From: David Mulder <dmulder@suse.com>
Date: Fri, 6 May 2022 15:46:44 +0000 (-0600)
Subject: gpo: Halt Cert Auto Enroll process if data corrupted
X-Git-Tag: talloc-2.3.4~146
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=dcdc9859b90132795e0a266c8722e09d02cf6be2;p=thirdparty%2Fsamba.git

gpo: Halt Cert Auto Enroll process if data corrupted

If the CA URL cannot be processed, then halt
processing. Otherwise we'll end up in a broken
state later when trying to read from the end
points with missing data.

Signed-off-by: David Mulder <dmulder@suse.com>
Revewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu May 12 18:45:41 UTC 2022 on sn-devel-184
---

diff --git a/python/samba/gp_cert_auto_enroll_ext.py b/python/samba/gp_cert_auto_enroll_ext.py
index db85c97fe66..7b604e5065d 100644
--- a/python/samba/gp_cert_auto_enroll_ext.py
+++ b/python/samba/gp_cert_auto_enroll_ext.py
@@ -119,6 +119,7 @@ def obtain_end_point_information(entries):
         elif ca['URL'].lower() != 'ldap:':
             edata = { 'endpoint': ca['URL'] }
             log.error('Failed to parse the endpoint', edata)
+            return {}
     end_point_information = \
         group_and_sort_end_point_information(end_point_information.values())
     return end_point_information