IPA: Use custom error codes when validating HBAC rules

https://fedorahosted.org/sssd/ticket/2603 Instead of reusing EINVAL/ENOENT, use more descriptive error codes. This will be useful in the next patch where we act on certain codes. Reviewed-by: Pavel Březina <pbrezina@redhat.com>
author: Jakub Hrozek <jhrozek@redhat.com> 2015-03-16 10:35:59 +0100
committer: Jakub Hrozek <jhrozek@redhat.com> 2015-03-24 21:03:26 +0100
commit: 1243e093fd31c5660adf1bb3dd477d6935a755be (patch)
tree: 0d6c31332f90c5904fe8c067800d36077b8dd18a /src/providers/ipa/ipa_hbac_services.c
parent: 9797aa5907191cef5db8279e20ec75fd0abbe980 (diff)
download: sssd-1243e093fd31c5660adf1bb3dd477d6935a755be.tar.gz
sssd-1243e093fd31c5660adf1bb3dd477d6935a755be.tar.xz
sssd-1243e093fd31c5660adf1bb3dd477d6935a755be.zip
1 files changed, 8 insertions, 8 deletions
diff --git a/src/providers/ipa/ipa_hbac_services.c b/src/providers/ipa/ipa_hbac_services.c
index 3040ce68a..35ee003ef 100644
--- a/src/providers/ipa/ipa_hbac_services.c
+++ b/src/providers/ipa/ipa_hbac_services.c
@@ -606,14 +606,14 @@ get_ipa_servicegroupname(TALLOC_CTX *mem_ctx,
     }
 
     if (!ldb_dn_validate(dn)) {
-        ret = EINVAL;
+        ret = ERR_MALFORMED_ENTRY;
         goto done;
     }
 
     if (ldb_dn_get_comp_num(dn) < 4) {
         /* RDN, services, hbac, and at least one DC= */
         /* If it's fewer, it's not a group DN */
-        ret = ENOENT;
+        ret = ERR_UNEXPECTED_ENTRY_TYPE;
         goto done;
     }
 
@@ -623,7 +623,7 @@ get_ipa_servicegroupname(TALLOC_CTX *mem_ctx,
         /* Shouldn't happen if ldb_dn_validate()
          * passed, but we'll be careful.
          */
-        ret = EINVAL;
+        ret = ERR_MALFORMED_ENTRY;
         goto done;
     }
 
@@ -631,7 +631,7 @@ get_ipa_servicegroupname(TALLOC_CTX *mem_ctx,
         /* RDN has the wrong attribute name.
          * It's not a service.
          */
-        ret = ENOENT;
+        ret = ERR_UNEXPECTED_ENTRY_TYPE;
         goto done;
     }
 
@@ -639,7 +639,7 @@ get_ipa_servicegroupname(TALLOC_CTX *mem_ctx,
     svc_comp_name = ldb_dn_get_component_name(dn, 1);
     if (strcasecmp("cn", svc_comp_name) != 0) {
         /* The second component name is not "cn" */
-        ret = ENOENT;
+        ret = ERR_UNEXPECTED_ENTRY_TYPE;
         goto done;
     }
 
@@ -648,7 +648,7 @@ get_ipa_servicegroupname(TALLOC_CTX *mem_ctx,
                     (const char *) svc_comp_val->data,
                     svc_comp_val->length) != 0) {
         /* The second component value is not "hbacservicegroups" */
-        ret = ENOENT;
+        ret = ERR_UNEXPECTED_ENTRY_TYPE;
         goto done;
     }
 
@@ -656,7 +656,7 @@ get_ipa_servicegroupname(TALLOC_CTX *mem_ctx,
     hbac_comp_name = ldb_dn_get_component_name(dn, 2);
     if (strcasecmp("cn", hbac_comp_name) != 0) {
         /* The third component name is not "cn" */
-        ret = ENOENT;
+        ret = ERR_UNEXPECTED_ENTRY_TYPE;
         goto done;
     }
 
@@ -665,7 +665,7 @@ get_ipa_servicegroupname(TALLOC_CTX *mem_ctx,
                     (const char *) hbac_comp_val->data,
                     hbac_comp_val->length) != 0) {
         /* The third component value is not "hbac" */
-        ret = ENOENT;
+        ret = ERR_UNEXPECTED_ENTRY_TYPE;
         goto done;
     }
author	Jakub Hrozek <jhrozek@redhat.com>	2015-03-16 10:35:59 +0100
committer	Jakub Hrozek <jhrozek@redhat.com>	2015-03-24 21:03:26 +0100
commit	1243e093fd31c5660adf1bb3dd477d6935a755be (patch)
tree	0d6c31332f90c5904fe8c067800d36077b8dd18a /src/providers/ipa/ipa_hbac_services.c
parent	9797aa5907191cef5db8279e20ec75fd0abbe980 (diff)
download	sssd-1243e093fd31c5660adf1bb3dd477d6935a755be.tar.gz sssd-1243e093fd31c5660adf1bb3dd477d6935a755be.tar.xz sssd-1243e093fd31c5660adf1bb3dd477d6935a755be.zip