Univention Bugzilla – Full Text Bug Listing |
Summary: | replication.py: IndexError while logging LDAP exceeption | ||
---|---|---|---|
Product: | UCS | Reporter: | Philipp Hahn <hahn> |
Component: | LDAP | Assignee: | Philipp Hahn <hahn> |
Status: | CLOSED FIXED | QA Contact: | Arvid Requate <requate> |
Severity: | normal | ||
Priority: | P5 | CC: | heidelberger, requate, steuwer, voelker |
Version: | UCS 4.4 | Flags: | hahn:
Patch_Available+
|
Target Milestone: | UCS 4.4-4-errata | ||
Hardware: | amd64 | ||
OS: | Linux | ||
What kind of report is it?: | Bug Report | What type of bug is this?: | 7: Crash: Bug causes crash or data loss |
Who will be affected by this bug?: | 2: Will only affect a few installed domains | How will those affected feel about the bug?: | 5: Blocking further progress on the daily work |
User Pain: | 0.400 | Enterprise Customer affected?: | Yes |
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | 2020040321000295, 2020032321000375 | Bug group (optional): | |
Max CVSS v3 score: | |||
Bug Depends on: | |||
Bug Blocks: | 48545, 51062 |
Description
Philipp Hahn
2020-04-03 14:51:07 CEST
Looking at ~/REPOS/PYTHON/python-ldap/Modules/constants.c there are (at least) 4 cases: 1. For not LDAP related errors python-ldap uses PyErr_SetFromErrno() and returns an LDAPError with `args=(errno, msg)`. >> try: ldap.initialize('xxx') ... except ldap.LDAPError as ex: pass >>> ex.args (2, 'No such file or directory') 2. For *known* LDAP errors in the range -17 <= errnum <= 0x7B returns a specific Python exception. This can breaks when OpenLDAP introduces new LDAP_ERROR_* values and python-ldap is not re-compiled: | | Debian 9 | UCS-4.4 | | OpenLDAP | 2.4.44 | 2.4.45 | | python-ldap | 2.4.28 | 2.4.28 | 2.2.45 did not add new LDAP_ERROR_* constants, so this is okay. `args=(dict(desc=optional, matched=optional, info=optional),)` 3. For *unknown* LDAP errors python-ldap returns `args=(dict(errnum=….),)` (not 100% sure) 4. ldap.dn.str2dn() can return a DECODING_ERROR() with `args=()`: >>> import ldap.dn >>> try: ldap.dn.str2dn('x') ... except ldap.LDAPError as ex: pass >>> ex DECODING_ERROR() >>> ex.args () The last case is not handled correctly by "replication.py" and leads to the observed exception: str2dn() is called multiple times from the handler() method. [4.4-4] a7a0c790d4 Bug #51061 replication: Fix exception handling .../debian/changelog | 6 +++ .../replication.py | 46 ++++++++++++++++++++-- 2 files changed, 49 insertions(+), 3 deletions(-) Package: univention-directory-replication Version: 12.0.0-5A~4.4.0.202004031830 Branch: ucs_4.4-0 Scope: errata4.4-4 [4.4-4] 1f1589dcc9 Bug #51061: univention-directory-replication 12.0.0-5A~4.4.0.202004031830 doc/errata/staging/univention-directory-replication.yaml | 10 ++++++++++ 1 file changed, 10 insertions(+) FYI: You can run the test using python -m doctest replication.py TODO: Backport for UCs-4.3-5 Verified: * Code review * Package update * Advisory |