Attachment #9008 for bug #43628

(-)base/univention-python/debian/changelog (+7 lines)

Lines 1-3	Link Here

univention-python (10.0.4-1) UNRELEASED; urgency=medium

  * Bug 43628: Support lookup of specific attributes via PostReadControl

    (RFC 4527)

 -- Arvid Requate <requate@univention.de>  Mon, 10 Jul 2017 19:28:18 +0200

univention-python (10.0.3-4) unstable; urgency=medium

univention-python (10.0.3-4) unstable; urgency=medium

  * Bug #41234: Revert changes made with Bug #36169 due to fix of Bug #36343

  * Bug #41234: Revert changes made with Bug #36169 due to fix of Bug #36343

(-)base/univention-python/debian/control (+1 lines)

Lines 12-17	Link Here

Architecture: all

Architecture: all

Depends: ${misc:Depends}, ${python:Depends},

Depends: ${misc:Depends}, ${python:Depends},

 python-ldap,

 python-ldap,

 python-pyasn1-modules,

 python-dns,

 python-dns,

 python-univention-debug,

 python-univention-debug,

 python-cracklib

 python-cracklib




import ldap
import ldap.schema
import ldap.sasl
from ldap.controls.readentry import PostReadControl
import univention.debug
from univention.config_registry import ConfigRegistry
from ldapurl import LDAPUrl

			self.__schema = ldap.schema.SubSchema(self.lo.read_subschemasubentry_s(self.lo.search_subschemasubentry_s()), 0)
		return self.__schema

	def add(self, dn, al, postread_attrs=None):
		"""Add LDAP entry with dn and attributes in add_list=(attribute-name, old-values. new-values) or (attribute-name, new-values)."""

		univention.debug.debug(univention.debug.LDAP, univention.debug.INFO, 'uldap.add dn=%s' % dn)

			nal[key] |= set(val)

		nal = self.__encode_entry([(k, list(v)) for k, v in nal.items()])

		if postread_attrs:
			serverctrls = [PostReadControl(True, postread_attrs),]
			return self.add_ext_s(dn, nal, serverctrls=serverctrls)
		else:
			return self.add_s(dn, nal)

	def add_s(self, dn, al):
		"""Redirect add_s directly to lo"""
		try:
			self.lo.add_ext_s(dn, al)
		except ldap.REFERRAL as exc:
			if not self.follow_referral:
				raise
			lo_ref = self._handle_referral(exc)
			lo_ref.add_ext_s(dn, al)

	def add_ext_s(self, dn, al, serverctrls=None):
		"""Redirect add_ext_s directly to lo"""
		try:
			msgid = self.lo.add_ext(dn, al, serverctrls=serverctrls)
			rtype, rdata, rmsgid, resp_ctrls = self.lo.result3(msgid)
		except ldap.REFERRAL as exc:
			if not self.follow_referral:
				raise
			lo_ref = self._handle_referral(exc)
			msgid = lo_ref.add_ext(dn, al, serverctrls=serverctrls)
			rtype, rdata, rmsgid, resp_ctrls = lo_ref.result3(msgid)
		for c in resp_ctrls:
			if c.controlType == PostReadControl.controlType:
				return c.entry

	def modify(self, dn, changes, postread_attrs=None):
		"""Modify LDAP entry dn with attributes in changes=(attribute-name, old-values, new-values)."""

		univention.debug.debug(univention.debug.LDAP, univention.debug.INFO, 'uldap.modify %s' % dn)

			ml.append((op, key, val))
		ml = self.__encode_entry(ml)

		if postread_attrs:
			serverctrls = [PostReadControl(True, postread_attrs),]
		else:
			serverctrls = []

		resp_entry = {}
		# check if we need to rename the object
		new_dn, new_rdn = self.__get_new_dn(dn, ml)
		if not self.compare_dn(dn, new_dn):
			univention.debug.debug(univention.debug.LDAP, univention.debug.WARN, 'rename %s' % (new_rdn,))
			if postread_attrs:
				resp_entry = self.rename_ext_s(dn, new_rdn, None, delold=1, serverctrls=serverctrls)
			else:
				self.lo.rename_s(dn, new_rdn, None, delold=1)
			dn = new_dn
		if ml:
			if postread_attrs:
				resp_entry = self.modify_ext_s(dn, ml, serverctrls=serverctrls)
			else:
				self.modify_s(dn, ml)

