IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Return more specific errors when returning an LDAP_OPERATIONS_ERROR

Browse Source 
472332
This commit is contained in:
Rob Crittenden 2010-04-23 10:30:02 -04:00
parent 1d635090cb
commit c7f50ac7ef
1 changed files with 16 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c
View File

@ -477,7 +477,8 @@ static inline void encode_int16(unsigned int val, unsigned char *p)
} }
static Slapi_Value **encrypt_encode_key(struct ipapwd_krbcfg *krbcfg, static Slapi_Value **encrypt_encode_key(struct ipapwd_krbcfg *krbcfg,
struct ipapwd_data *data) struct ipapwd_data *data,
char **errMesg)
{ {
krb5_context krbctx; krb5_context krbctx;
char *krbPrincipalName = NULL; char *krbPrincipalName = NULL;
@ -503,7 +504,8 @@ static Slapi_Value **encrypt_encode_key(struct ipapwd_krbcfg *krbcfg,
krbPrincipalName = slapi_entry_attr_get_charptr(data->target, "krbPrincipalName"); krbPrincipalName = slapi_entry_attr_get_charptr(data->target, "krbPrincipalName");
if (!krbPrincipalName) { if (!krbPrincipalName) {
slapi_log_error(SLAPI_LOG_FATAL, "ipa_pwd_extop", "no krbPrincipalName present in this entry\n"); *errMesg = "no krbPrincipalName present in this entry\n";
slapi_log_error(SLAPI_LOG_FATAL, "ipa_pwd_extop", *errMesg);
return NULL; return NULL;
} }
@ -765,6 +767,7 @@ static Slapi_Value **encrypt_encode_key(struct ipapwd_krbcfg *krbcfg,
return svals; return svals;
enc_error: enc_error:
*errMesg = "key encryption/encoding failed\n";
if (kset) ipapwd_keyset_free(&kset); if (kset) ipapwd_keyset_free(&kset);
krb5_free_principal(krbctx, princ); krb5_free_principal(krbctx, princ);
slapi_ch_free_string(&krbPrincipalName); slapi_ch_free_string(&krbPrincipalName);
@ -1737,7 +1740,7 @@ static void hexbuf(char *out, const uint8_t *in)
static int ipapwd_SetPassword(struct ipapwd_krbcfg *krbcfg, static int ipapwd_SetPassword(struct ipapwd_krbcfg *krbcfg,
struct ipapwd_data *data) struct ipapwd_data *data)
{ {
int ret = 0, i = 0; int ret = 0;
Slapi_Mods *smods; Slapi_Mods *smods;
Slapi_Value **svals = NULL; Slapi_Value **svals = NULL;
Slapi_Value **pwvals = NULL; Slapi_Value **pwvals = NULL;
@ -1749,13 +1752,14 @@ static int ipapwd_SetPassword(struct ipapwd_krbcfg *krbcfg,
struct ntlm_keys ntlm; struct ntlm_keys ntlm;
int ntlm_flags = 0; int ntlm_flags = 0;
Slapi_Value *sambaSamAccount; Slapi_Value *sambaSamAccount;
char *errMesg = NULL;
slapi_log_error(SLAPI_LOG_TRACE, "ipa_pwd_extop", "=> ipapwd_SetPassword\n"); slapi_log_error(SLAPI_LOG_TRACE, "ipa_pwd_extop", "=> ipapwd_SetPassword\n");
smods = slapi_mods_new(); smods = slapi_mods_new();
/* generate kerberos keys to be put into krbPrincipalKey */ /* generate kerberos keys to be put into krbPrincipalKey */
svals = encrypt_encode_key(krbcfg, data); svals = encrypt_encode_key(krbcfg, data, &errMesg);
if (!svals) { if (!svals) {
slapi_log_error(SLAPI_LOG_FATAL, "ipa_pwd_extop", "key encryption/encoding failed\n"); slapi_log_error(SLAPI_LOG_FATAL, "ipa_pwd_extop", "key encryption/encoding failed\n");
ret = LDAP_OPERATIONS_ERROR; ret = LDAP_OPERATIONS_ERROR;
@ -3184,7 +3188,8 @@ static int ipapwd_preop_gen_hashes(struct ipapwd_krbcfg *krbcfg,
char *userpw, char *userpw,
int is_krb, int is_smb, int is_krb, int is_smb,
Slapi_Value ***svals, Slapi_Value ***svals,
char **nthash, char **lmhash) char **nthash, char **lmhash,
char **errMesg)
{ {
int rc; int rc;
@ -3192,9 +3197,10 @@ static int ipapwd_preop_gen_hashes(struct ipapwd_krbcfg *krbcfg,
pwdop->is_krb = 1; pwdop->is_krb = 1;
*svals = encrypt_encode_key(krbcfg, &pwdop->pwdata); *svals = encrypt_encode_key(krbcfg, &pwdop->pwdata, errMesg);
if (!*svals) { if (!*svals) {
/* errMesg should have been set in encrypt_encode_key() */
slapi_log_error(SLAPI_LOG_FATAL, IPAPWD_PLUGIN_NAME, slapi_log_error(SLAPI_LOG_FATAL, IPAPWD_PLUGIN_NAME,
"key encryption/encoding failed\n"); "key encryption/encoding failed\n");
rc = LDAP_OPERATIONS_ERROR; rc = LDAP_OPERATIONS_ERROR;
@ -3213,8 +3219,9 @@ static int ipapwd_preop_gen_hashes(struct ipapwd_krbcfg *krbcfg,
ret = encode_ntlm_keys(userpw, ntlm_flags, &ntlm); ret = encode_ntlm_keys(userpw, ntlm_flags, &ntlm);
if (ret) { if (ret) {
*errMesg = "Failed to generate NT/LM hashes\n";
slapi_log_error(SLAPI_LOG_FATAL, IPAPWD_PLUGIN_NAME, slapi_log_error(SLAPI_LOG_FATAL, IPAPWD_PLUGIN_NAME,
"Failed to generate NT/LM hashes\n"); *errMesg);
rc = LDAP_OPERATIONS_ERROR; rc = LDAP_OPERATIONS_ERROR;
goto done; goto done;
} }
@ -3625,7 +3632,7 @@ static int ipapwd_pre_add(Slapi_PBlock *pb)
rc = ipapwd_preop_gen_hashes(krbcfg, rc = ipapwd_preop_gen_hashes(krbcfg,
pwdop, userpw, pwdop, userpw,
is_krb, is_smb, is_krb, is_smb,
&svals, &nt, &lm); &svals, &nt, &lm, &errMesg);
if (rc != LDAP_SUCCESS) { if (rc != LDAP_SUCCESS) {
goto done; goto done;
} }
@ -4017,7 +4024,7 @@ static int ipapwd_pre_mod(Slapi_PBlock *pb)
rc = ipapwd_preop_gen_hashes(krbcfg, rc = ipapwd_preop_gen_hashes(krbcfg,
pwdop, unhashedpw, pwdop, unhashedpw,
is_krb, is_smb, is_krb, is_smb,
&svals, &nt, &lm); &svals, &nt, &lm, &errMesg);
if (rc) { if (rc) {
goto done; goto done;
} }
@ -4069,7 +4076,6 @@ done:
static int ipapwd_post_op(Slapi_PBlock *pb) static int ipapwd_post_op(Slapi_PBlock *pb)
{ {
char *errMesg = "Internal operations error\n";
void *op; void *op;
struct ipapwd_operation *pwdop = NULL; struct ipapwd_operation *pwdop = NULL;
Slapi_Mods *smods; Slapi_Mods *smods;