[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: FW: commit: ldap/servers/slapd acl.c sets.c sets.h

To: hyc@highlandsun.com
Subject: Re: FW: commit: ldap/servers/slapd acl.c sets.c sets.h
From: Pierangelo Masarati <masarati@aero.polimi.it>
Date: Mon, 28 Jan 2002 10:50:29 +0100 (MET)
Cc: openldap-devel@OpenLDAP.org
In-reply-to: <000d01c1a7dd$d892e0c0$1001a8c0@fiddle.symas.com> from Howard Chu at Jan "28," 2002 "01:26:20" am

> Note to anyone feeling ambitious (Mark?) : both sets and ACIs can contain DNs.
> Currently there is code to normalize these DNs as they are being evaluated.
> They should really be normalized once upon storing. For sets this means adding
> some checks to aclparse. For ACIs this means adding some syntax validation to
> schema_init...

I looked at it while we were replacing all the DN parsing and related
code; if I'm not wrong, I recall there being an ambiguity in that
code (the same happens in librewrite) where common text and DNs can
appear in the same place.  Adding DN normalization/prettying to those
strings may not be what we want.  Maybe we'd use some style modifier
as used elsewhere in ACL parsing, e.g. some

	<base> := [{dn}ou=People]
		| [{text}any text]
		| [{regex}<a regex>]    (currently not supported)

and so (see http://www.openldap.org/faq/data/cache/452.html for symbol
explanation).

Ando.

References:
- FW: commit: ldap/servers/slapd acl.c sets.c sets.h
  - From: "Howard Chu" <hyc@highlandsun.com>

Prev by Date: FW: commit: ldap/servers/slapd acl.c sets.c sets.h
Next by Date: Re: FW: commit: ldap/servers/slapd acl.c sets.c sets.h
Index(es):
- Chronological
- Thread