mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-24 08:00:02 -06:00
Always verify we have a valid ldap context.
LDAP calls just assert if an invalid (NULL) context is passed in, so we need to be sure we have a valid connection context before calling into LDAP APIs and fail outright if a context can't be obtained. https://fedorahosted.org/freeipa/ticket/5577 Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
This commit is contained in:
parent
58ab032f1a
commit
2144b1eeb7
@ -158,6 +158,14 @@ static bool ipadb_need_retry(struct ipadb_context *ipactx, int error)
|
||||
return false;
|
||||
}
|
||||
|
||||
static int ipadb_check_connection(struct ipadb_context *ipactx)
|
||||
{
|
||||
if (ipactx->lcontext == NULL) {
|
||||
return ipadb_get_connection(ipactx);
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
krb5_error_code ipadb_simple_search(struct ipadb_context *ipactx,
|
||||
char *basedn, int scope,
|
||||
char *filter, char **attrs,
|
||||
@ -165,6 +173,10 @@ krb5_error_code ipadb_simple_search(struct ipadb_context *ipactx,
|
||||
{
|
||||
int ret;
|
||||
|
||||
ret = ipadb_check_connection(ipactx);
|
||||
if (ret != 0)
|
||||
return ipadb_simple_ldap_to_kerr(ret);
|
||||
|
||||
ret = ldap_search_ext_s(ipactx->lcontext, basedn, scope,
|
||||
filter, attrs, 0, NULL, NULL,
|
||||
&std_timeout, LDAP_NO_LIMIT,
|
||||
@ -187,6 +199,10 @@ krb5_error_code ipadb_simple_delete(struct ipadb_context *ipactx, char *dn)
|
||||
{
|
||||
int ret;
|
||||
|
||||
ret = ipadb_check_connection(ipactx);
|
||||
if (ret != 0)
|
||||
return ipadb_simple_ldap_to_kerr(ret);
|
||||
|
||||
ret = ldap_delete_ext_s(ipactx->lcontext, dn, NULL, NULL);
|
||||
|
||||
/* first test if we need to retry to connect */
|
||||
@ -204,6 +220,10 @@ krb5_error_code ipadb_simple_add(struct ipadb_context *ipactx,
|
||||
{
|
||||
int ret;
|
||||
|
||||
ret = ipadb_check_connection(ipactx);
|
||||
if (ret != 0)
|
||||
return ipadb_simple_ldap_to_kerr(ret);
|
||||
|
||||
ret = ldap_add_ext_s(ipactx->lcontext, dn, mods, NULL, NULL);
|
||||
|
||||
/* first test if we need to retry to connect */
|
||||
@ -221,6 +241,10 @@ krb5_error_code ipadb_simple_modify(struct ipadb_context *ipactx,
|
||||
{
|
||||
int ret;
|
||||
|
||||
ret = ipadb_check_connection(ipactx);
|
||||
if (ret != 0)
|
||||
return ipadb_simple_ldap_to_kerr(ret);
|
||||
|
||||
ret = ldap_modify_ext_s(ipactx->lcontext, dn, mods, NULL, NULL);
|
||||
|
||||
/* first test if we need to retry to connect */
|
||||
@ -320,6 +344,11 @@ krb5_error_code ipadb_deref_search(struct ipadb_context *ipactx,
|
||||
retry = true;
|
||||
while (retry) {
|
||||
times--;
|
||||
|
||||
ret = ipadb_check_connection(ipactx);
|
||||
if (ret != 0)
|
||||
break;
|
||||
|
||||
ret = ldap_search_ext_s(ipactx->lcontext, base_dn,
|
||||
scope, filter,
|
||||
entry_attrs, 0,
|
||||
|
Loading…
Reference in New Issue
Block a user