39 lines
1.5 KiB
Diff
39 lines
1.5 KiB
Diff
From 0d628f98500a0fd642ba0c720c40393460988f73 Mon Sep 17 00:00:00 2001
|
|
From: Sumit Bose <sbose@redhat.com>
|
|
Date: Fri, 20 Mar 2015 18:41:52 +0100
|
|
Subject: [PATCH 37/99] GPO: error out instead of leaving array element
|
|
uninitialized
|
|
|
|
In general every object created by the AD provider should have a SID
|
|
attribute. Since SIDs and GPOs are used for access control a missing SID
|
|
should be treated as error for now until it is known if there is a valid
|
|
reason why the SID is missing.
|
|
|
|
Resolves https://fedorahosted.org/sssd/ticket/2608
|
|
|
|
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
|
(cherry picked from commit 4cfab2330323834574c179f774a0c6b1fff4936e)
|
|
---
|
|
src/providers/ad/ad_gpo.c | 5 ++++-
|
|
1 file changed, 4 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/src/providers/ad/ad_gpo.c b/src/providers/ad/ad_gpo.c
|
|
index c45b7963e221ae30e0c003762e4a8320449cd211..69ff6daaa7e060cca4cab129ecde83d3406702d1 100644
|
|
--- a/src/providers/ad/ad_gpo.c
|
|
+++ b/src/providers/ad/ad_gpo.c
|
|
@@ -581,7 +581,10 @@ ad_gpo_get_sids(TALLOC_CTX *mem_ctx,
|
|
group_sid = ldb_msg_find_attr_as_string(res->msgs[i+1],
|
|
SYSDB_SID_STR, NULL);
|
|
if (group_sid == NULL) {
|
|
- continue;
|
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Missing SID for cache entry [%s].\n",
|
|
+ ldb_dn_get_linearized(res->msgs[i+1]->dn));
|
|
+ ret = EINVAL;
|
|
+ goto done;
|
|
}
|
|
|
|
group_sids[i] = talloc_steal(group_sids, group_sid);
|
|
--
|
|
2.4.0
|
|
|