[TACACS] Improve nss-tacplus TACACS connect timeout (#17460)

Improve nss-tacplus TACACS connect timeout #### Why I did it TACACS login usually config multiple server, when a high priority server not reachable or high lantency, remote user login will slowly, also run SUDO command will slowly. To improve this issue, enable read timeout in nss-tacplus. ### How I did it Enable read timeout in nss-tacplus. #### How to verify it Pass all UT. ### Description for the changelog Improve nss-tacplus TACACS connect timeout.
2024-03-07 07:29:52 +08:00 · 2024-03-07 07:29:52 +08:00 · 1cc78c9240
commit 1cc78c9240
parent f886328897
1 changed files with 10 additions and 4 deletions
--- a/src/tacacs/nss/patch/0001-Modify-user-map-profile.patch
+++ b/src/tacacs/nss/patch/0001-Modify-user-map-profile.patch
@ -180,7 +180,7 @@ index 79e62b9..ecfa0b0 100644
 
 /*
  * pwbuf is used to reduce number of arguments passed around; the strings in
-@@ -63,255 +59,239 @@ struct pwbuf {
+@@ -63,255 +59,245 @@ struct pwbuf {
 typedef struct {
     struct addrinfo *addr;
     char *key;
@ -445,9 +445,15 @@ index 79e62b9..ecfa0b0 100644
 +                tac_srv[tac_srv_no].key = strdup(token + 7);
 +            }
 +            else if(!strncmp(token, "timeout=", 8)) {
-+                tac_srv[tac_srv_no].timeout = (int)strtoul(token + 8, NULL, 0);
-+                if(tac_srv[tac_srv_no].timeout < 0)
-+                    tac_srv[tac_srv_no].timeout = 0;
+                int timeout = (int)strtoul(token + 8, NULL, 0);
+                if(timeout < 0) {
+                   tac_srv[tac_srv_no].timeout = 0;
+                   tac_readtimeout_enable = 0;
+                }
+                else {
+                   tac_srv[tac_srv_no].timeout = timeout;
+                   tac_readtimeout_enable = 1;
+                }
 +                /* Limit timeout to make sure upper application not wait
 +                 * for a long time*/
 +                if(tac_srv[tac_srv_no].timeout > 5)