Univention Bugzilla – Full Text Bug Listing |
Description
Philipp Hahn
2014-03-28 20:01:33 CET
Ticket#2015061821000522 Reported again by customer and this is still the case for UCS 4. We should fix this as customers may use the logged LDIF's to restore LDAP-objects that were mistakenly deleted. Without the "::" prefix the base64 encoded attributes will be written to LDAP as strings and that may(will) lead to encoding problems down the road. Created attachment 8006 [details]
Suggested patch for /usr/lib/univention-directory-listener/system/directory_logger.py to add the prefix
(In reply to Julius Hinrichs from comment #2) > Created attachment 8006 [details] > Suggested patch for > /usr/lib/univention-directory-listener/system/directory_logger.py to add the > prefix The patch would write "foo::: bar" into the LDIF. By the way: There are libs in python to create LDIF's. Maybe that's better because they automatically handle this? (Not sure, I don't know the context of the listener). (In reply to Florian Best from comment #3) > (In reply to Julius Hinrichs from comment #2) > > Created attachment 8006 [details] > > Suggested patch for > > /usr/lib/univention-directory-listener/system/directory_logger.py to add the > > prefix > > The patch would write "foo::: bar" into the LDIF. The patch would write "::foo: bar" instead of "foo:: bar". Created attachment 8008 [details]
Updated patch for /usr/lib/univention-directory-listener/system/directory_logger.py
This should return the correct notation.
Your change calculates base64Filter(value) twice, I guess that can be coded more efficiently. Created attachment 8044 [details]
Alternative solution
In this version the base64value is calculated only once.
Comment on attachment 8044 [details]
Alternative solution
If performance matters:
def ldapEntry2string(entry):
return ''.join(
'%s%s %s\n' % (key, ':' if base64value == value else '::', base64value)
for key, valuelist in entry.iteritems()
for value, base64value in ((value, base64Filter(value)) for value in valuelist)
)
Created attachment 8089 [details]
base64 encoding
base64 detection is incomplete as well - stolen from python-ldap
r73116 | Bug #34420 log: Fix base64 encoding Package: univention-directory-logger Version: 7.0.1-2.39.201610131121 Branch: ucs_4.1-0 Scope: errata4.1-3 r73131 | Bug #34420 log: Fix base64 encoding r73141 | Bug #25404,Bug #34916,Bug #34420,Bug #42665: univention-directory-logger YAML univention-directory-logger.yaml Created attachment 8117 [details] 34420.diff b0275d1 Bug #34420 log: Fix base64 encoding OK - base64 encoding OK - ldif: '::' for base64 encoded attributes OK - yaml OK - merged to 4.2 |