freeipa

Clone
Source Code
GIT

9fe984f extdom: unify error code handling especially LDAP_NO_SUCH_OBJECT

3 files Authored by sbose 4 years ago, Committed by abbra 4 years ago,
raw patch tree parent
3 files changed. 61 lines added. 22 lines removed.
daemons/ipa-slapi-plugins/ipa-extdom-extop/back_extdom_sss_idmap.c
file modified
+2 -2
daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c
file modified
+57 -20
daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_extop.c
file modified
+2 -0 
    extdom: unify error code handling especially LDAP_NO_SUCH_OBJECT
    
    A return code LDAP_NO_SUCH_OBJECT will tell SSSD on the IPA client to
    remove the searched object from the cache. As a consequence
    LDAP_NO_SUCH_OBJECT should only be returned if the object really does
    not exists otherwise the data of existing objects might be removed form
    the cache of the clients causing unexpected behaviour like
    authentication errors.
    
    Currently some code-paths use LDAP_NO_SUCH_OBJECT as default error code.
    With this patch LDAP_NO_SUCH_OBJECT is only returned if the related
    lookup functions return ENOENT. Timeout related error code will lead to
    LDAP_TIMELIMIT_EXCEEDED and LDAP_OPERATIONS_ERROR is used as default
    error code.
    
    Fixes: https://pagure.io/freeipa/issue/8044
    Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
file modified
+2 -2
file modified
+57 -20
file modified
+2 -0
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.