diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2015-03-16 10:35:59 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-03-24 21:03:26 +0100 |
commit | 1243e093fd31c5660adf1bb3dd477d6935a755be (patch) | |
tree | 0d6c31332f90c5904fe8c067800d36077b8dd18a /src/providers/ipa/ipa_hbac_users.c | |
parent | 9797aa5907191cef5db8279e20ec75fd0abbe980 (diff) | |
download | sssd-1243e093fd31c5660adf1bb3dd477d6935a755be.tar.gz sssd-1243e093fd31c5660adf1bb3dd477d6935a755be.tar.xz sssd-1243e093fd31c5660adf1bb3dd477d6935a755be.zip |
IPA: Use custom error codes when validating HBAC rules
https://fedorahosted.org/sssd/ticket/2603
Instead of reusing EINVAL/ENOENT, use more descriptive error codes. This
will be useful in the next patch where we act on certain codes.
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Diffstat (limited to 'src/providers/ipa/ipa_hbac_users.c')
-rw-r--r-- | src/providers/ipa/ipa_hbac_users.c | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/src/providers/ipa/ipa_hbac_users.c b/src/providers/ipa/ipa_hbac_users.c index ebf4bf9d5..a8d52ffa5 100644 --- a/src/providers/ipa/ipa_hbac_users.c +++ b/src/providers/ipa/ipa_hbac_users.c @@ -60,14 +60,14 @@ get_ipa_groupname(TALLOC_CTX *mem_ctx, } if (!ldb_dn_validate(dn)) { - ret = EINVAL; + ret = ERR_MALFORMED_ENTRY; goto done; } if (ldb_dn_get_comp_num(dn) < 4) { /* RDN, groups, accounts, and at least one DC= */ /* If it's fewer, it's not a group DN */ - ret = ENOENT; + ret = ERR_UNEXPECTED_ENTRY_TYPE; goto done; } @@ -77,7 +77,7 @@ get_ipa_groupname(TALLOC_CTX *mem_ctx, /* Shouldn't happen if ldb_dn_validate() * passed, but we'll be careful. */ - ret = EINVAL; + ret = ERR_MALFORMED_ENTRY; goto done; } @@ -85,7 +85,7 @@ get_ipa_groupname(TALLOC_CTX *mem_ctx, /* RDN has the wrong attribute name. * It's not a group. */ - ret = ENOENT; + ret = ERR_UNEXPECTED_ENTRY_TYPE; goto done; } @@ -93,7 +93,7 @@ get_ipa_groupname(TALLOC_CTX *mem_ctx, group_comp_name = ldb_dn_get_component_name(dn, 1); if (strcasecmp("cn", group_comp_name) != 0) { /* The second component name is not "cn" */ - ret = ENOENT; + ret = ERR_UNEXPECTED_ENTRY_TYPE; goto done; } @@ -102,7 +102,7 @@ get_ipa_groupname(TALLOC_CTX *mem_ctx, (const char *) group_comp_val->data, group_comp_val->length) != 0) { /* The second component value is not "groups" */ - ret = ENOENT; + ret = ERR_UNEXPECTED_ENTRY_TYPE; goto done; } @@ -110,7 +110,7 @@ get_ipa_groupname(TALLOC_CTX *mem_ctx, account_comp_name = ldb_dn_get_component_name(dn, 2); if (strcasecmp("cn", account_comp_name) != 0) { /* The third component name is not "cn" */ - ret = ENOENT; + ret = ERR_UNEXPECTED_ENTRY_TYPE; goto done; } @@ -119,7 +119,7 @@ get_ipa_groupname(TALLOC_CTX *mem_ctx, (const char *) account_comp_val->data, account_comp_val->length) != 0) { /* The third component value is not "accounts" */ - ret = ENOENT; + ret = ERR_UNEXPECTED_ENTRY_TYPE; goto done; } |