diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2015-03-16 10:35:59 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-03-24 21:03:26 +0100 |
commit | 1243e093fd31c5660adf1bb3dd477d6935a755be (patch) | |
tree | 0d6c31332f90c5904fe8c067800d36077b8dd18a /src/providers/ipa/ipa_hbac_services.c | |
parent | 9797aa5907191cef5db8279e20ec75fd0abbe980 (diff) | |
download | sssd-1243e093fd31c5660adf1bb3dd477d6935a755be.tar.gz sssd-1243e093fd31c5660adf1bb3dd477d6935a755be.tar.xz sssd-1243e093fd31c5660adf1bb3dd477d6935a755be.zip |
IPA: Use custom error codes when validating HBAC rules
https://fedorahosted.org/sssd/ticket/2603
Instead of reusing EINVAL/ENOENT, use more descriptive error codes. This
will be useful in the next patch where we act on certain codes.
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Diffstat (limited to 'src/providers/ipa/ipa_hbac_services.c')
-rw-r--r-- | src/providers/ipa/ipa_hbac_services.c | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/src/providers/ipa/ipa_hbac_services.c b/src/providers/ipa/ipa_hbac_services.c index 3040ce68a..35ee003ef 100644 --- a/src/providers/ipa/ipa_hbac_services.c +++ b/src/providers/ipa/ipa_hbac_services.c @@ -606,14 +606,14 @@ get_ipa_servicegroupname(TALLOC_CTX *mem_ctx, } if (!ldb_dn_validate(dn)) { - ret = EINVAL; + ret = ERR_MALFORMED_ENTRY; goto done; } if (ldb_dn_get_comp_num(dn) < 4) { /* RDN, services, hbac, and at least one DC= */ /* If it's fewer, it's not a group DN */ - ret = ENOENT; + ret = ERR_UNEXPECTED_ENTRY_TYPE; goto done; } @@ -623,7 +623,7 @@ get_ipa_servicegroupname(TALLOC_CTX *mem_ctx, /* Shouldn't happen if ldb_dn_validate() * passed, but we'll be careful. */ - ret = EINVAL; + ret = ERR_MALFORMED_ENTRY; goto done; } @@ -631,7 +631,7 @@ get_ipa_servicegroupname(TALLOC_CTX *mem_ctx, /* RDN has the wrong attribute name. * It's not a service. */ - ret = ENOENT; + ret = ERR_UNEXPECTED_ENTRY_TYPE; goto done; } @@ -639,7 +639,7 @@ get_ipa_servicegroupname(TALLOC_CTX *mem_ctx, svc_comp_name = ldb_dn_get_component_name(dn, 1); if (strcasecmp("cn", svc_comp_name) != 0) { /* The second component name is not "cn" */ - ret = ENOENT; + ret = ERR_UNEXPECTED_ENTRY_TYPE; goto done; } @@ -648,7 +648,7 @@ get_ipa_servicegroupname(TALLOC_CTX *mem_ctx, (const char *) svc_comp_val->data, svc_comp_val->length) != 0) { /* The second component value is not "hbacservicegroups" */ - ret = ENOENT; + ret = ERR_UNEXPECTED_ENTRY_TYPE; goto done; } @@ -656,7 +656,7 @@ get_ipa_servicegroupname(TALLOC_CTX *mem_ctx, hbac_comp_name = ldb_dn_get_component_name(dn, 2); if (strcasecmp("cn", hbac_comp_name) != 0) { /* The third component name is not "cn" */ - ret = ENOENT; + ret = ERR_UNEXPECTED_ENTRY_TYPE; goto done; } @@ -665,7 +665,7 @@ get_ipa_servicegroupname(TALLOC_CTX *mem_ctx, (const char *) hbac_comp_val->data, hbac_comp_val->length) != 0) { /* The third component value is not "hbac" */ - ret = ENOENT; + ret = ERR_UNEXPECTED_ENTRY_TYPE; goto done; } |