diff options
| -rw-r--r-- | src/providers/ldap/sdap.c | 7 | ||||
| -rw-r--r-- | src/providers/ldap/sdap_async.c | 8 |
2 files changed, 11 insertions, 4 deletions
diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c index f2178dd0a..ff50f8b5d 100644 --- a/src/providers/ldap/sdap.c +++ b/src/providers/ldap/sdap.c @@ -580,10 +580,11 @@ errno_t sdap_parse_deref(TALLOC_CTX *mem_ctx, "Dereferenced DN: %s\n", orig_dn); if (!dref->attrVals) { - DEBUG(SSSDBG_MINOR_FAILURE, - "Dereferenced entry [%s] has no attributes\n", + DEBUG(SSSDBG_FUNC_DATA, + "Dereferenced entry [%s] has no attributes, skipping\n", orig_dn); - ret = EINVAL; + *_res = NULL; + ret = EOK; goto done; } diff --git a/src/providers/ldap/sdap_async.c b/src/providers/ldap/sdap_async.c index 87c125faa..a8ea53113 100644 --- a/src/providers/ldap/sdap_async.c +++ b/src/providers/ldap/sdap_async.c @@ -1061,6 +1061,12 @@ static errno_t add_to_deref_reply(TALLOC_CTX *mem_ctx, { int i; + if (res == NULL) { + /* Nothing to add, probably ACIs prevented us from dereferencing + * the attribute */ + return EOK; + } + for (i=0; i < num_maps; i++) { if (res[i]->attrs == NULL) continue; /* Nothing in this map */ @@ -1829,7 +1835,7 @@ static errno_t sdap_x_deref_parse_entry(struct sdap_handle *sh, } ret = add_to_deref_reply(state, state->num_maps, - &state->dreply, res); + &state->dreply, res); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, "add_to_deref_reply failed.\n"); goto done; |