summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2011-01-26 17:51:02 +0100
committerStephen Gallagher <sgallagh@redhat.com>2011-01-27 12:24:16 -0500
commitaa89df2040593f9120196ec440d2dc6d9f860d55 (patch)
treec8952e6cbe661a9d0289404a1a7e565f83a626f1
parent85b588e7ca889c731c1b72473c7c9eaf3a23ae31 (diff)
downloadsssd-aa89df2040593f9120196ec440d2dc6d9f860d55.tar.gz
sssd-aa89df2040593f9120196ec440d2dc6d9f860d55.tar.bz2
sssd-aa89df2040593f9120196ec440d2dc6d9f860d55.zip
Do not fail if attributes are empty
Currently we fail if attributes are empty. But there are some use cases where requested attributes are empty. E.g Active Directory uses an empty member attribute to indicate that a subset of the members are in a range sub-attribute.
-rw-r--r--src/providers/ldap/sdap.c45
1 files changed, 29 insertions, 16 deletions
diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c
index ea2eabe7..95c39a0c 100644
--- a/src/providers/ldap/sdap.c
+++ b/src/providers/ldap/sdap.c
@@ -185,34 +185,47 @@ int sdap_parse_entry(TALLOC_CTX *memctx,
name = map[a].sys_name;
} else {
store = false;
+ name = NULL;
}
} else {
name = str;
store = true;
}
+ if (strstr(str, ";range=") != NULL) {
+ DEBUG(1, ("Attribute [%s] has range sub-attribute "
+ "which is currently not supported, skipping.\n", str));
+ store = false;
+ }
+
if (store) {
vals = ldap_get_values_len(sh->ldap, sm->msg, str);
if (!vals) {
ldap_get_option(sh->ldap, LDAP_OPT_RESULT_CODE, &lerrno);
- DEBUG(1, ("LDAP Library error: %d(%s)",
- lerrno, ldap_err2string(lerrno)));
- ret = EIO;
- goto fail;
- }
- if (!vals[0]) {
- DEBUG(1, ("Missing value after ldap_get_values() ??\n"));
- ret = EINVAL;
- goto fail;
- }
- for (i = 0; vals[i]; i++) {
- v.data = (uint8_t *)vals[i]->bv_val;
- v.length = vals[i]->bv_len;
+ if (lerrno != LDAP_SUCCESS) {
+ DEBUG(1, ("LDAP Library error: %d(%s)",
+ lerrno, ldap_err2string(lerrno)));
+ ret = EIO;
+ goto fail;
+ }
+
+ DEBUG(5, ("Attribute [%s] has no values, skipping.\n", str));
- ret = sysdb_attrs_add_val(attrs, name, &v);
- if (ret) goto fail;
+ } else {
+ if (!vals[0]) {
+ DEBUG(1, ("Missing value after ldap_get_values() ??\n"));
+ ret = EINVAL;
+ goto fail;
+ }
+ for (i = 0; vals[i]; i++) {
+ v.data = (uint8_t *)vals[i]->bv_val;
+ v.length = vals[i]->bv_len;
+
+ ret = sysdb_attrs_add_val(attrs, name, &v);
+ if (ret) goto fail;
+ }
+ ldap_value_free_len(vals);
}
- ldap_value_free_len(vals);
}
ldap_memfree(str);