From: Andrew Bartlett <abartlet@samba.org>
Date: Mon, 12 Dec 2022 03:15:03 +0000 (+1300)
Subject: s4-dsdb: Add dsdb_normalise_dn_and_find_nc_root() around dsdb_find_nc_root()
X-Git-Tag: tevent-0.14.1~16
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8e1122420efd11a91aa1c5d60c0cc8fd9ffaf157;p=thirdparty%2Fsamba.git

s4-dsdb: Add dsdb_normalise_dn_and_find_nc_root() around dsdb_find_nc_root()

Reuse the search done for dsdb_find_nc_root() to normalise the DN.

This will allow a GUID-input DN to be compared safely with a RID Manager DN
or Naming Context.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
---

diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index f6301466336..3d99e682a08 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -4285,8 +4285,11 @@ static int dsdb_get_partition_and_dn(struct ldb_request *req,
 /*
   find a NC root given a DN within the NC
  */
-int dsdb_find_nc_root(struct ldb_context *samdb, TALLOC_CTX *mem_ctx, struct ldb_dn *dn,
-		      struct ldb_dn **nc_root)
+int dsdb_normalise_dn_and_find_nc_root(struct ldb_context *samdb,
+				       TALLOC_CTX *mem_ctx,
+				       struct ldb_dn *dn,
+				       struct ldb_dn **normalised_dn,
+				       struct ldb_dn **nc_root)
 {
 	TALLOC_CTX *tmp_ctx;
 	int ret;
@@ -4376,6 +4379,10 @@ int dsdb_find_nc_root(struct ldb_context *samdb, TALLOC_CTX *mem_ctx, struct ldb
 	 */
 
 	if (ret == LDB_ERR_NO_SUCH_OBJECT) {
+		if (normalised_dn != NULL) {
+			talloc_free(tmp_ctx);
+			return ret;
+		}
 		ret = LDB_SUCCESS;
 		ldb_reset_err_string(samdb);
 	} else if (ret != LDB_SUCCESS) {
@@ -4383,6 +4390,16 @@ int dsdb_find_nc_root(struct ldb_context *samdb, TALLOC_CTX *mem_ctx, struct ldb
 		return ret;
 	}
 
+	if (normalised_dn != NULL) {
+		if (context.count != 1) {
+			/* No results */
+			ldb_asprintf_errstring(samdb,
+					       "Request for NC root for %s failed to return any results.",
+					       ldb_dn_get_linearized(dn));
+			return LDB_ERR_NO_SUCH_OBJECT;
+		}
+		*normalised_dn = context.dn;
+	}
 
 	/*
 	 * If the user did not need to find the nc_root,
@@ -4439,6 +4456,20 @@ int dsdb_find_nc_root(struct ldb_context *samdb, TALLOC_CTX *mem_ctx, struct ldb
 					      nc_root);
 }
 
+/*
+  find a NC root given a DN within the NC
+ */
+int dsdb_find_nc_root(struct ldb_context *samdb,
+		      TALLOC_CTX *mem_ctx,
+		      struct ldb_dn *dn,
+		      struct ldb_dn **nc_root)
+{
+	return dsdb_normalise_dn_and_find_nc_root(samdb,
+						  mem_ctx,
+						  dn,
+						  NULL,
+						  nc_root);
+}
 
 /*
   find the deleted objects DN for any object, by looking for the NC