diff options
author | Sumit Bose <sbose@redhat.com> | 2014-12-05 11:03:48 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-01-14 12:06:32 +0100 |
commit | 1869e832b811cc0aae833cbf9f24fa151001f2b2 (patch) | |
tree | 17eef76a26c70f6c9b185effc71947b4a74dcc63 /src/providers/ipa/ipa_s2n_exop.c | |
parent | 497e35d5d4b58f7194b11528be8a5f2ea7aca351 (diff) | |
download | sssd-1869e832b811cc0aae833cbf9f24fa151001f2b2.tar.gz sssd-1869e832b811cc0aae833cbf9f24fa151001f2b2.tar.xz sssd-1869e832b811cc0aae833cbf9f24fa151001f2b2.zip |
IPA: make version check more precise
The call protected by the check does not only expect the version 1 of
the extdom plugin is used but a specific response type as well. Since
version 1 can return older response types as well we want to be on the
safe side.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
(cherry picked from commit 2fc12875f7d51248799016c19c1298b85e06a286)
Diffstat (limited to 'src/providers/ipa/ipa_s2n_exop.c')
-rw-r--r-- | src/providers/ipa/ipa_s2n_exop.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/providers/ipa/ipa_s2n_exop.c b/src/providers/ipa/ipa_s2n_exop.c index 1d9a79a38..b02387a82 100644 --- a/src/providers/ipa/ipa_s2n_exop.c +++ b/src/providers/ipa/ipa_s2n_exop.c @@ -759,7 +759,7 @@ static errno_t s2n_response_to_attrs(TALLOC_CTX *mem_ctx, attrs->a.user.pw_uid = uid; attrs->a.user.pw_gid = gid; - if (is_v1) { + if (is_v1 && type == RESP_USER_GROUPLIST) { ret = add_v1_user_data(ber, attrs); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, "add_v1_user_data failed.\n"); @@ -798,7 +798,7 @@ static errno_t s2n_response_to_attrs(TALLOC_CTX *mem_ctx, attrs->a.group.gr_gid = gid; - if (is_v1) { + if (is_v1 && type == RESP_GROUP_MEMBERS) { ret = add_v1_group_data(ber, attrs); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, "add_v1_group_data failed.\n"); |