From dcdc9859b90132795e0a266c8722e09d02cf6be2 Mon Sep 17 00:00:00 2001
From: David Mulder <dmulder@suse.com>
Date: Fri, 6 May 2022 09:46:44 -0600
Subject: gpo: Halt Cert Auto Enroll process if data corrupted

If the CA URL cannot be processed, then halt
processing. Otherwise we'll end up in a broken
state later when trying to read from the end
points with missing data.

Signed-off-by: David Mulder <dmulder@suse.com>
Revewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu May 12 18:45:41 UTC 2022 on sn-devel-184
---
 python/samba/gp_cert_auto_enroll_ext.py | 1 +
 1 file changed, 1 insertion(+)

(limited to 'python')

diff --git a/python/samba/gp_cert_auto_enroll_ext.py b/python/samba/gp_cert_auto_enroll_ext.py
index db85c97fe66..7b604e5065d 100644
--- a/python/samba/gp_cert_auto_enroll_ext.py
+++ b/python/samba/gp_cert_auto_enroll_ext.py
@@ -119,6 +119,7 @@ def obtain_end_point_information(entries):
         elif ca['URL'].lower() != 'ldap:':
             edata = { 'endpoint': ca['URL'] }
             log.error('Failed to parse the endpoint', edata)
+            return {}
     end_point_information = \
         group_and_sort_end_point_information(end_point_information.values())
     return end_point_information
-- 
cgit v1.2.3