Ticket 50020 - during MODRDN referential integrity can fail erronously while updating large groups
Bug Description:
During a MODRDN of a group member, referential integrity will update the groups containing this member.
Under specific conditions, the MODRDN can fail (err=1).
on MODRDN Referential integrity checks if the original DN of the target MODRDN entry is
member of a given group. If it is then it updates the group.
The returned code of the group update is using the variable 'rc'.
It does a normalized DN comparison to compare original DN with members DN, to determine if
a group needs to be updated.
If the group does not need to be updated, 'rc' is not set.
The bug is that it uses 'rc' to normalize the DN and if the group is not updated
the returned code reflects the normalization returned code rather that the group update.
The bug is hit in specific conditions
One of the evaluated group contains more than 128 members
the last member (last value) of the group is not the moved entry
the last member (last value) of the group is a DN value that contains escaped chars
Fix Description:
Use a local variable to check the result of the DN normalization
https://pagure.io/389-ds-base/issue/50020
Reviewed by: Simon Pichugin, Mark Reynolds (thanks)
Platforms tested: F27
Flag Day: no