Univention Bugzilla – Full Text Bug Listing |
Summary: | Switch to ReconnectLDAPObject | ||
---|---|---|---|
Product: | UCS | Reporter: | Stefan Gohmann <gohmann> |
Component: | univention-lib | Assignee: | Janek Walkenhorst <walkenhorst> |
Status: | CLOSED FIXED | QA Contact: | Philipp Hahn <hahn> |
Severity: | enhancement | ||
Priority: | P5 | Keywords: | interim-3 |
Version: | UCS 3.1 | ||
Target Milestone: | UCS 3.2 | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | --- | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | |||
Bug Depends on: | |||
Bug Blocks: | 48721, 32861 |
Description
Stefan Gohmann
2013-09-17 13:43:39 CEST
We should check the implementation for 3.2. The call l = ldap.initialize(uri) is equal to the call l = ldap.ldapobject.SimpleLDAPObject(uri, trace_strack_limit=None) . The call l = ldap.ldapobject.SimpleLDAPObject(uri, trace_strack_limit=None) can be replaced by the call l = ldap.ldapobject.ReconnectLDAPObject(uri, trace_strack_limit=None) because both versions raise the same ldap.SERVER_DOWN execptions but RLO can reestablish a connection when SLO cannot. Only difference observed is that the timeout is doubled when connecting to unavailable servers (probably trying RLO is trying to "reconnect" at least once after the failed initial connection where SLO would fail) The following packages now use ReconnectLDAPObject: univention-python (7.0.3-1) univention-directory-manager-modules (9.0.51-1) Changelog updated. When given no credentials RLO fails to reconnect because the bind "succeeds" without contacting the server. UDM getBaseDN does not use credentials, thus triggering the bug. Manual reconnect (once, after 60s -- just like RLO) added. univention-directory-manager-modules (9.0.69-1) (In reply to Janek Walkenhorst from comment #4) > When given no credentials RLO fails to reconnect because the bind "succeeds" > without contacting the server. python-ldap 2.4.13 fixes this problem: http://python-ldap.cvs.sourceforge.net/viewvc/python-ldap/python-ldap/CHANGES?content-type=text%2Fplain&revision=HEAD OK: ChangeLog OK: r44907,r45459 OK: python-univention 7.0.3-1.133.201310081753 OK: python-univention-directory-manager 9.0.72-3.1143.201310281935 OK: /etc/init.d/slapd stop ; udm "computers/$(ucr get server/role)" list & /etc/init.d/slapd.start OK: /etc/init.d/slapd stop ; python -c 'from univention.admin.uldap import getBaseDN;print getBaseDN()' & /etc/init.d/slapd.start FYI: Not worse then previously: /etc/init.d/slapd stop ; python -c 'from univention.admin.uldap import getMachineConnection;print getMachineConnection()' & sleep 2 ; /etc/init.d/slapd start Stopping ldap server(s): slapd ...done. Traceback (most recent call last): File "<string>", line 1, in <module> File "/usr/lib/pymodules/python2.6/univention/admin/uldap.py", line 75, in getMachineConnection lo=univention.uldap.getMachineConnection(start_tls, decode_ignorelist=decode_ignorelist, ldap_master=ldap_master) File "/usr/lib/pymodules/python2.6/univention/uldap.py", line 103, in getMachineConnection lo=access(host=ucr['ldap/master'], port=port, base=ucr['ldap/base'], binddn=ucr['ldap/hostdn'], bindpw=bindpw, start_tls=start_tls, decode_ignorelist=decode_ignorelist) File "/usr/lib/pymodules/python2.6/univention/uldap.py", line 169, in __init__ self.__open(ca_certfile) File "/usr/lib/pymodules/python2.6/univention/uldap.py", line 203, in __open self.lo.start_tls_s() File "/usr/lib/python2.6/dist-packages/ldap/ldapobject.py", line 784, in start_tls_s res = SimpleLDAPObject.start_tls_s(self) File "/usr/lib/python2.6/dist-packages/ldap/ldapobject.py", line 526, in start_tls_s return self._ldap_call(self._l.start_tls_s) File "/usr/lib/python2.6/dist-packages/ldap/ldapobject.py", line 96, in _ldap_call result = func(*args,**kwargs) ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"} UCS 3.2 has been released: http://docs.univention.de/release-notes-3.2-en.html http://docs.univention.de/release-notes-3.2-de.html If this error occurs again, please use "Clone This Bug". |