[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Thu Oct 26 03:37:02 UTC 2017
The branch, master has been updated
via 30584a2 linked attribute tests: correct add_all_at_once test
via 1e62bba linked_attribute tests: helper assert function for expected LdbError
via 0f0acb0 replmd: use check_parsed_dn_duplicates() more widely
via b6294c8 linked attribute tests: fix logic for add test
via 7cf3bbc linked attribute tests: ensure duplicate deletes fail
via 625e65d replmd: check for duplicate values in MOD_REPLACE case
via 046fc1f linked attribute tests: test against duplicates in replace
from 2d260b2 s4:scripting: Fix ntstatus_gen.h generation on 32bit
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 30584a278acf542d813eec04ce92a67281ea590f
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Wed Oct 25 12:57:09 2017 +1300
linked attribute tests: correct add_all_at_once test
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Oct 26 05:36:11 CEST 2017 on sn-devel-144
commit 1e62bbaeac8f3ea44b7b2091d0d1c7ebe0d5e6ff
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Wed Oct 25 11:57:50 2017 +1300
linked_attribute tests: helper assert function for expected LdbError
The logic involved in asserting that a function raises an LdbError with
a particular error value has shown itself to be too complicated for me
to repeat too often.
To test this function, you would want a put a test in a bit like this:
def test_assertRaisesLdbError(self):
for i in [1, 2, ldb.ERR_ENTRY_ALREADY_EXISTS, 999]:
def f(*args, **kwargs):
raise ldb.LdbError(i, 'msg %s' % i)
self.assertRaisesLdbError(i, 'a message', f, 'la la', la='la')
def f2(*args, **kwargs):
raise ldb.LdbError(i + 1, 'msg %s' % i)
def f3(*args, **kwargs):
pass
for f in (f2, f3):
try:
self.assertRaisesLdbError(i, 'a message', f, 'la la', la='la')
except AssertionError as e:
print i, e, f
pass
else:
print i, f
self.fail('assertRaisesLdbError() failed to fail!')
..but a self-testing test-tester is getting a too meta to run in every
autobuild.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 0f0acb00ea853480565a592343ede99c140e7077
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Wed Oct 25 12:31:08 2017 +1300
replmd: use check_parsed_dn_duplicates() more widely
replmd_add_fix_la() was already making the same check; here we move it
a bit earlier.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit b6294c84a53dea5ac13c4ef72017483254739271
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Wed Oct 25 12:17:05 2017 +1300
linked attribute tests: fix logic for add test
We were ensuring that when we got an LdbError it was the right type,
but we weren't ensuring we got one at all.
The new test doesn't fail.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 7cf3bbcc5ce9f22e0140fab051b1fe850cf0161d
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Wed Oct 25 12:13:57 2017 +1300
linked attribute tests: ensure duplicate deletes fail
We can't remove the same thing twice in the same message.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 625e65d9f354059d0b44ca7df329d862d93378c4
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Wed Oct 25 10:12:09 2017 +1300
replmd: check for duplicate values in MOD_REPLACE case
Because we already have a sorted parsed_dn list, this is a simple
linear scan.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 046fc1f7de685afcbb7f0b92f0280ff0109ed4b7
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Wed Oct 25 10:54:42 2017 +1300
linked attribute tests: test against duplicates in replace
We should not be able to introduce duplicate links using MOD_REPLACE.
It turns out we could and weren't testing.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
-----------------------------------------------------------------------
Summary of changes:
source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 58 ++++++++++++++++++++-----
source4/dsdb/tests/python/linked_attributes.py | 55 ++++++++++++++++-------
2 files changed, 86 insertions(+), 27 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
index 1901ee1..c443102 100644
--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
@@ -938,6 +938,10 @@ static int get_parsed_dns(struct ldb_module *module, TALLOC_CTX *mem_ctx,
struct ldb_message_element *el, struct parsed_dn **pdn,
const char *ldap_oid, struct ldb_request *parent);
+static int check_parsed_dn_duplicates(struct ldb_module *module,
+ struct ldb_message_element *el,
+ struct parsed_dn *pdn);
+
/*
fix up linked attributes in replmd_add.