		if postread_attrs:
			return (dn, resp_entry)
		else:
			return dn

	@classmethod
	def __get_new_dn(self, dn, ml):
		"""

			lo_ref = self._handle_referral(exc)
			lo_ref.modify_ext_s(dn, ml)

	def modify_ext_s(self, dn, ml, serverctrls=None):
		"""Redirect modify_ext_s directly to lo"""
		try:
			msgid = self.lo.modify_ext(dn, ml, serverctrls=serverctrls)
			rtype, rdata, rmsgid, resp_ctrls = self.lo.result3(msgid)
		except ldap.REFERRAL as exc:
			if not self.follow_referral:
				raise
			lo_ref = self._handle_referral(exc)
			msgid = lo_ref.modify_ext(dn, ml, serverctrls=serverctrls)
			rtype, rdata, rmsgid, resp_ctrls = lo_ref.result3(msgid)
		for c in resp_ctrls:
			if c.controlType == PostReadControl.controlType:
				return c.entry

	def rename(self, dn, newdn, postread_attrs=None):
		univention.debug.debug(univention.debug.LDAP, univention.debug.INFO, 'uldap.rename %s -> %s' % (dn, newdn))
		oldsdn = self.parentDn(dn)
		newrdn = ldap.dn.dn2str([ldap.dn.str2dn(newdn)[0]])
		newsdn = ldap.dn.dn2str(ldap.dn.str2dn(newdn)[1:])

		if postread_attrs:
			serverctrls = [PostReadControl(True, postread_attrs),]
		else:
			serverctrls = []

		resp_entry = {}
		if not newsdn.lower() == oldsdn.lower():
			univention.debug.debug(univention.debug.LDAP, univention.debug.INFO, 'uldap.rename: move %s to %s in %s' % (dn, newrdn, newsdn))
			if postread_attrs:
				resp_entry = self.rename_ext_s(dn, newrdn, newsdn, serverctrls=serverctrls)
			else:
				self.rename_s(dn, newrdn, newsdn)
					raise
				lo_ref = self._handle_referral(exc)
				lo_ref.rename_s(dn, newrdn, newsdn)
		else:
			univention.debug.debug(univention.debug.LDAP, univention.debug.INFO, 'uldap.rename: modrdn %s to %s' % (dn, newrdn))
			if postread_attrs:
				resp_entry = self.rename_ext_s(dn, newrdn, serverctrls=serverctrls)
			else:
				self.rename_s(dn, newrdn)
					raise
				lo_ref = self._handle_referral(exc)
				lo_ref.rename_s(dn, newrdn)

		if postread_attrs:
			return resp_entry

	def rename_s(self, dn, newrdn, newsuperior=None):
		"""Redirect rename_s directly to lo"""
		try:
			self.lo.rename_s(dn, newrdn, newsuperior)
		except ldap.REFERRAL as exc:
			if not self.follow_referral:
				raise
			lo_ref = self._handle_referral(exc)
			lo_ref.rename_s(dn, newrdn, newsuperior)

	def rename_ext_s(self, dn, newrdn, newsuperior=None, serverctrls=None):
		"""Redirect rename_ext_s directly to lo"""
		try:
			msgid = self.lo.rename(dn, newrdn, newsuperior, serverctrls=serverctrls)
			rtype, rdata, rmsgid, resp_ctrls = self.lo.result3(msgid)
		except ldap.REFERRAL as exc:
			if not self.follow_referral:
				raise
			lo_ref = self._handle_referral(exc)
			lo_ref.rename(dn, newrdn, newsuperior, serverctrls=serverctrls)
			rtype, rdata, rmsgid, resp_ctrls = lo_ref.result3(msgid)
		for c in resp_ctrls:
			if c.controlType == PostReadControl.controlType:
				return c.entry

	def delete(self, dn):
		univention.debug.debug(univention.debug.LDAP, univention.debug.INFO, 'uldap.delete %s' % dn)
		if dn:

(-)management/univention-directory-manager-modules/debian/changelog (+7 lines)

Lines 1-3	Link Here

univention-directory-manager-modules (12.0.18-1) UNRELEASED; urgency=medium

  * Bug 43628: Support lookup of specific attributes via PostReadControl

    (RFC 4527)

