lib/libadminutil/admutil.c | 23 +++++++++++++++++------
1 file changed, 17 insertions(+), 6 deletions(-)
New commits:
commit 1a1972edf60011e9711cb680312c60059c8484f7
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Fri Jun 29 13:33:41 2012 -0400
Ticket 400 - BIND operation result not checked properly in adminutil
Bug Description: There are two issues here. One, we were not calling
ldap_parse_result()
for SIMPLE binds. Two, we were overwriting the error code, with
the
function result code.
Fix Description: Always call ldap_parse_result, and use a separate error code
variable to
preserve the actual result code from the bind operation.
https://fedorahosted.org/389/ticket/400
Reviewed by: richm(thanks Rich!)
diff --git a/lib/libadminutil/admutil.c b/lib/libadminutil/admutil.c
index d773bce..b4e12dd 100644
--- a/lib/libadminutil/admutil.c
+++ b/lib/libadminutil/admutil.c
@@ -2413,6 +2413,7 @@ admutil_ldap_bind(
)
{
int rc = LDAP_SUCCESS;
+ int err = LDAP_SUCCESS;
int secure = 0;
struct berval bvcreds = {0, NULL};
LDAPMessage *result = NULL;
@@ -2519,10 +2520,21 @@ admutil_ldap_bind(
}
/* if we got here, we were able to read success result */
/* Get the controls sent by the server if requested */
- if (returnedctrls) {
- if ((rc = ldap_parse_result(ld, result, &rc, NULL, NULL,
- NULL, returnedctrls,
- 0)) != LDAP_SUCCESS) {
+ if ((rc = ldap_parse_result(ld, result, &err, NULL, NULL,
+ NULL, returnedctrls,
+ 0)) != LDAP_SUCCESS) {
+#ifdef DEBUG
+ fprintf(stderr, "admutil_ldap_bind: "
+ "Error: could not parse bind result:"
+ " mech [%s]: error %d (%s)\n",
+ mech ? mech : "SIMPLE",
+ rc, ldap_err2string(rc));
+#endif
+ goto done;
+ }
+
+ if(err){
+ rc = err;
#ifdef DEBUG
fprintf(stderr, "admutil_ldap_bind: "
"Error: could not bind id "
@@ -2532,8 +2544,7 @@ admutil_ldap_bind(
rc, ldap_err2string(rc));
#endif
goto done;
- }
- }
+ }
/* parse the bind result and get the ldap error code */
if ((rc = ldap_parse_sasl_bind_result(ld, result, &servercredp,