dpward / rpms / sssd

Forked from rpms/sssd 3 years ago
Clone

Blame SOURCES/0059-pam-Incerease-p11-child-timeout.patch

6cf099
From 8cc5a9b94d6d660d61cce62543b6714d95e19697 Mon Sep 17 00:00:00 2001
6cf099
From: =?UTF-8?q?Michal=20=C5=BDidek?= <mzidek@redhat.com>
6cf099
Date: Thu, 13 Aug 2015 14:03:24 +0200
6cf099
Subject: [PATCH 59/59] pam: Incerease p11 child timeout
6cf099
MIME-Version: 1.0
6cf099
Content-Type: text/plain; charset=UTF-8
6cf099
Content-Transfer-Encoding: 8bit
6cf099
6cf099
Ticket:
6cf099
https://fedorahosted.org/sssd/ticket/2746
6cf099
6cf099
It was timeouting often in CI machines.
6cf099
6cf099
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
6cf099
---
6cf099
 Makefile.am                    | 1 +
6cf099
 src/responder/pam/pamsrv_cmd.c | 9 +++++++--
6cf099
 2 files changed, 8 insertions(+), 2 deletions(-)
6cf099
6cf099
diff --git a/Makefile.am b/Makefile.am
6cf099
index ed107fd5dc76b768176a3d7236b0bf1c75f212bf..7dc4875c9cb05bf146505c0dc0dab543fb326bd3 100644
6cf099
--- a/Makefile.am
6cf099
+++ b/Makefile.am
6cf099
@@ -1892,6 +1892,7 @@ pam_srv_tests_SOURCES = \
6cf099
 pam_srv_tests_CFLAGS = \
6cf099
     -U SSSD_LIBEXEC_PATH -DSSSD_LIBEXEC_PATH=\"$(abs_builddir)\" \
6cf099
     $(AM_CFLAGS) \
6cf099
+    -DSSS_P11_CHILD_TIMEOUT=30 \
6cf099
     $(NULL)
6cf099
 pam_srv_tests_LDFLAGS = \
6cf099
     -Wl,-wrap,sss_packet_get_body \
6cf099
diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c
6cf099
index 3b84fb864c5a1b08dc4126ff97e258a792f312bc..aa5c20906a36351e425304122517c81676e730b7 100644
6cf099
--- a/src/responder/pam/pamsrv_cmd.c
6cf099
+++ b/src/responder/pam/pamsrv_cmd.c
6cf099
@@ -43,6 +43,11 @@ enum pam_verbosity {
6cf099
 
6cf099
 #define DEFAULT_PAM_VERBOSITY PAM_VERBOSITY_IMPORTANT
6cf099
 
6cf099
+/* TODO: Should we make this configurable? */
6cf099
+#ifndef SSS_P11_CHILD_TIMEOUT
6cf099
+#define SSS_P11_CHILD_TIMEOUT 10
6cf099
+#endif
6cf099
+
6cf099
 static errno_t
6cf099
 pam_null_last_online_auth_with_curr_token(struct sss_domain_info *domain,
6cf099
                                           const char *username);
6cf099
@@ -1122,7 +1127,7 @@ static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd)
6cf099
 
6cf099
     if (may_do_cert_auth(pctx, pd)) {
6cf099
         req = pam_check_cert_send(cctx, cctx->ev, pctx->p11_child_debug_fd,
6cf099
-                                  pctx->nss_db, 10, pd);
6cf099
+                                  pctx->nss_db, SSS_P11_CHILD_TIMEOUT, pd);
6cf099
         if (req == NULL) {
6cf099
             DEBUG(SSSDBG_OP_FAILURE, "pam_check_cert_send failed.\n");
6cf099
             ret = ENOMEM;
6cf099
@@ -1338,7 +1343,7 @@ static void pam_forwarder_cb(struct tevent_req *req)
6cf099
 
6cf099
     if (may_do_cert_auth(pctx, pd)) {
6cf099
         req = pam_check_cert_send(cctx, cctx->ev, pctx->p11_child_debug_fd,
6cf099
-                                  pctx->nss_db, 10, pd);
6cf099
+                                  pctx->nss_db, SSS_P11_CHILD_TIMEOUT, pd);
6cf099
         if (req == NULL) {
6cf099
             DEBUG(SSSDBG_OP_FAILURE, "pam_check_cert_send failed.\n");
6cf099
             ret = ENOMEM;
6cf099
-- 
6cf099
2.4.3
6cf099