autofs-5.0.4 - renew sasl creds upon reconnect fail
From: Ian Kent <raven@themaw.net>
If a server re-connect fails it could be due to the authentication
credentail having timed out. So we need to dispose of this and retry
the connection including refreshing re-authenticating.
---
CHANGELOG | 1 +
modules/lookup_ldap.c | 17 +++++++++++++++++
2 files changed, 18 insertions(+), 0 deletions(-)
diff --git a/CHANGELOG b/CHANGELOG
index b093451..7dee674 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -11,6 +11,7 @@
- use CLOEXEC flag for setmntent also.
- fix hosts map use after free.
- fix uri list locking (again).
+- check for stale SASL credentials upon connect fail.
4/11/2008 autofs-5.0.4
-----------------------
diff --git a/modules/lookup_ldap.c b/modules/lookup_ldap.c
index b6784e1..bee97ae 100644
--- a/modules/lookup_ldap.c
+++ b/modules/lookup_ldap.c
@@ -675,6 +675,13 @@ static LDAP *do_reconnect(unsigned logopt, struct lookup_context *ctxt)
if (ctxt->server || !ctxt->uris) {
ldap = do_connect(logopt, ctxt->server, ctxt);
+#ifdef WITH_SASL
+ /* Dispose of the sasl authentication connection and try again. */
+ if (!ldap) {
+ autofs_sasl_dispose(ctxt);
+ ldap = connect_to_server(logopt, ctxt->server, ctxt);
+ }
+#endif
return ldap;
}
@@ -682,6 +689,16 @@ static LDAP *do_reconnect(unsigned logopt, struct lookup_context *ctxt)
this = ctxt->uri;
uris_mutex_unlock(ctxt);
ldap = do_connect(logopt, this->uri, ctxt);
+#ifdef WITH_SASL
+ /*
+ * Dispose of the sasl authentication connection and try the
+ * current server again before trying other servers in the list.
+ */
+ if (!ldap) {
+ autofs_sasl_dispose(ctxt);
+ ldap = connect_to_server(logopt, this->uri, ctxt);
+ }
+#endif
if (ldap)
return ldap;