summaryrefslogtreecommitdiffstats
path: root/src/providers/ldap/sdap_access.c
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2014-01-08 17:12:17 +0100
committerJakub Hrozek <jhrozek@redhat.com>2014-01-09 12:11:00 +0100
commitcb85329bf73f55f6433d3a9194d2b87c631aea4a (patch)
tree0415e291ab5f20dc15a3b7a931c110884d339ff0 /src/providers/ldap/sdap_access.c
parent98869bb5e22774dc02dacd93e411975fa839b616 (diff)
downloadsssd-cb85329bf73f55f6433d3a9194d2b87c631aea4a.tar.gz
sssd-cb85329bf73f55f6433d3a9194d2b87c631aea4a.tar.xz
sssd-cb85329bf73f55f6433d3a9194d2b87c631aea4a.zip
LDAP: Add a new error code for malformed access control filter
https://fedorahosted.org/sssd/ticket/2164 The patch adds a new error code and special cases the new code so that access is denied and a nicer log message is shown.
Diffstat (limited to 'src/providers/ldap/sdap_access.c')
-rw-r--r--src/providers/ldap/sdap_access.c8
1 files changed, 7 insertions, 1 deletions
diff --git a/src/providers/ldap/sdap_access.c b/src/providers/ldap/sdap_access.c
index f0df24e7f..29e83eb43 100644
--- a/src/providers/ldap/sdap_access.c
+++ b/src/providers/ldap/sdap_access.c
@@ -855,9 +855,15 @@ static void sdap_access_filter_get_access_done(struct tevent_req *subreq)
}
} else if (dp_error == DP_ERR_OFFLINE) {
ret = sdap_access_filter_decide_offline(req);
+ } else if (ret == ERR_INVALID_FILTER) {
+ sss_log(SSS_LOG_ERR,
+ "Malformed access control filter [%s]\n", state->filter);
+ DEBUG(SSSDBG_CRIT_FAILURE,
+ ("Malformed access control filter [%s]\n", state->filter));
+ ret = ERR_ACCESS_DENIED;
} else {
DEBUG(1, ("sdap_get_generic_send() returned error [%d][%s]\n",
- ret, strerror(ret)));
+ ret, sss_strerror(ret)));
}
goto done;