[Freeipa-devel] [PATCH] 869 topology: restrict direction changes
Petr Vobornik
pvoborni at redhat.com
Thu Jun 11 11:41:23 UTC 2015
On 06/11/2015 01:11 PM, Ludwig Krispenz wrote:
>
> On 06/11/2015 12:53 PM, Petr Vobornik wrote:
>> On 06/11/2015 12:35 PM, Ludwig Krispenz wrote:
>>>
>>> On 06/11/2015 12:19 PM, Petr Vobornik wrote:
>>>> On 06/11/2015 10:22 AM, Martin Babinsky wrote:
>>>>> On 06/10/2015 03:13 PM, Petr Vobornik wrote:
>>>>>> topology plugin doesn't properly handle:
>>>>>> - creation of segment with direction 'none' and then upgrade to other
>>>>>> direction
>>>>>> - downgrade of direction
>>>>>>
>>>>>> These situations are now forbidden in API.
>>>>>>
>>>>>> part of: https://fedorahosted.org/freeipa/ticket/4302
>>>>>>
>>>>>>
>>>>> ACK
>>>>>
>>>>
>>>> Looking at Ludwig's path 12, the patch completely forbids mod of
>>>> ipaReplTopoSegmentDirection?
>>> that's what I thought we agreed on,
>>
>> I thought, that we will only complain loudly on downgrade of connection.
>>
>>> so you would have to add a segment
>>> in the opposite direction an they would be merged to both,
>>> but maybe this is a bit strict.
>>
>> This could work as well, but:
>>
>> I just tried (without patch 12) to create:
>> 1. A to B, left-right: success
>> 2. B to A, right-left: "Server is unwilling to perform: Segment
>> already exists in topology or is self referential. Add rejected."
> yes, B to A, right-left is the same as A-B, left right
Sorry, you are right, I wrote it badly. I'm not sure if the servers are
broken from testing and previous bugs. Maybe I should reinstalled, but
I'm experiencing following weird behavior:
A-B segment, doesn't exist.
1. A to B, left-right: success
2. A to B, right-left: "Server is unwilling to perform: Segment already
exists in topology or is self referential. Add rejected."
If I try different direction (started with 4 segments):
1. A to B, right-left: success, 5 segments exist
2. A to B, left-right: success, 4 segments exist - the new ones are gone
Martin, can you reproduce it?
>>
>> I.e., the upgrade didn't happen.
>>
>>> I could allow for
>>> ipaReplTopoSegmentDirection replace: both
>>>> So that upgrade from right-left and left-right to both is not
>>>> allowed? If so then this patch needs to be updated.
>>> depends a bit on what you prefer and what we can get in for alpha.
>>
>> Depends what's better, I already have adjusted patch for ^^ so it's
>> not about the work.
> so lets take the changes to your patch and we could still extend
> functionality a bit for beta or later
>
OK, attaching rebased patch.
--
Petr Vobornik
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pvoborni-0869-2-topology-restrict-direction-changes.patch
Type: text/x-patch
Size: 7470 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150611/ab5f8a5b/attachment.bin>
More information about the Freeipa-devel
mailing list