Rename plugin/api.c to plugin/general.c and comment it

diff --git a/Makefile.am b/Makefile.am
index 234a10037bce3f3a5cfa9b26ddccb2d1fb7551cc..63bda2e58ed2b614bfe0d854e8ff745771706062 100644 (file)
--- a/Makefile.am
+++ b/Makefile.am
@@ -32,9 +32,10 @@ moduledir = $(libdir)/krb5/plugins/kadm5_hook
 
 # Rules for building the krb5-sync plugin.
 module_LTLIBRARIES = plugin/krb5_sync.la
-plugin_krb5_sync_la_SOURCES = plugin/ad.c plugin/api.c plugin/config.c     \
-       plugin/error.c plugin/internal.h plugin/heimdal.c plugin/instance.c \
-       plugin/logging.c plugin/mit.c plugin/queue.c plugin/vector.c
+plugin_krb5_sync_la_SOURCES = plugin/ad.c plugin/config.c plugin/error.c \
+       plugin/internal.h plugin/general.c plugin/heimdal.c              \
+       plugin/instance.c plugin/logging.c plugin/mit.c plugin/queue.c   \
+       plugin/vector.c
 plugin_krb5_sync_la_CPPFLAGS = $(KADM5SRV_CPPFLAGS) $(LDAP_CPPFLAGS) \
        $(AM_CPPFLAGS)
 plugin_krb5_sync_la_LDFLAGS = -module -avoid-version $(KADM5SRV_LDFLAGS) \

diff --git a/plugin/api.c b/plugin/general.c
similarity index 93%
rename from plugin/api.c
rename to plugin/general.c
index adc869b0fc8570b115b1edca196a21cb866e34b5..e6d35fd4f3c225c289453f082df7ff7a072a1d2c 100644 (file)
--- a/plugin/api.c
+++ b/plugin/general.c
@@ -204,22 +204,31 @@ sync_chpass(kadm5_hook_modinfo *config, krb5_context ctx,
     bool allowed = false;
     bool conflict = true;
 
+    /* Do nothing if we don't have required configuration. */
     if (config->ad_realm == NULL)
         return 0;
+
+    /* If there was no password, this is probably a key randomization. */
     if (password == NULL)
         return 0;
+
+    /* Check if this principal should be synchronized. */
     code = principal_allowed(config, ctx, principal, true, &allowed);
     if (code != 0)
         return code;
     if (!allowed)
         return 0;
-    code = sync_queue_conflict(config, ctx, principal, "enable", &conflict);
+
+    /* Check if there was a queue conflict or if we always queue. */
+    code = sync_queue_conflict(config, ctx, principal, "password", &conflict);
     if (code != 0)
         return code;
     if (conflict)
         goto queue;
     if (config->ad_queue_only)
         goto queue;
+
+    /* Do the password change, and queue if it fails. */
     code = sync_ad_chpass(config, ctx, principal, password);
     if (code != 0) {
         message = krb5_get_error_message(ctx, code);
@@ -253,17 +262,22 @@ sync_status(kadm5_hook_modinfo *config, krb5_context ctx,
     bool allowed = false;
     bool conflict = true;
 
+    /* Do nothing if we don't have the required configuration. */
     if (config->ad_admin_server == NULL
         || config->ad_keytab == NULL
         || config->ad_ldap_base == NULL
         || config->ad_principal == NULL
         || config->ad_realm == NULL)
         return 0;
+
+    /* Check if this principal should be synchronized. */
     code = principal_allowed(config, ctx, principal, true, &allowed);
     if (code != 0)
         return code;
     if (!allowed)
         return 0;
+
+    /* Check if there was a queue conflict or if we always queue. */
     code = sync_queue_conflict(config, ctx, principal, "enable", &conflict);
     if (code != 0)
         return code;
@@ -271,6 +285,8 @@ sync_status(kadm5_hook_modinfo *config, krb5_context ctx,
         goto queue;
     if (config->ad_queue_only)
         goto queue;
+
+    /* Synchronize the status. */
     code = sync_ad_status(config, ctx, principal, enabled);
     if (code != 0) {
         message = krb5_get_error_message(ctx, code);