We also have some old servers lying around, and we've seen some interesting differences doing replication between them and the new servers (I didn't report them initially because I assume a heterogenous LDAP master deployment is not... really supported.) But this information might be helpful for debugging. New version is: 1.2.6 B2010.238.2133, old version is: 1.2.5 B2010.012.2024 * Incremental replication from new to old fails, with [23/Sep/2010:18:42:57 -0400] NSMMReplicationPlugin - agmt="cn=GSSAPI Replication to real-mccoy.mit.edu" (real-mccoy:389): Unable to parse the response to the startReplication extended operation. Replication is aborting. * Incremental replication from old to new, old to old and new to new succeeds * Total update from old to new and old to old succeeds * Total update from new to new fails with the aforementioned bug * Total update from new to old is untested If you would like us to rebuild fedora-389-ds with the corresponding source patched to read properly, we can do that. Edward Excerpts from Edward Z. Yang's message of Sun Sep 26 15:13:13 -0400 2010: > Hello all, > > We're running into this error message on a full update between two > dirsrvs of version: > > 389 Project > 389-Directory/1.2.6 B2010.238.2133 > > The error message is: > > [26/Sep/2010:15:03:35 -0400] - sasl_io_start_packet: failed - read only 3 > bytes of sasl packet length on connection 4 > > According to the source code: > > /* > * NOTE: A better way to do this would be to read the bytes and add them to? > * sp->encrypted_buffer - if offset < 4, tell caller we didn't read enough > * bytes yet - if offset >= 4, decode the length and proceed. However, it > * is highly unlikely that a request to read 4 bytes will return < 4 bytes, > * perhaps only in error conditions, in which case the ret < 0 case above > * will run > */ > > Uh. Maybe our network is strange, maybe we've run into a different error > condition, but this seems quite poor... > > Cheers, > Edward
