IPA: Use custom error codes when validating HBAC rules

https://fedorahosted.org/sssd/ticket/2603 Instead of reusing EINVAL/ENOENT, use more descriptive error codes. This will be useful in the next patch where we act on certain codes. Reviewed-by: Pavel Březina <pbrezina@redhat.com>
author: Jakub Hrozek <jhrozek@redhat.com> 2015-03-16 10:35:59 +0100
committer: Jakub Hrozek <jhrozek@redhat.com> 2015-03-24 21:03:26 +0100
commit: 1243e093fd31c5660adf1bb3dd477d6935a755be (patch)
tree: 0d6c31332f90c5904fe8c067800d36077b8dd18a /src/providers/ipa/ipa_hbac_common.c
parent: 9797aa5907191cef5db8279e20ec75fd0abbe980 (diff)
download: sssd-1243e093fd31c5660adf1bb3dd477d6935a755be.tar.gz
sssd-1243e093fd31c5660adf1bb3dd477d6935a755be.tar.xz
sssd-1243e093fd31c5660adf1bb3dd477d6935a755be.zip
1 files changed, 5 insertions, 5 deletions
diff --git a/src/providers/ipa/ipa_hbac_common.c b/src/providers/ipa/ipa_hbac_common.c
index 7d68aa512..d537db1ea 100644
--- a/src/providers/ipa/ipa_hbac_common.c
+++ b/src/providers/ipa/ipa_hbac_common.c
@@ -567,7 +567,7 @@ hbac_eval_user_element(TALLOC_CTX *mem_ctx,
 
         ret = get_ipa_groupname(users->groups, sysdb, member_dn,
                                 &users->groups[num_groups]);
-        if (ret != EOK && ret != ENOENT) {
+        if (ret != EOK && ret != ERR_UNEXPECTED_ENTRY_TYPE) {
             DEBUG(SSSDBG_MINOR_FAILURE, "Parse error on [%s]\n", member_dn);
             goto done;
         } else if (ret == EOK) {
@@ -676,9 +676,9 @@ hbac_eval_service_element(TALLOC_CTX *mem_ctx,
         ret = get_ipa_servicegroupname(tmp_ctx, sysdb,
                                        (const char *)el->values[i].data,
                                        &name);
-        if (ret != EOK && ret != ENOENT) goto done;
+        if (ret != EOK && ret != ERR_UNEXPECTED_ENTRY_TYPE) goto done;
 
-        /* ENOENT means we had a memberOf entry that wasn't a
+        /* ERR_UNEXPECTED_ENTRY_TYPE means we had a memberOf entry that wasn't a
          * service group. We'll just ignore those (could be
          * HBAC rules)
          */
@@ -783,9 +783,9 @@ hbac_eval_host_element(TALLOC_CTX *mem_ctx,
         ret = get_ipa_hostgroupname(tmp_ctx, sysdb,
                                     (const char *)el->values[i].data,
                                     &name);
-        if (ret != EOK && ret != ENOENT) goto done;
+        if (ret != EOK && ret != ERR_UNEXPECTED_ENTRY_TYPE) goto done;
 
-        /* ENOENT means we had a memberOf entry that wasn't a
+        /* ERR_UNEXPECTED_ENTRY_TYPE means we had a memberOf entry that wasn't a
          * host group. We'll just ignore those (could be
          * HBAC rules)
          */
author	Jakub Hrozek <jhrozek@redhat.com>	2015-03-16 10:35:59 +0100
committer	Jakub Hrozek <jhrozek@redhat.com>	2015-03-24 21:03:26 +0100
commit	1243e093fd31c5660adf1bb3dd477d6935a755be (patch)
tree	0d6c31332f90c5904fe8c067800d36077b8dd18a /src/providers/ipa/ipa_hbac_common.c
parent	9797aa5907191cef5db8279e20ec75fd0abbe980 (diff)
download	sssd-1243e093fd31c5660adf1bb3dd477d6935a755be.tar.gz sssd-1243e093fd31c5660adf1bb3dd477d6935a755be.tar.xz sssd-1243e093fd31c5660adf1bb3dd477d6935a755be.zip