Commits on Dec 7, 2017
  1. Added gotcha on derived attributes

    akkornel committed Dec 7, 2017
    Related to #27
  2. Fix class name

    akkornel committed Dec 7, 2017
  3. Expand LDAP group name

    akkornel committed Dec 7, 2017
  4. Add gotcha on changing ACLs

    akkornel committed Dec 7, 2017
  5. Create a "Gotchas" page

    akkornel committed Dec 7, 2017
    This page will detail situations I've encountered where
    Syncrepl just did not work the way I expected.
Commits on Oct 22, 2017
  1. Confirming commit dfddd1, and past signatures

    akkornel committed Oct 22, 2017
    This commit-which has been made with my new key-is to confirm that
    commit dfddd1a is valid, and was
    signed by the following key:
    Signature key ....: F0C1 EF27 14C5 0582 915C  59F8 14A7 B2A5 6335 B8D5
          created ....: 2015-12-13 06:54:47
    That commit's signature, and the signatures of the previous commits
    which have been signed by the above key, should be trusted as much
    as the signatures made with this key.
Commits on Oct 17, 2017
  1. Add cursor param to BaseCallback.record_add

    akkornel committed Oct 17, 2017
    The cursor exists in the LoggingCallback, and it's described in the
    docs, but it was missing from the BaseCallback method.
    Closes #23
    Reported-by: Matthew Hershberger <>
  2. Merge pull request #26 from matthewh/master

    akkornel committed Oct 17, 2017
    Closes #25
  3. No longer using key 14A7B2A56335B8D5

    akkornel committed Oct 17, 2017
    (First of all:  To VIM and Git, you both suck!  I had to completely
    redo this because you errored out on the first try, and the edit
    message wasn't saved.  That's 15-30 minutes of my life gone.  So,
    again: YOU SUCK!)
    This is an empty commit, in that no files are being changed.  This
    commit is just here to leave a message, which is that I am revoking my
    current signing key:
    Signature key ....: F0C1 EF27 14C5 0582 915C  59F8 14A7 B2A5 6335 B8D5
          created ....: 2015-12-13 06:54:47
    Today (Monday, October 16, 2017) will be the last day I sign anything
    with the above key.
    I am revoking this key because of CVE-2017-15361.  My signing key was
    generated by, and lives on, a Yubikey 4 that is affected by the
    vulnerability described in the CVE.  Once the details of the
    vulnerability are out, it will be possible for others to get my
    signing private key.
    This affects all of my signed commits and tags.  Although re-signing
    the tags is possible (which I will do once I have a new key),
    re-signing commits is not really possible, because that would cause
    the commit ID to change, affecting the rest of the tree, and making it
    really hard for other people.
    So, I am leaving this note.  By leaving this note, I make a new commit
    ID.  Once I have my new key, I will leave another note, which says
    that this commit ID is valid.  That makes kind of a chain of trust,
    even though it's likely that Git will say the signature of this note
    is invalid.
    Not only that, but every commit after this one will make it harder for
    someone to go back and change the note: The more commits there are
    after this note, the more commit IDs will change if this node is
    modified; and the more people who have clones of this repo, the bigger
    the commit difference will be when they do a pull.  Of course, it's
    not perfect, but I think it's better than nothing!
    Maybe there will be a future way to re-sign commits, in a way that
    does not disrupt the repository.
    For reference, here are all of my current tags, and their commit IDs:
    v0.95.1 e2925b9
    v0.95   30b86d0
    v0.94   f8e11e6
    v0.93   78c2fbf
    v0.91   275d3cd
    v0.90   ec08a93
    v0.80   92fd6b6
    v0.75   d802d44
  4. Specify utf-8 encoding

    matthewh committed Oct 16, 2017
Commits on Oct 11, 2017
  1. Arrgh, broken identifier!

    akkornel committed Oct 11, 2017
    Let's also add a link for
  2. Replace references

    akkornel committed Oct 11, 2017 got replaced by syncrepl-client, but the docs weren't updated.
    This commit fixes the docs!
    Closes #22
Commits on Sep 3, 2017
  1. Add STARTTLS support.

