Skip to content
Commits on Source (4)
Show whitespace changes
Inline Side-by-side
debian/changelog
View file @ e38fa3b3
openldap (2.4.44+dfsg-5+deb9u2) stretch; urgency=medium
* Import upstream patch to fix an out-of-sync issue with delta-syncrepl
replication in multi-master environments, resulting from changes losing
tracking information and being applied multiple times.
(ITS#8444) (Closes: #877166)
* Really fix upgrades when the config contains backslash-escaped special
characters. The previous fix was incomplete and didn't fully fix upgrades
involving a database reload. (Closes: #864719)
-- Ryan Tandy <ryan@nardis.ca> Tue, 22 May 2018 21:25:19 -0700
openldap (2.4.44+dfsg-5+deb9u1) stretch; urgency=medium
* Relax the dependency of libldap-2.4-2 on libldap-common to also permit
......
debian/patches/ITS-8444-Do-not-clear-the-pending-operation-when-che.patch 0 → 100644
View file @ e38fa3b3
From bb6438fb7ae32a622f456af8c4c9b8d479d5b209 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Kuzn=C3=ADk?= <ondra@mistotebe.net>
Date: Fri, 25 Aug 2017 16:25:23 +0100
Subject: [PATCH] ITS#8444 Do not clear the pending operation when
checkpointing
When a checkpoint happens, if we remove the CSN from the pending list,
accesslog won't pass it onto the accesslog DB. But in a delta-mmr
scenario, an accesslog entry without a CSN faces a race where it might
be applied twice - that usually fails and causes a full refresh, other
times it can cause a silent desync - both are undesirable.
---
servers/slapd/overlays/syncprov.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/servers/slapd/overlays/syncprov.c b/servers/slapd/overlays/syncprov.c
index 3e7667336..4c2d939d4 100644
--- a/servers/slapd/overlays/syncprov.c
+++ b/servers/slapd/overlays/syncprov.c
@@ -1494,6 +1494,7 @@ syncprov_checkpoint( Operation *op, slap_overinst *on )
opm.o_bd->bd_info = on->on_info->oi_orig;
opm.o_managedsait = SLAP_CONTROL_NONCRITICAL;
opm.o_no_schema_check = 1;
+ opm.o_opid = -1;
opm.o_bd->be_modify( &opm, &rsm );
if ( rsm.sr_err == LDAP_NO_SUCH_OBJECT &&
--
2.11.0
debian/patches/series
View file @ e38fa3b3
......@@ -31,3 +31,4 @@ ITS-8385-Fix-use-after-free-with-GnuTLS.patch
ITS-8432-fix-infinite-looping-mods-in-delta-mmr.patch
ITS-8648-check-result-of-ldap_int_initialize-in-ldap.patch
ITS-8648-init-SASL-library-in-global-init.patch
ITS-8444-Do-not-clear-the-pending-operation-when-che.patch
debian/slapd.scripts-common
View file @ e38fa3b3
......@@ -182,11 +182,11 @@ dump_databases() { # {{{
dir=`database_dumping_destdir`
echo >&2 " Dumping to $dir: "
(get_suffix | while read suffix; do
(get_suffix | while read -r suffix; do
dbdir=`get_directory "$suffix"`
if [ -n "$dbdir" ]; then
file="$dir/$suffix.ldif"
echo -n " - directory $suffix... " >&2
printf ' - directory %s... ' "$suffix" >&2
# Need to support slapd.d migration from preinst
if [ -f "${SLAPD_CONF}" ]; then
slapcat_opts="-g -f ${SLAPD_CONF}"
......@@ -215,7 +215,7 @@ load_databases() { # {{{
echo >&2 " Loading from $dir: "
