Univention Bugzilla – Bug 44316
LDAP reconnect handling isn't used for modify operations
Last modified: 2017-10-10 18:32:01 CEST
The LDAP reconnect handling doesn't work for modify operations. uldap.py uses modify_s instead of modify_ext_s.
It should be fixed as erratum for UCS 4.2.
ldap/ldapobject.py: ReconnectLDAPObject does *not* wrap all synchronous methods of SimpleLDAPObject to reconnect on SERVER_DOWN: $ diff -y -W 60 <(sed -rne '/^class SimpleLDAPObject/,/^\S/s/\s+def ([a-z][a-z_]+_st?)\(.*\):/\1/p' Lib/ldap/ldapobject.py|sort) <(sed -rne '/^class ReconnectLDAPObject/,/^\S/s/\s+def ([a-z][a-z_]+_st?)\(.*\):/\1/p' Lib/ldap/ldapobject.py|sort) add_ext_s add_ext_s add_s < bind_s bind_s cancel_s cancel_s compare_ext_s < compare_s compare_s delete_ext_s delete_ext_s delete_s < *** uses delete_ext_s() *** extop_s extop_s modify_ext_s modify_ext_s modify_s < modrdn_s < *** uses rename_s() *** passwd_s < read_s < *** uses search_ext_s() *** read_subschemasubentry_s < *** uses read_s() → seach_ext_s() *** rename_s rename_s sasl_interactive_bind_s sasl_interactive_bind_s search_ext_s search_ext_s search_s < *** uses search_ext_s() *** search_st < *** uses search_ext_s() *** search_subschemasubentry_s < *** uses search_s() → search_ext_s() *** simple_bind_s simple_bind_s start_tls_s start_tls_s unbind_ext_s < *** must not be wrapped *** unbind_s < *** must not be wrapped *** whoami_s whoami_s r78870 | Bug #44316 py: Use re-connecting LDAP methods Package: univention-python Version: 10.0.3-3A~4.2.0.201704240907 Branch: ucs_4.2-0 Scope: errata4.2-0 r78871 | Bug #44316 py: Use re-connecting LDAP methods YAML univention-python.yaml FYI: There are many more users of the old API methods: base/univention-heimdal/salt_krb5Keys:1 base/univention-python/debian/changelog:1 base/univention-python/modules/uldap.py:3 management/univention-directory-manager-modules/scripts/convert-user-base64-photos:1 management/univention-directory-manager-modules/scripts/proof_hostShadowAccounts:1 management/univention-directory-manager-modules/scripts/proof_kerberos_deactivation:8 management/univention-directory-manager-modules/scripts/proof_uniqueMembers:4 management/univention-directory-manager-modules/scripts/proof_usersMailAccount:1 management/univention-directory-manager-modules/scripts/univention-remove-old-umc-objects:1 management/univention-directory-manager-modules/univention-sync-memberuid:2 management/univention-directory-replication/replication.py:4 management/univention-ldap-overlay-memberof/univention-update-memberof:1 management/univention-management-console-module-udm/umc/python/udm/tools.py:2 services/univention-ad-connector/modules/univention/connector/ad/__init__.py:13 services/univention-ad-connector/modules/univention/connector/ad/password.py:4 services/univention-s4-connector/modules/univention/s4connector/s4/__init__.py:8 services/univention-s4-connector/modules/univention/s4connector/s4/dc.py:2 services/univention-s4-connector/modules/univention/s4connector/s4/dns.py:3 services/univention-s4-connector/scripts/upgrade_msWMI-Som.py:1 test/ucs-ec2-tools/examples/jenkins/autotest-201-ucsschool-singleserver-s4-all-components-importonly.cfg:1 test/ucs-ec2-tools/examples/jenkins/autotest-201-ucsschool-singleserver-s4-all-components.cfg:1 test/ucs-test-tools/usr/sbin/create-32k-users-in-groups:2 test/ucs-test/lib/ldap_glue.py:5 test/ucs-test/tests/10_ldap/24uldap:1 test/ucs-test/tests/10_ldap/46replication_modrdn_local_modification:2 test/ucs-test/tests/10_ldap/47replication_modrdn_local_different_entryuuid:1 test/ucs-test/tests/55_adconnector/adconnector.py:1 test/ucs-test/tests/61_udm-users/30_user_admin_setting_acl:2 We should add a ucslint test. I've submitted a patch upstream to add the missing wrappers: <https://mail.python.org/pipermail/python-ldap/2017q2/003889.html>
Tests: OK Code review: OK Advisory: OK
<http://errata.software-univention.de/ucs/4.2/11.html>