diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2003-02-01 06:13:33 +0000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2003-02-01 06:13:33 +0000 |
| commit | 97716129f5bc80c5219197c61d6682f676ec89a6 (patch) | |
| tree | 95b43f66ed9eb1b46a48eec2b840ed97d50c46d5 /source3/passdb/pdb_ldap.c | |
| parent | c2b134cc3b67d48961226cbfac6ea3a2fc7cc1a6 (diff) | |
| download | samba-97716129f5bc80c5219197c61d6682f676ec89a6.tar.gz samba-97716129f5bc80c5219197c61d6682f676ec89a6.tar.bz2 samba-97716129f5bc80c5219197c61d6682f676ec89a6.zip | |
More ldap parinoia - if we ever get more than one result, bail. The order we
get them in should be indeterminate, so just picking the first one would be
bad...
Andrew Bartlett
(This used to be commit 21da8c3bb39c507eb90865549c3bb3538dcea138)
Diffstat (limited to 'source3/passdb/pdb_ldap.c')
| -rw-r--r-- | source3/passdb/pdb_ldap.c | 28 |
1 files changed, 23 insertions, 5 deletions
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index 6f46201d8d..e058d2d108 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -1581,16 +1581,26 @@ static NTSTATUS ldapsam_getsampwnam(struct pdb_methods *my_methods, SAM_ACCOUNT struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data; LDAPMessage *result; LDAPMessage *entry; - + int count; + if (ldapsam_search_one_user_by_name(ldap_state, sname, &result) != LDAP_SUCCESS) { return NT_STATUS_NO_SUCH_USER; } - if (ldap_count_entries(ldap_state->ldap_struct, result) < 1) { + + count = ldap_count_entries(ldap_state->ldap_struct, result); + + if (count < 1) { DEBUG(4, ("We don't find this user [%s] count=%d\n", sname, - ldap_count_entries(ldap_state->ldap_struct, result))); + count)); + return NT_STATUS_NO_SUCH_USER; + } else if (count > 1) { + DEBUG(1, + ("Duplicate entries for this user [%s] Failing. count=%d\n", sname, + count)); return NT_STATUS_NO_SUCH_USER; } + entry = ldap_first_entry(ldap_state->ldap_struct, result); if (entry) { if (!init_sam_from_ldap(ldap_state, user, entry)) { @@ -1616,15 +1626,23 @@ static NTSTATUS ldapsam_getsampwrid(struct pdb_methods *my_methods, SAM_ACCOUNT (struct ldapsam_privates *)my_methods->private_data; LDAPMessage *result; LDAPMessage *entry; + int count; if (ldapsam_search_one_user_by_rid(ldap_state, rid, &result) != LDAP_SUCCESS) { return NT_STATUS_NO_SUCH_USER; } - if (ldap_count_entries(ldap_state->ldap_struct, result) < 1) { + count = ldap_count_entries(ldap_state->ldap_struct, result); + + if (count < 1) { DEBUG(4, ("We don't find this rid [%i] count=%d\n", rid, - ldap_count_entries(ldap_state->ldap_struct, result))); + count)); + return NT_STATUS_NO_SUCH_USER; + } else if (count > 1) { + DEBUG(1, + ("More than one user with rid [%i]. Failing. count=%d\n", rid, + count)); return NT_STATUS_NO_SUCH_USER; } |