You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@directory.apache.org by "Kiran Ayyagari (JIRA)" <ji...@apache.org> on 2014/02/17 19:36:23 UTC

[jira] [Resolved] (DIRSERVER-1959) Certificates corruption during replication

     [ https://issues.apache.org/jira/browse/DIRSERVER-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Kiran Ayyagari resolved DIRSERVER-1959.
---------------------------------------

       Resolution: Fixed
    Fix Version/s: 2.0.0-M16
         Assignee: Kiran Ayyagari

Thanks for the report, fixed here http://svn.apache.org/r1569071

> Certificates corruption  during replication
> -------------------------------------------
>
>                 Key: DIRSERVER-1959
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1959
>             Project: Directory ApacheDS
>          Issue Type: Bug
>    Affects Versions: 2.0.0-M15
>         Environment: Replication master/slave.
> master with Windows server 2003 R2
> slave with Windows server 2003 R2 or Windows 7
>            Reporter: Edouard BAUDRY
>            Assignee: Kiran Ayyagari
>            Priority: Critical
>              Labels: bug
>             Fix For: 2.0.0-M16
>
>
> Environment: "master/slave" LDAP replication.
> Slave configuration:
>   ads-replAliasDerefMode: never
>   ads-replAttributes: *
>   ads-replConsumerId: 1
>   ads-replProvHostName: SLAVE-DOMAIN-NAME
>   ads-replProvPort: 10389
>   ads-replrefreshinterval: 60000
>   ads-replRefreshNPersist: true
>   ads-replSearchFilter: (objectClass=*)
>   ads-replSearchScope: sub
>   ads-replSearchSizeLimit: 0
>   ads-replSearchTimeOut: 0
>   ads-replUserDn: uid=admin,ou=system
>   ads-replUserPassword: password
>   ads-searchBaseDN: dc=data,dc=serverDownload
> To reproduce this issue:
> 1/ Put a certificate in "master" LDAP as binary field in field "usercertificate"
> 2/ See with Apache Directory Studio the field "usercertificate": it's a x509v3 with all info readable
> 3/ wait for the replication to the "slave" LDAP
> 4/ see with Apache Directory Studio the field "usercertificate": "Invalid Certificate (2340 Bytes)" with "2340 bytes" the size of the certificate.
> After verification, all Bytes upper than 0x7F are replaced by 0xEFBFBD.
> It appears to be linked to UTF-8 encoding/decoding, but the field is a binary field.
> It's blocking as I can't use replication with this issue.
> Thanks in advance for your help



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)