autofs/autofs-5.0.4-renew-sasl-creds-upon-reconnect-fail.patch

autofs-5.0.4 - renew sasl creds upon reconnect fail

From: Ian Kent <raven@themaw.net>

If a server re-connect fails it could be due to the authentication
credentail having timed out. So we need to dispose of this and retry
the connection including refreshing re-authenticating.
---

 CHANGELOG             |    1 +
 modules/lookup_ldap.c |   17 +++++++++++++++++
 2 files changed, 18 insertions(+), 0 deletions(-)


diff --git a/CHANGELOG b/CHANGELOG
index b093451..7dee674 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -11,6 +11,7 @@
 - use CLOEXEC flag for setmntent also.
 - fix hosts map use after free.
 - fix uri list locking (again).
+- check for stale SASL credentials upon connect fail.
 
 4/11/2008 autofs-5.0.4
 -----------------------
diff --git a/modules/lookup_ldap.c b/modules/lookup_ldap.c
index b6784e1..bee97ae 100644
--- a/modules/lookup_ldap.c
+++ b/modules/lookup_ldap.c
@@ -675,6 +675,13 @@ static LDAP *do_reconnect(unsigned logopt, struct lookup_context *ctxt)
 
 	if (ctxt->server || !ctxt->uris) {
 		ldap = do_connect(logopt, ctxt->server, ctxt);
+#ifdef WITH_SASL
+		/* Dispose of the sasl authentication connection and try again. */
+		if (!ldap) {
+			autofs_sasl_dispose(ctxt);
+			ldap = connect_to_server(logopt, ctxt->server, ctxt);
+		}
+#endif
 		return ldap;
 	}
 
@@ -682,6 +689,16 @@ static LDAP *do_reconnect(unsigned logopt, struct lookup_context *ctxt)
 	this = ctxt->uri;
 	uris_mutex_unlock(ctxt);
 	ldap = do_connect(logopt, this->uri, ctxt);
+#ifdef WITH_SASL
+	/*
+	 * Dispose of the sasl authentication connection and try the
+	 * current server again before trying other servers in the list.
+	 */
+	if (!ldap) {
+		autofs_sasl_dispose(ctxt);
+		ldap = connect_to_server(logopt, this->uri, ctxt);
+	}
+#endif
 	if (ldap)
 		return ldap;