|
|
33fd71 |
From 375c1aad59989fb418ab1ead6050f919cfa1ceea Mon Sep 17 00:00:00 2001
|
|
|
33fd71 |
From: tbordaz <tbordaz@redhat.com>
|
|
|
33fd71 |
Date: Fri, 5 Nov 2021 09:56:43 +0100
|
|
|
33fd71 |
Subject: [PATCH 2/3] Issue 4972 - gecos with IA5 introduces a compatibility
|
|
|
33fd71 |
issue with previous (#4981)
|
|
|
33fd71 |
|
|
|
33fd71 |
releases where it was DirectoryString
|
|
|
33fd71 |
|
|
|
33fd71 |
Bug description:
|
|
|
33fd71 |
For years 'gecos' was DirectoryString (UTF8), with #50933 it was restricted to IA5 (ascii)
|
|
|
33fd71 |
https://github.com/389ds/389-ds-base/commit/0683bcde1b667b6d0ca6e8d1ef605f17c51ea2f7#
|
|
|
33fd71 |
|
|
|
33fd71 |
IA5 definition conforms rfc2307 but is a problem for existing deployments
|
|
|
33fd71 |
where entries can have 'gecos' attribute value with UTF8.
|
|
|
33fd71 |
|
|
|
33fd71 |
Fix description:
|
|
|
33fd71 |
Revert the definition to of 'gecos' being Directory String
|
|
|
33fd71 |
|
|
|
33fd71 |
Additional fix to make test_replica_backup_and_restore more
|
|
|
33fd71 |
robust to CI
|
|
|
33fd71 |
|
|
|
33fd71 |
relates: https://github.com/389ds/389-ds-base/issues/4972
|
|
|
33fd71 |
|
|
|
33fd71 |
Reviewed by: William Brown, Pierre Rogier, James Chapman (Thanks !)
|
|
|
33fd71 |
|
|
|
33fd71 |
Platforms tested: F34
|
|
|
33fd71 |
---
|
|
|
33fd71 |
.../tests/suites/schema/schema_test.py | 398 +++++++++++++++++-
|
|
|
33fd71 |
ldap/schema/10rfc2307compat.ldif | 6 +-
|
|
|
33fd71 |
2 files changed, 400 insertions(+), 4 deletions(-)
|
|
|
33fd71 |
|
|
|
33fd71 |
diff --git a/dirsrvtests/tests/suites/schema/schema_test.py b/dirsrvtests/tests/suites/schema/schema_test.py
|
|
|
33fd71 |
index d590624b6..5d62b8d59 100644
|
|
|
33fd71 |
--- a/dirsrvtests/tests/suites/schema/schema_test.py
|
|
|
33fd71 |
+++ b/dirsrvtests/tests/suites/schema/schema_test.py
|
|
|
33fd71 |
@@ -18,8 +18,12 @@ import pytest
|
|
|
33fd71 |
import six
|
|
|
33fd71 |
from ldap.cidict import cidict
|
|
|
33fd71 |
from ldap.schema import SubSchema
|
|
|
33fd71 |
+from lib389.schema import SchemaLegacy
|
|
|
33fd71 |
from lib389._constants import *
|
|
|
33fd71 |
-from lib389.topologies import topology_st
|
|
|
33fd71 |
+from lib389.topologies import topology_st, topology_m2 as topo_m2
|
|
|
33fd71 |
+from lib389.idm.user import UserAccounts, UserAccount
|
|
|
33fd71 |
+from lib389.replica import ReplicationManager
|
|
|
33fd71 |
+from lib389.utils import ensure_bytes
|
|
|
33fd71 |
|
|
|
33fd71 |
pytestmark = pytest.mark.tier1
|
|
|
33fd71 |
|
|
|
33fd71 |
@@ -165,6 +169,398 @@ def test_schema_comparewithfiles(topology_st):
|
|
|
33fd71 |
|
|
|
33fd71 |
log.info('test_schema_comparewithfiles: PASSED')
|
|
|
33fd71 |
|
|
|
33fd71 |
+def test_gecos_directoryString(topology_st):
|
|
|
33fd71 |
+ """Check that gecos supports directoryString value
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ :id: aee422bb-6299-4124-b5cd-d7393dac19d3
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ :setup: Standalone instance
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ :steps:
|
|
|
33fd71 |
+ 1. Add a common user
|
|
|
33fd71 |
+ 2. replace gecos with a direstoryString value
