On Mon, 2013-03-04 at 13:10 +0100, Pavel Březina wrote:
> On 02/28/2013 12:29 AM, Simo Sorce wrote:
> > This patch removes yet another set of custom and parallel error codes
> > specified in the sdap_result enumeration, and instead uses the new
> > unified error codes.
> >
> > This is to be applied on top of the previous patchset that adds SSSD
> > specific error codes.
> >
> > I have done minimal testing with my IPA install and it seems to work
> > fine as far as ldap+SASL/GSSAPI auth goes.
> >
> > Simo.
> >
>
> Hi,
>
> > @@ -771,14 +776,19 @@ static struct tevent_req *sasl_bind_send(TALLOC_CTX
> > *memctx,
> > if (ret) goto fail;
> > }
> >
> > + /* This is a hack, relies on the fact that tevent_req_done() will only
> > set
> > + * the state if no callback has been set yet
>
> This is not true. tevent_req_done() always sets the state, even if
> there is no callback yet.
I think my wording was misleading.
What I meant here is that tevent_req_done *only* sets they state, and if
no callback is set nothing bad will happen. I will reword it so that it
more clear.
> and then the immediate event
> > + * set up by tevent_req_post() will call the async callback set by the
> > + * caller right after we return */
> > + tevent_req_done(req);
> > tevent_req_post(req, ev);
> > return req;
> >
> > fail:
> > - if (ret == LDAP_SERVER_DOWN) {
> > + if (ret == LDAP_SERVER_DOWN || ret == LDAP_TIMEOUT) {
> > tevent_req_error(req, ETIMEDOUT);
> > } else {
> > - tevent_req_error(req, EIO);
> > + tevent_req_error(req, ERR_AUTH_FAILED);
> > }
> > tevent_req_post(req, ev);
> > return req;
>
> Otherwise it seems to be working correctly. I correct password,
> incorrect password, changing password, password expiration,
> enable/disable user with both LDAP (without kerberos) and IPA.
Excellent, thanks!
Simo.
--
Simo Sorce * Red Hat, Inc * New York
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
