-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Kerberos backend would previously try only the first server and if it was unreachable, it immediatelly went offline.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 04/28/2010 02:21 PM, Jakub Hrozek wrote:
The Kerberos backend would previously try only the first server and if it was unreachable, it immediatelly went offline.
Attached is a patch rebased on top of Sumit's tevent_req rewrite of krb5_auth.c for the master branch.
It also handles the case where the child times out and removes the special-casing of SSS_PAM_CHAUTHTOK in krb5_resolve_kdc_done(). The special casing didn't in fact have any effect as when using KDC for password changes we don't distinguish between the kdc and kpasswd service (they use the same "port" in terms of failover).
On Fri, Apr 30, 2010 at 05:39:53PM +0200, Jakub Hrozek wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 04/28/2010 02:21 PM, Jakub Hrozek wrote:
The Kerberos backend would previously try only the first server and if it was unreachable, it immediatelly went offline.
Attached is a patch rebased on top of Sumit's tevent_req rewrite of krb5_auth.c for the master branch.
It also handles the case where the child times out and removes the special-casing of SSS_PAM_CHAUTHTOK in krb5_resolve_kdc_done(). The special casing didn't in fact have any effect as when using KDC for password changes we don't distinguish between the kdc and kpasswd service (they use the same "port" in terms of failover). -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEUEARECAAYFAkva+ckACgkQHsardTLnvCXBuQCXQNmH2LKdF6JnILnZjKbCaTgL nwCgr+rPgx2dBxuKjahd4Hskebp3zhY= =S/FO -----END PGP SIGNATURE-----
ACK
bye, Sumit
On 05/25/2010 06:43 AM, Sumit Bose wrote:
ACK
Pushed to master.
sssd-devel@lists.fedorahosted.org