-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 04/28/2010 02:21 PM, Jakub Hrozek wrote:
The Kerberos backend would previously try only the first server and
if
it was unreachable, it immediatelly went offline.
Attached is a patch rebased on top of Sumit's tevent_req rewrite of
krb5_auth.c for the master branch.
It also handles the case where the child times out and removes the
special-casing of SSS_PAM_CHAUTHTOK in krb5_resolve_kdc_done(). The
special casing didn't in fact have any effect as when using KDC for
password changes we don't distinguish between the kdc and kpasswd
service (they use the same "port" in terms of failover).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Fedora -
http://enigmail.mozdev.org/
iEUEARECAAYFAkva+ckACgkQHsardTLnvCXBuQCXQNmH2LKdF6JnILnZjKbCaTgL
nwCgr+rPgx2dBxuKjahd4Hskebp3zhY=
=S/FO
-----END PGP SIGNATURE-----