[CalendarServer-changes] [9433] CalendarServer/trunk/twistedcaldav/directory
source_changes at macosforge.org
source_changes at macosforge.org
Wed Jul 11 15:19:55 PDT 2012
Revision: 9433
http://trac.macosforge.org/projects/calendarserver/changeset/9433
Author: sagen at apple.com
Date: 2012-07-11 15:19:55 -0700 (Wed, 11 Jul 2012)
Log Message:
-----------
Log and ignore invalid DNs in group membership values
Modified Paths:
--------------
CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py
CalendarServer/trunk/twistedcaldav/directory/test/test_ldapdirectory.py
Modified: CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py 2012-07-11 19:53:27 UTC (rev 9432)
+++ CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py 2012-07-11 22:19:55 UTC (rev 9433)
@@ -734,9 +734,16 @@
# Normalize members if they're in DN form
if not self.groupSchema["memberIdAttr"]: # empty = dn
- memberGUIDs = [normalizeDNstr(dnStr) for dnStr in list(memberGUIDs)]
+ guids = list(memberGUIDs)
+ memberGUIDs = []
+ for dnStr in guids:
+ try:
+ dnStr = normalizeDNstr(dnStr)
+ memberGUIDs.append(dnStr)
+ except Exception, e:
+ # LDAP returned an illegal DN value, log and ignore it
+ self.log_warn("Bad LDAP DN: %s" % (dnStr,))
-
elif recordType in (self.recordType_resources,
self.recordType_locations):
fullName = self._getUniqueLdapAttribute(attrs, self.rdnSchema[recordType]["mapping"]["fullName"])
Modified: CalendarServer/trunk/twistedcaldav/directory/test/test_ldapdirectory.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/test/test_ldapdirectory.py 2012-07-11 19:53:27 UTC (rev 9432)
+++ CalendarServer/trunk/twistedcaldav/directory/test/test_ldapdirectory.py 2012-07-11 22:19:55 UTC (rev 9433)
@@ -611,6 +611,30 @@
])
)
+ # Group with illegal DN value in members
+
+ dn = "cn=odtestgrouptop,cn=groups,dc=example,dc=com"
+ guid = '6C6CD280-E6E3-11DF-9492-0800200C9A66'
+ attrs = {
+ 'apple-generateduid': [guid],
+ 'uniqueMember':
+ [
+ 'uid=odtestamanda,cn=users,dc=example,dc=com',
+ 'uid=odtestbetty ,cn=users,dc=example,dc=com',
+ 'cn=odtestgroupb+foo,cn=groups,dc=example,dc=com',
+ ],
+ 'cn': ['odtestgrouptop']
+ }
+ record = self.service._ldapResultToRecord(dn, attrs,
+ self.service.recordType_groups)
+ self.assertEquals(record.guid, guid)
+ self.assertEquals(record.memberGUIDs(),
+ set([
+ 'uid=odtestamanda,cn=users,dc=example,dc=com',
+ 'uid=odtestbetty,cn=users,dc=example,dc=com',
+ ])
+ )
+
# Resource with delegates and autoSchedule = True
dn = "cn=odtestresource,cn=resources,dc=example,dc=com"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20120711/e9042c7d/attachment.html>
More information about the calendarserver-changes
mailing list