diff options
-rw-r--r-- | src/providers/ldap/sdap_access.c | 8 | ||||
-rw-r--r-- | src/providers/ldap/sdap_async.c | 12 | ||||
-rw-r--r-- | src/providers/ldap/sdap_async_groups_ad.c | 2 | ||||
-rw-r--r-- | src/providers/ldap/sdap_async_initgroups_ad.c | 4 | ||||
-rw-r--r-- | src/util/util_errors.c | 1 | ||||
-rw-r--r-- | src/util/util_errors.h | 1 |
6 files changed, 18 insertions, 10 deletions
diff --git a/src/providers/ldap/sdap_access.c b/src/providers/ldap/sdap_access.c index 91a180764..e361cc33e 100644 --- a/src/providers/ldap/sdap_access.c +++ b/src/providers/ldap/sdap_access.c @@ -854,9 +854,15 @@ static void sdap_access_filter_get_access_done(struct tevent_req *subreq) } } else if (dp_error == DP_ERR_OFFLINE) { ret = sdap_access_filter_decide_offline(req); + } else if (ret == ERR_INVALID_FILTER) { + sss_log(SSS_LOG_ERR, + "Malformed access control filter [%s]\n", state->filter); + DEBUG(SSSDBG_CRIT_FAILURE, + ("Malformed access control filter [%s]\n", state->filter)); + ret = ERR_ACCESS_DENIED; } else { DEBUG(1, ("sdap_get_generic_send() returned error [%d][%s]\n", - ret, strerror(ret))); + ret, sss_strerror(ret))); } goto done; diff --git a/src/providers/ldap/sdap_async.c b/src/providers/ldap/sdap_async.c index e905d2dd6..367007bde 100644 --- a/src/providers/ldap/sdap_async.c +++ b/src/providers/ldap/sdap_async.c @@ -1306,9 +1306,9 @@ static errno_t sdap_get_generic_ext_step(struct tevent_req *req) sss_log(SSS_LOG_ERR, "LDAP connection error, %s", sss_ldap_err2string(lret)); } - } - - else { + } else if (lret == LDAP_FILTER_ERROR) { + ret = ERR_INVALID_FILTER; + } else { ret = EIO; } goto done; @@ -1570,7 +1570,7 @@ static void sdap_get_generic_done(struct tevent_req *subreq) talloc_zfree(subreq); if (ret) { DEBUG(4, ("sdap_get_generic_ext_recv failed [%d]: %s\n", - ret, strerror(ret))); + ret, sss_strerror(ret))); tevent_req_error(req, ret); return; } @@ -1790,7 +1790,7 @@ static void sdap_x_deref_search_done(struct tevent_req *subreq) talloc_zfree(subreq); if (ret) { DEBUG(4, ("sdap_get_generic_ext_recv failed [%d]: %s\n", - ret, strerror(ret))); + ret, sss_strerror(ret))); tevent_req_error(req, ret); return; } @@ -2049,7 +2049,7 @@ static void sdap_asq_search_done(struct tevent_req *subreq) talloc_zfree(subreq); if (ret) { DEBUG(4, ("sdap_get_generic_ext_recv failed [%d]: %s\n", - ret, strerror(ret))); + ret, sss_strerror(ret))); tevent_req_error(req, ret); return; } diff --git a/src/providers/ldap/sdap_async_groups_ad.c b/src/providers/ldap/sdap_async_groups_ad.c index 9b61c697d..6a8a4fd13 100644 --- a/src/providers/ldap/sdap_async_groups_ad.c +++ b/src/providers/ldap/sdap_async_groups_ad.c @@ -183,7 +183,7 @@ sdap_get_ad_match_rule_members_step(struct tevent_req *subreq) talloc_zfree(subreq); if (ret != EOK) { DEBUG(SSSDBG_MINOR_FAILURE, - ("LDAP search failed: [%s]\n", strerror(ret))); + ("LDAP search failed: [%s]\n", sss_strerror(ret))); tevent_req_error(req, ret); return; } diff --git a/src/providers/ldap/sdap_async_initgroups_ad.c b/src/providers/ldap/sdap_async_initgroups_ad.c index a3d3ff462..047ddfe65 100644 --- a/src/providers/ldap/sdap_async_initgroups_ad.c +++ b/src/providers/ldap/sdap_async_initgroups_ad.c @@ -208,7 +208,7 @@ sdap_get_ad_match_rule_initgroups_step(struct tevent_req *subreq) talloc_zfree(subreq); if (ret != EOK) { DEBUG(SSSDBG_MINOR_FAILURE, - ("LDAP search failed: [%s]\n", strerror(ret))); + ("LDAP search failed: [%s]\n", sss_strerror(ret))); goto error; } @@ -383,7 +383,7 @@ static void sdap_get_ad_tokengroups_done(struct tevent_req *subreq) talloc_zfree(subreq); if (ret != EOK) { DEBUG(SSSDBG_MINOR_FAILURE, - ("LDAP search failed: [%s]\n", strerror(ret))); + ("LDAP search failed: [%s]\n", sss_strerror(ret))); goto done; } diff --git a/src/util/util_errors.c b/src/util/util_errors.c index 114c8b04f..633257e8d 100644 --- a/src/util/util_errors.c +++ b/src/util/util_errors.c @@ -51,6 +51,7 @@ struct err_string error_to_str[] = { { "Entry not found" }, /* ERR_NOT_FOUND */ { "Domain not found" }, /* ERR_DOMAIN_NOT_FOUND */ { "Missing configuration file" }, /* ERR_MISSING_CONF */ + { "Malformed search filter" }, /* ERR_INVALID_FILTER, */ }; diff --git a/src/util/util_errors.h b/src/util/util_errors.h index bca45f392..133208503 100644 --- a/src/util/util_errors.h +++ b/src/util/util_errors.h @@ -73,6 +73,7 @@ enum sssd_errors { ERR_NOT_FOUND, ERR_DOMAIN_NOT_FOUND, ERR_MISSING_CONF, + ERR_INVALID_FILTER, ERR_LAST /* ALWAYS LAST */ }; |