This involves setting up the right meta-data in extended DN
@@ -979,6 +983,12 @@ static int replmd_add_fix_la(struct ldb_module *module, TALLOC_CTX *mem_ctx,
return ret;
}
+ ret = check_parsed_dn_duplicates(module, el, pdn);
+ if (ret != LDB_SUCCESS) {
+ talloc_free(tmp_ctx);
+ return ret;
+ }
+
new_values = talloc_array(tmp_ctx, struct ldb_val, el->num_values);
if (new_values == NULL) {
ldb_module_oom(module);
@@ -988,17 +998,6 @@ static int replmd_add_fix_la(struct ldb_module *module, TALLOC_CTX *mem_ctx,
for (i = 0; i < el->num_values; i++) {
struct parsed_dn *p = &pdn[i];
- if (i > 0 && parsed_dn_compare(p, &pdn[i - 1]) == 0) {
- ldb_asprintf_errstring(ldb,
- "Linked attribute %s has "
- "multiple identical values", el->name);
- talloc_free(tmp_ctx);
- if (ldb_attr_cmp(el->name, "member") == 0) {
- return LDB_ERR_ENTRY_ALREADY_EXISTS;
- } else {
- return LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
- }
- }
ret = replmd_build_la_val(el->values, p->v, p->dsdb_dn,
&ac->our_invocation_id,
ac->seq_num, now);
@@ -2133,6 +2132,37 @@ static int get_parsed_dns_trusted(struct ldb_module *module,
}
/*
+ Return LDB_SUCCESS if a parsed_dn list contains no duplicate values,
+ otherwise an error code. For compatibility the error code differs depending
+ on whether or not the attribute is "member".
+
+ As always, the parsed_dn list is assumed to be sorted.
+ */
+static int check_parsed_dn_duplicates(struct ldb_module *module,
+ struct ldb_message_element *el,
+ struct parsed_dn *pdn)
+{
+ unsigned int i;
+ struct ldb_context *ldb = ldb_module_get_ctx(module);
+
+ for (i = 1; i < el->num_values; i++) {
+ struct parsed_dn *p = &pdn[i];
+ if (parsed_dn_compare(p, &pdn[i - 1]) == 0) {
+ ldb_asprintf_errstring(ldb,
+ "Linked attribute %s has "
+ "multiple identical values",
+ el->name);
+ if (ldb_attr_cmp(el->name, "member") == 0) {
+ return LDB_ERR_ENTRY_ALREADY_EXISTS;
+ } else {
+ return LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
+ }
+ }
+ }
+ return LDB_SUCCESS;
+}
+
+/*
build a new extended DN, including all meta data fields
RMD_FLAGS = DSDB_RMD_FLAG_* bits
@@ -2901,6 +2931,12 @@ static int replmd_modify_la_replace(struct ldb_module *module,
return ret;
}
+ ret = check_parsed_dn_duplicates(module, el, dns);
+ if (ret != LDB_SUCCESS) {
+ talloc_free(tmp_ctx);
+ return ret;
+ }
+
ret = get_parsed_dns(module, tmp_ctx, old_el, &old_dns,
ldap_oid, parent);
if (ret != LDB_SUCCESS) {
diff --git a/source4/dsdb/tests/python/linked_attributes.py b/source4/dsdb/tests/python/linked_attributes.py
index 6235bf7..09f83f8 100644
--- a/source4/dsdb/tests/python/linked_attributes.py
+++ b/source4/dsdb/tests/python/linked_attributes.py
@@ -165,6 +165,26 @@ class LATests(samba.tests.TestCase):
attrs=['objectGUID'])
return str(misc.GUID(res[0]['objectGUID'][0]))
+ def assertRaisesLdbError(self, errcode, msg, f, *args, **kwargs):
+ """Assert a function raises a particular LdbError."""
