First Last Prev Next    This bug is not in your last search results.
Bug 47926 - ReconnectLDAPObject does not reconnect on ldap.UNAVAILABLE exceptions
ReconnectLDAPObject does not reconnect on ldap.UNAVAILABLE exceptions
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: UDM (Generic)
UCS 4.3
Other Linux
: P5 normal (vote)
: UCS 4.4-1-errata
Assigned To: Florian Best
Arvid Requate
https://github.com/python-ldap/python...
:
: 48103 (view as bug list)
Depends on:
Blocks: 45692
  Show dependency treegraph
 
Reported: 2018-10-08 16:21 CEST by Jürn Brodersen
Modified: 2019-08-14 16:35 CEST (History)
2 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 4: Minor Usability: Impairs usability in secondary scenarios
Who will be affected by this bug?: 1: Will affect a very few installed domains
How will those affected feel about the bug?: 3: A User would likely not purchase the product
User Pain: 0.069
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:
best: Patch_Available+

Attachments
reproduce (844 bytes, text/x-python)
2018-10-08 16:21 CEST, Jürn Brodersen 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jürn Brodersen univentionstaff 2018-10-08 16:21:50 CEST 
Created attachment 9693 [details]
reproduce

At least during a shutdown of the ldap server it can happen that a ldap unavailable error is returned from the ldap server.

Possible Solution:
except ldap.UNAVAILABLE as well as ldap.SERVER_DOWN in ldap/ldapobject.py


Traceback (most recent call last):
  File "/usr/lib/python2.7/threading.py", line 801, in __bootstrap_inner
    self.run()
  File "/usr/lib/python2.7/threading.py", line 754, in run
    self.__target(*self.__args, **self.__kwargs)
  File "slapit2.py", line 18, in foo
    lo.search(filter="uid=Administrator", attr=["uid"])
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 315, in search
    res = self.lo.search_ext_s(base, ldap_scope, filter, attr, serverctrls=serverctrls, clientctrls=None, timeout=timeout, sizelimit=sizelimit)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 993, in search_ext_s
    return self._apply_method_s(SimpleLDAPObject.search_ext_s,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 931, in _apply_method_s
    return func(self,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 591, in search_ext_s
    return self.result(msgid,all=1,timeout=timeout)[1]
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 503, in result
    resp_type, resp_data, resp_msgid = self.result2(msgid,all,timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 507, in result2
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all,timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
UNAVAILABLE: {'desc': 'Server is unavailable'}
Comment 1 Jürn Brodersen univentionstaff 2018-10-08 16:26:46 CEST 
10_ldap/27reconnect_uldap_2 sometimes fails due to this.

[2018-10-08 00:39:01.864098] Restarting slapd
[2018-10-08 00:39:02.176175] LDAP modify failed after succeeding 7649 times.
[2018-10-08 00:39:02.177229] Traceback (most recent call last):
[2018-10-08 00:39:02.177259]   File "27reconnect_uldap_2", line 77, in main
[2018-10-08 00:39:02.177281]     res = lo.search(filter=filter_s)[0][0]
[2018-10-08 00:39:02.177303]   File "/usr/lib/pymodules/python2.7/univention/admin/uldap.py", line 710, in search
[2018-10-08 00:39:02.177323]     raise univention.admin.uexceptions.ldapError(_err2str(msg), original_exception=msg)
[2018-10-08 00:39:02.177343] ldapError: Server is unavailable

And a ucs@school installation on jenkins failed at least once due to this.
Comment 2 Jürn Brodersen univentionstaff 2018-10-29 17:33:52 CET 
A ldap connect error happened in a test during installation.

-> Except ldap.CONNECT_ERROR as well
Comment 3 Arvid Requate univentionstaff 2018-11-06 15:20:42 CET 
*** Bug 48103 has been marked as a duplicate of this bug. ***
Comment 4 Florian Best univentionstaff 2019-04-12 17:36:39 CEST 
Also for ldap.TIMEOUT and ldap.TIMELIMIT_EXCEEDED.
Comment 5 Florian Best univentionstaff 2019-04-12 17:52:50 CEST 
Patch available in the pull request for python-ldap.
https://github.com/python-ldap/python-ldap/pull/267
Comment 6 Florian Best univentionstaff 2019-08-12 16:17:47 CEST 
I added two test cases (Thanks Jürn) for the reconnection handling.
1. Test handling during restarting of ldapd
2. Test handling if SERVER_DOWN exception is ignored and one still uses the now unbound connection, which resulted prior to the fix in ldap.INSUFFICIENT_ACCESS.

Both things have been fixed in univention.uldap (instead of patchin python-ldap).
If it gets somewhen fixed in python-ldap directly, we can remove this again. But the maintainer currently don't respond to my suggestions since 2019-03-16.

I added ldap.TIMEOUT also and a note about ldap.TIMELIMIT_EXCEEDED because our largest customer already do the same handling in their fork of UCS ;-)

univention-python (12.0.0-15)
e5b2daecc2e6 | Bug #47926: Merge branch 'fbest/47926-reconnect-on-unavailable' into 4.4-1
f7831f161085 | YAML Bug #47926
232d63c28f4e | Bug #47926: reconnect on ldap.UNAVAILABLE & co exceptions

ucs-test (9.0.3-8)
e5b2daecc2e6 | Bug #47926: Merge branch 'fbest/47926-reconnect-on-unavailable' into 4.4-1
942009242fba | Bug #47926: add more test cases for reconnection handling

univention-python.yaml
e5b2daecc2e6 | Bug #47926: Merge branch 'fbest/47926-reconnect-on-unavailable' into 4.4-1
f7831f161085 | YAML Bug #47926
Comment 8 Florian Best univentionstaff 2019-08-12 16:20:10 CEST 
(In reply to Jürn Brodersen from comment #2)
> A ldap connect error happened in a test during installation.
> 
> -> Except ldap.CONNECT_ERROR as well
It would have been nice to see the complete traceback here! E.g. I am missing exceptions details and where exactly this occurrs.
Comment 9 Arvid Requate univentionstaff 2019-08-13 10:09:44 CEST 
Verified:
* Code review
* Functional test
* Advisory
Comment 10 Erik Damrose univentionstaff 2019-08-14 16:35:23 CEST 
<http://errata.software-univention.de/ucs/4.4/231.html>
First Last Prev Next    This bug is not in your last search results.