389-ds-base

Clone
Source Code
GIT

#48823 [RFE] IPv6 support for Console
Closed: wontfix None Opened 7 years ago by nhosoi.

Closed: wontfix
Reopen Issue 
Description of problem:
Admin Console doesn't have support for IPv6 in aci editor, ldap uri constructor
and possibly in other places.

Version-Release number of selected component (if applicable):
idm-console-framework-1.1.14-1.el7dsrv.noarch

How reproducible:
always

Steps to Reproduce:
1. Create new aci
2. In hosts tab select add and choose IP address host filter
3. Field supports only IPv4 format

4. Add new replica
5. In LDAP Url field press Construct,
6. When IPv6 is entered, button Add is inactive and there is a message "Invalid
URL format"

Areas that need to be addressed:

  • Main Login screen
  • Admin Server Console: Config tab -> Network
  • DS Console:
    • Replication agreement wizard
    • Chaining
    • Referrals (creating & constructing)
    • ACI editor

Need to handle IPv6 ldap URLs (RFC 2732). This could impact 389-ds-base as well.
{{{
ldap://[IPv6 address inside brackets]:port

ldap://[::1]:389
}}}

ds-console (replication agmt wizard)
0001-Ticket-48823-ds-console-add-IPv6-support.patch

idm-console-framework - ACI editor allow IPv6 addresses
0001-Ticket-48823-idm-console-framework-Add-IPv6-support.patch

These patches need an update to the ldapjdk (currently in the process of getting the patch submitted for review in Mozilla)

Your patches look good to me.

These patches need an update to the ldapjdk (currently in the process of getting the patch submitted for review in Mozilla)
Could you share the Mozilla bug # for tracking?
Thanks!

ldapjdk bugs:

RHEL7: https://bugzilla.redhat.com/show_bug.cgi?id=1353564
Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=1353568

There is no Mozilla bugzilla at this time (tbd)

To ssh://git.fedorahosted.org/git/idm-console-framework.git
81f84bb..0296644 master -> master
commit 029664440c4d1c62ac6c92299e3af1ccfcc64873
Author: Mark Reynolds mreynolds@redhat.com
Date: Wed Jul 6 10:27:49 2016 -0400

To ssh://git.fedorahosted.org/git/389/admin-console.git
45b3312..e3fdd16 master -> master
commit e3fdd169650b98d828cc459e04de8afef5c021cd

To ssh://git.fedorahosted.org/git/389/ds-console.git
e8448ad..2163fdb master -> master
commit 2163fdb2775b6c04532a06fca08a4212d8ff277b

To ssh://git.fedorahosted.org/git/389/admin.git
2eaaf09..7d6245d master -> master
commit 7d6245d938c4aa5432eba9764dcbdf3838d86c77

If s does not have ']' and end is assigned to -1 here, what could happen?
943 int end = s.indexOf( ']' );
I guess hostList[i] would be null and portList[i] would have defaultPort...?
If that's the expected pair, I will ack. :)
{{{
941 if ( s.startsWith( "[" ) ) {
942 // We have an ipv6 address
943 int end = s.indexOf( ']' );
944 String remainder = s.substring( end+1 );
945 hostList[i] = s.substring( 0, end+1 );
946 colon = remainder.indexOf( ':' );
947 if ( colon >= 0 ){
948 portList[i] = Integer.parseInt( remainder.substring( colon+1 ) );
949 } else {
950 portList[i] = defaultPort;
951 }
}}}

Replying to [comment:10 nhosoi]:

If s does not have ']' and end is assigned to -1 here, what could happen?
943 int end = s.indexOf( ']' );
I guess hostList[i] would be null and portList[i] would have defaultPort...?
If that's the expected pair, I will ack. :)

Actually, it will accidentally create a valid url (according the RFC and the ldapjdk LDAPUrl code)

{{{
ldap://:389
}}}

The connection will most likely still fail, but it should return a malformed URL error instead. I will rework the fix.

Replying to [comment:10 nhosoi]:

If s does not have ']' and end is assigned to -1 here, what could happen?

New patch is attached.

Sorry, Mark... Could you show me when "len" is set and how?
{{{
941 if ( s.startsWith( "[" ) ) {
942 // We have an ipv6 address
943 int end = s.indexOf( ']' );
944 if ( len == -1 ) {
}}}

ldapjdk fix (revision #2)
bug1287774.diff

Replying to [comment:13 nhosoi]:

Sorry, Mark... Could you show me when "len" is set and how?
{{{
941 if ( s.startsWith( "[" ) ) {
942 // We have an ipv6 address
943 int end = s.indexOf( ']' );
944 if ( len == -1 ) {
}}}

Sorry, had an issue with "hg commit". New patch is attached.

Looks good. Thanks, Mark!

Metadata Update from @mreynolds:
- Issue assigned to mreynolds
- Issue set to the milestone: 389-admin,console 1.1.44
7 years ago

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/389ds/389-ds-base/issues/1883

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @spichugi:
- Issue close_status updated to: wontfix (was: Fixed)
3 years ago

Login to comment on this ticket.

Metadata
None
None
None
major
ack
RHCust
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.