[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#4868) Binary Attribute Patch(es)

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#4868) Binary Attribute Patch(es)
From: ando@sys-net.it
Date: Wed, 14 Mar 2007 21:06:08 GMT

Kevin Vargo wrote:
> So, in ad.c [ad_inlist], the AttributeDescription (*desc) does not
> have it's flags set 'properly.'  That is, apparently within that
> structure there are flags and tags, during the parsing of the schema,
> the flags and tags get set properly (same file [slap_bv2ad]): 
> desc.ad_flags |= SLAP_DESC_BINARY;
> 
> That means that, in ad_inlist, the desc's name still has ";binary" in
> it, and no flags set.  I find that if I map this condition as an
> entry in the if/else cascade -- right after checking the flags, but
> before the if-fail on flag compare -- the data is properly returned.
> (I'll generate a patch, if that's an appropriate thing to do/place to
> do it.)

Not sure I understood - waiting for your patch...

> However, there remains a problem: other LDAP Servers appear to return
> the 'attribute-name' requested (userCertificate;binary::) to describe
> the data.  Now that the data is being returned, it's being returned
> without the ";binary" option -- as 'userCertificate::'.  Per
> ITS#3113, ";binary" is obsoleted?

To be honest, I'm not sure I have ever clearly understood that ";binary"
issue, and I don't have time to dig out the documentation, learn about
it, and check the code, since the whole stuff seems to be obsolete.

> Is there a compatibility mode that can be optioned to support this?

None that I know of.

> Obsoleted and back-wards compatibility being in conflict..... 

I think compatibility with obsolete stuff is something that may easily
get in conflict with open source, volunteer developed software.
Volunteers tend to concentrate scarce resources on important things, and
preserving compatibility with obsolete (often broken) stuff is first of
all a waste of scarce resources, and second, but not least, reduces
pressure on obsolete (broken) software makers, which typically are not
volunteers but actually get paid for (obsolete/broken stuff).  Having
said this, you may find volunteers that, pushed by their own needs like
to spend time supporting obsolete/broken stuff for the simple reason
they need it.

> i.e.
> is there a way to say "return the attribute by name-requested instead
> of schema-name?"

No.  This question has been raised many times, and the answer has always
been like that.  All you could do is hack slap_send_search_entry() in
servers/slapd/result.c.

p.

Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office:   +39.02.23998309
Mobile:   +39.333.4963172
Email:    pierangelo.masarati@sys-net.it
------------------------------------------

Prev by Date: Re: (ITS#4868) Binary Attribute Patch(es)
Next by Date: (ITS#4878) removal of duplicate variables in slapd
Index(es):
- Chronological
- Thread