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ :expectedresults:
|
|
|
33fd71 |
+ 1. Success
|
|
|
33fd71 |
+ 2. Success
|
|
|
33fd71 |
+ """
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ users = UserAccounts(topology_st.standalone, DEFAULT_SUFFIX)
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ user_properties = {
|
|
|
33fd71 |
+ 'uid': 'testuser',
|
|
|
33fd71 |
+ 'cn' : 'testuser',
|
|
|
33fd71 |
+ 'sn' : 'user',
|
|
|
33fd71 |
+ 'uidNumber' : '1000',
|
|
|
33fd71 |
+ 'gidNumber' : '2000',
|
|
|
33fd71 |
+ 'homeDirectory' : '/home/testuser',
|
|
|
33fd71 |
+ }
|
|
|
33fd71 |
+ testuser = users.create(properties=user_properties)
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # Add a gecos UTF value
|
|
|
33fd71 |
+ testuser.replace('gecos', 'Hélène')
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+def test_gecos_mixed_definition_topo(topo_m2, request):
|
|
|
33fd71 |
+ """Check that replication is still working if schema contains
|
|
|
33fd71 |
+ definitions that does not conform with a replicated entry
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ :id: d5940e71-d18a-4b71-aaf7-b9185361fffe
|
|
|
33fd71 |
+ :setup: Two suppliers replication setup
|
|
|
33fd71 |
+ :steps:
|
|
|
33fd71 |
+ 1. Create a testuser on M1
|
|
|
33fd71 |
+ 2 Stop M1 and M2
|
|
|
33fd71 |
+ 3 Change gecos def on M2 to be IA5
|
|
|
33fd71 |
+ 4 Update testuser with gecos directoryString value
|
|
|
33fd71 |
+ 5 Check replication is still working
|
|
|
33fd71 |
+ :expectedresults:
|
|
|
33fd71 |
+ 1. success
|
|
|
33fd71 |
+ 2. success
|
|
|
33fd71 |
+ 3. success
|
|
|
33fd71 |
+ 4. success
|
|
|
33fd71 |
+ 5. success
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ """
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ repl = ReplicationManager(DEFAULT_SUFFIX)
|
|
|
33fd71 |
+ m1 = topo_m2.ms["supplier1"]
|
|
|
33fd71 |
+ m2 = topo_m2.ms["supplier2"]
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # create a test user
|
|
|
33fd71 |
+ testuser_dn = 'uid={},{}'.format('testuser', DEFAULT_SUFFIX)
|
|
|
33fd71 |
+ testuser = UserAccount(m1, testuser_dn)
|
|
|
33fd71 |
+ try:
|
|
|
33fd71 |
+ testuser.create(properties={
|
|
|
33fd71 |
+ 'uid': 'testuser',
|
|
|
33fd71 |
+ 'cn': 'testuser',
|
|
|
33fd71 |
+ 'sn': 'testuser',
|
|
|
33fd71 |
+ 'uidNumber' : '1000',
|
|
|
33fd71 |
+ 'gidNumber' : '2000',
|
|
|
33fd71 |
+ 'homeDirectory' : '/home/testuser',
|
|
|
33fd71 |
+ })
|
|
|
33fd71 |
+ except ldap.ALREADY_EXISTS:
|
|
|
33fd71 |
+ pass
|
|
|
33fd71 |
+ repl.wait_for_replication(m1, m2)
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # Stop suppliers to update the schema
|
|
|
33fd71 |
+ m1.stop()
|
|
|
33fd71 |
+ m2.stop()
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # on M1: gecos is DirectoryString (default)
|
|
|
33fd71 |
+ # on M2: gecos is IA5
|
|
|
33fd71 |
+ schema_filename = (m2.schemadir + "/99user.ldif")
|
|
|
33fd71 |
+ try:
|
|
|
33fd71 |
+ with open(schema_filename, 'w') as schema_file:
|
|
|
33fd71 |
+ schema_file.write("dn: cn=schema\n")
|
|
|
33fd71 |
+ schema_file.write("attributetypes: ( 1.3.6.1.1.1.1.2 NAME " +
