[Freeipa-devel] [PATCH 0181] Replace LDAP persistent search with syncrepl (RFC 4533)
Petr Spacek
pspacek at redhat.com
Fri Feb 21 11:48:34 UTC 2014
On 13.12.2013 17:44, Petr Spacek wrote:
> On 7.10.2013 15:19, Tomas Hozza wrote:
>> On 07/22/2013 03:16 PM, Petr Spacek wrote:
>>> On 22.7.2013 13:23, Petr Spacek wrote:
>>>> Hello,
>>>>
>>>> Replace LDAP persistent search with syncrepl (RFC 4533).
>>>>
>>>> All direct operations with LDAP Persistent Search control are replaced
>>>> by ldap_sync_* calls.
>>>>
>>>> Syncrepl code works in exactly same way as old psearch code:
>>>> Only the DN of the modified object is re-used from the message,
>>>> data from the object are fetched via separate LDAP search.
>>>>
>>>> Current code is not able to detect object renaming because we don't have
>>>> UUID->DN mapping yet.
>>>>
>>>> Another limitation is that current code can't detect unchanged entries,
>>>> so serial is incremented after each parsed LDAP object.
>>>
>>> Clang noticed potential NULL dereference in cleanup section of
>>> ldap_syncrepl_watcher(). Fixed patch is attached.
>>>
>>
>> ACK.
>>
>> Tested Patch bundle 181 - 185. Common tasks like
>> adding/deleting/updating records work fine. Also PTR sync, zone serial
>> number
>> incrementation is OK.
>
> I have found that patch 181-2 doesn't handle reconnection to LDAP.
>
> This new version should handle reconnections better.
>
> This patch should go to master branch only.
>
>
> It is known limitation that zones and records deleted when connection is down
> are not refreshed properly after reconnection. This will be fixed some future
> version.
>
> I use this command for testing:
> socat tcp-listen:3899,fork,reuseaddr tcp-connect:localhost:389
>
> It is necessary to modify port in /etc/named.conf to connect via socat. Then I
> can kill & restart socat to simulate connection breakage.
Pushed to master branch: 9c8aa4fb7d798015d8f889a008b5807b73c55341
--
Petr^2 Spacek
More information about the Freeipa-devel
mailing list