diff options
| -rw-r--r-- | source4/dsdb/samdb/ldb_modules/objectclass.c | 8 | ||||
| -rw-r--r-- | source4/dsdb/samdb/ldb_modules/subtree_rename.c | 8 | ||||
| -rwxr-xr-x | testprogs/ejs/ldap.js | 7 |
3 files changed, 15 insertions, 8 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c index 12a6359037..0cd00e3834 100644 --- a/source4/dsdb/samdb/ldb_modules/objectclass.c +++ b/source4/dsdb/samdb/ldb_modules/objectclass.c @@ -865,6 +865,14 @@ static int objectclass_rename(struct ldb_module *module, struct ldb_request *req if (ldb_dn_is_special(req->op.rename.newdn)) { /* do not manipulate our control entries */ return ldb_next_request(module, req); } + + /* Firstly ensure we are not trying to rename it to be a child of itself */ + if ((ldb_dn_compare_base(req->op.rename.olddn, req->op.rename.newdn) == 0) + && (ldb_dn_compare(req->op.rename.olddn, req->op.rename.newdn) != 0)) { + ldb_asprintf_errstring(module->ldb, "Cannot rename %s to be a child of itself", + ldb_dn_get_linearized(req->op.rename.olddn)); + return LDB_ERR_UNWILLING_TO_PERFORM; + } h = oc_init_handle(req, module); if (!h) { diff --git a/source4/dsdb/samdb/ldb_modules/subtree_rename.c b/source4/dsdb/samdb/ldb_modules/subtree_rename.c index 5c28723391..72857cb864 100644 --- a/source4/dsdb/samdb/ldb_modules/subtree_rename.c +++ b/source4/dsdb/samdb/ldb_modules/subtree_rename.c @@ -163,14 +163,6 @@ static int subtree_rename(struct ldb_module *module, struct ldb_request *req) return ldb_next_request(module, req); } - /* Firstly ensure we are not trying to rename it to be a child of itself */ - if ((ldb_dn_compare_base(req->op.rename.olddn, req->op.rename.newdn) == 0) - && (ldb_dn_compare(req->op.rename.olddn, req->op.rename.newdn) != 0)) { - ldb_asprintf_errstring(module->ldb, "Cannot rename %s to be a child of itself", - ldb_dn_get_linearized(req->op.rename.olddn)); - return LDB_ERR_UNWILLING_TO_PERFORM; - } - /* This gets complex: We need to: - Do a search for all entires under this entry - Wait for these results to appear diff --git a/testprogs/ejs/ldap.js b/testprogs/ejs/ldap.js index 9be30c8eff..b5c73e4f65 100755 --- a/testprogs/ejs/ldap.js +++ b/testprogs/ejs/ldap.js @@ -295,6 +295,13 @@ cn: LDAPtestUSER4 assert(ok.error == 53); } + println("Testing ldb.rename (into non-existent container) of cn=ldaptestcontainer2," + base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer3," + base_dn); + ok = ldb.rename("cn=ldaptestcontainer2," + base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer3," + base_dn); + if (ok.error != 53 && ok.error != 80) { /* LDAP_UNWILLING_TO_PERFORM or LDAP_OTHER*/ + println(ok.errstr); + assert(ok.error == 53 || ok.error == 80); + } + println("Testing delete (should fail, not a leaf node) of renamed cn=ldaptestcontainer2," + base_dn); ok = ldb.del("cn=ldaptestcontainer2," + base_dn); if (ok.error != 66) { /* LDB_ERR_NOT_ALLOWED_ON_NON_LEAF */ |