privatevoid.net/depot
1
1
Fork 0
Code Issues 25 Pull requests 2 Projects 3 Releases Packages Wiki Activity Actions

packages/kanidm: update unixd-authenticated.patch

Browse source
This commit is contained in:
Max Headroom 2024-12-27 19:57:55 +01:00
parent a9948efc53
commit 666b0cd6c4
1 changed files with 17 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
patches/base/kanidm/unixd-authenticated.patch
View file

@ -1,5 +1,5 @@
diff --git a/unix_integration/resolver/src/idprovider/kanidm.rs b/unix_integration/resolver/src/idprovider/kanidm.rs diff --git a/unix_integration/resolver/src/idprovider/kanidm.rs b/unix_integration/resolver/src/idprovider/kanidm.rs
index 63cedb4d5..35c45fb0e 100644 index d0a6a8159..7ebc0449d 100644
--- a/unix_integration/resolver/src/idprovider/kanidm.rs --- a/unix_integration/resolver/src/idprovider/kanidm.rs
+++ b/unix_integration/resolver/src/idprovider/kanidm.rs +++ b/unix_integration/resolver/src/idprovider/kanidm.rs
@@ -7,6 +7,7 @@ use kanidm_proto::internal::OperationError; @@ -7,6 +7,7 @@ use kanidm_proto::internal::OperationError;
@ -10,7 +10,7 @@ index 63cedb4d5..35c45fb0e 100644
use tokio::sync::{broadcast, Mutex}; use tokio::sync::{broadcast, Mutex};
use kanidm_lib_crypto::CryptoPolicy; use kanidm_lib_crypto::CryptoPolicy;
@@ -38,6 +39,8 @@ struct KanidmProviderInternal { @@ -39,6 +40,8 @@ struct KanidmProviderInternal {
hmac_key: HmacKey, hmac_key: HmacKey,
crypto_policy: CryptoPolicy, crypto_policy: CryptoPolicy,
pam_allow_groups: BTreeSet<String>, pam_allow_groups: BTreeSet<String>,
@ -19,7 +19,7 @@ index 63cedb4d5..35c45fb0e 100644
} }
pub struct KanidmProvider { pub struct KanidmProvider {
@@ -102,6 +105,19 @@ impl KanidmProvider { @@ -103,6 +106,19 @@ impl KanidmProvider {
.map(|GroupMap { local, with }| (local, Id::Name(with))) .map(|GroupMap { local, with }| (local, Id::Name(with)))
.collect(); .collect();
@ -39,7 +39,7 @@ index 63cedb4d5..35c45fb0e 100644
Ok(KanidmProvider { Ok(KanidmProvider {
inner: Mutex::new(KanidmProviderInternal { inner: Mutex::new(KanidmProviderInternal {
state: CacheState::OfflineNextCheck(now), state: CacheState::OfflineNextCheck(now),
@@ -109,6 +125,8 @@ impl KanidmProvider { @@ -110,6 +126,8 @@ impl KanidmProvider {
hmac_key, hmac_key,
crypto_policy, crypto_policy,
pam_allow_groups, pam_allow_groups,
@ -48,16 +48,16 @@ index 63cedb4d5..35c45fb0e 100644
}), }),
map_group, map_group,
}) })
@@ -256,7 +274,11 @@ impl KanidmProviderInternal { @@ -262,7 +280,11 @@ impl KanidmProviderInternal {
} let mut max_attempts = 3;
while max_attempts > 0 {
async fn attempt_online(&mut self, _tpm: &mut tpm::BoxedDynTpm, now: SystemTime) -> bool { max_attempts -= 1;
- match self.client.auth_anonymous().await { - match self.client.auth_anonymous().await {
+ let auth_method = match (&self.auth_name, &self.auth_password) { + let auth_method = match (&self.auth_name, &self.auth_password) {
+ (Some(name), Some(password)) => self.client.auth_simple_password(name, password).await, + (Some(name), Some(password)) => self.client.auth_simple_password(name, password).await,
+ _ => self.client.auth_anonymous().await + _ => self.client.auth_anonymous().await
+ }; + };
+ match auth_method { + match auth_method {
Ok(_uat) => { Ok(_uat) => {
self.state = CacheState::Online; debug!("provider is now online");
true self.state = CacheState::Online;