*-login: Disconnect from auth server after idling for a minute.

--HG--
branch : HEAD

diff --git a/src/login-common/client-common.c b/src/login-common/client-common.c
index 135dffd6609baccc20579f5783a47ed57ede8394..da8800825c748dd2f62325a0f2133b62ad0c988a 100644 (file)
--- a/src/login-common/client-common.c
+++ b/src/login-common/client-common.c
@@ -156,9 +156,9 @@ void client_destroy(struct client *client, const char *reason)
                /* as soon as this connection is done with proxying
                   (or whatever), the process will die. there's no need for
                   authentication anymore, so close the connection. */
-               if (auth_client != NULL)
-                       auth_client_deinit(&auth_client);
+               auth_client_disconnect(auth_client);
        }
+       login_client_destroyed();
        login_refresh_proctitle();
 }
 

diff --git a/src/login-common/login-common.h b/src/login-common/login-common.h
index 9860fa044f02503ad87e25178ce1af9277d43595..adacbb5c0bf0830050856efeac2d9c9e064133c4 100644 (file)
--- a/src/login-common/login-common.h
+++ b/src/login-common/login-common.h
@@ -24,6 +24,8 @@ extern const struct login_settings *global_login_settings;
 extern void **global_other_settings;
 
 void login_refresh_proctitle(void);
+void login_client_destroyed(void);
+
 void login_process_preinit(void);
 
 #endif

diff --git a/src/login-common/main.c b/src/login-common/main.c
index 73970051dc56160f4cfa433c4b56163ec513031b..8c0f759e3db9bbc7d90c41561bdd27964a2ff15f 100644 (file)
--- a/src/login-common/main.c
+++ b/src/login-common/main.c
@@ -20,6 +20,8 @@
 #include <unistd.h>
 #include <syslog.h>
 
+#define AUTH_CLIENT_IDLE_TIMEOUT_MSECS (1000*60)
+
 struct login_access_lookup {
        struct master_service_connection conn;
        struct io *io;
@@ -36,6 +38,7 @@ struct anvil_client *anvil;
 const struct login_settings *global_login_settings;
 void **global_other_settings;
 
+static struct timeout *auth_client_to;
 static bool shutting_down = FALSE;
 static bool ssl_connections = FALSE;
 
@@ -62,12 +65,27 @@ void login_refresh_proctitle(void)
        }
 }
 
+static void auth_client_idle_timeout(struct auth_client *auth_client)
+{
+       auth_client_disconnect(auth_client);
+       timeout_remove(&auth_client_to);
+}
+
+void login_client_destroyed(void)
+{
+       if (clients == NULL && auth_client_to == NULL) {
+               auth_client_to = timeout_add(AUTH_CLIENT_IDLE_TIMEOUT_MSECS,
+                                            auth_client_idle_timeout,
+                                            auth_client);
+       }
+}
+
 static void login_die(void)
 {
        shutting_down = TRUE;
        login_proxy_kill_idle();
 
-       if (auth_client == NULL || !auth_client_is_connected(auth_client)) {
+       if (!auth_client_is_connected(auth_client)) {
                /* we don't have auth client, and we might never get one */
                clients_destroy_all();
        }
@@ -116,6 +134,9 @@ client_connected_finish(const struct master_service_connection *conn)
 
        client->remote_port = conn->remote_port;
        client->local_port = local_port;
+
+       if (auth_client_to != NULL)
+               timeout_remove(&auth_client_to);
 }
 
 static void login_access_lookup_free(struct login_access_lookup *lookup)
@@ -286,13 +307,14 @@ static void main_deinit(void)
        ssl_proxy_deinit();
        login_proxy_deinit();
 
-       if (auth_client != NULL)
-               auth_client_deinit(&auth_client);
+       auth_client_deinit(&auth_client);
        clients_deinit();
        master_auth_deinit(&master_auth);
 
        if (anvil != NULL)
                anvil_client_deinit(&anvil);
+       if (auth_client_to != NULL)
+               timeout_remove(&auth_client_to);
 }
 
 int main(int argc, char *argv[])