From 5d2e7ec2ea725c8a6a63f56b771e746f93e782ec Mon Sep 17 00:00:00 2001
From: Timo Sirainen <tss@iki.fi>
Date: Fri, 19 Feb 2010 05:10:48 +0200
Subject: [PATCH] *-login: Disconnect from auth server after idling for a
 minute.

--HG--
branch : HEAD
---
 src/login-common/client-common.c |  4 ++--
 src/login-common/login-common.h  |  2 ++
 src/login-common/main.c          | 28 +++++++++++++++++++++++++---
 3 files changed, 29 insertions(+), 5 deletions(-)

diff --git a/src/login-common/client-common.c b/src/login-common/client-common.c
index 135dffd660..da8800825c 100644
--- a/src/login-common/client-common.c
+++ b/src/login-common/client-common.c
@@ -156,9 +156,9 @@ void client_destroy(struct client *client, const char *reason)
 		/* as soon as this connection is done with proxying
 		   (or whatever), the process will die. there's no need for
 		   authentication anymore, so close the connection. */
-		if (auth_client != NULL)
-			auth_client_deinit(&auth_client);
+		auth_client_disconnect(auth_client);
 	}
+	login_client_destroyed();
 	login_refresh_proctitle();
 }
 
diff --git a/src/login-common/login-common.h b/src/login-common/login-common.h
index 9860fa044f..adacbb5c0b 100644
--- a/src/login-common/login-common.h
+++ b/src/login-common/login-common.h
@@ -24,6 +24,8 @@ extern const struct login_settings *global_login_settings;
 extern void **global_other_settings;
 
 void login_refresh_proctitle(void);
+void login_client_destroyed(void);
+
 void login_process_preinit(void);
 
 #endif
diff --git a/src/login-common/main.c b/src/login-common/main.c
index 73970051dc..8c0f759e3d 100644
--- a/src/login-common/main.c
+++ b/src/login-common/main.c
@@ -20,6 +20,8 @@
 #include <unistd.h>
 #include <syslog.h>
 
+#define AUTH_CLIENT_IDLE_TIMEOUT_MSECS (1000*60)
+
 struct login_access_lookup {
 	struct master_service_connection conn;
 	struct io *io;
@@ -36,6 +38,7 @@ struct anvil_client *anvil;
 const struct login_settings *global_login_settings;
 void **global_other_settings;
 
+static struct timeout *auth_client_to;
 static bool shutting_down = FALSE;
 static bool ssl_connections = FALSE;
 
@@ -62,12 +65,27 @@ void login_refresh_proctitle(void)
 	}
 }
 
+static void auth_client_idle_timeout(struct auth_client *auth_client)
+{
+	auth_client_disconnect(auth_client);
+	timeout_remove(&auth_client_to);
+}
+
+void login_client_destroyed(void)
+{
+	if (clients == NULL && auth_client_to == NULL) {
+		auth_client_to = timeout_add(AUTH_CLIENT_IDLE_TIMEOUT_MSECS,
+					     auth_client_idle_timeout,
+					     auth_client);
+	}
+}
+
 static void login_die(void)
 {
 	shutting_down = TRUE;
 	login_proxy_kill_idle();
 
-	if (auth_client == NULL || !auth_client_is_connected(auth_client)) {
+	if (!auth_client_is_connected(auth_client)) {
 		/* we don't have auth client, and we might never get one */
 		clients_destroy_all();
 	}
@@ -116,6 +134,9 @@ client_connected_finish(const struct master_service_connection *conn)
 
 	client->remote_port = conn->remote_port;
 	client->local_port = local_port;
+
+	if (auth_client_to != NULL)
+		timeout_remove(&auth_client_to);
 }
 
 static void login_access_lookup_free(struct login_access_lookup *lookup)
@@ -286,13 +307,14 @@ static void main_deinit(void)
 	ssl_proxy_deinit();
 	login_proxy_deinit();
 
-	if (auth_client != NULL)
-		auth_client_deinit(&auth_client);
+	auth_client_deinit(&auth_client);
 	clients_deinit();
 	master_auth_deinit(&master_auth);
 
 	if (anvil != NULL)
 		anvil_client_deinit(&anvil);
+	if (auth_client_to != NULL)
+		timeout_remove(&auth_client_to);
 }
 
 int main(int argc, char *argv[])
-- 
2.47.3