[Freeipa-devel] [PATCH 0181] Replace LDAP persistent search with syncrepl (RFC 4533)
Petr Spacek
pspacek at redhat.com
Fri Dec 13 16:44:22 UTC 2013
On 7.10.2013 15:19, Tomas Hozza wrote:
> On 07/22/2013 03:16 PM, Petr Spacek wrote:
>> On 22.7.2013 13:23, Petr Spacek wrote:
>>> Hello,
>>>
>>> Replace LDAP persistent search with syncrepl (RFC 4533).
>>>
>>> All direct operations with LDAP Persistent Search control are replaced
>>> by ldap_sync_* calls.
>>>
>>> Syncrepl code works in exactly same way as old psearch code:
>>> Only the DN of the modified object is re-used from the message,
>>> data from the object are fetched via separate LDAP search.
>>>
>>> Current code is not able to detect object renaming because we don't have
>>> UUID->DN mapping yet.
>>>
>>> Another limitation is that current code can't detect unchanged entries,
>>> so serial is incremented after each parsed LDAP object.
>>
>> Clang noticed potential NULL dereference in cleanup section of
>> ldap_syncrepl_watcher(). Fixed patch is attached.
>>
>
> ACK.
>
> Tested Patch bundle 181 - 185. Common tasks like
> adding/deleting/updating records work fine. Also PTR sync, zone serial
> number
> incrementation is OK.
I have found that patch 181-2 doesn't handle reconnection to LDAP.
This new version should handle reconnections better.
This patch should go to master branch only.
It is known limitation that zones and records deleted when connection is down
are not refreshed properly after reconnection. This will be fixed some future
version.
I use this command for testing:
socat tcp-listen:3899,fork,reuseaddr tcp-connect:localhost:389
It is necessary to modify port in /etc/named.conf to connect via socat. Then I
can kill & restart socat to simulate connection breakage.
--
Petr^2 Spacek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: bind-dyndb-ldap-pspacek-0181-3-Replace-LDAP-persistent-search-with-syncrepl-RFC-453.patch
Type: text/x-patch
Size: 30047 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131213/35e584d5/attachment.bin>
More information about the Freeipa-devel
mailing list