 -- Arvid Requate <requate@univention.de>  Mon, 10 Jul 2017 19:32:17 +0200

univention-directory-manager-modules (12.0.17-74) unstable; urgency=medium

univention-directory-manager-modules (12.0.17-74) unstable; urgency=medium

  * Bug #42015: Applied patch from Florian Best - Fix LDAP error when

  * Bug #42015: Applied patch from Florian Best - Fix LDAP error when

(-)management/univention-directory-manager-modules/debian/control (-1 / +1 lines)

Lines 14-20	Link Here

Architecture: all

Architecture: all

Depends: ${misc:Depends}, ${python:Depends},

Depends: ${misc:Depends}, ${python:Depends},

 python (>= 2.7),

 python (>= 2.7),

 python-univention (>> 6.0.21),

 python-univention (>= 10.0.4-1),

 python-univention-heimdal (>= 4.0.1-1),

 python-univention-heimdal (>= 4.0.1-1),

 makepasswd,

 makepasswd,

 python-m2crypto,

 python-m2crypto,

(-)management/univention-directory-manager-modules/modules/univention/admin/handlers/__init__.py (-3 / +30 lines)

Lines 108-113	Link Here

108

		self.options = []

108

		self.options = []

109

		self.old_options = []

109

		self.old_options = []

110

		self.alloc = []

110

		self.alloc = []

111

		self.postread_attrs = None

112

		self.resp_entry = {}

111

113

112

		if not isinstance(self.lo, univention.admin.uldap.access):

114

		if not isinstance(self.lo, univention.admin.uldap.access):

113

			if not isinstance(self.lo, univention.uldap.access):

115

			if not isinstance(self.lo, univention.uldap.access):

Lines 672-677	Link Here

672

		self.call_udm_property_hook('hook_open', self)

674

		self.call_udm_property_hook('hook_open', self)

673

		self.save()

675

		self.save()

674

676

677

	def create(self, postread_attrs=None):

678

		if postread_attrs:

679

			self.postread_attrs = postread_attrs

680

		res = base.create(self)

681

		if self.postread_attrs:

682

			self.oldattr.update(self.resp_entry)

683

		return res

684

685

	def modify(self, modify_childs=1, ignore_license=0, postread_attrs=None):

686

		if postread_attrs:

687

			self.postread_attrs = postread_attrs

688

		res = base.modify(self, modify_childs=1, ignore_license=0)

689

		if self.postread_attrs:

690

			self.oldattr.update(self.resp_entry)

691

		return res

692

675

	def _remove_option(self, name):

693

	def _remove_option(self, name):

676

		if name in self.options:

694

		if name in self.options:

677

			self.options.remove(name)

695

			self.options.remove(name)

Lines 781-787	Link Here

781

799

782

		# if anything goes wrong we need to remove the already created object, otherwise we run into 'already exists' errors

800

		# if anything goes wrong we need to remove the already created object, otherwise we run into 'already exists' errors

783

		try:

801

		try:

784

			self.lo.add(self.dn, al)

802

			if self.postread_attrs:

803

				self.resp_entry = self.lo.add(self.dn, al, postread_attrs=self.postread_attrs)

804

			else:

805

				self.lo.add(self.dn, al)

785

			self._exists = True

806

			self._exists = True

786

			self._ldap_post_create()

807

			self._ldap_post_create()

787

		except:

808

		except:

Lines 826-838	Link Here

826

847

827

		# FIXME: timeout without exception if objectClass of Object is not exsistant !!

848

		# FIXME: timeout without exception if objectClass of Object is not exsistant !!

828

		univention.debug.debug(univention.debug.ADMIN, 99, 'Modify dn=%r;\nmodlist=%r;\noldattr=%r;' % (self.dn, ml, self.oldattr))

849

		univention.debug.debug(univention.debug.ADMIN, 99, 'Modify dn=%r;\nmodlist=%r;\noldattr=%r;' % (self.dn, ml, self.oldattr))

829

		self.lo.modify(self.dn, ml, ignore_license=ignore_license)

850

		if self.postread_attrs:

851

			dn, self.resp_entry = self.lo.modify(self.dn, ml, ignore_license=ignore_license, postread_attrs=self.postread_attrs)

852

		else:

853

			self.lo.modify(self.dn, ml, ignore_license=ignore_license)

830

854

831

		self._ldap_post_modify()

855

		self._ldap_post_modify()

