diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2011-03-25 12:59:22 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-03-28 11:46:11 -0400 |
commit | 036933b5ba6178896801605791be592a5b40d55b (patch) | |
tree | e03d591cfa790503441a4979c6280d9dc79c5c88 /src | |
parent | b5dba0e7d26d538470b9ba5f13d252fbc596c7b8 (diff) | |
download | sssd-036933b5ba6178896801605791be592a5b40d55b.tar.gz sssd-036933b5ba6178896801605791be592a5b40d55b.tar.xz sssd-036933b5ba6178896801605791be592a5b40d55b.zip |
Always complete the transaction in sdap_process_group_members_2307sssd-1.5.1-21.el5
If the loop ran through at least one
sdap_process_missing_member_2307() call and errored out later, we
were not canceling the transaction.
RFC2307: Ignore zero-length member names in group lookups
Mark transaction as done when cancelled
Fix typo in sdap_nested_group_process_step
Diffstat (limited to 'src')
-rw-r--r-- | src/providers/ldap/sdap_async_accounts.c | 27 |
1 files changed, 24 insertions, 3 deletions
diff --git a/src/providers/ldap/sdap_async_accounts.c b/src/providers/ldap/sdap_async_accounts.c index 96104dd62..54416bb12 100644 --- a/src/providers/ldap/sdap_async_accounts.c +++ b/src/providers/ldap/sdap_async_accounts.c @@ -1231,10 +1231,15 @@ sdap_process_group_members_2307(struct sdap_process_group_state *state, char *member_name; char *strdn; int ret; + errno_t sret; int i; for (i=0; i < memberel->num_values; i++) { member_name = (char *)memberel->values[i].data; + + /* We need to skip over zero-length usernames */ + if (member_name[0] == '\0') continue; + ret = sysdb_search_user_by_name(state, state->sysdb, state->dom, member_name, NULL, &msg); @@ -1282,12 +1287,22 @@ sdap_process_group_members_2307(struct sdap_process_group_state *state, DEBUG(2, ("Cannot commit sysdb transaction\n")); goto done; } + in_transaction = false; } ret = EOK; memberel->values = talloc_steal(state->group, state->sysdb_dns->values); memberel->num_values = state->sysdb_dns->num_values; + done: + if (in_transaction) { + /* If the transaction is still active here, we need to cancel it */ + sret = sysdb_transaction_cancel(state->sysdb); + if (sret != EOK) { + DEBUG(0, ("Unable to cancel transaction! [%d][%s]\n", + sret, strerror(sret))); + } + } return ret; } @@ -1349,7 +1364,7 @@ static int sdap_process_missing_member_2307(struct sdap_process_group_state *state, char *username, bool *in_transaction) { - int ret; + int ret, sret; struct ldb_dn *dn; char* dn_string; @@ -1400,7 +1415,13 @@ sdap_process_missing_member_2307(struct sdap_process_group_state *state, return EOK; fail: if (*in_transaction) { - sysdb_transaction_cancel(state->sysdb); + sret = sysdb_transaction_cancel(state->sysdb); + if (sret == EOK) { + *in_transaction = false; + } else { + DEBUG(0, ("Unable to cancel transaction! [%d][%s]\n", + sret, strerror(sret))); + } } return ret; } @@ -3317,7 +3338,7 @@ static errno_t sdap_nested_group_process_step(struct tevent_req *req) if (ret != EOK && ret != ENOENT) { ret = EIO; goto error; - } else if (ret == ENOENT || count == 9) { + } else if (ret == ENOENT || count == 0) { if (ret == EOK) talloc_zfree(msgs); /* It wasn't found in the groups either |