projects / freeradius.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 140f8a9)
Only fallback to dynamic search if no attributes exist, or we have a failure of some...
authorArran Cudbard-Bell <a.cudbardb@freeradius.org>
Tue, 3 Sep 2013 01:42:01 +0000 (02:42 +0100)
committerArran Cudbard-Bell <a.cudbardb@freeradius.org>
Tue, 3 Sep 2013 08:56:53 +0000 (09:56 +0100)
src/modules/rlm_ldap/groups.c patch | blob | history
src/modules/rlm_ldap/rlm_ldap.c patch | blob | history

diff --git a/src/modules/rlm_ldap/groups.c b/src/modules/rlm_ldap/groups.c
index c99ff1f..5d8a370 100644 (file)
--- a/src/modules/rlm_ldap/groups.c
+++ b/src/modules/rlm_ldap/groups.c
@@ -703,7 +703,12 @@ rlm_rcode_t rlm_ldap_check_cached(ldap_instance_t const *inst, REQUEST *request,
        vp_cursor_t     cursor;
 
        paircursor(&cursor, &request->config_items);
-       while ((vp = pairfindnext(&cursor, inst->group_da->attr, inst->group_da->vendor, TAG_ANY))) {
+       vp = pairfindnext(&cursor, inst->group_da->attr, inst->group_da->vendor, TAG_ANY);
+       if (!vp) {
+               return RLM_MODULE_INVALID;
+       }
+
+       for (; vp; vp = pairfindnext(&cursor, inst->group_da->attr, inst->group_da->vendor, TAG_ANY)) {
                ret = radius_compare_vps(request, check, vp);
                if (ret == 0) {
                        RDEBUG2("User found. Matched cached membership");
diff --git a/src/modules/rlm_ldap/rlm_ldap.c b/src/modules/rlm_ldap/rlm_ldap.c
index 86585d3..4023fa1 100644 (file)
--- a/src/modules/rlm_ldap/rlm_ldap.c
+++ b/src/modules/rlm_ldap/rlm_ldap.c
@@ -385,11 +385,18 @@ static int rlm_ldap_groupcmp(void *instance, REQUEST *request, UNUSED VALUE_PAIR
        if ((check_is_dn && inst->cacheable_group_dn) || (!check_is_dn && inst->cacheable_group_name)) {
                switch(rlm_ldap_check_cached(inst, request, check)) {
                        case RLM_MODULE_NOTFOUND:
-                               break;
+                               found = false;
+                               goto finish;
                        case RLM_MODULE_OK:
                                found = true;
-                       default:
                                goto finish;
+                       /*
+                        *      Fallback to dynamic search on failure
+                        */
+                       case RLM_MODULE_FAIL:
+                       case RLM_MODULE_INVALID:
+                       default:
+                               break;
                }
        }
 
Unnamed repository; edit this file 'description' to name the repository.