diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2014-01-08 17:12:17 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-01-09 12:08:57 +0100 |
commit | 2a96981a0ac781d01e5bba473409ed2bdf4cd4e0 (patch) | |
tree | 47422c8826c617c00b22f76b3347726ae48c031a /src/providers/ldap/sdap_access.c | |
parent | 461da2984c747708e8badd27fa55ef879f40e712 (diff) | |
download | sssd-2a96981a0ac781d01e5bba473409ed2bdf4cd4e0.tar.gz sssd-2a96981a0ac781d01e5bba473409ed2bdf4cd4e0.tar.xz sssd-2a96981a0ac781d01e5bba473409ed2bdf4cd4e0.zip |
LDAP: Add a new error code for malformed access control filter
https://fedorahosted.org/sssd/ticket/2164
The patch adds a new error code and special cases the new code so that
access is denied and a nicer log message is shown.
Diffstat (limited to 'src/providers/ldap/sdap_access.c')
-rw-r--r-- | src/providers/ldap/sdap_access.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/providers/ldap/sdap_access.c b/src/providers/ldap/sdap_access.c index 91a180764..e361cc33e 100644 --- a/src/providers/ldap/sdap_access.c +++ b/src/providers/ldap/sdap_access.c @@ -854,9 +854,15 @@ static void sdap_access_filter_get_access_done(struct tevent_req *subreq) } } else if (dp_error == DP_ERR_OFFLINE) { ret = sdap_access_filter_decide_offline(req); + } else if (ret == ERR_INVALID_FILTER) { + sss_log(SSS_LOG_ERR, + "Malformed access control filter [%s]\n", state->filter); + DEBUG(SSSDBG_CRIT_FAILURE, + ("Malformed access control filter [%s]\n", state->filter)); + ret = ERR_ACCESS_DENIED; } else { DEBUG(1, ("sdap_get_generic_send() returned error [%d][%s]\n", - ret, strerror(ret))); + ret, sss_strerror(ret))); } goto done; |