diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2014-08-20 14:00:38 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-10-14 11:04:41 +0200 |
commit | b224c49b8f0a9cdf343a443fdf2190dc6f047508 (patch) | |
tree | a21052d39b077a4ab5cb33ed35e98c993ffc88cc | |
parent | 5ecab6dc08ac35a400e067af09b49e7fcb0f17c0 (diff) | |
download | sssd-b224c49b8f0a9cdf343a443fdf2190dc6f047508.tar.gz sssd-b224c49b8f0a9cdf343a443fdf2190dc6f047508.tar.xz sssd-b224c49b8f0a9cdf343a443fdf2190dc6f047508.zip |
LDAP: Ignore returned referrals if referral support is disabled
Reviewed-by: Pavel Reichl <preichl@redhat.com>
(cherry picked from commit a2ea3f5d9ef9f17efbb61e942c2bc6cff7d1ebf2)
-rw-r--r-- | src/providers/ldap/sdap_async.c | 18 | ||||
-rw-r--r-- | src/util/util_errors.c | 1 | ||||
-rw-r--r-- | src/util/util_errors.h | 2 |
3 files changed, 18 insertions, 3 deletions
diff --git a/src/providers/ldap/sdap_async.c b/src/providers/ldap/sdap_async.c index 1022a093f..7db01d979 100644 --- a/src/providers/ldap/sdap_async.c +++ b/src/providers/ldap/sdap_async.c @@ -1404,6 +1404,10 @@ static void sdap_get_generic_ext_done(struct sdap_op *op, ldap_memfree(errmsg); tevent_req_error(req, ENOTSUP); return; + } else if (result == LDAP_REFERRAL) { + ldap_memfree(errmsg); + tevent_req_error(req, ERR_REFERRAL); + return; } else if (result != LDAP_SUCCESS && result != LDAP_NO_SUCH_OBJECT) { DEBUG(SSSDBG_OP_FAILURE, ("Unexpected result from ldap: %s(%d), %s\n", @@ -1565,13 +1569,21 @@ static void sdap_get_generic_done(struct tevent_req *subreq) { struct tevent_req *req = tevent_req_callback_data(subreq, struct tevent_req); + struct sdap_get_generic_state *state = + tevent_req_data(req, struct sdap_get_generic_state); int ret; ret = sdap_get_generic_ext_recv(subreq); talloc_zfree(subreq); - if (ret) { - DEBUG(4, ("sdap_get_generic_ext_recv failed [%d]: %s\n", - ret, sss_strerror(ret))); + if (ret == ERR_REFERRAL) { + if (dp_opt_get_bool(state->opts->basic, SDAP_REFERRALS)) { + tevent_req_error(req, ret); + return; + } + } else if (ret) { + DEBUG(SSSDBG_CONF_SETTINGS, + ("sdap_get_generic_ext_recv failed [%d]: %s\n", + ret, sss_strerror(ret))); tevent_req_error(req, ret); return; } diff --git a/src/util/util_errors.c b/src/util/util_errors.c index c9b507557..eb7b1aec7 100644 --- a/src/util/util_errors.c +++ b/src/util/util_errors.c @@ -53,6 +53,7 @@ struct err_string error_to_str[] = { { "Missing configuration file" }, /* ERR_MISSING_CONF */ { "Malformed search filter" }, /* ERR_INVALID_FILTER, */ { "No POSIX attributes detected" }, /* ERR_NO_POSIX */ + { "LDAP search returned a referral" }, /* ERR_REFERRAL */ }; diff --git a/src/util/util_errors.h b/src/util/util_errors.h index 3dd94af1f..2858311de 100644 --- a/src/util/util_errors.h +++ b/src/util/util_errors.h @@ -75,6 +75,8 @@ enum sssd_errors { ERR_MISSING_CONF, ERR_INVALID_FILTER, ERR_NO_POSIX, + ERR_NO_SYSBUS, + ERR_REFERRAL, ERR_LAST /* ALWAYS LAST */ }; |