On Thu, 2011-06-02 at 13:41 -0400, Stephen Gallagher wrote:
On Fri, 2011-05-27 at 13:38 +0200, Jakub Hrozek wrote:
> On 05/26/2011 06:46 PM, Stephen Gallagher wrote:
> > On Thu, 2011-05-26 at 18:02 +0200, Jakub Hrozek wrote:
> >> Escaping the IPv6 address with "[" and "]" makes it
compliant with
> >> RFC2732 and allows the URI to be parsed with libldap routines.
> >
> >
> > Nack.
> >
> > This fix is incomplete. It's a bug that the LDAP provider does not
> > encode the IP address as returned by the failover resolution. The
> > sdap_uri_callback() routine should be creating the new_uri with the
> > returned address and escaping IPv6.
> >
> >
>
> Attached are patches that deal with both providers:
>
> [PATCH 1/4] Add utility function to return IP address as string
> Removes code duplication we had between Kerberos and IPA providers and
> would have in the LDAP provider
>
Ack
> [PATCH 2/4] Add a utility function to escape IPv6 address for use in URIs
> A utility function that would be used later on
>
Ack
> [PATCH 3/4] Use escaped IP addresses in LDAP provider
> Instead of hostname, construct the URI based on IP address, escaped if
> needed. When a URI is passed in, we break it down and reconstruct it
> with address.
>
Ack
> [PATCH 4/4] Escape IPv6 IP addresses in the IPA provider
>
https://fedorahosted.org/sssd/ticket/880
Ack
Pushed to master and sssd-1-5.