6.6.1