diff options
| -rw-r--r-- | server/db/sysdb_ops.c | 6 | ||||
| -rw-r--r-- | server/providers/ldap/sdap_async.c | 18 |
2 files changed, 18 insertions, 6 deletions
diff --git a/server/db/sysdb_ops.c b/server/db/sysdb_ops.c index 8610e634b..687c754f6 100644 --- a/server/db/sysdb_ops.c +++ b/server/db/sysdb_ops.c @@ -1692,14 +1692,14 @@ struct tevent_req *sysdb_add_user_send(TALLOC_CTX *mem_ctx, (uid < domain->id_min || uid > domain->id_max)) { DEBUG(2, ("Supplied uid [%d] is not in the allowed range [%d-%d].\n", uid, domain->id_min, domain->id_max)); - ERROR_OUT(ret, EINVAL, fail); + ERROR_OUT(ret, ERANGE, fail); } if (domain->id_max != 0 && gid != 0 && (gid < domain->id_min || gid > domain->id_max)) { DEBUG(2, ("Supplied gid [%d] is not in the allowed range [%d-%d].\n", gid, domain->id_min, domain->id_max)); - ERROR_OUT(ret, EINVAL, fail); + ERROR_OUT(ret, ERANGE, fail); } if (domain->mpg) { @@ -2104,7 +2104,7 @@ struct tevent_req *sysdb_add_group_send(TALLOC_CTX *mem_ctx, (gid < domain->id_min || gid > domain->id_max)) { DEBUG(2, ("Supplied gid [%d] is not in the allowed range [%d-%d].\n", gid, domain->id_min, domain->id_max)); - ERROR_OUT(ret, EINVAL, fail); + ERROR_OUT(ret, ERANGE, fail); } if (domain->mpg) { diff --git a/server/providers/ldap/sdap_async.c b/server/providers/ldap/sdap_async.c index a4491d814..b2e0fb214 100644 --- a/server/providers/ldap/sdap_async.c +++ b/server/providers/ldap/sdap_async.c @@ -1255,7 +1255,11 @@ static void sdap_get_users_save_done(struct tevent_req *subreq) ret = sdap_save_user_recv(subreq); talloc_zfree(subreq); - if (ret) { + + /* If the configuration has id ranges and the remote user is out + * of these ranges we will get back an ERANGE error. In this case + * we just ignore the error and go on with the next op */ + if (ret && (ret != ERANGE)) { tevent_req_error(req, ret); return; } @@ -1448,7 +1452,11 @@ static void sdap_get_groups_save_done(struct tevent_req *subreq) ret = sdap_save_group_recv(subreq); talloc_zfree(subreq); - if (ret) { + + /* If the configuration has id ranges and the remote user is out + * of these ranges we will get back an ERANGE error. In this case + * we just ignore the error and go on with the next op */ + if (ret && (ret != ERANGE)) { tevent_req_error(req, ret); return; } @@ -1752,7 +1760,11 @@ static void sdap_get_initgr_save_done(struct tevent_req *subreq) ret = sdap_save_group_recv(subreq); talloc_zfree(subreq); - if (ret) { + + /* If the configuration has id ranges and the remote user is out + * of these ranges we will get back an ERANGE error. In this case + * we just ignore the error and go on with the next op */ + if (ret && (ret != ERANGE)) { tevent_req_error(req, ret); return; } |