    akkornel committed Sep 3, 2017
    This comes in as an additional parameter to the Symcrepl constructor.
    It only works with the ldap method of connection.  STARTTLS is used
    after connecting, and before binding.
Commits on Aug 30, 2017
  1. Actually COMMIT STUFF!

    akkornel committed Aug 30, 2017
    WOW, we really missed commits in some important places!
  2. Use SQLite WAL mode with NORMAL sync

    akkornel committed Aug 30, 2017
    Informal benchmarking shows that, at least in the refresh phase, using
    the WAL journal can dramatically speed up the database.  But, to
    maintain durability, we use the NORMAL synchronous mode.  We also do a
    WAL checkpoint at the end of the refresh phase.
    TODO: Do a checkpoint (and an optimize) from time to time, when in the
    persist phase.
Commits on Aug 28, 2017
  1. Specifically check for Python major jumps

    akkornel committed Aug 28, 2017
    Our original method for checking Python versions breaks when moving
    from Python 2 to Python 3.  It’s mainly because we’re storing our DB
    setting as pickled objects, which has a different issue depending on
    the direction we’re trying to move:
    • From 2 to 3, 3 can read the data, but complains about strings vs.
    • From 3 to 2, 2 can’t read the pickled data from 3 (there’s a newer
    So, we store the major version in its own one-column table.  If there’s
    a mismatch, then we fail before reading anything else.  If the match is
    OK, then we continue as normal.  This assumed that there won’t be any
    major breaks _within_ a Python major version.
  2. Default LDAP search scope to 'sub'

    akkornel committed Aug 28, 2017
    Closes #21.
  3. Block DB migration from Pythons 2 to 3

    akkornel committed Aug 28, 2017
    If running Python 3, we don’t want to accept databases made with Python
    2, because the strings will be different.
  4. Upgrade stored versions in DB

    akkornel committed Aug 28, 2017
    If using an older DB (that is, made in an older Python version, or an
    older software version), then change the version numbers to ours.
  5. Pull Python 3.2-specific code from

    akkornel committed Aug 28, 2017
    We no longer need the special code for Python 3.2, since it isn’t
    supported (see c4cc637).
  6. Confirm 3.3 is minimum Python 3

    akkornel committed Aug 28, 2017
    Due to pyldap/pyldap#117, the lowest Python 3 we support is Python 3.3.
Commits on Aug 27, 2017
  1. Add dev environment setup script

    akkornel committed Aug 27, 2017
    Add a script to set up the development environment.
Commits on Aug 26, 2017
  1. Bump version

    akkornel committed Aug 26, 2017
    Also add a new attribute, the version in tuple form, for DB storage.
  2. Move all optimize and vacuum runs to Syncrepl

    akkornel committed Aug 26, 2017
    Although our db code knows that threading can be an issue, it’s the
    Syncrepl code where threading-related reconnects are performed.  Since
    we were doing an optimize run at db destruction, change that.
    We now expose optimize and vacuum as methods to call.  Syncrepl calls
    vacuum after refresh is done, and optimize on connect, on unbind, and
    right before vacuum.
    We can probably also call optimize occasionally through the run, but
    we’d need to track that somehow.
  3. Client: When threading, reconnect before unbind

    akkornel committed Aug 26, 2017
    The Syncrepl run() method handles database reconnection in the new
    thread, but we call unbind() after the thread has exited, so when we’re
    using threads, we need to reconnect the database first.
  4. DB: Add interrupt routine

    akkornel committed Aug 26, 2017
  5. DB: In clone, move __db initialization up

    akkornel committed Aug 26, 2017
    Setting variables to `None`—as a safety mechanism—needs to be done
  6. DB: Fully remove adapter

    akkornel committed Aug 26, 2017
    sqlite3’s register_adapter is too dangerous, because affects all
    attempts to insert a type into the database, and it’s not possible to
    restrict it to a certain column (as you can with register_converter.
    So, we still use register_converter to de-pickle the `OBJECT` column,
    but we no longer pickle automatically.
  7. client: Add cursor to monkey-patch refresh_done

    akkornel committed Aug 26, 2017
    The client sometimes monkey-patches refresh_done, so we need to add the
    cursor parameter to it.