On 02/28/2013 12:29 AM, Simo Sorce wrote:
This patch removes yet another set of custom and parallel error codes
specified in the sdap_result enumeration, and instead uses the new
unified error codes.
This is to be applied on top of the previous patchset that adds SSSD
specific error codes.
I have done minimal testing with my IPA install and it seems to work
fine as far as ldap+SASL/GSSAPI auth goes.
Simo.
Hi,
@@ -771,14 +776,19 @@ static struct tevent_req *sasl_bind_send(TALLOC_CTX
*memctx,
if (ret) goto fail;
}
+ /* This is a hack, relies on the fact that tevent_req_done() will only set
+ * the state if no callback has been set yet
This is not true. tevent_req_done() always sets the state, even if
there is no callback yet.
and then the immediate event
+ * set up by tevent_req_post() will call the async callback set by the
+ * caller right after we return */
+ tevent_req_done(req);
tevent_req_post(req, ev);
return req;
fail:
- if (ret == LDAP_SERVER_DOWN) {
+ if (ret == LDAP_SERVER_DOWN || ret == LDAP_TIMEOUT) {
tevent_req_error(req, ETIMEDOUT);
} else {
- tevent_req_error(req, EIO);
+ tevent_req_error(req, ERR_AUTH_FAILED);
}
tevent_req_post(req, ev);
return req;
Otherwise it seems to be working correctly. I correct password,
incorrect password, changing password, password expiration,
enable/disable user with both LDAP (without kerberos) and IPA.
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
