zrhoffman / rpms / 389-ds-base

Forked from rpms/389-ds-base 3 years ago
Clone

Blame SOURCES/0051-Ticket-48992-Total-init-may-fail-if-the-pushed-schem.patch

95b556
From 8e9222ed1edb8f5f234fa2451d17e4f8ac726998 Mon Sep 17 00:00:00 2001
95b556
From: Thierry Bordaz <tbordaz@redhat.com>
95b556
Date: Thu, 22 Sep 2016 20:48:13 +0200
95b556
Subject: [PATCH 51/55] Ticket 48992: Total init may fail if the pushed schema
95b556
 is rejected
95b556
95b556
Bug Description:
95b556
    In the early phase of total update (or incremental update), the supplier may send its schema.
95b556
    A supplier will send its schema to the consumer at the condition its nsSchemaCSN is greater than
95b556
    the consumer nsSchemaCSN.
95b556
    If it is the case, a 1.2.11 supplier will systematically send its schema, while a 1.3 supplier will
95b556
    check that its schema is a superset of the consumer schema before sending it.
95b556
    If a 1.2.11 supplier sends its schema and that schema is a subset of consumer one, then
95b556
    the >1.3 consumer will detect it is a subset and reject the update.
95b556
    In that case the >1.3 consumer rejects a replicated update.
95b556
95b556
    On the consumer side, with the fix https://fedorahosted.org/389/ticket/47788, if a
95b556
    replication operation fails, it may trigger the closure of the replication connection.
95b556
    The fix decides, based on the type of failure, if the failure can be ignored (leave the connection
95b556
    opened) or is fatal (close the connection).
95b556
    This is detected, on the consumer side, in multimaster_postop_*->process_postop->ignore_error_and_keep_going.
95b556
95b556
    In the current version, if a replicated update of the schema fails it return LDAP_UNWILLING_TO_PERFORM.
95b556
    This is a fatal error regarding ignore_error_and_keep_going that then close the connection
95b556
    and interrupt the total/incremental update.
95b556
95b556
    Note this bug can be transient as, the schema learning mechanism (on consumer) may learn from
95b556
    the received schema (even if it is rejected) and update its local schema that increase
95b556
    nsSchemaCSN. If this occur, a later replication session finding a greater nsSchemaCSN on the
95b556
    consumer side will not push the schema
95b556
95b556
Fix Description:
95b556
    When the update of the schema is rejected make it not fatal, switching the returned
95b556
    code from LDAP_UNWILLING_TO_PERFORM to LDAP_CONSTRAINT_VIOLATION
95b556
95b556
https://fedorahosted.org/389/ticket/48992
95b556
95b556
Reviewed by: Noriko Hosoi, Ludwig Krispenz (thanks to you !)
95b556
95b556
Platforms tested: 7.3
95b556
95b556
Flag Day: no
95b556
95b556
Doc impact: no
95b556
95b556
(cherry picked from commit e2bc8fd60bf232cd4c1bc9a6860b7bd570a9dff1)
95b556
---
95b556
 ldap/servers/slapd/schema.c | 19 ++++++++++++++++++-
95b556
 1 file changed, 18 insertions(+), 1 deletion(-)
95b556
95b556
diff --git a/ldap/servers/slapd/schema.c b/ldap/servers/slapd/schema.c
95b556
index 7689aa9..4b8910d 100644
95b556
--- a/ldap/servers/slapd/schema.c
95b556
+++ b/ldap/servers/slapd/schema.c
95b556
@@ -2120,7 +2120,24 @@ modify_schema_dse (Slapi_PBlock *pb, Slapi_Entry *entryBefore, Slapi_Entry *entr
95b556
                   slapi_log_error(SLAPI_LOG_FATAL, "schema",
95b556
 			                  "[C] Local %s must not be overwritten (set replication log for additional info)\n",
95b556
 			                  attr_name);
95b556
-                  *returncode = LDAP_UNWILLING_TO_PERFORM;
95b556
+                  /*
95b556
+                   * If the update (replicated) of the schema is rejected then
95b556
+                   * process_postop->ignore_error_and_keep_going will decide if
95b556
+                   * this failure is fatal or can be ignored.
95b556
+                   * LDAP_UNWILLING_TO_PERFORM is considered as fatal error --> close the connection
95b556
+                   * 
95b556
+                   * A 6.x supplier may send a subset schema and trigger this error, that
95b556
+                   * will break the replication session.
95b556
+                   * 
95b556
+                   * With new "learning" mechanism this is not that important if the
95b556
+                   * update of the schema is successful or not. Just be permissive
95b556
+                   * ignoring that failure to let the full replication session going on
95b556
+                   * So return LDAP_CONSTRAINT_VIOLATION (in place of LDAP_UNWILLING_TO_PERFORM)
95b556
+                   * is pick up as best choice of non fatal returncode.
95b556
+                   * (others better choices UNWILLING_TO_PERFORM, OPERATION_ERROR or ldap_error
95b556
+                   * are unfortunately all fatal). 
95b556
+                   */
95b556
+                  *returncode = LDAP_CONSTRAINT_VIOLATION;
95b556
                   return (SLAPI_DSE_CALLBACK_ERROR);
95b556
           }
95b556
   }
95b556
-- 
95b556
2.4.11
95b556