On Fri, May 19, 2023 at 04:17:16PM +1000, Jonathan Matthew wrote: > We sometimes run into situations where one of the three servers a ypldap > can talk to will accept a TCP connection but won't do TLS properly, or won't > perform LDAP searches. ypldap currently only tries servers until one accepts > the connection, so when this happens, it is less successful at updating than > it could be. > > The diff below adjusts the ldap update code so it tries servers until it > either successfully queries one or it runs out of addresses to try. > If a server breaks after returning partial results, the ldap process will > still send what it got to the main process. If the ldap process then gets > full results from another server, those will overwrite the partial results, > and if it doesn't, the main process will discard the partial results when it > gets a 'trash update' message from the ldap process. > > While here, the diff also adds the server address to log messages about > servers not working, so it's easier to figure out what's going wrong.
I don't have a test setup, but the change makes sense and reads fine. ok tb
