[TACACS] Improve nss-tacplus TACACS connect timeout (#17460)

Improve nss-tacplus TACACS connect timeout #### Why I did it TACACS login usually config multiple server, when a high priority server not reachable or high lantency, remote user login will slowly, also run SUDO command will slowly. To improve this issue, enable read timeout in nss-tacplus. ### How I did it Enable read timeout in nss-tacplus. #### How to verify it Pass all UT. ### Description for the changelog Improve nss-tacplus TACACS connect timeout.
sonic-net · Aug 27, 2024 · 0928744 · 0928744
1 parent dc87112
commit 0928744
Showing 1 changed file with 10 additions and 4 deletions.
diff --git a/src/tacacs/nss/patch/0001-Modify-user-map-profile.patch b/src/tacacs/nss/patch/0001-Modify-user-map-profile.patch
@@ -180,7 +180,7 @@ index 79e62b9..ecfa0b0 100644
 
  /*
   * pwbuf is used to reduce number of arguments passed around; the strings in
-@@ -63,255 +59,239 @@ struct pwbuf {
+@@ -63,255 +59,245 @@ struct pwbuf {
  typedef struct {
      struct addrinfo *addr;
      char *key;
@@ -445,9 +445,15 @@ index 79e62b9..ecfa0b0 100644
 +                tac_srv[tac_srv_no].key = strdup(token + 7);
 +            }
 +            else if(!strncmp(token, "timeout=", 8)) {
-+                tac_srv[tac_srv_no].timeout = (int)strtoul(token + 8, NULL, 0);
-+                if(tac_srv[tac_srv_no].timeout < 0)
-+                    tac_srv[tac_srv_no].timeout = 0;
++                int timeout = (int)strtoul(token + 8, NULL, 0);
++                if(timeout < 0) {
++                   tac_srv[tac_srv_no].timeout = 0;
++                   tac_readtimeout_enable = 0;
++                }
++                else {
++                   tac_srv[tac_srv_no].timeout = timeout;
++                   tac_readtimeout_enable = 1;
++                }
 +                /* Limit timeout to make sure upper application not wait
 +                 * for a long time*/
 +                if(tac_srv[tac_srv_no].timeout > 5)