[CalendarServer-changes] [9433] CalendarServer/trunk/twistedcaldav/directory

source_changes at macosforge.org source_changes at macosforge.org
Wed Jul 11 15:19:55 PDT 2012


Revision: 9433
          http://trac.macosforge.org/projects/calendarserver/changeset/9433
Author:   sagen at apple.com
Date:     2012-07-11 15:19:55 -0700 (Wed, 11 Jul 2012)
Log Message:
-----------
Log and ignore invalid DNs in group membership values

Modified Paths:
--------------
    CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py
    CalendarServer/trunk/twistedcaldav/directory/test/test_ldapdirectory.py

Modified: CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py	2012-07-11 19:53:27 UTC (rev 9432)
+++ CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py	2012-07-11 22:19:55 UTC (rev 9433)
@@ -734,9 +734,16 @@
 
             # Normalize members if they're in DN form
             if not self.groupSchema["memberIdAttr"]: # empty = dn
-                memberGUIDs = [normalizeDNstr(dnStr) for dnStr in list(memberGUIDs)]
+                guids = list(memberGUIDs)
+                memberGUIDs = []
+                for dnStr in guids:
+                    try:
+                        dnStr = normalizeDNstr(dnStr)
+                        memberGUIDs.append(dnStr)
+                    except Exception, e:
+                        # LDAP returned an illegal DN value, log and ignore it
+                        self.log_warn("Bad LDAP DN: %s" % (dnStr,))
 
-
         elif recordType in (self.recordType_resources,
             self.recordType_locations):
             fullName = self._getUniqueLdapAttribute(attrs, self.rdnSchema[recordType]["mapping"]["fullName"])

Modified: CalendarServer/trunk/twistedcaldav/directory/test/test_ldapdirectory.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/test/test_ldapdirectory.py	2012-07-11 19:53:27 UTC (rev 9432)
+++ CalendarServer/trunk/twistedcaldav/directory/test/test_ldapdirectory.py	2012-07-11 22:19:55 UTC (rev 9433)
@@ -611,6 +611,30 @@
                      ])
             )
 
+            # Group with illegal DN value in members
+
+            dn = "cn=odtestgrouptop,cn=groups,dc=example,dc=com"
+            guid = '6C6CD280-E6E3-11DF-9492-0800200C9A66'
+            attrs = {
+                'apple-generateduid': [guid],
+                'uniqueMember':
+                    [
+                        'uid=odtestamanda,cn=users,dc=example,dc=com',
+                        'uid=odtestbetty ,cn=users,dc=example,dc=com',
+                        'cn=odtestgroupb+foo,cn=groups,dc=example,dc=com',
+                    ],
+                'cn': ['odtestgrouptop']
+            }
+            record = self.service._ldapResultToRecord(dn, attrs,
+                self.service.recordType_groups)
+            self.assertEquals(record.guid, guid)
+            self.assertEquals(record.memberGUIDs(),
+                set([
+                     'uid=odtestamanda,cn=users,dc=example,dc=com',
+                     'uid=odtestbetty,cn=users,dc=example,dc=com',
+                     ])
+            )
+
             # Resource with delegates and autoSchedule = True
 
             dn = "cn=odtestresource,cn=resources,dc=example,dc=com"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20120711/e9042c7d/attachment.html>


More information about the calendarserver-changes mailing list