python: Handle LdbError thrown from functions operating on DNs

None of these functions can return False now. Instead we must catch the
LdbError if we want to perform further error handling.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/python/samba/domain_update.py b/python/samba/domain_update.py
index ae5446a583701bf5ccdf8aac0303ec5ed5f9bce4..8493430089f6ef557f33a470fd33ff8c3ab82148 100644 (file)
--- a/python/samba/domain_update.py
+++ b/python/samba/domain_update.py
@@ -100,11 +100,15 @@ class DomainUpdate(object):
         self.domain_sid = security.dom_sid(samdb.get_domain_sid())
 
         self.domainupdate_container = self.samdb.get_root_basedn()
-        if not self.domainupdate_container.add_child("CN=Operations,CN=DomainUpdates,CN=System"):
+        try:
+            self.domainupdate_container.add_child("CN=Operations,CN=DomainUpdates,CN=System")
+        except ldb.LdbError:
             raise DomainUpdateException("Failed to add domain update container child")
 
         self.revision_object = self.samdb.get_root_basedn()
-        if not self.revision_object.add_child("CN=ActiveDirectoryUpdate,CN=DomainUpdates,CN=System"):
+        try:
+            self.revision_object.add_child("CN=ActiveDirectoryUpdate,CN=DomainUpdates,CN=System")
+        except ldb.LdbError:
             raise DomainUpdateException("Failed to add revision object child")
 
     def check_updates_functional_level(self, functional_level,

diff --git a/python/samba/forest_update.py b/python/samba/forest_update.py
index 65db1e38c5917f3689fb97adf8ac845f51ecb018..cd0d121c0b3eca0a22c5a4114f6e78be5cd31525 100644 (file)
--- a/python/samba/forest_update.py
+++ b/python/samba/forest_update.py
@@ -158,11 +158,15 @@ class ForestUpdate(object):
         self.domain_sid = security.dom_sid(samdb.get_domain_sid())
 
         self.forestupdate_container = self.samdb.get_config_basedn()
-        if not self.forestupdate_container.add_child("CN=Operations,CN=ForestUpdates"):
+        try:
+            self.forestupdate_container.add_child("CN=Operations,CN=ForestUpdates")
+        except ldb.LdbError:
             raise ForestUpdateException("Failed to add forest update container child")
 
         self.revision_object = self.samdb.get_config_basedn()
-        if not self.revision_object.add_child("CN=ActiveDirectoryUpdate,CN=ForestUpdates"):
+        try:
+            self.revision_object.add_child("CN=ActiveDirectoryUpdate,CN=ForestUpdates")
+        except ldb.LdbError:
             raise ForestUpdateException("Failed to add revision object child")
 
         # Store the result of parsing the markdown in a dictionary

diff --git a/python/samba/netcmd/group.py b/python/samba/netcmd/group.py
index 5666cde614d1c48deddf82f895357d4c6bdf910e..ab25ab408141aa3df6773e326122d6234403a51b 100644 (file)
--- a/python/samba/netcmd/group.py
+++ b/python/samba/netcmd/group.py
@@ -199,15 +199,23 @@ Example3 adds a new RFC2307 enabled group for NIS domain samdom and GID 12345 (b
                                 SYSTEM_FLAG_DOMAIN_DISALLOW_RENAME |
                                 SYSTEM_FLAG_DISALLOW_DELETE)
 
-                if not groupou and not group_dn.add_child('CN=Builtin'):
-                    raise RuntimeError('Error getting Builtin objects DN')
+                if not groupou:
+                    try:
+                        group_dn.add_child('CN=Builtin')
+                    except ldb.LdbError:
+                        raise RuntimeError('Error getting Builtin objects DN')
             else:
                 raise RuntimeError(f'Unknown group type {gtype}')
 
-            if groupou and not group_dn.add_child(groupou):
-                raise CommandError(f'Invalid group OU "{groupou}"')
+            if groupou:
+                try:
+                    group_dn.add_child(groupou)
+                except ldb.LdbError:
+                    raise CommandError(f'Invalid group OU "{groupou}"')
 
-            if not group_dn.add_child(f'CN={groupname}'):
+            try:
+                group_dn.add_child(f'CN={groupname}')
+            except ldb.LdbError:
                 raise CommandError(f'Invalid group name "{groupname}"')
 
             msg = {

diff --git a/python/samba/remove_dc.py b/python/samba/remove_dc.py
index eba597a42ebf74ca25ddd35b075a46603943bdc3..86d96c982b03445b457ef59ec60fd36f7aa37597 100644 (file)
--- a/python/samba/remove_dc.py
+++ b/python/samba/remove_dc.py
@@ -45,10 +45,14 @@ def remove_sysvol_references(samdb, logger, dc_name):
 
         # This is verbose, but it is the safe, escape-proof way
         # to add a base and add an arbitrary RDN.
-        if dn.add_base(samdb.get_config_basedn()) == False:
+        try:
+            dn.add_base(samdb.get_config_basedn())
+        except ldb.LdbError:
             raise DemoteException("Failed constructing DN %s by adding base %s"
                                   % (dn, samdb.get_config_basedn()))
-        if dn.add_child("CN=X") == False:
+        try:
+            dn.add_child("CN=X")
+        except ldb.LdbError:
             raise DemoteException("Failed constructing DN %s by adding child CN=X"
                                   % (dn))
         dn.set_component(0, "CN", dc_name)
@@ -68,10 +72,14 @@ def remove_sysvol_references(samdb, logger, dc_name):
         # This is verbose, but it is the safe, escape-proof way
         # to add a base and add an arbitrary RDN.
         dn = ldb.Dn(samdb, s)
-        if dn.add_base(samdb.get_default_basedn()) == False:
+        try:
+            dn.add_base(samdb.get_default_basedn())
+        except ldb.LdbError:
             raise DemoteException("Failed constructing DN %s by adding base %s"
                                   % (dn, samdb.get_default_basedn()))
-        if dn.add_child("CN=X") == False:
+        try:
+            dn.add_child("CN=X")
+        except ldb.LdbError:
             raise DemoteException("Failed constructing DN %s by adding child "
                                   "CN=X (soon to be CN=%s)" % (dn, dc_name))
         dn.set_component(0, "CN", dc_name)

diff --git a/python/samba/sites.py b/python/samba/sites.py
index 075aba9fd217e40c174059587d7e5cbb761d6428..a59e9985c3ba8a9bbf50ae12d7240cfe1ad0b05b 100644 (file)
--- a/python/samba/sites.py
+++ b/python/samba/sites.py
@@ -93,9 +93,13 @@ def delete_site(samdb, configDn, siteName):
     """
 
     dnsite = ldb.Dn(samdb, "CN=Sites")
-    if dnsite.add_base(configDn) == False:
+    try:
+        dnsite.add_base(configDn)
+    except ldb.LdbError:
         raise SiteException("dnsite.add_base() failed")
-    if dnsite.add_child("CN=X") == False:
+    try:
+        dnsite.add_child("CN=X")
+    except ldb.LdbError:
         raise SiteException("dnsite.add_child() failed")
     dnsite.set_component(0, "CN", siteName)
 

diff --git a/python/samba/subnets.py b/python/samba/subnets.py
index 65323647a355c1c5048e8a7ba7b9239dcb1339ca..ef739505a2e4cf58c0f726719f03decc5c11e7f5 100644 (file)
--- a/python/samba/subnets.py
+++ b/python/samba/subnets.py
@@ -72,9 +72,13 @@ def create_subnet(samdb, configDn, subnet_name, site_name):
         raise SubnetInvalid("%s is not a valid subnet (not a string)" % subnet_name)
 
     dnsubnet = ldb.Dn(samdb, "CN=Subnets,CN=Sites")
-    if dnsubnet.add_base(configDn) == False:
+    try:
+        dnsubnet.add_base(configDn)
+    except ldb.LdbError:
         raise SubnetException("dnsubnet.add_base() failed")
-    if dnsubnet.add_child("CN=X") == False:
+    try:
+        dnsubnet.add_child("CN=X")
+    except ldb.LdbError:
         raise SubnetException("dnsubnet.add_child() failed")
     dnsubnet.set_component(0, "CN", subnet_name)
 
