summaryrefslogtreecommitdiff
path: root/src/providers/ldap
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2011-01-26 17:51:02 +0100
committerStephen Gallagher <sgallagh@redhat.com>2011-01-27 12:24:16 -0500
commitaa89df2040593f9120196ec440d2dc6d9f860d55 (patch)
treec8952e6cbe661a9d0289404a1a7e565f83a626f1 /src/providers/ldap
parent85b588e7ca889c731c1b72473c7c9eaf3a23ae31 (diff)
downloadsssd-aa89df2040593f9120196ec440d2dc6d9f860d55.tar.gz
sssd-aa89df2040593f9120196ec440d2dc6d9f860d55.tar.bz2
sssd-aa89df2040593f9120196ec440d2dc6d9f860d55.zip
Do not fail if attributes are empty
Currently we fail if attributes are empty. But there are some use cases where requested attributes are empty. E.g Active Directory uses an empty member attribute to indicate that a subset of the members are in a range sub-attribute.
Diffstat (limited to 'src/providers/ldap')
-rw-r--r--src/providers/ldap/sdap.c45
1 files changed, 29 insertions, 16 deletions
diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c
index ea2eabe7..95c39a0c 100644
--- a/src/providers/ldap/sdap.c
+++ b/src/providers/ldap/sdap.c
@@ -185,34 +185,47 @@ int sdap_parse_entry(TALLOC_CTX *memctx,
name = map[a].sys_name;
} else {
store = false;
+ name = NULL;
}
} else {
name = str;
store = true;
}
+ if (strstr(str, ";range=") != NULL) {
+ DEBUG(1, ("Attribute [%s] has range sub-attribute "
+ "which is currently not supported, skipping.\n", str));
+ store = false;
+ }
+
if (store) {
vals = ldap_get_values_len(sh->ldap, sm->msg, str);
if (!vals) {
ldap_get_option(sh->ldap, LDAP_OPT_RESULT_CODE, &lerrno);
- DEBUG(1, ("LDAP Library error: %d(%s)",
- lerrno, ldap_err2string(lerrno)));
- ret = EIO;
- goto fail;
- }
- if (!vals[0]) {
- DEBUG(1, ("Missing value after ldap_get_values() ??\n"));
- ret = EINVAL;
- goto fail;
- }
- for (i = 0; vals[i]; i++) {
- v.data = (uint8_t *)vals[i]->bv_val;
- v.length = vals[i]->bv_len;
+ if (lerrno != LDAP_SUCCESS) {
+ DEBUG(1, ("LDAP Library error: %d(%s)",
+ lerrno, ldap_err2string(lerrno)));
+ ret = EIO;
+ goto fail;
+ }
+
+ DEBUG(5, ("Attribute [%s] has no values, skipping.\n", str));
- ret = sysdb_attrs_add_val(attrs, name, &v);
- if (ret) goto fail;
+ } else {
+ if (!vals[0]) {
+ DEBUG(1, ("Missing value after ldap_get_values() ??\n"));
+ ret = EINVAL;
+ goto fail;
+ }
+ for (i = 0; vals[i]; i++) {
+ v.data = (uint8_t *)vals[i]->bv_val;
+ v.length = vals[i]->bv_len;
+
+ ret = sysdb_attrs_add_val(attrs, name, &v);
+ if (ret) goto fail;
+ }
+ ldap_value_free_len(vals);
}
- ldap_value_free_len(vals);
}
ldap_memfree(str);