summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb
diff options
context:
space:
mode:
authorNadezhda Ivanova <nivanova@samba.org>2011-01-28 11:58:14 +0200
committerNadezhda Ivanova <nivanova@samba.org>2011-01-28 12:04:01 +0100
commit95e644f4605f91632bf606d5ec36abc187bc98af (patch)
tree0bf28ce4d2138773895fe2058b921a3fe0601b8f /source4/dsdb/samdb
parent1232fb5a1ef22de76217f854158b10400a770b45 (diff)
downloadsamba-95e644f4605f91632bf606d5ec36abc187bc98af.tar.gz
samba-95e644f4605f91632bf606d5ec36abc187bc98af.tar.bz2
samba-95e644f4605f91632bf606d5ec36abc187bc98af.zip
s4-acl: Fixed returning uninitialized ldap error in case of some critical errors.
Autobuild-User: Nadezhda Ivanova <nivanova@samba.org> Autobuild-Date: Fri Jan 28 12:04:01 CET 2011 on sn-devel-104
Diffstat (limited to 'source4/dsdb/samdb')
-rw-r--r--source4/dsdb/samdb/ldb_modules/acl.c17
1 files changed, 10 insertions, 7 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/acl.c b/source4/dsdb/samdb/ldb_modules/acl.c
index 2db4de58b2..69ff2aae94 100644
--- a/source4/dsdb/samdb/ldb_modules/acl.c
+++ b/source4/dsdb/samdb/ldb_modules/acl.c
@@ -891,8 +891,9 @@ static int acl_modify(struct ldb_module *module, struct ldb_request *req)
ret = dsdb_get_sd_from_ldb_message(ldb, tmp_ctx, acl_res->msgs[0], &sd);
if (ret != LDB_SUCCESS) {
- DEBUG(10, ("acl_modify: cannot get descriptor\n"));
- goto fail;
+ talloc_free(tmp_ctx);
+ return ldb_error(ldb, LDB_ERR_OPERATIONS_ERROR,
+ "acl_modify: Error retrieving security descriptor.");
}
/* Theoretically we pass the check if the object has no sd */
if (!sd) {
@@ -901,19 +902,21 @@ static int acl_modify(struct ldb_module *module, struct ldb_request *req)
guid = get_oc_guid_from_message(module, schema, acl_res->msgs[0]);
if (!guid) {
- DEBUG(10, ("acl_modify: cannot get guid\n"));
- goto fail;
+ talloc_free(tmp_ctx);
+ return ldb_error(ldb, LDB_ERR_OPERATIONS_ERROR,
+ "acl_modify: Error retrieving object class GUID.");
}
sid = samdb_result_dom_sid(req, acl_res->msgs[0], "objectSid");
if (!insert_in_object_tree(tmp_ctx, guid, SEC_ADS_WRITE_PROP,
&root, &new_node)) {
- DEBUG(10, ("acl_modify: cannot add to object tree\n"));
- goto fail;
+ talloc_free(tmp_ctx);
+ return ldb_error(ldb, LDB_ERR_OPERATIONS_ERROR,
+ "acl_modify: Error adding new node in object tree.");
}
for (i=0; i < req->op.mod.message->num_elements; i++){
const struct dsdb_attribute *attr;
attr = dsdb_attribute_by_lDAPDisplayName(schema,
- req->op.mod.message->elements[i].name);
+ req->op.mod.message->elements[i].name);
if (ldb_attr_cmp("nTSecurityDescriptor", req->op.mod.message->elements[i].name) == 0) {
status = sec_access_check_ds(sd, acl_user_token(module),