CVE-2022-0336: s4/dsdb/samldb: Don't return early when an SPN is re-added to an object

If an added SPN already exists on an object, we still want to check the
rest of the element values for conflicts.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14950

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

2 files changed, 1 insertions, 3 deletions

diff --git a/selftest/knownfail.d/ldap_spn b/selftest/knownfail.d/ldap_spn
index 16dafa91b66..63f9fe02ef7 100644
--- a/selftest/knownfail.d/ldap_spn
+++ b/selftest/knownfail.d/ldap_spn
@@ -1,2 +1 @@
 samba.tests.ldap_spn.+LdapSpnTest.test_spn_dodgy_spns
-samba.tests.ldap_spn.+LdapSpnSambaOnlyTest.test_spn_add_a_conflict_along_with_a_re_added_SPN
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index f0227411ccd..a219446bba7 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -4001,8 +4001,7 @@ static int samldb_spn_uniqueness_check(struct samldb_ctx *ac,
 						 ac->msg->dn);
 		if (ret == LDB_ERR_COMPARE_TRUE) {
 			DBG_INFO("SPN %s re-added to the same object\n", spn);
-			talloc_free(tmp_ctx);
-			return LDB_SUCCESS;
+			continue;
 		}
 		if (ret != LDB_SUCCESS) {
 			DBG_ERR("SPN %s failed direct uniqueness check\n", spn);