832

		self.call_udm_property_hook('hook_ldap_post_modify', self)

856

		self.call_udm_property_hook('hook_ldap_post_modify', self)

833

857

834

		self.save()

858

		self.save()

835

		return self.dn

859

		if self.postread_attrs:

860

			return (dn, self.resp_entry)

861

		else:

862

			return self.dn

836

863

837

	def set_default_values(self):

864

	def set_default_values(self):

838

		# Make sure all default values are set...

865

		# Make sure all default values are set...




		univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'getPolicies modules dn %s result' % dn)
		return self.lo.getPolicies(dn, policies, attrs, result, fixedattrs)

	def add(self, dn, al, exceptions=False, postread_attrs=None):
		self._validateLicense()
		if not self.allow_modify:
			univention.debug.debug(univention.debug.ADMIN, univention.debug.ERROR, 'add dn: %s' % dn)

			return []
		univention.debug.debug(univention.debug.LDAP, univention.debug.ALL, 'add dn=%s al=%s' % (dn, al))
		if exceptions:
			return self.lo.add(dn, al, postread_attrs=postread_attrs)
		try:
			return self.lo.add(dn, al, postread_attrs=postread_attrs)
		except ldap.ALREADY_EXISTS as msg:
			univention.debug.debug(univention.debug.LDAP, univention.debug.ALL, 'add dn=%s err=%s' % (dn, msg))
			raise univention.admin.uexceptions.objectExists(dn)

			univention.debug.debug(univention.debug.LDAP, univention.debug.ALL, 'add dn=%s err=%s' % (dn, msg))
			raise univention.admin.uexceptions.ldapError(_err2str(msg), original_exception=msg)

	def modify(self, dn, changes, exceptions=False, ignore_license=0, postread_attrs=None):
		self._validateLicense()
		if not self.allow_modify and not ignore_license:
			univention.debug.debug(univention.debug.ADMIN, univention.debug.ERROR, 'modify dn: %s' % dn)

			return []
		univention.debug.debug(univention.debug.LDAP, univention.debug.ALL, 'mod dn=%s ml=%s' % (dn, changes))
		if exceptions:
			return self.lo.modify(dn, changes, postread_attrs=postread_attrs)
		try:
			return self.lo.modify(dn, changes, postread_attrs=postread_attrs)
		except ldap.NO_SUCH_OBJECT as msg:
			univention.debug.debug(univention.debug.LDAP, univention.debug.ALL, 'mod dn=%s err=%s' % (dn, msg))
			raise univention.admin.uexceptions.noObject(dn)

			univention.debug.debug(univention.debug.LDAP, univention.debug.ALL, 'mod dn=%s err=%s' % (dn, msg))
			raise univention.admin.uexceptions.ldapError(_err2str(msg), original_exception=msg)

	def rename(self, dn, newdn, move_childs=0, ignore_license=False, postread_attrs=None):
		if not move_childs == 0:
			raise univention.admin.uexceptions.noObject(_("Moving children is not supported."))
		self._validateLicense()

			return []
		univention.debug.debug(univention.debug.LDAP, univention.debug.ALL, 'ren dn=%s newdn=%s' % (dn, newdn))
		try:
			return self.lo.rename(dn, newdn, postread_attrs=postread_attrs)
		except ldap.NO_SUCH_OBJECT as msg:
			univention.debug.debug(univention.debug.LDAP, univention.debug.ALL, 'ren dn=%s err=%s' % (dn, msg))
			raise univention.admin.uexceptions.noObject(dn)

(-)services/univention-s4-connector/debian/changelog (+7 lines)

Lines 1-3	Link Here

univention-s4-connector (11.0.8-1) UNRELEASED; urgency=medium

  * Bug 43628: during sync_to_ucs remember entryCSN of msGPO changes

    to be able to identify and skip them later in sync_from_ucs.

 -- Arvid Requate <requate@univention.de>  Mon, 10 Jul 2017 19:33:24 +0200

univention-s4-connector (11.0.7-12) unstable; urgency=medium

univention-s4-connector (11.0.7-12) unstable; urgency=medium

  * Bug #43072: s4connector/dns: fix ptr_record deletion.

  * Bug #43072: s4connector/dns: fix ptr_record deletion.