|
|
|
33fd71 |
+ "'gecos' DESC 'The GECOS field; the common name' " +
|
|
|
33fd71 |
+ "EQUALITY caseIgnoreIA5Match " +
|
|
|
33fd71 |
+ "SUBSTR caseIgnoreIA5SubstringsMatch " +
|
|
|
33fd71 |
+ "SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 " +
|
|
|
33fd71 |
+ "SINGLE-VALUE )\n")
|
|
|
33fd71 |
+ os.chmod(schema_filename, 0o777)
|
|
|
33fd71 |
+ except OSError as e:
|
|
|
33fd71 |
+ log.fatal("Failed to update schema file: " +
|
|
|
33fd71 |
+ "{} Error: {}".format(schema_filename, str(e)))
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # start the instances
|
|
|
33fd71 |
+ m1.start()
|
|
|
33fd71 |
+ m2.start()
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # Check that gecos is IA5 on M2
|
|
|
33fd71 |
+ schema = SchemaLegacy(m2)
|
|
|
33fd71 |
+ attributetypes = schema.query_attributetype('gecos')
|
|
|
33fd71 |
+ assert attributetypes[0].syntax == "1.3.6.1.4.1.1466.115.121.1.26"
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # Add a gecos UTF value on M1
|
|
|
33fd71 |
+ testuser.replace('gecos', 'Hélène')
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # Check replication is still working
|
|
|
33fd71 |
+ testuser.replace('displayName', 'ascii value')
|
|
|
33fd71 |
+ repl.wait_for_replication(m1, m2)
|
|
|
33fd71 |
+ testuser_m2 = UserAccount(m2, testuser_dn)
|
|
|
33fd71 |
+ assert testuser_m2.exists()
|
|
|
33fd71 |
+ assert testuser_m2.get_attr_val_utf8('displayName') == 'ascii value'
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ def fin():
|
|
|
33fd71 |
+ m1.start()
|
|
|
33fd71 |
+ m2.start()
|
|
|
33fd71 |
+ testuser.delete()
|
|
|
33fd71 |
+ repl.wait_for_replication(m1, m2)
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # on M2 restore a default 99user.ldif
|
|
|
33fd71 |
+ m2.stop()
|
|
|
33fd71 |
+ os.remove(m2.schemadir + "/99user.ldif")
|
|
|
33fd71 |
+ schema_filename = (m2.schemadir + "/99user.ldif")
|
|
|
33fd71 |
+ try:
|
|
|
33fd71 |
+ with open(schema_filename, 'w') as schema_file:
|
|
|
33fd71 |
+ schema_file.write("dn: cn=schema\n")
|
|
|
33fd71 |
+ os.chmod(schema_filename, 0o777)
|
|
|
33fd71 |
+ except OSError as e:
|
|
|
33fd71 |
+ log.fatal("Failed to update schema file: " +
|
|
|
33fd71 |
+ "{} Error: {}".format(schema_filename, str(e)))
|
|
|
33fd71 |
+ m2.start()
|
|
|
33fd71 |
+ m1.start()
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ request.addfinalizer(fin)
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+def test_gecos_directoryString_wins_M1(topo_m2, request):
|
|
|
33fd71 |
+ """Check that if inital syntax are IA5(M2) and DirectoryString(M1)
|
|
|
33fd71 |
+ Then directoryString wins when nsSchemaCSN M1 is the greatest
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ :id: ad119fa5-7671-45c8-b2ef-0b28ffb68fdb
|
|
|
33fd71 |
+ :setup: Two suppliers replication setup
|
|
|
33fd71 |
+ :steps:
|
|
|
33fd71 |
+ 1. Create a testuser on M1
|
|
|
33fd71 |
+ 2 Stop M1 and M2
|
|
|
33fd71 |
+ 3 Change gecos def on M2 to be IA5
|
|
|
33fd71 |
+ 4 Start M1 and M2
|
|
|
33fd71 |
+ 5 Update M1 schema so that M1 has greatest nsSchemaCSN
|
|
|
33fd71 |
+ 6 Update testuser with gecos directoryString value
