Univention Bugzilla – Bug 45474
LDAP reconnect handling isn't used for modify operations (regression)
Last modified: 2017-10-11 16:45:35 CEST
uldap.py now uses modify_ext instead of modify_ext_s. This is a regression introduced via Bug 43628. See commit 868e7d7214a22f3d71d958cd674a06a87e2b1399 for changes. +++ This bug was initially created as a clone of Bug #44316 +++ The LDAP reconnect handling doesn't work for modify operations. uldap.py uses modify_s instead of modify_ext_s.
Created attachment 9235 [details] ucs-test script for lo.search and lo.modify
Created attachment 9238 [details] patch
Created attachment 9239 [details] patch
Branch: fbest/45474-reconnect-ldap-connection
The methods add() / modify() and rename() were broken and have been fixed. Also the referral handling for rename() was broken. univention-python (10.0.4-4): 54b1e10eee35 | Bug #45474: Merge branch 'fbest/45474-reconnect-ldap-connection' into 4.2-2 caea202bd185 | Bug #45474: fix reconnecting in add() / modify() and rename() during ldap.SERVER_DOWN univention-python.yaml: 54b1e10eee35 | Bug #45474: Merge branch 'fbest/45474-reconnect-ldap-connection' into 4.2-2 167683a1b759 | YAML Bug #45474 Reproduce: >>> import univention.uldap >>> lo = univention.uldap.getMachineConnection() ^Z # service slapd stop; fg >>> lo.modify('uid=Administrator,cn=users,dc=school,dc=local', [('sn', '', 'foo')]) Traceback (most recent call last): ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"} → Immediately an exception is thrown Fixed: >>> import univention.uldap >>> lo = univention.uldap.getMachineConnection() ^Z # service slapd stop; fg >>> lo.modify('uid=Administrator,cn=users,dc=school,dc=local', [('sn', '', 'foo')]) ^Z → hangs... # service slapd start; fg Traceback (most recent call last): ldap.INSUFFICIENT_ACCESS: {'desc': 'Insufficient access'} → Reconnect succeeded (ends with no permission, which is correct).
The content of attachment 9238 [details] has been deleted for the following reason: obsolete
The content of attachment 9239 [details] has been deleted for the following reason: obsolete
ucs-test (7.0.23-57): 04c1cfe65d7a | Bug #45474: add test case 27reconnect_uldap_2
Ok, looks good. I think we should also publish it for UCS 4.2-1, could you please adjust the advisory accordingly?
done.
<http://errata.software-univention.de/ucs/4.2/194.html>