[Issue 10360] New: delta-sync can apply old mods

18 Jun 2025


      https://bugs.openldap.org/show_bug.cgi?id=10360
Issue ID: 10360
           Summary: delta-sync can apply old mods
           Product: OpenLDAP
           Version: 2.6.9
          Hardware: All
                OS: All
            Status: UNCONFIRMED
          Keywords: needs_review
          Severity: normal
          Priority: ---
         Component: slapd
          Assignee: bugs@openldap.org
          Reporter: hyc@openldap.org
  Target Milestone: ---
This might be related to #10358, but not sure.
In delta MPR, if an older mod is received on an entry after a newer mod has
already been applied by a local user, the older mod is applied and the newer
mod is lost.
The incoming replication ops are checked for freshness by check_csn_age() but
that only checks the incoming cookieCSN against contextCSNs of the same SID.
I.e., that check only prevents duplicate mods being replicated multiple times
from the same remote provider. If check_csn_age() passes, then
syncrepl_message_to_op() is invoked which just applies the mod. It doesn't
check the mod or cookieCSN against the entry's current entryCSN.
The code in syncrepl_op_mod() performs the checks we need. The code just needs
to be pulled into a new function so it can be used in both places.
-- 
You are receiving this mail because:
You are on the CC list for the issue.

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[Issue 10360] New: delta-sync can apply old mods