subnet: Avoid a segfault when renaming subnet objects

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13031 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org> Autobuild-Date(v4-8-test): Tue Feb 20 17:54:43 CET 2018 on sn-devel-144
author: Garming Sam <garming@catalyst.net.nz> 2017-09-20 14:55:11 +1200
committer: Karolin Seeger <kseeger@samba.org> 2018-02-20 17:54:43 +0100
commit: a46dc61351121b625a715463dcd9f9b372f45d0f (patch)
tree: 7fd8c5c6c8fff767e022c7d1ac48310ec76d9dae /source4/dsdb
parent: f093cdd2afeb54e7927be59839402ecb1e82ce3b (diff)
download: samba-a46dc61351121b625a715463dcd9f9b372f45d0f.tar.gz
2 files changed, 49 insertions, 4 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index 971048d455f..3e429e1476a 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -3351,13 +3351,13 @@ static int verify_cidr(const char *cidr)
 }
 
 
-static int samldb_verify_subnet(struct samldb_ctx *ac)
+static int samldb_verify_subnet(struct samldb_ctx *ac, struct ldb_dn *dn)
 {
 	struct ldb_context *ldb = ldb_module_get_ctx(ac->module);
 	const char *cidr = NULL;
 	const struct ldb_val *rdn_value = NULL;
 
-	rdn_value = ldb_dn_get_rdn_val(ac->msg->dn);
+	rdn_value = ldb_dn_get_rdn_val(dn);
 	if (rdn_value == NULL) {
 		ldb_set_errstring(ldb, "samldb: ldb_dn_get_rdn_val "
 				  "failed");
@@ -3588,7 +3588,7 @@ static int samldb_add(struct ldb_module *module, struct ldb_request *req)
 
 	if (samdb_find_attribute(ldb, ac->msg,
 				 "objectclass", "subnet") != NULL) {
-		ret = samldb_verify_subnet(ac);
+		ret = samldb_verify_subnet(ac, ac->msg->dn);
 		if (ret != LDB_SUCCESS) {
 			talloc_free(ac);
 			return ret;
@@ -3991,7 +3991,7 @@ static int check_rename_constraints(struct ldb_message *msg,
 
 	/* subnet objects */
 	if (samdb_find_attribute(ldb, msg, "objectclass", "subnet") != NULL) {
-		ret = samldb_verify_subnet(ac);
+		ret = samldb_verify_subnet(ac, newdn);
 		if (ret != LDB_SUCCESS) {
 			talloc_free(ac);
 			return ret;
diff --git a/source4/dsdb/tests/python/sites.py b/source4/dsdb/tests/python/sites.py
index a894da327a9..123e1ece60f 100755
--- a/source4/dsdb/tests/python/sites.py
+++ b/source4/dsdb/tests/python/sites.py
@@ -183,6 +183,51 @@ class SimpleSubnetTests(SitesBaseTests):
         self.assertRaises(subnets.SubnetNotFound,
                           subnets.delete_subnet, self.ldb, basedn, cidr)
 
+    def test_rename_good_subnet_to_good_subnet(self):
+        """Make sure that we can rename subnets"""
+        basedn = self.ldb.get_config_basedn()
+        cidr = "10.16.0.0/24"
+        new_cidr = "10.16.1.0/24"
+
+        subnets.create_subnet(self.ldb, basedn, cidr, self.sitename)
+
+        subnets.rename_subnet(self.ldb, basedn, cidr, new_cidr)
+
+        ret = self.ldb.search(base=basedn, scope=SCOPE_SUBTREE,
+                              expression='(&(objectclass=subnet)(cn=%s))' % new_cidr)
+
+        self.assertEqual(len(ret), 1, 'Failed to rename subnet %s' % cidr)
+
+        ret = self.ldb.search(base=basedn, scope=SCOPE_SUBTREE,
+                              expression='(&(objectclass=subnet)(cn=%s))' % cidr)
+
+        self.assertEqual(len(ret), 0, 'Failed to remove old subnet during rename %s' % cidr)
+
+        subnets.delete_subnet(self.ldb, basedn, new_cidr)
+
+    def test_rename_good_subnet_to_bad_subnet(self):
+        """Make sure that the CIDR checking runs during rename"""
+        basedn = self.ldb.get_config_basedn()
+        cidr = "10.17.0.0/24"
+        bad_cidr = "10.11.12.0/14"
+
+        subnets.create_subnet(self.ldb, basedn, cidr, self.sitename)
+
+        self.assertRaises(subnets.SubnetInvalid, subnets.rename_subnet,
+                          self.ldb, basedn, cidr, bad_cidr)
+
+        ret = self.ldb.search(base=basedn, scope=SCOPE_SUBTREE,
+                              expression='(&(objectclass=subnet)(cn=%s))' % bad_cidr)
+
+        self.assertEqual(len(ret), 0, 'Failed to rename subnet %s' % cidr)
+
+        ret = self.ldb.search(base=basedn, scope=SCOPE_SUBTREE,
+                              expression='(&(objectclass=subnet)(cn=%s))' % cidr)
+
+        self.assertEqual(len(ret), 1, 'Failed to remove old subnet during rename %s' % cidr)
+
+        subnets.delete_subnet(self.ldb, basedn, cidr)
+
     def test_create_bad_ranges(self):
         """These CIDR ranges all have something wrong with them, and they
         should all fail."""
author	Garming Sam <garming@catalyst.net.nz>	2017-09-20 14:55:11 +1200
committer	Karolin Seeger <kseeger@samba.org>	2018-02-20 17:54:43 +0100
commit	a46dc61351121b625a715463dcd9f9b372f45d0f (patch)
tree	7fd8c5c6c8fff767e022c7d1ac48310ec76d9dae /source4/dsdb
parent	f093cdd2afeb54e7927be59839402ecb1e82ce3b (diff)
download	samba-a46dc61351121b625a715463dcd9f9b372f45d0f.tar.gz