[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5942) URI matching of "self" in add_syncrepl is incomplete

jclarke@linagora.com wrote:
> Full_Name: Jonathan Clarke
> Version: RE24
> OS: irrelevant
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (
> Hi,
> When adding a syncrepl config, the function add_syncrepl performs a "check if
> URL points to current server". This check is based on an exact match between the
> provider parameter from the syncrepl config line, and the URIs given to slapd on
> startup.
> If this doesn't match when it should, the database is marked as a shadow, and
> all following updates fail with "shadow context; no update refs". This is quite
> a pain when it happens on cn=config :)
> There are multiple cases when this happens:
> 1) If no specific URI was specified on launch (no -h option)
> 2) Port numbers are explicitly specified or not (":389")
> 3) Trailing slash (for example "ldap://"; != "ldap://";)
> 4) IP is specified rather than DNS name ("ldap://localhost"; !=
> "ldap://";)
> I saw the comment in the code that clarifies this behaviour. However, it's a
> surprising behaviour, and I think there is code to parse this kind of thing in
> the serverID detection now. Maybe it could be reused?
> Otherwise, we should probably document this behaviour, to avoid headaches :)

The manpage says the serverID URL must use an FQDN. We already do a number of 
guesses in the code, I don't see any reason to extend this further.

1) with no URI the listener will default to localhost. The serverID URL should 
therefore refer to localhost, or omit the hostname.

2) Port numbers shouldn't be an issue, since they're always matched in the 
parsed URLs.

3) Trailing slashes don't matter in the parsed URLs.

4) The doc is quite explicit about using FQDN. I have no sympathy for people 
who trip over this.

   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/