@@ -112,9 +116,13 @@ def delete_subnet(samdb, configDn, subnet_name):
     :raise SubnetNotFound: if the subnet to be deleted does not exist.
     """
     dnsubnet = ldb.Dn(samdb, "CN=Subnets,CN=Sites")
-    if dnsubnet.add_base(configDn) == False:
+    try:
+        dnsubnet.add_base(configDn)
+    except ldb.LdbError:
         raise SubnetException("dnsubnet.add_base() failed")
-    if dnsubnet.add_child("CN=X") == False:
+    try:
+        dnsubnet.add_child("CN=X")
+    except ldb.LdbError:
         raise SubnetException("dnsubnet.add_child() failed")
     dnsubnet.set_component(0, "CN", subnet_name)
 
@@ -143,9 +151,13 @@ def rename_subnet(samdb, configDn, subnet_name, new_name):
     :raise SubnetExists: if the subnet to be created already exists.
     """
     dnsubnet = ldb.Dn(samdb, "CN=Subnets,CN=Sites")
-    if dnsubnet.add_base(configDn) == False:
+    try:
+        dnsubnet.add_base(configDn)
+    except ldb.LdbError:
         raise SubnetException("dnsubnet.add_base() failed")
-    if dnsubnet.add_child("CN=X") == False:
+    try:
+        dnsubnet.add_child("CN=X")
+    except ldb.LdbError:
         raise SubnetException("dnsubnet.add_child() failed")
     dnsubnet.set_component(0, "CN", subnet_name)
 
@@ -182,9 +194,13 @@ def set_subnet_site(samdb, configDn, subnet_name, site_name):
     """
 
     dnsubnet = ldb.Dn(samdb, "CN=Subnets,CN=Sites")
-    if dnsubnet.add_base(configDn) == False:
+    try:
+        dnsubnet.add_base(configDn)
+    except ldb.LdbError:
         raise SubnetException("dnsubnet.add_base() failed")
-    if dnsubnet.add_child("CN=X") == False:
+    try:
+        dnsubnet.add_child("CN=X")
+    except ldb.LdbError:
         raise SubnetException("dnsubnet.add_child() failed")
     dnsubnet.set_component(0, "CN", subnet_name)
 
@@ -199,9 +215,13 @@ def set_subnet_site(samdb, configDn, subnet_name, site_name):
             raise SubnetNotFound('Subnet %s does not exist' % subnet_name)
 
     dnsite = ldb.Dn(samdb, "CN=Sites")
-    if dnsite.add_base(configDn) == False:
+    try:
+        dnsite.add_base(configDn)
+    except ldb.LdbError:
         raise SubnetException("dnsite.add_base() failed")
-    if dnsite.add_child("CN=X") == False:
+    try:
+        dnsite.add_child("CN=X")
+    except ldb.LdbError:
         raise SubnetException("dnsite.add_child() failed")
     dnsite.set_component(0, "CN", site_name)
 

diff --git a/python/samba/tests/krb5/kdc_base_test.py b/python/samba/tests/krb5/kdc_base_test.py
index fc15322275e7a22c65d0a9dd9f7a8759850d3e50..9df3bf94574c6a83e46953c202fdfde590101e65 100644 (file)
--- a/python/samba/tests/krb5/kdc_base_test.py
+++ b/python/samba/tests/krb5/kdc_base_test.py
@@ -138,8 +138,7 @@ class KDCBaseTest(RawKerberosTest):
         if self._claim_types_dn is None:
             claim_config_dn = samdb.get_config_basedn()
 
-            self.assertTrue(claim_config_dn.add_child(
-                'CN=Claims Configuration,CN=Services'))
+            claim_config_dn.add_child('CN=Claims Configuration,CN=Services')
             details = {
                 'dn': claim_config_dn,
                 'objectClass': 'container',
@@ -154,7 +153,7 @@ class KDCBaseTest(RawKerberosTest):
                 self.accounts.append(str(claim_config_dn))
 
             claim_types_dn = claim_config_dn
-            self.assertTrue(claim_types_dn.add_child('CN=Claim Types'))
+            claim_types_dn.add_child('CN=Claim Types')
             details = {
                 'dn': claim_types_dn,
                 'objectClass': 'msDS-ClaimTypes',
@@ -354,7 +353,7 @@ class KDCBaseTest(RawKerberosTest):
         samdb = self.get_samdb()
 
         claim_dn = self.get_claim_types_dn()
-        self.assertTrue(claim_dn.add_child(f'CN={claim_id}'))
+        claim_dn.add_child(f'CN={claim_id}')
 
         details = {
             'dn': claim_dn,