On 06/11/2015 10:27 AM, thierry bordaz wrote:
On 06/11/2015 08:12 AM, Ludwig Krispenz wrote:
Attached are two patches:
- reject direct modification of segment endpoints and connectivity
- better manage the rdn of a replication agreements represented by a segment



Hello Ludwig,

The patches looks good. Two questions:

  * Patch 0012
               if (strcasecmp(agmt_rdn_str, topo_agmt->rdn)) {
    slapi_ch_free_string(&topo_agmt->rdn);
                    topo_agmt->rdn = slapi_ch_strdup(agmt_rdn_str);
                }
    What is the benefit of replacing a string by the same one ?

if strcasecmp is not 0, they are not the same

  * Patch 0013
    In ipa-topo-pre-mod.
        if (ipa_topo_is_entry_managed(pb)){
            if(ipa_topo_is_agmt_attr_restricted(pb)) {
                errtxt = slapi_ch_smprintf("Entry and attributes are
    managed by topology plugin."
                                           "No direct modifications
    allowed.\n");
            }
        } else if (ipa_topo_check_connect_restrict(pb)) {
            errtxt = slapi_ch_smprintf("Modification of connectivity
    and segment nodes "
                                       " is not supported.\n");
        }
    If we have an external modify of replication agreement (managed by
    topology plugin), then it will not call
    'ipa_topo_check_connect_restrict'.
    And the modify will not be reject if for example it updates
    'ipaReplTopoSegmentDirection'.

this is not in an replication agreement. you cannot modify two entries in the same mod. The first if catches mos to a repl agreement, the second to a segment entry

  * But I thought that this patch also wants to prevent external
    update of some connectivity attribute of the managed entries.

Thanks
thierry


-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to