(-)services/univention-s4-connector/debian/control (-1 / +1 lines)

Lines 16-22	Link Here

 python-univention (>=8.0.3-1),

 python-univention (>=8.0.3-1),

 python-univention-license,

 python-univention-license,

 python-univention-heimdal (>= 4.0.2-2),

 python-univention-heimdal (>= 4.0.2-2),

 python-univention-directory-manager (>= 7.0.232-2),

 python-univention-directory-manager (>= 12.0.18-1),

 python-pysqlite2

 python-pysqlite2

Provides: ${python:Provides}

Provides: ${python:Provides}

Description: UCS - Modules for connector sychronisation

Description: UCS - Modules for connector sychronisation





		self.open_ucs()

		for section in ['DN Mapping UCS', 'DN Mapping CON', 'UCS rejected', 'UCS deleted', 'UCS entryCSN']:
			if not self.config.has_section(section):
				self.config.add_section(section)


			if ucs:
				self._remove_config_option('DN Mapping UCS', self._encode_dn_as_config_option(ucs.lower()))

	def _remember_entryCSN_commited_by_connector(self, entryUUID, entryCSN):
		"""Remember the entryCSN of a change committed by the S4-Connector itself"""
		_d = ud.function('ldap._remember_entryCSN_commited_by_connector')
		value = self._get_config_option('UCS entryCSN', entryUUID)
		if value:
			entryCSN_set = set(value.split(','))
			entryCSN_set.add(entryCSN)
			value = ','.join(entryCSN_set)
		else:
			value = entryCSN
		self._set_config_option('UCS entryCSN', entryUUID, value)

	def _get_last_entryCSN_commited_by_connector(self, entryUUID):
		"""Remember the entryCSN of a change committed by the S4-Connector itself"""
		_d = ud.function('ldap._get_last_entryCSN_commited_by_connector')
		return self._get_config_option('UCS entryCSN', entryUUID)

	def _forget_entryCSN(self, entryUUID, entryCSN):
		_d = ud.function('ldap._forget_entryCSN')
		value = self._get_config_option('UCS entryCSN', entryUUID)
		if value:
			entryCSN_set = set(value.split(','))
			if entryCSN in entryCSN_set:
				entryCSN_set.remove(entryCSN)
				if entryCSN_set:
					value = ','.join(entryCSN_set)
					self._set_config_option('UCS entryCSN', entryUUID, value)
				else:
					self._remove_config_option('UCS entryCSN', entryUUID)
				return True
			else:
				return False
		else:
			return False

	def _get_dn_by_ucs(self, dn_ucs):
		_d = ud.function('ldap._get_dn_by_ucs')
		return self._decode_dn_from_config_option(self._get_config_option('DN Mapping UCS', self._encode_dn_as_config_option(dn_ucs.lower())))

					break

			entryUUID = new.get('entryUUID', [None])[0]
			if key == 'msGPO':
				entryCSN = new.get('entryCSN', [None])[0]
				if self._forget_entryCSN(entryUUID, entryCSN):
					ud.debug(ud.LDAP, ud.PROCESS, "__sync_file_from_ucs: Object with entryUUID %s: Ignoring own change %s" % (entryUUID, entryCSN))
					return True

			if entryUUID:
				if self.was_entryUUID_deleted(entryUUID):
					if self._get_entryUUID(dn) == entryUUID:

					else:
						ud.debug(ud.LDAP, ud.INFO, '__set_values: Skip: %s' % con_attribute)

	def __modify_custom_attributes(self, property_type, object, ucs_object, module, position, modtype="modify", postread_attrs=None):
		if 'custom_attributes' in object:
			ud.debug(ud.LDAP, ud.INFO, '__modify_custom_attributes: custom attributes found: %s' % object['custom_attributes'])
			modlist = object['custom_attributes']['modlist']

					modlist.append(('objectClass', oc[0][1]['objectClass'], noc))

			ud.debug(ud.LDAP, ud.INFO, '__modify_custom_attributes: modlist: %s' % modlist)
			if postread_attrs:
				resp = self.lo.modify(ucs_object.dn, modlist, postread_attrs=postread_attrs)
				try:
					resp_entry = resp[1]
					entryUUID = resp_entry['entryUUID'][0]
					entryCSN = resp_entry['entryCSN'][0]
					self._remember_entryCSN_commited_by_connector(entryUUID, entryCSN)
				except (IndexError, KeyError):
					pass
			else:
				self.lo.modify(ucs_object.dn, modlist)

