Bug 51268 - replace ldap.open() wih ldap.initialize()
replace ldap.open() wih ldap.initialize()
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: UDM (Generic)
UCS 5.0
Other Linux
: P5 normal (vote)
: UCS 5.0
Assigned To: Florian Best
Jürn Brodersen
:
: 51266 51589 (view as bug list)
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-05-11 10:19 CEST by Jannik Ahlers
Modified: 2021-05-25 15:57 CEST (History)
1 user (show)

See Also:
What kind of report is it?: Development Internal
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jannik Ahlers univentionstaff 2020-05-11 10:19:09 CEST
The new version of python-ldap in UCS 5 will be >3.1. In this version, ldap.open() has been removed. We have to replace it with ldap.initialize().

 $ git grep 'ldap\.open'
doc/developer-reference/listener/obj.py:                        self.con = ldap.open(self.data["ldapserver"], port=self.PORT)
doc/extended-docs/domain-4.4.xml:chown openldap.openldap /var/lib/ldap/*.*
management/univention-directory-manager-modules/scripts/proof_class_b_reverse:lo = ldap.open('localhost', 7389)
management/univention-directory-manager-modules/scripts/proof_default_containers:lo = ldap.open('localhost', 7389)
management/univention-directory-manager-modules/scripts/proof_dns_dhcp_records:lo = ldap.open('localhost', 7389)
management/univention-directory-manager-modules/scripts/proof_hostShadowAccounts:lo = ldap.open('localhost', 7389)
management/univention-directory-manager-modules/scripts/proof_kerberos_deactivation:lo = ldap.open('localhost', 7389)
management/univention-directory-manager-modules/scripts/proof_policies:lo = ldap.open('localhost', 7389)
management/univention-directory-manager-modules/scripts/proof_sambaAccountFlags:lo = ldap.open('localhost', 7389)
management/univention-directory-manager-modules/scripts/proof_uniqueMembers:    conn = ldap.open('localhost', 7389)
management/univention-directory-manager-modules/scripts/proof_usersMailAccount:lo = ldap.open('localhost', 7389)
management/univention-directory-manager-modules/univention-sync-memberuid:      lo = ldap.open('localhost', 7389)
management/univention-directory-replication/debian/changelog:  * ldap.open does not support the connection via the ldapi socket. In
management/univention-directory-replication/replication.py:             connection = ldap.open(local_ip, int(local_port))
management/univention-directory-replication/schema-openldap2.1.py:      lo = ldap.open(baseConfig['ldap/master'], 7389)
test/ucs-test/tests/10_ldap/46replication_modrdn_local_modification:lo = ldap.open('127.0.0.1', 7389)
test/ucs-test/tests/10_ldap/47replication_modrdn_local_different_entryuuid:lo_local = ldap.open('127.0.0.1', 7389)
Comment 1 Jannik Ahlers univentionstaff 2020-05-11 10:20:19 CEST
*** Bug 51266 has been marked as a duplicate of this bug. ***
Comment 2 Florian Best univentionstaff 2020-05-11 15:22:43 CEST
Is ldap.initialize() backwards compatible and would work the same as ldap.open() in UCS 4.4-4?
Comment 3 Jannik Ahlers univentionstaff 2020-05-11 15:47:59 CEST
yes it is, in fact ldap.initialize() is already used in other parts of our code.
Comment 4 Florian Best univentionstaff 2020-06-29 11:00:27 CEST
*** Bug 51589 has been marked as a duplicate of this bug. ***
Comment 5 Florian Best univentionstaff 2020-06-29 11:01:08 CEST
(In reply to Jannik Ahlers from comment #3)
> yes it is, in fact ldap.initialize() is already used in other parts of our
> code.
No, it's not. ldap.open() accepted an IP address while ldap.initialize only accepts a ldap uri.
Comment 6 Florian Best univentionstaff 2020-07-14 14:35:33 CEST
The UDM scripts have been adjusted in the Python 3 Migration of UDM.

univention-directory-replication (13.0.1-3)
 Bug #51268: use ldap.initialize

changelog-5.0-0.xml
 Changelog Bug #51268

doc/developer-reference/listener/obj.py:
 Bug #51268: use ldap.initialize() over ldap.open()
Comment 7 Jürn Brodersen univentionstaff 2020-07-15 15:20:32 CEST
Reopen:
The example uses ldaps but the normal ldap port.
doc/developer-reference/listener/obj.py

"management/univention-directory-replication/schema-openldap2.1.py" does not use an ldap uri but just the hostname. I think we can just delete that file. It is not packaged and the name suggest it was used for openldap 2.1

What I tested:
git grep "ldap.open(" -> lokks good -> OK
git grep "ldap.initialize(" -> lokks good -> OK
I didn't notice any replication problems (Neither in test env nor on jeknkins) -> OK
Comment 8 Florian Best univentionstaff 2020-07-15 18:05:42 CEST
(In reply to Jürn Brodersen from comment #7)
> Reopen:
> The example uses ldaps but the normal ldap port.
> doc/developer-reference/listener/obj.py
→ changed port to 7636

> "management/univention-directory-replication/schema-openldap2.1.py" does not
> use an ldap uri but just the hostname. I think we can just delete that file.
> It is not packaged and the name suggest it was used for openldap 2.1
→ removed schema-openldap2.1.py
Comment 9 Jürn Brodersen univentionstaff 2020-07-17 09:53:58 CEST
(In reply to Florian Best from comment #8)
> (In reply to Jürn Brodersen from comment #7)
> > Reopen:
> > The example uses ldaps but the normal ldap port.
> > doc/developer-reference/listener/obj.py
> → changed port to 7636
> 
> > "management/univention-directory-replication/schema-openldap2.1.py" does not
> > use an ldap uri but just the hostname. I think we can just delete that file.
> > It is not packaged and the name suggest it was used for openldap 2.1
> → removed schema-openldap2.1.py

Looks good :)

-> Verified
Comment 10 Florian Best univentionstaff 2021-05-25 15:57:47 CEST
UCS 5.0 has been released:
 https://docs.software-univention.de/release-notes-5.0-0-en.html
 https://docs.software-univention.de/release-notes-5.0-0-de.html

If this error occurs again, please use "Clone This Bug".