syncrepl cookie code only works with single provider systems #562
Comments
|
RFC4533 doesn't let consumers peek inside the cookie. What you're describing is OpenLDAP's extensions to syncrepl to support multiprovider replication. RFC4533 compliant refreshOnly consumers are not affected but refreshAndPersist consumers are not compatible as you just found out. |
|
I'd suggest at least documenting that it's unusable with OpenLDAP MPR then. |
|
+1 for documenting the behavior I would be open to add an extended syncrepl client that can handle MPR if somebody provides a patch. |
|
Ok, so a note - refreshOnly when used with a multi-provider system works in regards to the cookie code. It's refreshAndPersist specifically where this is need work to handle OpenLDAP's MPR code. |
|
Looking into this, should be possible to either expose a subclass of SyncreplConsumer or provide an OpenLDAP specific cookie class. On a side note, it's a little concerning that the ASN.1 definition seems to make the assumption the cookie decodes to a UTF-8 string, rather than an octetstring (bytes) which is what it should be doing. This might need to be fixed eventually as well, just luck that noone used this with a provider that does make the cookie contain arbitrary data. |
If you found a bug in python-ldap, or would request a new feature,
this is the place to let us know.
Please describe the issue and your environment here.
Issue description:
The syncrepl code included with python-ldap only functions when there is a single contectCSN value in use. If the LDAP system is multi-provider, only one CSN value is stored, causing the code to always execute a REFRESH on startup.
Steps to reproduce:
Set up a multi-provider environment, use the syncrepl API to execute refresh
Operating system:
linux
Python version:
3.10.12
python-ldap version:
3.4.3
The text was updated successfully, but these errors were encountered: