|
Lines 73-92
LDIF_FILE = os.path.join(STATE_DIR, 'failed.ldif')
Link Here
|
| 73 |
ROOTPW_FILE = '/etc/ldap/rootpw.conf' |
73 |
ROOTPW_FILE = '/etc/ldap/rootpw.conf' |
| 74 |
CURRENT_MODRDN = os.path.join(STATE_DIR, 'current_modrdn') |
74 |
CURRENT_MODRDN = os.path.join(STATE_DIR, 'current_modrdn') |
| 75 |
|
75 |
|
| 76 |
EXCLUDE_ATTRIBUTES = [ |
76 |
EXCLUDE_ATTRIBUTES = set(attr.lower() for attr in { |
| 77 |
'subschemaSubentry', |
77 |
'subschemaSubentry', |
| 78 |
'hasSubordinates', |
78 |
'hasSubordinates', |
| 79 |
'entryDN', |
79 |
'entryDN', |
| 80 |
'memberOf', 'MEMBEROF', |
80 |
'authTimestamp', |
| 81 |
'authTimestamp', 'AUTHTIMESTAMP', |
81 |
'pwdChangedTime', |
| 82 |
'pwdChangedTime', 'PWDCHANGEDTIME', |
82 |
'pwdAccountLockedTime', |
| 83 |
'pwdAccountLockedTime', 'PWDACCOUNTLOCKEDTIME', |
83 |
'pwdFailureTime', |
| 84 |
'pwdFailureTime', 'PWDFAILURETIME', |
84 |
'pwdHistory', |
| 85 |
'pwdHistory', 'PWDHISTORY', |
85 |
'pwdGraceUseTime', |
| 86 |
'pwdGraceUseTime', 'PWDGRACEUSETIME', |
86 |
'pwdReset', |
| 87 |
'pwdReset', 'PWDRESET', |
87 |
'pwdPolicySubentry', |
| 88 |
'pwdPolicySubentry', 'PWDPOLICYSUBENTRY', |
88 |
} | (set() if listener.baseConfig.is_true("ldap/overlay/memberof") else {'memberOf',})) |
| 89 |
] |
|
|
| 90 |
|
89 |
|
| 91 |
# don't use built-in OIDs from slapd |
90 |
# don't use built-in OIDs from slapd |
| 92 |
BUILTIN_OIDS = [ |
91 |
BUILTIN_OIDS = [ |
|
Lines 566-578
def connect(ldif=0):
Link Here
|
| 566 |
|
565 |
|
| 567 |
|
566 |
|
| 568 |
def addlist(new): |
567 |
def addlist(new): |
| 569 |
return [kv for kv in new.items() if kv[0] not in EXCLUDE_ATTRIBUTES] |
568 |
return [kv for kv in new.items() if kv[0].lower() not in EXCLUDE_ATTRIBUTES] |
| 570 |
|
569 |
|
| 571 |
|
570 |
|
| 572 |
def modlist(old, new): |
571 |
def modlist(old, new): |
| 573 |
ml = [] |
572 |
ml = [] |
| 574 |
for key, values in new.items(): |
573 |
for key, values in new.items(): |
| 575 |
if key in EXCLUDE_ATTRIBUTES: |
574 |
if key.lower() in EXCLUDE_ATTRIBUTES: |
| 576 |
continue |
575 |
continue |
| 577 |
|
576 |
|
| 578 |
if key not in old: |
577 |
if key not in old: |
|
Lines 597-603
def modlist(old, new):
Link Here
|
| 597 |
ml.append((ldap.MOD_REPLACE, key, values)) |
596 |
ml.append((ldap.MOD_REPLACE, key, values)) |
| 598 |
|
597 |
|
| 599 |
for key in old: |
598 |
for key in old: |
| 600 |
if key in EXCLUDE_ATTRIBUTES: |
599 |
if key.lower() in EXCLUDE_ATTRIBUTES: |
| 601 |
continue |
600 |
continue |
| 602 |
if key not in new: |
601 |
if key not in new: |
| 603 |
ml.append((ldap.MOD_DELETE, key, [])) |
602 |
ml.append((ldap.MOD_DELETE, key, [])) |
|
Lines 836-842
def handler(dn, new, listener_old, operation):
Link Here
|
| 836 |
match = 0 |
835 |
match = 0 |
| 837 |
else: |
836 |
else: |
| 838 |
for k in old: |
837 |
for k in old: |
| 839 |
if k in EXCLUDE_ATTRIBUTES: |
838 |
if k.lower() in EXCLUDE_ATTRIBUTES: |
| 840 |
continue |
839 |
continue |
| 841 |
if k not in listener_old: |
840 |
if k not in listener_old: |
| 842 |
ud.debug(ud.LISTENER, ud.INFO, 'replication: listener does not have key %s' % (k,)) |
841 |
ud.debug(ud.LISTENER, ud.INFO, 'replication: listener does not have key %s' % (k,)) |
| 843 |
- |
|
|