# restore by increasing suffix length due to possibly glued databases
get_suffix | awk '{ print length, $0 }' | sort -n | cut -d ' ' -f 2- \
| while read suffix; do
| while read -r suffix; do
dbdir=`get_directory "$suffix"`
if [ -z "$dbdir" ]; then
continue
......@@ -227,11 +227,11 @@ load_databases() { # {{{
fi
file="$dir/$suffix.ldif"
echo -n " - directory $suffix... " >&2
printf ' - directory %s... ' "$suffix" >&2
# If there is an old DB_CONFIG file, restore it before
# running slapadd
backupdir=`compute_backup_path -n "$dbdir" "$suffix"`
backupdir="$(compute_backup_path -n "$dbdir" "$suffix")"
if [ -e "$backupdir"/DB_CONFIG ]; then
cp -a "$backupdir"/DB_CONFIG "$dbdir"/
fi
......@@ -267,7 +267,7 @@ EOF
# }}}
move_incompatible_databases_away() { # {{{
echo >&2 " Moving old database directories to /var/backups:"
(get_suffix | while read suffix; do
(get_suffix | while read -r suffix; do
dbdir=`get_directory "$suffix"`
move_old_database_away "$dbdir" "$suffix" <&5
done) 5<&0 </dev/null
......@@ -287,7 +287,7 @@ move_incompatible_databases_away() { # {{{
get_suffix() { # {{{
if [ -f "${SLAPD_CONF}" ]; then
for f in `get_all_slapd_conf_files`; do
sed -n -e's/^suffix[[:space:]]\+"*\([^"]\+\)"*/\1/p' $f
sed -n -e '/^suffix[[:space:]]/ { s/^suffix[[:space:]]\+"*\([^"]\+\)"*/\1/; s/\\\\/\\/g; p }' $f
done
else
grep -h ^olcSuffix ${SLAPD_CONF}/cn\=config/olcDatabase*.ldif | cut -d: -f 2
......@@ -297,13 +297,15 @@ get_suffix() { # {{{
get_directory() { # {{{
# Returns the db directory for a given suffix
if [ -d "${SLAPD_CONF}" ] && get_suffix | grep -Fq "$1" ; then
sed -n 's/^olcDbDirectory: *//p' `grep -Fl "^olcSuffix: $1" ${SLAPD_CONF}/cn\=config/olcDatabase*.ldif`
sed -n 's/^olcDbDirectory: *//p' `grep -Flx "olcSuffix: $1" ${SLAPD_CONF}/cn\=config/olcDatabase*.ldif`
elif [ -f "${SLAPD_CONF}" ]; then
# Extract the directory for the given suffix ($1)
# Quote backslashes once for slapd.conf parser, again for awk
quoted="$(printf '%s' "$1" | sed 's/\\/\\\\\\\\/g')"
for f in `get_all_slapd_conf_files`; do
awk ' BEGIN { DB=0; SUF=""; DIR="" } ;
/^database/ { DB=1; SUF=""; DIR="" } ;
DB==1 && /^suffix[ \t]+"?'"$1"'"?$/ { SUF=$2 ; } ;
DB==1 && /^suffix[ \t]+"?'"$quoted"'"?$/ { SUF=$2 ; } ;
DB==1 && /^directory/ { DIR=$2 ;} ;
DB==1 && SUF!="" && DIR!="" { sub(/^"/,"",DIR) ; sub(/"$/,"",DIR) ; print DIR; SUF=""; DIR="" }' "${f}" | \
sed -e's/\([^\\]\|^\)"/\1/g; s/\\"/"/g; s/\\\\/\\/g'
......@@ -369,7 +371,7 @@ compute_backup_path() { # {{{
exit 1
fi
echo "$target"
printf '%s' "$target"
}
# }}}
......@@ -397,8 +399,8 @@ move_old_database_away() { # {{{
# include mount points as well anyway, but it's much less likely.
db_get slapd/move_old_database
if [ "$RET" = true ]; then
backupdir=`compute_backup_path "$databasedir" "$suffix"`
echo -n " - directory $suffix... " >&2
backupdir="$(compute_backup_path "$databasedir" "$suffix")"
printf ' - directory %s... ' "$suffix" >&2
mkdir -p "$backupdir"
find -H "$databasedir" -mindepth 1 -maxdepth 1 -type f \
-exec mv {} "$backupdir" \;
......