diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2014-08-20 14:00:38 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-09-02 14:36:28 +0200 |
commit | a2ea3f5d9ef9f17efbb61e942c2bc6cff7d1ebf2 (patch) | |
tree | 4e1e8b0c6507ea383067e78b2f6ac2ea74015fe0 /src | |
parent | a9c287bda3fc2a1e12cef2135ade96945f11ad01 (diff) | |
download | sssd-a2ea3f5d9ef9f17efbb61e942c2bc6cff7d1ebf2.tar.gz sssd-a2ea3f5d9ef9f17efbb61e942c2bc6cff7d1ebf2.tar.xz sssd-a2ea3f5d9ef9f17efbb61e942c2bc6cff7d1ebf2.zip |
LDAP: Ignore returned referrals if referral support is disabled
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/providers/ldap/sdap_async.c | 26 | ||||
-rw-r--r-- | src/util/util_errors.c | 1 | ||||
-rw-r--r-- | src/util/util_errors.h | 1 |
3 files changed, 20 insertions, 8 deletions
diff --git a/src/providers/ldap/sdap_async.c b/src/providers/ldap/sdap_async.c index 4100f6d14..ed20b26fd 100644 --- a/src/providers/ldap/sdap_async.c +++ b/src/providers/ldap/sdap_async.c @@ -1421,13 +1421,6 @@ static void sdap_get_generic_ext_done(struct sdap_op *op, sss_ldap_err2string(result), result, errmsg ? errmsg : "no errmsg set"); - if (refs != NULL) { - for (i = 0; refs[i]; i++) { - DEBUG(SSSDBG_TRACE_LIBS, "Ref: %s\n", refs[i]); - } - ldap_memvfree((void **) refs); - } - if (result == LDAP_SIZELIMIT_EXCEEDED) { /* Try to return what we've got */ DEBUG(SSSDBG_MINOR_FAILURE, @@ -1448,6 +1441,16 @@ static void sdap_get_generic_ext_done(struct sdap_op *op, ldap_memfree(errmsg); tevent_req_error(req, ENOTSUP); return; + } else if (result == LDAP_REFERRAL) { + if (refs != NULL) { + for (i = 0; refs[i]; i++) { + DEBUG(SSSDBG_TRACE_LIBS, "Ref: %s\n", refs[i]); + } + ldap_memvfree((void **) refs); + } + ldap_memfree(errmsg); + tevent_req_error(req, ERR_REFERRAL); + return; } else if (result != LDAP_SUCCESS && result != LDAP_NO_SUCH_OBJECT) { DEBUG(SSSDBG_OP_FAILURE, "Unexpected result from ldap: %s(%d), %s\n", @@ -1610,11 +1613,18 @@ static void sdap_get_generic_done(struct tevent_req *subreq) { struct tevent_req *req = tevent_req_callback_data(subreq, struct tevent_req); + struct sdap_get_generic_state *state = + tevent_req_data(req, struct sdap_get_generic_state); int ret; ret = sdap_get_generic_ext_recv(subreq); talloc_zfree(subreq); - if (ret) { + if (ret == ERR_REFERRAL) { + if (dp_opt_get_bool(state->opts->basic, SDAP_REFERRALS)) { + tevent_req_error(req, ret); + return; + } + } else if (ret) { DEBUG(SSSDBG_CONF_SETTINGS, "sdap_get_generic_ext_recv failed [%d]: %s\n", ret, sss_strerror(ret)); diff --git a/src/util/util_errors.c b/src/util/util_errors.c index aa5693190..5b36780ff 100644 --- a/src/util/util_errors.c +++ b/src/util/util_errors.c @@ -61,6 +61,7 @@ struct err_string error_to_str[] = { { "User/Group SIDs not found" }, /* ERR_NO_SIDS */ { "Bus method not supported" }, /* ERR_SBUS_NOSUP */ { "Cannot connect to system bus" }, /* ERR_NO_SYSBUS */ + { "LDAP search returned a referral" }, /* ERR_REFERRAL */ }; diff --git a/src/util/util_errors.h b/src/util/util_errors.h index f68409eed..e040ba903 100644 --- a/src/util/util_errors.h +++ b/src/util/util_errors.h @@ -83,6 +83,7 @@ enum sssd_errors { ERR_NO_SIDS, ERR_SBUS_NOSUP, ERR_NO_SYSBUS, + ERR_REFERRAL, ERR_LAST /* ALWAYS LAST */ }; |