diff options
author | Sumit Bose <sbose@redhat.com> | 2011-01-26 17:51:02 +0100 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-01-27 12:24:16 -0500 |
commit | aa89df2040593f9120196ec440d2dc6d9f860d55 (patch) | |
tree | c8952e6cbe661a9d0289404a1a7e565f83a626f1 | |
parent | 85b588e7ca889c731c1b72473c7c9eaf3a23ae31 (diff) | |
download | sssd-aa89df2040593f9120196ec440d2dc6d9f860d55.tar.gz sssd-aa89df2040593f9120196ec440d2dc6d9f860d55.tar.bz2 sssd-aa89df2040593f9120196ec440d2dc6d9f860d55.zip |
Do not fail if attributes are empty
Currently we fail if attributes are empty. But there are some use cases
where requested attributes are empty. E.g Active Directory uses an empty
member attribute to indicate that a subset of the members are in a range
sub-attribute.
-rw-r--r-- | src/providers/ldap/sdap.c | 45 |
1 files changed, 29 insertions, 16 deletions
diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c index ea2eabe7..95c39a0c 100644 --- a/src/providers/ldap/sdap.c +++ b/src/providers/ldap/sdap.c @@ -185,34 +185,47 @@ int sdap_parse_entry(TALLOC_CTX *memctx, name = map[a].sys_name; } else { store = false; + name = NULL; } } else { name = str; store = true; } + if (strstr(str, ";range=") != NULL) { + DEBUG(1, ("Attribute [%s] has range sub-attribute " + "which is currently not supported, skipping.\n", str)); + store = false; + } + if (store) { vals = ldap_get_values_len(sh->ldap, sm->msg, str); if (!vals) { ldap_get_option(sh->ldap, LDAP_OPT_RESULT_CODE, &lerrno); - DEBUG(1, ("LDAP Library error: %d(%s)", - lerrno, ldap_err2string(lerrno))); - ret = EIO; - goto fail; - } - if (!vals[0]) { - DEBUG(1, ("Missing value after ldap_get_values() ??\n")); - ret = EINVAL; - goto fail; - } - for (i = 0; vals[i]; i++) { - v.data = (uint8_t *)vals[i]->bv_val; - v.length = vals[i]->bv_len; + if (lerrno != LDAP_SUCCESS) { + DEBUG(1, ("LDAP Library error: %d(%s)", + lerrno, ldap_err2string(lerrno))); + ret = EIO; + goto fail; + } + + DEBUG(5, ("Attribute [%s] has no values, skipping.\n", str)); - ret = sysdb_attrs_add_val(attrs, name, &v); - if (ret) goto fail; + } else { + if (!vals[0]) { + DEBUG(1, ("Missing value after ldap_get_values() ??\n")); + ret = EINVAL; + goto fail; + } + for (i = 0; vals[i]; i++) { + v.data = (uint8_t *)vals[i]->bv_val; + v.length = vals[i]->bv_len; + + ret = sysdb_attrs_add_val(attrs, name, &v); + if (ret) goto fail; + } + ldap_value_free_len(vals); } - ldap_value_free_len(vals); } ldap_memfree(str); |