Skip to content

[autobackport: sssd-2-9] krb5_child: use ERR_CHECK_NEXT_AUTH_TYPE instead of EAGAIN #8229

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ikerexxe merged 3 commits into from
Dec 1, 2025
Merged

[autobackport: sssd-2-9] krb5_child: use ERR_CHECK_NEXT_AUTH_TYPE instead of EAGAIN #8229

ikerexxe merged 3 commits into from
Dec 1, 2025

Conversation

@sssd-bot
Copy link

@sssd-bot sssd-bot commented Nov 24, 2025

This is an automatic backport of PR#8176 krb5_child: use ERR_CHECK_NEXT_AUTH_TYPE instead of EAGAIN to branch sssd-2-9, created by @sumit-bose.

Please make sure this backport is correct.

Note

The commits were cherry-picked without conflicts.

You can push changes to this pull request

git remote add sssd-bot git@github.com:sssd-bot/sssd.git
git fetch sssd-bot refs/heads/SSSD-sssd-backport-pr8176-to-sssd-2-9
git checkout SSSD-sssd-backport-pr8176-to-sssd-2-9
git push sssd-bot SSSD-sssd-backport-pr8176-to-sssd-2-9 --force

Original commits
7ddb51f - utils: add new error code ERR_CHECK_NEXT_AUTH_TYPE
0adc2e7 - krb5_child: use ERR_CHECK_NEXT_AUTH_TYPE instead of EAGAIN
da82d1d - krb5_child: clarify EAGAIN returned by krb5_get_init_creds_password()

Backported commits

  • 6d68d95 - utils: add new error code ERR_CHECK_NEXT_AUTH_TYPE
  • 400f90c - krb5_child: use ERR_CHECK_NEXT_AUTH_TYPE instead of EAGAIN
  • 8590f0d - krb5_child: clarify EAGAIN returned by krb5_get_init_creds_password()

Original Pull Request Body

This patch used the new error code ERR_CHECK_NEXT_AUTH_TYPE while
processing different authentication types instead of EAGAIN because
EAGAIN might have side effects when returned to the callers.

Resolves: #8108

@sssd-bot sssd-bot requested review from ikerexxe and thalman November 24, 2025 09:07
gemini-code-assist[bot]
gemini-code-assist bot reviewed Nov 24, 2025
View reviewed changes
Copy link

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request correctly backports a change to introduce a new error code, ERR_CHECK_NEXT_AUTH_TYPE, replacing the more generic EAGAIN for signaling that the next authentication method should be tried. This is a good improvement as it enhances code clarity and prevents potential side effects from the ambiguous use of EAGAIN. The changes are consistently applied across src/providers/krb5/krb5_child.c, and the new error code is properly defined. The addition of a comment to clarify the handling of EAGAIN from krb5_get_init_creds_password() is also a welcome improvement. The changes are sound and I have not found any issues.

ikerexxe
ikerexxe approved these changes Dec 1, 2025
View reviewed changes
Copy link
Contributor

@ikerexxe ikerexxe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@sumit-bose @sssd-bot
utils: add new error code ERR_CHECK_NEXT_AUTH_TYPE
cc9c1d6 
This error code should be used if another authentication type should be
checked.

Resolves: SSSD#8108
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
Reviewed-by: Tomáš Halman <thalman@redhat.com>
(cherry picked from commit 7ddb51f)
@sumit-bose @sssd-bot
krb5_child: use ERR_CHECK_NEXT_AUTH_TYPE instead of EAGAIN
12f351a 
This patch used the new error code ERR_CHECK_NEXT_AUTH_TYPE while
processing different authentication types instead of EAGAIN because
EAGAIN might have side effects when returned to the callers.

Resolves: SSSD#8108
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
Reviewed-by: Tomáš Halman <thalman@redhat.com>
(cherry picked from commit 0adc2e7)
@sumit-bose @sssd-bot
krb5_child: clarify EAGAIN returned by krb5_get_init_creds_password()
8a9b1ef 
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
Reviewed-by: Tomáš Halman <thalman@redhat.com>
(cherry picked from commit da82d1d)
@sssd-bot
Copy link
Author

sssd-bot commented Dec 1, 2025

The pull request was accepted by @ikerexxe with the following PR CI status:

🟢 CodeQL (success)
🟢 rpm-build:centos-stream-9-x86_64:upstream (success)
🟢 Analyze (target) / cppcheck (success)
🟢 Build / make-distcheck (success)
🟢 ci / prepare (success)
🔴 ci / system (centos-9) (failure)
🟢 Static code analysis / codeql (success)
🟢 Static code analysis / pre-commit (success)
🟢 Static code analysis / python-system-tests (success)

There are unsuccessful or unfinished checks. Make sure that the failures are not related to this pull request before merging.

@sssd-bot sssd-bot force-pushed the SSSD-sssd-backport-pr8176-to-sssd-2-9 branch from 8590f0d to 8a9b1ef Compare December 1, 2025 10:15
@ikerexxe ikerexxe merged commit cacbfbe into SSSD:sssd-2-9 Dec 1, 2025
8 of 9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ikerexxe ikerexxe ikerexxe approved these changes

@thalman thalman Awaiting requested review from thalman

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@thalman thalman

@ikerexxe ikerexxe

Labels

Accepted

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@sssd-bot @ikerexxe @thalman @sumit-bose