+ try:
+ f(*args, **kwargs)
+ except ldb.LdbError as (num, msg):
+ if num != errcode:
+ lut = {v: k for k, v in vars(ldb).iteritems()
+ if k.startswith('ERR_') and isinstance(v, int)}
+ self.fail("%s, expected "
+ "LdbError %s, (%d) "
+ "got %s (%d)" % (msg,
+ lut.get(errcode), errcode,
+ lut.get(num), num))
+ else:
+ lut = {v: k for k, v in vars(ldb).iteritems()
+ if k.startswith('ERR_') and isinstance(v, int)}
+ self.fail("%s, expected "
+ "LdbError %s, (%d) "
+ "but we got success" % (msg, lut.get(errcode), errcode))
+
def _test_la_backlinks(self, reveal=False):
tag = 'backlinks'
kwargs = {}
@@ -306,6 +326,11 @@ class LATests(samba.tests.TestCase):
self.remove_linked_attribute(g1, [])
self.assert_forward_links(g1, [])
+ # removing a duplicate link in the same message should fail
+ self.add_linked_attribute(g2, [u1, u2])
+ self.assertRaises(ldb.LdbError,
+ self.remove_linked_attribute,g2, [u1, u1])
+
def _test_la_links_delete_link_reveal(self):
u1, u2 = self.add_objects(2, 'user', 'u_del_link_reveal')
g1, g2 = self.add_objects(2, 'group', 'g_del_link_reveal')
@@ -388,14 +413,10 @@ class LATests(samba.tests.TestCase):
self.add_linked_attribute(g2, [u3, u1])
self.add_linked_attribute(g3, u2)
- try:
- # adding u2 twice should be an error
- self.add_linked_attribute(g2, [u1, u2, u3, u2])
- except ldb.LdbError as (num, msg):
- if num != ldb.ERR_ENTRY_ALREADY_EXISTS:
- self.fail("adding duplicate values, expected "
- "ERR_ENTRY_ALREADY_EXISTS, (%d) "
- "got %d" % (ldb.ERR_ENTRY_ALREADY_EXISTS, num))
+ self.assertRaisesLdbError(ldb.ERR_ENTRY_ALREADY_EXISTS,
+ "adding duplicate values",
+ self.add_linked_attribute, g2,
+ [u1, u2, u3, u2])
self.assert_forward_links(g1, [u1, u2, u3, u4])
self.assert_forward_links(g2, [u3, u1])
@@ -464,6 +485,11 @@ class LATests(samba.tests.TestCase):
self.assert_back_links(u3, [g1])
self.assert_back_links(u4, [])
+ self.assertRaisesLdbError(ldb.ERR_ENTRY_ALREADY_EXISTS,
+ "replacing duplicate values",
+ self.replace_linked_attribute, g2,
+ [u1, u2, u3, u2])
+
def test_la_links_replace2(self):
users = self.add_objects(12, 'user', 'u_replace2')
@@ -590,14 +616,11 @@ class LATests(samba.tests.TestCase):
(g2,) = self.add_objects(1, 'group', 'g_all_at_once2',
more_attrs={'member': users[:5]})
- try:
- self.add_objects(1, 'group', 'g_with_duplicate_links',
- more_attrs={'member': users[:5] + users[1:2]})
- except ldb.LdbError as (num, msg):
- if num != ldb.ERR_ENTRY_ALREADY_EXISTS:
- self.fail("adding duplicate values, expected "
- "ERR_ENTRY_ALREADY_EXISTS, (%d) "
- "got %d" % (ldb.ERR_ENTRY_ALREADY_EXISTS, num))
+ self.assertRaisesLdbError(ldb.ERR_ENTRY_ALREADY_EXISTS,
+ "adding multiple duplicate values",
+ self.add_objects, 1, 'group',
+ 'g_with_duplicate_links',
+ more_attrs={'member': users[:5] + users[1:2]})
self.assert_forward_links(g1, users)
self.assert_forward_links(g2, users[:5])
--
Samba Shared Repository
More information about the samba-cvs
mailing list