diff options
author | Ludwig Krispenz <lkrispen@redhat.com> | 2015-06-02 09:29:23 +0200 |
---|---|---|
committer | Petr Vobornik <pvoborni@redhat.com> | 2015-06-04 11:42:44 +0200 |
commit | f87324df546055df1e7d038e63c04bb0d2250f55 (patch) | |
tree | f3a31eadc14a01cce2d8cdc2dd1cea9949188d1f /daemons | |
parent | 4e05ffa22c4880e393f4770fe64035fa93cb5fd1 (diff) | |
download | freeipa-f87324df546055df1e7d038e63c04bb0d2250f55.tar.gz freeipa-f87324df546055df1e7d038e63c04bb0d2250f55.tar.xz freeipa-f87324df546055df1e7d038e63c04bb0d2250f55.zip |
crash when removing a replica
when a server is removed from the topology the plugin tries to remove the
credentials from the replica and the bind dn group.
It performs an internal search for the ldap principal, but can fail if it was already removed
Due to an unitialized variable in this case it can eitehr crash or erroneously remove all
principals.
Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Diffstat (limited to 'daemons')
-rw-r--r-- | daemons/ipa-slapi-plugins/topology/topology_util.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/daemons/ipa-slapi-plugins/topology/topology_util.c b/daemons/ipa-slapi-plugins/topology/topology_util.c index d487cfb63..67014a05d 100644 --- a/daemons/ipa-slapi-plugins/topology/topology_util.c +++ b/daemons/ipa-slapi-plugins/topology/topology_util.c @@ -1201,7 +1201,15 @@ void ipa_topo_util_disable_repl_from_host(char *repl_root, char *delhost) { char *principal = ipa_topo_util_get_ldap_principal(repl_root, delhost); - ipa_topo_util_disable_repl_for_principal(repl_root, principal); + if (principal) { + ipa_topo_util_disable_repl_for_principal(repl_root, principal); + slapi_ch_free_string(&principal); + } else { + slapi_log_error(SLAPI_LOG_PLUGIN, IPA_TOPO_PLUGIN_SUBSYSTEM, + "ipa_topo_util_disable_repl_from_host: " + "failed to get ldap principal for host: %s \n", + delhost); + } } void @@ -1322,10 +1330,10 @@ char * ipa_topo_util_get_ldap_principal(char *repl_root, char *hostname) { int rc = 0; - Slapi_Entry **entries; + Slapi_Entry **entries = NULL; Slapi_PBlock *pb = NULL; char *filter; - char *dn; + char *dn = NULL; filter = slapi_ch_smprintf("krbprincipalname=ldap/%s*",hostname); pb = slapi_pblock_new(); |