diff options
author | Sumit Bose <sbose@redhat.com> | 2011-01-26 17:51:02 +0100 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-01-27 12:24:16 -0500 |
commit | aa89df2040593f9120196ec440d2dc6d9f860d55 (patch) | |
tree | c8952e6cbe661a9d0289404a1a7e565f83a626f1 | |
parent | 85b588e7ca889c731c1b72473c7c9eaf3a23ae31 (diff) | |
download | sssd-aa89df2040593f9120196ec440d2dc6d9f860d55.tar.gz sssd-aa89df2040593f9120196ec440d2dc6d9f860d55.tar.xz sssd-aa89df2040593f9120196ec440d2dc6d9f860d55.zip |
Do not fail if attributes are empty
Currently we fail if attributes are empty. But there are some use cases
where requested attributes are empty. E.g Active Directory uses an empty
member attribute to indicate that a subset of the members are in a range
sub-attribute.
-rw-r--r-- | src/providers/ldap/sdap.c | 45 |
1 files changed, 29 insertions, 16 deletions
diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c index ea2eabe78..95c39a0c9 100644 --- a/src/providers/ldap/sdap.c +++ b/src/providers/ldap/sdap.c @@ -185,34 +185,47 @@ int sdap_parse_entry(TALLOC_CTX *memctx, name = map[a].sys_name; } else { store = false; + name = NULL; } } else { name = str; store = true; } + if (strstr(str, ";range=") != NULL) { + DEBUG(1, ("Attribute [%s] has range sub-attribute " + "which is currently not supported, skipping.\n", str)); + store = false; + } + if (store) { vals = ldap_get_values_len(sh->ldap, sm->msg, str); if (!vals) { ldap_get_option(sh->ldap, LDAP_OPT_RESULT_CODE, &lerrno); - DEBUG(1, ("LDAP Library error: %d(%s)", - lerrno, ldap_err2string(lerrno))); - ret = EIO; - goto fail; - } - if (!vals[0]) { - DEBUG(1, ("Missing value after ldap_get_values() ??\n")); - ret = EINVAL; - goto fail; - } - for (i = 0; vals[i]; i++) { - v.data = (uint8_t *)vals[i]->bv_val; - v.length = vals[i]->bv_len; + if (lerrno != LDAP_SUCCESS) { + DEBUG(1, ("LDAP Library error: %d(%s)", + lerrno, ldap_err2string(lerrno))); + ret = EIO; + goto fail; + } + + DEBUG(5, ("Attribute [%s] has no values, skipping.\n", str)); - ret = sysdb_attrs_add_val(attrs, name, &v); - if (ret) goto fail; + } else { + if (!vals[0]) { + DEBUG(1, ("Missing value after ldap_get_values() ??\n")); + ret = EINVAL; + goto fail; + } + for (i = 0; vals[i]; i++) { + v.data = (uint8_t *)vals[i]->bv_val; + v.length = vals[i]->bv_len; + + ret = sysdb_attrs_add_val(attrs, name, &v); + if (ret) goto fail; + } + ldap_value_free_len(vals); } - ldap_value_free_len(vals); } ldap_memfree(str); |