On (08/08/16 16:35), Lukas Slebodnik wrote:
>On (04/08/16 11:03), Jakub Hrozek wrote:
>>On Wed, Aug 03, 2016 at 06:08:44PM +0200, Lukas Slebodnik wrote:
>>> On (03/08/16 18:05), Jakub Hrozek wrote:
>>> >Hi,
>>> >
>>> >these two patches add error handling to the code. The first prevents
>>> >operating on ldb_message if retrieving the message fails. I only tested
>>> >an SSH login with a UPN to make sure we actually hit this codepath. I
>>> >don't like the deep indendation nesting, so I welcome suggestions how to
>>> >fix the code better.
>>> >
>>> >The second just checks a return value.
>>>
>>> >From a27529da7c03a27f8d87c624e4b6660fd5b22edf Mon Sep 17 00:00:00 2001
>>> >From: Jakub Hrozek <jhro...@redhat.com>
>>> >Date: Wed, 3 Aug 2016 18:03:59 +0200
>>> >Subject: [PATCH 2/2] IPA: Check the return value of
>>> >sss_parse_internal_fqname
>>> >
>>> >---
>>> > src/providers/ipa/ipa_subdomains_id.c | 6 ++++++
>>> > 1 file changed, 6 insertions(+)
>>> >
>>> >diff --git a/src/providers/ipa/ipa_subdomains_id.c
>>> >b/src/providers/ipa/ipa_subdomains_id.c
>>> >index
>>> >76fdaa8a1213069bd6b45e0b69b6cdb0d034d721..886813dc648f04c8fadd234524fce94455f31ee4
>>> > 100644
>>> >--- a/src/providers/ipa/ipa_subdomains_id.c
>>> >+++ b/src/providers/ipa/ipa_subdomains_id.c
>>> >@@ -509,6 +509,12 @@ static void ipa_get_subdom_acct_connected(struct
>>> >tevent_req *subreq)
>>> > } else {
>>> > ret = sss_parse_internal_fqname(req_input, state->filter,
>>> > &shortname, NULL);
>>> >+ if (ret != EOK) {
>>> >+ DEBUG(SSSDBG_CRIT_FAILURE,
>>> >+ "Cannot parse internal name [%s]: %d\n",
>>> >+ state->filter, ret);
>>> >+ }
>>> >+
>>> We should either fail or use less verbose debug_level.
>>
>>Of cours,we need to fail. See the new patches.
>
>>From 1e67ab6596ac73d12c97abc5feebe2ee1fca6a3f Mon Sep 17 00:00:00 2001
>>From: Jakub Hrozek <jhro...@redhat.com>
>>Date: Wed, 3 Aug 2016 17:43:14 +0200
>>Subject: [PATCH 1/2] PAM: Do not act on ldb_message in case of a failure
>>
>>---
>> src/responder/pam/pamsrv_cmd.c | 33 ++++++++++++++++++---------------
>> 1 file changed, 18 insertions(+), 15 deletions(-)
>>
>ACK
>
>>From 31273617f97973332d8b265dcb01679025d16cbd Mon Sep 17 00:00:00 2001
>>From: Jakub Hrozek <jhro...@redhat.com>
>>Date: Wed, 3 Aug 2016 18:03:59 +0200
>>Subject: [PATCH 2/2] IPA: Check the return value of sss_parse_internal_fqname
>>
>>We should fail the request if sss_parse_internal_fqname() fails.
>>---
>> src/providers/ipa/ipa_subdomains_id.c | 8 ++++++++
>> 1 file changed, 8 insertions(+)
>>
>ACK
>
>http://sssd-ci.duckdns.org/logs/job/51/06/summary.html
>
master:
* 858c7b713bc4cb33e3339949ca43c9fba9f85a65
* 5cda8428d23266aaaf4d7cddba50311202365c16
LS
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/admin/lists/sssd-devel@lists.fedorahosted.org
