ipa/0001-Handle-samba-exception-type-change_rhel#17623.patch

From 06b4c61b4484efe2093501caf21b03f1fc14093b Mon Sep 17 00:00:00 2001
From: Florence Blanc-Renaud <flo@redhat.com>
Date: Thu, 19 Oct 2023 12:47:03 +0200
Subject: [PATCH] group-add-member fails with an external member

The command ipa group-add-member --external aduser@addomain.test
fails with an internal error when used with samba 4.19.

The command internally calls samba.security.dom_sid(sid) which
used to raise a TypeError but now raises a ValueError
(commit 9abdd67 on https://github.com/samba-team/samba).

IPA source code needs to handle properly both exception types.

Fixes: https://pagure.io/freeipa/issue/9466

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
---
 ipaserver/dcerpc.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py
index c1db2f9a499..ee0a229d1f0 100644
--- a/ipaserver/dcerpc.py
+++ b/ipaserver/dcerpc.py
@@ -303,7 +303,7 @@ def get_domain_by_sid(self, sid, exact_match=False):
         # Parse sid string to see if it is really in a SID format
         try:
             test_sid = security.dom_sid(sid)
-        except TypeError:
+        except (TypeError, ValueError):
             raise errors.ValidationError(name='sid',
                                          error=_('SID is not valid'))
 
From aa3397378acf1a03fc8bbe34b9fae33e84588b34 Mon Sep 17 00:00:00 2001
From: Florence Blanc-Renaud <flo@redhat.com>
Date: Fri, 20 Oct 2023 10:20:57 +0200
Subject: [PATCH] Handle samba changes in samba.security.dom_sid()

samba.security.dom_sid() in 4.19 now raises ValueError instead of
TypeError. Fix the expected exception.

Related: https://pagure.io/freeipa/issue/9466

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
---
 ipaserver/dcerpc.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py
index ee0a229d1f0..3e4c71d9976 100644
--- a/ipaserver/dcerpc.py
+++ b/ipaserver/dcerpc.py
@@ -97,7 +97,7 @@
 def is_sid_valid(sid):
     try:
         security.dom_sid(sid)
-    except TypeError:
+    except (TypeError, ValueError):
         return False
     else:
         return True
@@ -457,7 +457,7 @@ def get_trusted_domain_object_sid(self, object_name,
         try:
             test_sid = security.dom_sid(sid)
             return unicode(test_sid)
-        except TypeError:
+        except (TypeError, ValueError):
             raise errors.ValidationError(name=_('trusted domain object'),
                                          error=_('Trusted domain did not '
                                                  'return a valid SID for '
ipa: - Remove unused patches. - Handle new samba exception types. Resolves: RHEL-17623 2023-11-30 16:13:35 +00:00			`From 06b4c61b4484efe2093501caf21b03f1fc14093b Mon Sep 17 00:00:00 2001`
			`From: Florence Blanc-Renaud <flo@redhat.com>`
			`Date: Thu, 19 Oct 2023 12:47:03 +0200`
			`Subject: [PATCH] group-add-member fails with an external member`

			`The command ipa group-add-member --external aduser@addomain.test`
			`fails with an internal error when used with samba 4.19.`

			`The command internally calls samba.security.dom_sid(sid) which`
			`used to raise a TypeError but now raises a ValueError`
			`(commit 9abdd67 on https://github.com/samba-team/samba).`

			`IPA source code needs to handle properly both exception types.`

			`Fixes: https://pagure.io/freeipa/issue/9466`

			`Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>`
			`Reviewed-By: Rob Crittenden <rcritten@redhat.com>`
			`---`
			`ipaserver/dcerpc.py \| 2 +-`
			`1 file changed, 1 insertion(+), 1 deletion(-)`

			`diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py`
			`index c1db2f9a499..ee0a229d1f0 100644`
			`--- a/ipaserver/dcerpc.py`
			`+++ b/ipaserver/dcerpc.py`
			`@@ -303,7 +303,7 @@ def get_domain_by_sid(self, sid, exact_match=False):`
			`# Parse sid string to see if it is really in a SID format`
			`try:`
			`test_sid = security.dom_sid(sid)`
			`- except TypeError:`
			`+ except (TypeError, ValueError):`
			`raise errors.ValidationError(name='sid',`
			`error=_('SID is not valid'))`

			`From aa3397378acf1a03fc8bbe34b9fae33e84588b34 Mon Sep 17 00:00:00 2001`
			`From: Florence Blanc-Renaud <flo@redhat.com>`
			`Date: Fri, 20 Oct 2023 10:20:57 +0200`
			`Subject: [PATCH] Handle samba changes in samba.security.dom_sid()`

			`samba.security.dom_sid() in 4.19 now raises ValueError instead of`
			`TypeError. Fix the expected exception.`

			`Related: https://pagure.io/freeipa/issue/9466`

			`Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>`
			`Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>`
			`---`
			`ipaserver/dcerpc.py \| 4 ++--`
			`1 file changed, 2 insertions(+), 2 deletions(-)`

			`diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py`
			`index ee0a229d1f0..3e4c71d9976 100644`
			`--- a/ipaserver/dcerpc.py`
			`+++ b/ipaserver/dcerpc.py`
			`@@ -97,7 +97,7 @@`
			`def is_sid_valid(sid):`
			`try:`
			`security.dom_sid(sid)`
			`- except TypeError:`
			`+ except (TypeError, ValueError):`
			`return False`
			`else:`
			`return True`
			`@@ -457,7 +457,7 @@ def get_trusted_domain_object_sid(self, object_name,`
			`try:`
			`test_sid = security.dom_sid(sid)`
			`return unicode(test_sid)`
			`- except TypeError:`
			`+ except (TypeError, ValueError):`
			`raise errors.ValidationError(name=_('trusted domain object'),`
			`error=_('Trusted domain did not '`
			`'return a valid SID for '`