			return True
		else:

		self.__set_values(property_type, object, ucs_object, modtype='add')
		for function in self.property[property_type].ucs_create_functions:
			function(self, property_type, ucs_object)
		if property_type == 'msGPO':
			res = ucs_object.create(postread_attrs=['entryCSN', 'entryUUID'])
			if res:
				entryUUID = ucs_object.oldattr['entryUUID'][0]
				entryCSN = ucs_object.oldattr['entryCSN'][0]
				self._remember_entryCSN_commited_by_connector(entryUUID, entryCSN)
				res = self.__modify_custom_attributes(property_type, object, ucs_object, module, position, postread_attrs=['entryCSN', 'entryUUID'])
		else:
			res = ucs_object.create()
		return res

	def modify_in_ucs(self, property_type, object, module, position):
		_d = ud.function('ldap.modify_in_ucs')

		ucs_object_dn = object[dntype]
		ucs_object = univention.admin.objects.get(module, None, self.lo, dn=ucs_object_dn, position='')
		self.__set_values(property_type, object, ucs_object)
		if property_type == 'msGPO':
			res = ucs_object.modify(postread_attrs=['entryCSN', 'entryUUID'])
			if res:
				try:
					entryUUID = ucs_object.oldattr['entryUUID'][0]
					entryCSN = ucs_object.oldattr['entryCSN'][0]
					self._remember_entryCSN_commited_by_connector(entryUUID, entryCSN)
				except (IndexError, KeyError):
					pass
				res = self.__modify_custom_attributes(property_type, object, ucs_object, module, position, postread_attrs=['entryCSN', 'entryUUID'])
		else:
			res = ucs_object.modify()
		return res

	def move_in_ucs(self, property_type, object, module, position):
		_d = ud.function('ldap.move_in_ucs')

			ucs_object.open()
			ucs_object.remove()
			self.update_deleted_cache_after_removal(entryUUID, objectGUID)
			if property_type == 'msGPO':
				self._forget_entryCSN(entryUUID)
			return True
		except Exception, e:
			ud.debug(ud.LDAP, ud.INFO, "delete object exception: %s" % e)




import univention.debug2 as ud
from samba.dcerpc import security
from samba.ndr import ndr_pack, ndr_unpack
from samba.dcerpc import misc


def encode_sddl_to_sd_in_ndr(domain_sid, ntsd_sddl):

		return

	ucs_ntsd_sddl = object['attributes']['msNTSecurityDescriptor'][0]
	s4_attributes = s4connector.lo_s4.get(s4_dn, attr=['nTSecurityDescriptor'])
	ntsd_ndr = s4_attributes.get('nTSecurityDescriptor')

	if ntsd_ndr:

			ud.debug(ud.LDAP, ud.INFO, 'ntsd_to_s4: nTSecurityDescriptors are equal')
			return

		guid_blob = s4_attributes.get('objectGUID')[0]
		objectGUID = str(ndr_unpack(misc.GUID, guid_blob))
		old_s4_object = s4connector.s4cache.get_entry(objectGUID)
		if old_s4_object:
			if old_s4_object.get('uSNChanged')[0] != s4_attributes.get('uSNChanged')[0]:
				ud.debug(ud.LDAP, ud.PROCESS, "ntsd_to_s4: skipping, S4-Object changed: %s" % object['dn'])
				return

		ud.debug(ud.LDAP, ud.INFO, 'ntsd_to_s4: changing nTSecurityDescriptor from %s to %s' % (s4_ntsd_sddl, ucs_ntsd_sddl))

		ucs_ntsd_ndr = encode_sddl_to_sd_in_ndr(domain_sid, ucs_ntsd_sddl)

		ml.append(('msNTSecurityDescriptor', ucs_ntsd_sddl, s4_ntsd_sddl))
	if ml:
		ud.debug(ud.LDAP, ud.INFO, 'ntsd_to_ucs: modlist = %s' % ml)
		resp = s4connector.lo.lo.modify(ucs_dn, ml, postread_attrs=['entryCSN', 'entryUUID'])
		try:
			resp_entry = resp[1]
			entryUUID = resp_entry['entryUUID'][0]
			entryCSN = resp_entry['entryCSN'][0]
			s4connector._remember_entryCSN_commited_by_connector(entryUUID, entryCSN)
		except (IndexError, KeyError):
			pass

Return to bug 43628