31a7087 Ticket #447 - Possible to add invalid attribute to nsslapd-allowed-to-delete-attrs

Authored and Committed by nhosoi 5 years ago
    Ticket #447 - Possible to add invalid attribute to nsslapd-allowed-to-delete-attrs
    
    Bug description: If given value of nsslapd-allowed-to-delete-attrs are
    all invalid attributes, e.g.,
      nsslapd-allowed-to-delete-attrs: invalid0 invalid1
    they were logged as invalid, but accidentally set to nsslapd-allowed-
    to-delete-attrs.
    
    Fix description: This patch checks the validation result and if there
    is no valid attributes given to nsslapd-allowed-to-delete-attrs, it
    issues a message in the error log:
      nsslapd-allowed-to-delete-attrs: Given attributes are all invalid.
      No effects.
    and it returns an error.  The modify operation fails with "DSA is
    unwilling to perform".
    
    https://fedorahosted.org/389/ticket/447
    
    Reviewed by rmeggins@redhat.com (Thank you, Rich!)
    (cherry picked from commit 31cd7a838aef30d80be6efe519cc2e821811c645)
    (cherry picked from commit eab32225c129f6a5115bbd5ac2a3c2035f4393b2)
    (cherry picked from commit c392aa891e67b8be189d3e354a179fc376998642)
    
        
file modified
+16 -8