From b516864d5216fa6cf7238c3ea777f060cde383ff Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
Date: Wed, 13 Jan 2016 13:15:09 +0100
Subject: [PATCH 09/49] SDAP: do not fail if refs are found but not processed

It is possible to end up with not-processed referrals when
using AD provider and ldap_referrals=true.

Resolves:
https://fedorahosted.org/sssd/ticket/2906

Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
(cherry picked from commit 468495d91d536603a1c485424275b6dcf2bb83de)
---
 src/providers/ldap/sdap_async.c | 11 +----------
 1 file changed, 1 insertion(+), 10 deletions(-)

diff --git a/src/providers/ldap/sdap_async.c b/src/providers/ldap/sdap_async.c
index 668bd7b465bbfefad13ab0b7061cd16a05dfbef1..5260aafebf7570291876b2433dbcf44ffb5b0011 100644
--- a/src/providers/ldap/sdap_async.c
+++ b/src/providers/ldap/sdap_async.c
@@ -1653,16 +1653,6 @@ static void generic_ext_search_handler(struct tevent_req *subreq,
     }
 
     if (ref_count > 0) {
-        if (dp_opt_get_bool(opts->basic, SDAP_REFERRALS)) {
-            /* We got back referrals here, but they should have
-             * been processed internally by openldap libs.
-             * This should never happen.
-             */
-            talloc_free(refs);
-            tevent_req_error(req, EINVAL);
-            return;
-        }
-
         /* We will ignore referrals in the generic handler */
         DEBUG(SSSDBG_TRACE_ALL,
               "Request included referrals which were ignored.\n");
@@ -1674,6 +1664,7 @@ static void generic_ext_search_handler(struct tevent_req *subreq,
         }
     }
 
+    talloc_free(refs);
     tevent_req_done(req);
 }
 
-- 
2.5.0