|
|
|
33fd71 |
+ 7 Check replication is still working
|
|
|
33fd71 |
+ 8 Check gecos is DirectoryString on M1 and M2
|
|
|
33fd71 |
+ :expectedresults:
|
|
|
33fd71 |
+ 1. success
|
|
|
33fd71 |
+ 2. success
|
|
|
33fd71 |
+ 3. success
|
|
|
33fd71 |
+ 4. success
|
|
|
33fd71 |
+ 5. success
|
|
|
33fd71 |
+ 6. success
|
|
|
33fd71 |
+ 7. success
|
|
|
33fd71 |
+ 8. success
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ """
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ repl = ReplicationManager(DEFAULT_SUFFIX)
|
|
|
33fd71 |
+ m1 = topo_m2.ms["supplier1"]
|
|
|
33fd71 |
+ m2 = topo_m2.ms["supplier2"]
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # create a test user
|
|
|
33fd71 |
+ testuser_dn = 'uid={},{}'.format('testuser', DEFAULT_SUFFIX)
|
|
|
33fd71 |
+ testuser = UserAccount(m1, testuser_dn)
|
|
|
33fd71 |
+ try:
|
|
|
33fd71 |
+ testuser.create(properties={
|
|
|
33fd71 |
+ 'uid': 'testuser',
|
|
|
33fd71 |
+ 'cn': 'testuser',
|
|
|
33fd71 |
+ 'sn': 'testuser',
|
|
|
33fd71 |
+ 'uidNumber' : '1000',
|
|
|
33fd71 |
+ 'gidNumber' : '2000',
|
|
|
33fd71 |
+ 'homeDirectory' : '/home/testuser',
|
|
|
33fd71 |
+ })
|
|
|
33fd71 |
+ except ldap.ALREADY_EXISTS:
|
|
|
33fd71 |
+ pass
|
|
|
33fd71 |
+ repl.wait_for_replication(m1, m2)
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # Stop suppliers to update the schema
|
|
|
33fd71 |
+ m1.stop()
|
|
|
33fd71 |
+ m2.stop()
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # on M1: gecos is DirectoryString (default)
|
|
|
33fd71 |
+ # on M2: gecos is IA5
|
|
|
33fd71 |
+ schema_filename = (m2.schemadir + "/99user.ldif")
|
|
|
33fd71 |
+ try:
|
|
|
33fd71 |
+ with open(schema_filename, 'w') as schema_file:
|
|
|
33fd71 |
+ schema_file.write("dn: cn=schema\n")
|
|
|
33fd71 |
+ schema_file.write("attributetypes: ( 1.3.6.1.1.1.1.2 NAME " +
|
|
|
33fd71 |
+ "'gecos' DESC 'The GECOS field; the common name' " +
|
|
|
33fd71 |
+ "EQUALITY caseIgnoreIA5Match " +
|
|
|
33fd71 |
+ "SUBSTR caseIgnoreIA5SubstringsMatch " +
|
|
|
33fd71 |
+ "SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 " +
|
|
|
33fd71 |
+ "SINGLE-VALUE )\n")
|
|
|
33fd71 |
+ os.chmod(schema_filename, 0o777)
|
|
|
33fd71 |
+ except OSError as e:
|
|
|
33fd71 |
+ log.fatal("Failed to update schema file: " +
|
|
|
33fd71 |
+ "{} Error: {}".format(schema_filename, str(e)))
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # start the instances
|
|
|
33fd71 |
+ m1.start()
|
|
|
33fd71 |
+ m2.start()
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # Check that gecos is IA5 on M2
|
|
|
33fd71 |
+ schema = SchemaLegacy(m2)
|
|
|
33fd71 |
+ attributetypes = schema.query_attributetype('gecos')
|
|
|
33fd71 |
+ assert attributetypes[0].syntax == "1.3.6.1.4.1.1466.115.121.1.26"
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # update M1 schema to increase its nsschemaCSN
|
|
|
33fd71 |
+ new_at = "( dummy-oid NAME 'dummy' DESC 'dummy attribute' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'RFC 2307' )"
|
|
|
33fd71 |
+ m1.schema.add_schema('attributetypes', ensure_bytes(new_at))
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # Add a gecos UTF value on M1
