From 40eff245f0ab8babc734843b017ba72dd2c21ce6 Mon Sep 17 00:00:00 2001
From: Mike khiretskiy <mh@calculate.ru>
Date: Thu, 14 Nov 2013 12:41:11 +0400
Subject: [PATCH] =?UTF-8?q?=D0=98=D1=81=D0=BF=D1=80=D0=B0=D0=B2=D0=BB?=
 =?UTF-8?q?=D0=B5=D0=BD=D0=BE=20=D0=BE=D0=B6=D0=B8=D0=B4=D0=B0=D0=B5=D0=BD?=
 =?UTF-8?q?=D0=B8=D0=B5=20ldap=20=D1=81=D0=B5=D1=80=D0=B2=D0=B5=D1=80?=
 =?UTF-8?q?=D0=B0.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 README       |  4 ++--
 pam_client.c | 12 +++++++++---
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/README b/README
index c02b4b6..3128bf8 100644
--- a/README
+++ b/README
@@ -1,6 +1,6 @@
 This is the README file for the library pam_client.
-Library pam_client designed to wait client daemon before
-LDAP authorization.
+Library pam_client designed to wait for client daemon before
+LDAP authorization and to wait for LDAP service.
 
 Installation
 ----------
diff --git a/pam_client.c b/pam_client.c
index e7f1b39..eb1ead4 100644
--- a/pam_client.c
+++ b/pam_client.c
@@ -31,6 +31,7 @@
 #define PAM_SM_AUTH
 #define MAX_V 30
 #define WAITTIME 30
+#define WAITTIMELDAP 60
 
 typedef struct pam_config
 {
@@ -205,10 +206,11 @@ static int
 _check_ldap (int retry_count)
 {
   int result;
+  int timelimit = 3;
   struct berval userpw;
   struct berval *servcred;
   char buf[BUFSIZ];
-  LDAP *ld;
+  LDAP *ld=NULL;
   pam_config_t * config= NULL;
   if(_read_config(NULL,&config) != PAM_SUCCESS) {
     if(config)
@@ -219,7 +221,9 @@ _check_ldap (int retry_count)
   snprintf(buf,BUFSIZ,"ldap://%s:%d",config->host,config->port);
   if(ldap_initialize(&ld,buf) == LDAP_SUCCESS &&
      ldap_set_option(ld,LDAP_OPT_PROTOCOL_VERSION,
-                     &config->version) == LDAP_SUCCESS ) {
+                     &config->version) == LDAP_SUCCESS &&
+     ldap_set_option(ld,LDAP_OPT_TIMELIMIT,
+                     &timelimit) == LDAP_SUCCESS) {
     userpw.bv_val = config->bindpw;
     userpw.bv_len = (userpw.bv_val != 0) ? strlen (userpw.bv_val) : 0;
     for(;retry_count;retry_count--) {
@@ -234,6 +238,8 @@ _check_ldap (int retry_count)
       sleep(1);
     }
   }
+  if(ld != NULL)
+    ldap_unbind(ld);
   _release_config(&config);
   return result;
 }
@@ -258,7 +264,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags
    for(i=0;i<WAITTIME;i++) {
        if(file_exists(started_client) || 
           file_exists(started_local)) {
-            if(_check_ldap(WAITTIME-i)==PAM_SUCCESS)
+            if(_check_ldap(WAITTIMELDAP-i)!=-1)
                 return PAM_SUCCESS;
             break;
        }