svn commit: samba r25761 - in branches/SAMBA_4_0: source/dsdb/samdb/ldb_modules testprogs/ejs

abartlet at samba.org abartlet at samba.org
Wed Oct 31 03:56:13 GMT 2007 

Author: abartlet
Date: 2007-10-31 03:56:13 +0000 (Wed, 31 Oct 2007)
New Revision: 25761

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=25761

Log:
Rename to be a DN to be a child of itself wasn't being checked for.

This prevents CN=test,dc=samba,dc=example,dc=com being renamed into
CN=test2,cn=test,dc=samba,dc=example,dc=com

Andrew Bartlett

Modified:
   branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/subtree_rename.c
   branches/SAMBA_4_0/testprogs/ejs/ldap.js


Changeset:
Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/subtree_rename.c
===================================================================
--- branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/subtree_rename.c	2007-10-31 02:50:13 UTC (rev 25760)
+++ branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/subtree_rename.c	2007-10-31 03:56:13 UTC (rev 25761)
@@ -163,6 +163,14 @@
 		return ldb_next_request(module, req);
 	}
 
+	/* Firstly ensure we are not trying to rename it to be a child of itself */
+	if ((ldb_dn_compare_base(req->op.rename.olddn, req->op.rename.newdn) == 0) 
+	    && (ldb_dn_compare(req->op.rename.olddn, req->op.rename.newdn) != 0)) {
+		ldb_asprintf_errstring(module->ldb, "Cannot rename %s to be a child of itself",
+				       ldb_dn_get_linearized(req->op.rename.olddn));
+		return LDB_ERR_UNWILLING_TO_PERFORM;
+	}
+
 	/* This gets complex:  We need to:
 	   - Do a search for all entires under this entry 
 	   - Wait for these results to appear

Modified: branches/SAMBA_4_0/testprogs/ejs/ldap.js
===================================================================
--- branches/SAMBA_4_0/testprogs/ejs/ldap.js	2007-10-31 02:50:13 UTC (rev 25760)
+++ branches/SAMBA_4_0/testprogs/ejs/ldap.js	2007-10-31 03:56:13 UTC (rev 25761)
@@ -288,6 +288,13 @@
 
 	assert(res.msgs[0].dn == ("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn));
 
+	println("Testing ldb.rename (into itself) of cn=ldaptestcontainer2," + base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer2," + base_dn);
+	ok = ldb.rename("cn=ldaptestcontainer2," + base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer2," + base_dn);
+	if (ok.error != 53) { /* LDAP_UNWILLING_TO_PERFORM */
+		println(ok.errstr);
+		assert(ok.error == 53);
+	}
+
 	println("Testing delete (should fail, not a leaf node) of renamed cn=ldaptestcontainer2," + base_dn);
 	ok = ldb.del("cn=ldaptestcontainer2," + base_dn);
 	if (ok.error != 66) { /* LDB_ERR_NOT_ALLOWED_ON_NON_LEAF */

More information about the samba-cvs mailing list