|
|
|
33fd71 |
+ testuser.replace('gecos', 'Hélène')
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # Check replication is still working
|
|
|
33fd71 |
+ testuser.replace('displayName', 'ascii value')
|
|
|
33fd71 |
+ repl.wait_for_replication(m1, m2)
|
|
|
33fd71 |
+ testuser_m2 = UserAccount(m2, testuser_dn)
|
|
|
33fd71 |
+ assert testuser_m2.exists()
|
|
|
33fd71 |
+ assert testuser_m2.get_attr_val_utf8('displayName') == 'ascii value'
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # Check that gecos is DirectoryString on M1
|
|
|
33fd71 |
+ schema = SchemaLegacy(m1)
|
|
|
33fd71 |
+ attributetypes = schema.query_attributetype('gecos')
|
|
|
33fd71 |
+ assert attributetypes[0].syntax == "1.3.6.1.4.1.1466.115.121.1.15"
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # Check that gecos is DirectoryString on M2
|
|
|
33fd71 |
+ schema = SchemaLegacy(m2)
|
|
|
33fd71 |
+ attributetypes = schema.query_attributetype('gecos')
|
|
|
33fd71 |
+ assert attributetypes[0].syntax == "1.3.6.1.4.1.1466.115.121.1.15"
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ def fin():
|
|
|
33fd71 |
+ m1.start()
|
|
|
33fd71 |
+ m2.start()
|
|
|
33fd71 |
+ testuser.delete()
|
|
|
33fd71 |
+ m1.schema.del_schema('attributetypes', ensure_bytes(new_at))
|
|
|
33fd71 |
+ repl.wait_for_replication(m1, m2)
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # on M2 restore a default 99user.ldif
|
|
|
33fd71 |
+ m2.stop()
|
|
|
33fd71 |
+ os.remove(m2.schemadir + "/99user.ldif")
|
|
|
33fd71 |
+ schema_filename = (m2.schemadir + "/99user.ldif")
|
|
|
33fd71 |
+ try:
|
|
|
33fd71 |
+ with open(schema_filename, 'w') as schema_file:
|
|
|
33fd71 |
+ schema_file.write("dn: cn=schema\n")
|
|
|
33fd71 |
+ os.chmod(schema_filename, 0o777)
|
|
|
33fd71 |
+ except OSError as e:
|
|
|
33fd71 |
+ log.fatal("Failed to update schema file: " +
|
|
|
33fd71 |
+ "{} Error: {}".format(schema_filename, str(e)))
|
|
|
33fd71 |
+ m2.start()
|
|
|
33fd71 |
+ m1.start()
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ request.addfinalizer(fin)
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+def test_gecos_directoryString_wins_M2(topo_m2, request):
|
|
|
33fd71 |
+ """Check that if inital syntax are IA5(M2) and DirectoryString(M1)
|
|
|
33fd71 |
+ Then directoryString wins when nsSchemaCSN M2 is the greatest
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ :id: 2da7f1b1-f86d-4072-a940-ba56d4bc8348
|
|
|
33fd71 |
+ :setup: Two suppliers replication setup
|
|
|
33fd71 |
+ :steps:
|
|
|
33fd71 |
+ 1. Create a testuser on M1
|
|
|
33fd71 |
+ 2 Stop M1 and M2
|
|
|
33fd71 |
+ 3 Change gecos def on M2 to be IA5
|
|
|
33fd71 |
+ 4 Start M1 and M2
|
|
|
33fd71 |
+ 5 Update M2 schema so that M2 has greatest nsSchemaCSN
|
|
|
33fd71 |
+ 6 Update testuser on M2 and trigger replication to M1
|
|
|
33fd71 |
+ 7 Update testuser on M2 with gecos directoryString value
|
|
|
33fd71 |
+ 8 Check replication is still working
|
|
|
33fd71 |
+ 9 Check gecos is DirectoryString on M1 and M2
|
|
|
33fd71 |
+ :expectedresults:
|
|
|
33fd71 |
+ 1. success
|
|
|
33fd71 |
+ 2. success
|
|
|
