evolution updates killed LDAP

Shahms King shahms at shahms.com
Tue Mar 8 16:09:55 UTC 2005


On Mon, 2005-03-07 at 19:11 -0500, David Malcolm wrote:
> On Mon, 2005-03-07 at 15:48 -0800, Shahms King wrote:
> >On Mon, 2005-03-07 at 18:26 -0500, David Malcolm wrote:
> >> On Tue, 2005-03-01 at 09:49 -0800, Shahms King wrote:
> >> >I just finished filing bug #150017, basically after updating to
> >> >evolution-2.0.4 and evolution-data-server-1.0.4 LDAP addressbooks
> >> >stopped working.  At first, there was an error message about being
> >> >unable to connect, but after restarting evolution and e-d-s, the message
> >> >goes away but no results are ever returned from any query.  The
> >> >addressbooks in question were working fine before the upgrade and I had
> >> >made no configuration changes when they stopped. 
> >> >
> >> >Running ldapsearch on the command line using the same parameters
> >> >evolution is configured with returns the expected results.
> >> 
> >> Is Evolution actually making any queries?  You might want to try running
> >> ethereal or tcpdump and seeing if it's getting as far as talking to the
> >> server.
> >
> >It would appear to be making queries; tcpdump reports traffic between
> >the ldap server and localhost.
> >
> >> What kind of authentication (if any) are you doing against the server?
> >
> >I have tested it with both Anonymous and dn password-based
> >authentication with the same results.
> What kind of connection?  Secure or insecure?  If it's not using
> transport layer encryption you should hopefully be able to see
> communication with the server.  I just tried this in Ethereal and can
> see the conversation.  Otherwise, maybe I messed up TLS for this build?
> 

I've tried SSL, TLS and insecure all to no avail.  All right, looking at
the various traffic in ethereal I see a couple of things.  First of all,
we have read-only slaves and when Evolution is configured to use one of
these, I get error messages about them being unreachable (they used to
work). Note that for some reason --force-shutdown and restarting
evolution made the slaves work again as well.  This time.  Sometimes
they do, sometimes they don't.

However, if I configure Evolution to use the ldap master, I get no error
and I can see the traffic.  I still get no results, but that could be
because Evolution is sending bad query filters:
(&(objectclass=person)(|(sn=Sha)(|(cn=Sha)(sn=Sha))(mail=Sha)(displayName=Sha)))

That's when composing an email as I type "Shahms King".
1. the combination of '(|)' queries is a little odd
2. sn is included twice
3. none of these are substring queries (they should be '(sn=Sha*)' )

When searching for "... begins with" in the Contacts page, the queries
look exactly the same (i.e., no trailing '*').
The objectclass=person part of the filter also breaks on our LDAP setup
(but I'll talk to the LDAP admin about that, because that part should
work, I believe).

After poking around in ethereal and restarting evolution a lot, I've
come to the conclusion that this is (at least) two separate issues.  One
of them is a simple query filter problem the other (seemingly random
error messages) I have no idea what could be causing.
-- 
Shahms E. King <shahms at shahms.com>
Multnomah ESD

Public Key:
http://shahms.mesd.k12.or.us/~sking/shahms.asc
Fingerprint:
1612 054B CE92 8770 F1EA  AB1B FEAB 3636 45B2 D75B
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-test-list/attachments/20050308/e596b9b2/attachment.sig>


More information about the fedora-test-list mailing list