diff options
author | Simo Sorce <simo@redhat.com> | 2013-02-26 16:25:07 -0500 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-03-19 14:07:41 +0100 |
commit | 233a3c6c48972b177e60d6ef4cecfacd3cf31659 (patch) | |
tree | e67d6eaed705d8c76173af0c06b49072224460be /src/providers/ipa/ipa_s2n_exop.c | |
parent | 4f2e932acd5266e9d4e3f55966baafbdbd2ae210 (diff) | |
download | sssd-233a3c6c48972b177e60d6ef4cecfacd3cf31659.tar.gz sssd-233a3c6c48972b177e60d6ef4cecfacd3cf31659.tar.xz sssd-233a3c6c48972b177e60d6ef4cecfacd3cf31659.zip |
Use common error facility instead of sdap_result
Simplifies and consolidates error reporting for ldap authentication paths.
Adds 3 new error codes:
ERR_CHPASS_DENIED - Used when password constraints deny password changes
ERR_ACCOUNT_EXPIRED - Account is expired
ERR_PASSWORD_EXPIRED - Password is expired
Diffstat (limited to 'src/providers/ipa/ipa_s2n_exop.c')
-rw-r--r-- | src/providers/ipa/ipa_s2n_exop.c | 34 |
1 files changed, 14 insertions, 20 deletions
diff --git a/src/providers/ipa/ipa_s2n_exop.c b/src/providers/ipa/ipa_s2n_exop.c index bcf966cfd..7e5d0c143 100644 --- a/src/providers/ipa/ipa_s2n_exop.c +++ b/src/providers/ipa/ipa_s2n_exop.c @@ -52,7 +52,6 @@ struct ipa_s2n_exop_state { struct sdap_op *op; - int result; char *retoid; struct berval *retdata; }; @@ -75,7 +74,6 @@ static struct tevent_req *ipa_s2n_exop_send(TALLOC_CTX *mem_ctx, if (!req) return NULL; state->sh = sh; - state->result = LDAP_OPERATIONS_ERROR; state->retoid = NULL; state->retdata = NULL; @@ -85,6 +83,7 @@ static struct tevent_req *ipa_s2n_exop_send(TALLOC_CTX *mem_ctx, bv, NULL, NULL, &msgid); if (ret == -1 || msgid == -1) { DEBUG(SSSDBG_CRIT_FAILURE, ("ldap_extended_operation failed\n")); + ret = ERR_NETWORK_IO; goto fail; } DEBUG(SSSDBG_TRACE_INTERNAL, ("ldap_extended_operation sent, msgid = %d\n", msgid)); @@ -94,13 +93,14 @@ static struct tevent_req *ipa_s2n_exop_send(TALLOC_CTX *mem_ctx, &state->op); if (ret) { DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to set up operation!\n")); + ret = ERR_INTERNAL; goto fail; } return req; fail: - tevent_req_error(req, EIO); + tevent_req_error(req, ret); tevent_req_post(req, ev); return req; } @@ -116,6 +116,7 @@ static void ipa_s2n_exop_done(struct sdap_op *op, char *errmsg = NULL; char *retoid = NULL; struct berval *retdata = NULL; + int result; if (error) { tevent_req_error(req, error); @@ -123,19 +124,19 @@ static void ipa_s2n_exop_done(struct sdap_op *op, } ret = ldap_parse_result(state->sh->ldap, reply->msg, - &state->result, &errmsg, NULL, NULL, + &result, &errmsg, NULL, NULL, NULL, 0); if (ret != LDAP_SUCCESS) { DEBUG(SSSDBG_OP_FAILURE, ("ldap_parse_result failed (%d)\n", state->op->msgid)); - ret = EIO; + ret = ERR_NETWORK_IO; goto done; } DEBUG(SSSDBG_TRACE_FUNC, ("ldap_extended_operation result: %s(%d), %s\n", - sss_ldap_err2string(state->result), state->result, errmsg)); + sss_ldap_err2string(result), result, errmsg)); - if (state->result != LDAP_SUCCESS) { - ret = EIO; + if (result != LDAP_SUCCESS) { + ret = ERR_NETWORK_IO; goto done; } @@ -143,7 +144,7 @@ static void ipa_s2n_exop_done(struct sdap_op *op, &retoid, &retdata, 0); if (ret != LDAP_SUCCESS) { DEBUG(SSSDBG_OP_FAILURE, ("ldap_parse_extendend_result failed (%d)\n", ret)); - ret = EIO; + ret = ERR_NETWORK_IO; goto done; } @@ -183,21 +184,15 @@ done: } static int ipa_s2n_exop_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx, - enum sdap_result *result, char **retoid, - struct berval **retdata) + char **retoid, struct berval **retdata) { struct ipa_s2n_exop_state *state = tevent_req_data(req, struct ipa_s2n_exop_state); TEVENT_REQ_RETURN_ON_ERROR(req); - if (state->result == LDAP_SUCCESS) { - *result = SDAP_SUCCESS; - *retoid = talloc_steal(mem_ctx, state->retoid); - *retdata = talloc_steal(mem_ctx, state->retdata); - } else { - *result = SDAP_ERROR; - } + *retoid = talloc_steal(mem_ctx, state->retoid); + *retdata = talloc_steal(mem_ctx, state->retdata); return EOK; } @@ -583,7 +578,6 @@ static void ipa_s2n_get_user_done(struct tevent_req *subreq) struct ipa_s2n_get_user_state *state = tevent_req_data(req, struct ipa_s2n_get_user_state); int ret; - enum sdap_result result; char *retoid = NULL; struct berval *retdata = NULL; struct resp_attrs *attrs = NULL; @@ -595,7 +589,7 @@ static void ipa_s2n_get_user_done(struct tevent_req *subreq) char *realm; char *upn; - ret = ipa_s2n_exop_recv(subreq, state, &result, &retoid, &retdata); + ret = ipa_s2n_exop_recv(subreq, state, &retoid, &retdata); talloc_zfree(subreq); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, ("s2n exop request failed.\n")); |