33fd71 |
+ 3. success
|
|
|
33fd71 |
+ 4. success
|
|
|
33fd71 |
+ 5. success
|
|
|
33fd71 |
+ 6. success
|
|
|
33fd71 |
+ 7. success
|
|
|
33fd71 |
+ 8. success
|
|
|
33fd71 |
+ 9. success
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ """
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ repl = ReplicationManager(DEFAULT_SUFFIX)
|
|
|
33fd71 |
+ m1 = topo_m2.ms["supplier1"]
|
|
|
33fd71 |
+ m2 = topo_m2.ms["supplier2"]
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # create a test user
|
|
|
33fd71 |
+ testuser_dn = 'uid={},{}'.format('testuser', DEFAULT_SUFFIX)
|
|
|
33fd71 |
+ testuser = UserAccount(m1, testuser_dn)
|
|
|
33fd71 |
+ try:
|
|
|
33fd71 |
+ testuser.create(properties={
|
|
|
33fd71 |
+ 'uid': 'testuser',
|
|
|
33fd71 |
+ 'cn': 'testuser',
|
|
|
33fd71 |
+ 'sn': 'testuser',
|
|
|
33fd71 |
+ 'uidNumber' : '1000',
|
|
|
33fd71 |
+ 'gidNumber' : '2000',
|
|
|
33fd71 |
+ 'homeDirectory' : '/home/testuser',
|
|
|
33fd71 |
+ })
|
|
|
33fd71 |
+ except ldap.ALREADY_EXISTS:
|
|
|
33fd71 |
+ pass
|
|
|
33fd71 |
+ testuser.replace('displayName', 'to trigger replication M1-> M2')
|
|
|
33fd71 |
+ repl.wait_for_replication(m1, m2)
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # Stop suppliers to update the schema
|
|
|
33fd71 |
+ m1.stop()
|
|
|
33fd71 |
+ m2.stop()
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # on M1: gecos is DirectoryString (default)
|
|
|
33fd71 |
+ # on M2: gecos is IA5
|
|
|
33fd71 |
+ schema_filename = (m2.schemadir + "/99user.ldif")
|
|
|
33fd71 |
+ try:
|
|
|
33fd71 |
+ with open(schema_filename, 'w') as schema_file:
|
|
|
33fd71 |
+ schema_file.write("dn: cn=schema\n")
|
|
|
33fd71 |
+ schema_file.write("attributetypes: ( 1.3.6.1.1.1.1.2 NAME " +
|
|
|
33fd71 |
+ "'gecos' DESC 'The GECOS field; the common name' " +
|
|
|
33fd71 |
+ "EQUALITY caseIgnoreIA5Match " +
|
|
|
33fd71 |
+ "SUBSTR caseIgnoreIA5SubstringsMatch " +
|
|
|
33fd71 |
+ "SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 " +
|
|
|
33fd71 |
+ "SINGLE-VALUE )\n")
|
|
|
33fd71 |
+ os.chmod(schema_filename, 0o777)
|
|
|
33fd71 |
+ except OSError as e:
|
|
|
33fd71 |
+ log.fatal("Failed to update schema file: " +
|
|
|
33fd71 |
+ "{} Error: {}".format(schema_filename, str(e)))
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # start the instances
|
|
|
33fd71 |
+ m1.start()
|
|
|
33fd71 |
+ m2.start()
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # Check that gecos is IA5 on M2
|
|
|
33fd71 |
+ schema = SchemaLegacy(m2)
|
|
|
33fd71 |
+ attributetypes = schema.query_attributetype('gecos')
|
|
|
33fd71 |
+ assert attributetypes[0].syntax == "1.3.6.1.4.1.1466.115.121.1.26"
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # update M2 schema to increase its nsschemaCSN
|
|
|
33fd71 |
+ new_at = "( dummy-oid NAME 'dummy' DESC 'dummy attribute' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'RFC 2307' )"
|
|
|
33fd71 |
+ m2.schema.add_schema('attributetypes', ensure_bytes(new_at))
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # update just to trigger replication M2->M1
|
|
|
33fd71 |
+ # and update of M2 schema
|
|
|
33fd71 |
