Return-Path: X-Original-To: apmail-directory-dev-archive@www.apache.org Delivered-To: apmail-directory-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id BBCB310F99 for ; Tue, 18 Feb 2014 13:32:26 +0000 (UTC) Received: (qmail 27783 invoked by uid 500); 18 Feb 2014 13:32:25 -0000 Delivered-To: apmail-directory-dev-archive@directory.apache.org Received: (qmail 27678 invoked by uid 500); 18 Feb 2014 13:32:23 -0000 Mailing-List: contact dev-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Apache Directory Developers List" Delivered-To: mailing list dev@directory.apache.org Received: (qmail 27624 invoked by uid 99); 18 Feb 2014 13:32:21 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 18 Feb 2014 13:32:21 +0000 Date: Tue, 18 Feb 2014 13:32:21 +0000 (UTC) From: "Kiran Ayyagari (JIRA)" To: dev@directory.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (DIRSERVER-1959) Certificates corruption during replication MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/DIRSERVER-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13904034#comment-13904034 ] Kiran Ayyagari commented on DIRSERVER-1959: ------------------------------------------- No, you need to build one. We might release M16 in the next 2 weeks. > Certificates corruption during replication > ------------------------------------------- > > Key: DIRSERVER-1959 > URL: https://issues.apache.org/jira/browse/DIRSERVER-1959 > Project: Directory ApacheDS > Issue Type: Bug > Affects Versions: 2.0.0-M15 > Environment: Replication master/slave. > master with Windows server 2003 R2 > slave with Windows server 2003 R2 or Windows 7 > Reporter: Edouard BAUDRY > Assignee: Kiran Ayyagari > Priority: Critical > Labels: bug > Fix For: 2.0.0-M16 > > > Environment: "master/slave" LDAP replication. > Slave configuration: > ads-replAliasDerefMode: never > ads-replAttributes: * > ads-replConsumerId: 1 > ads-replProvHostName: SLAVE-DOMAIN-NAME > ads-replProvPort: 10389 > ads-replrefreshinterval: 60000 > ads-replRefreshNPersist: true > ads-replSearchFilter: (objectClass=*) > ads-replSearchScope: sub > ads-replSearchSizeLimit: 0 > ads-replSearchTimeOut: 0 > ads-replUserDn: uid=admin,ou=system > ads-replUserPassword: password > ads-searchBaseDN: dc=data,dc=serverDownload > To reproduce this issue: > 1/ Put a certificate in "master" LDAP as binary field in field "usercertificate" > 2/ See with Apache Directory Studio the field "usercertificate": it's a x509v3 with all info readable > 3/ wait for the replication to the "slave" LDAP > 4/ see with Apache Directory Studio the field "usercertificate": "Invalid Certificate (2340 Bytes)" with "2340 bytes" the size of the certificate. > After verification, all Bytes upper than 0x7F are replaced by 0xEFBFBD. > It appears to be linked to UTF-8 encoding/decoding, but the field is a binary field. > It's blocking as I can't use replication with this issue. > Thanks in advance for your help -- This message was sent by Atlassian JIRA (v6.1.5#6160)