+ testuser_m2 = UserAccount(m2, testuser_dn)
|
|
|
33fd71 |
+ testuser_m2.replace('displayName', 'to trigger replication M2-> M1')
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # Add a gecos UTF value on M1
|
|
|
33fd71 |
+ testuser.replace('gecos', 'Hélène')
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # Check replication is still working
|
|
|
33fd71 |
+ testuser.replace('displayName', 'ascii value')
|
|
|
33fd71 |
+ repl.wait_for_replication(m1, m2)
|
|
|
33fd71 |
+ assert testuser_m2.exists()
|
|
|
33fd71 |
+ assert testuser_m2.get_attr_val_utf8('displayName') == 'ascii value'
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # Check that gecos is DirectoryString on M1
|
|
|
33fd71 |
+ schema = SchemaLegacy(m1)
|
|
|
33fd71 |
+ attributetypes = schema.query_attributetype('gecos')
|
|
|
33fd71 |
+ assert attributetypes[0].syntax == "1.3.6.1.4.1.1466.115.121.1.15"
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # Check that gecos is DirectoryString on M2
|
|
|
33fd71 |
+ schema = SchemaLegacy(m2)
|
|
|
33fd71 |
+ attributetypes = schema.query_attributetype('gecos')
|
|
|
33fd71 |
+ assert attributetypes[0].syntax == "1.3.6.1.4.1.1466.115.121.1.15"
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ def fin():
|
|
|
33fd71 |
+ m1.start()
|
|
|
33fd71 |
+ m2.start()
|
|
|
33fd71 |
+ testuser.delete()
|
|
|
33fd71 |
+ m1.schema.del_schema('attributetypes', ensure_bytes(new_at))
|
|
|
33fd71 |
+ repl.wait_for_replication(m1, m2)
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ # on M2 restore a default 99user.ldif
|
|
|
33fd71 |
+ m2.stop()
|
|
|
33fd71 |
+ os.remove(m2.schemadir + "/99user.ldif")
|
|
|
33fd71 |
+ schema_filename = (m2.schemadir + "/99user.ldif")
|
|
|
33fd71 |
+ try:
|
|
|
33fd71 |
+ with open(schema_filename, 'w') as schema_file:
|
|
|
33fd71 |
+ schema_file.write("dn: cn=schema\n")
|
|
|
33fd71 |
+ os.chmod(schema_filename, 0o777)
|
|
|
33fd71 |
+ except OSError as e:
|
|
|
33fd71 |
+ log.fatal("Failed to update schema file: " +
|
|
|
33fd71 |
+ "{} Error: {}".format(schema_filename, str(e)))
|
|
|
33fd71 |
+ m2.start()
|
|
|
33fd71 |
+
|
|
|
33fd71 |
+ request.addfinalizer(fin)
|
|
|
33fd71 |
|
|
|
33fd71 |
if __name__ == '__main__':
|
|
|
33fd71 |
# Run isolated
|
|
|
33fd71 |
diff --git a/ldap/schema/10rfc2307compat.ldif b/ldap/schema/10rfc2307compat.ldif
|
|
|
33fd71 |
index 8ba72e1e3..998b8983b 100644
|
|
|
33fd71 |
--- a/ldap/schema/10rfc2307compat.ldif
|
|
|
33fd71 |
+++ b/ldap/schema/10rfc2307compat.ldif
|
|
|
33fd71 |
@@ -21,9 +21,9 @@ attributeTypes: (
|
|
|
33fd71 |
attributeTypes: (
|
|
|
33fd71 |
1.3.6.1.1.1.1.2 NAME 'gecos'
|
|
|
33fd71 |
DESC 'The GECOS field; the common name'
|
|
|
33fd71 |
- EQUALITY caseIgnoreIA5Match
|
|
|
33fd71 |
- SUBSTR caseIgnoreIA5SubstringsMatch
|
|
|
33fd71 |
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
|
|
|
33fd71 |
+ EQUALITY caseIgnoreMatch
|
|
|
33fd71 |
+ SUBSTR caseIgnoreSubstringsMatch
|
|
|
33fd71 |
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
|
|
|
33fd71 |
SINGLE-VALUE
|
|
|
33fd71 |
)
|
|
|
33fd71 |
attributeTypes: (
|
|
|
33fd71 |
--
|
|
|
33fd71 |
2.31.1
|
|
|
33fd71 |
|