Logged in as guest
Viewing Software Enhancements/5330 Full headers
Major security issue: yes no
Notes: Notification:
Date: Fri, 18 Jan 2008 18:13:09 GMT From: h.b.furuseth@usit.uio.no To: openldap-its@OpenLDAP.org Subject: back-null upgrade
Full_Name: Hallvard B Furuseth Version: HEAD OS: URL: Submission from: (NULL) (129.240.6.233) Submitted by: hallvard I'll be upgrading back-null a bit. At the moment just support for Back-config, Modify-Increment Extension and empty rootpw. Maybe grow it to a useful template of a nontrivial backend later (after I learn how to write that), with access control, referrals, various extensions... Might be almost-unused and thus subject to code rot, but less so than documentation of the backend API. However I imagine that could slow it down somewhat, so it might become less useful when used to benchmark backends. (E.g. if you run a test with some backend, then with back-null, diff the time to see how much was spent in the backend.)
Date: Mon, 21 Jan 2008 05:12:55 -0800 From: Howard Chu <hyc@symas.com> To: h.b.furuseth@usit.uio.no CC: openldap-its@openldap.org Subject: Re: (ITS#5330) back-null upgrade
h.b.furuseth@usit.uio.no wrote: > Full_Name: Hallvard B Furuseth > Version: HEAD > OS: > URL: > Submission from: (NULL) (129.240.6.233) > Submitted by: hallvard > > > I'll be upgrading back-null a bit. At the moment just support for > Back-config, Modify-Increment Extension and empty rootpw. > Maybe grow it to a useful template of a nontrivial backend later > (after I learn how to write that), with access control, referrals, > various extensions... Might be almost-unused and thus subject to > code rot, but less so than documentation of the backend API. > > However I imagine that could slow it down somewhat, so it might > become less useful when used to benchmark backends. (E.g. if you > run a test with some backend, then with back-null, diff the time > to see how much was spent in the backend.) I don't believe back-null should ever handle access controls or referrals. It shouldn't have any config options at all, really. Create some other backend if you want a dummy template that shows how all the other APIs are tied in. -- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no> Date: Wed, 30 Jan 2008 11:03:38 +0100 To: hyc@symas.com Cc: openldap-its@openldap.org Subject: Re: (ITS#5330) back-null upgrade
hyc@symas.com writes: > h.b.furuseth@usit.uio.no wrote: >> I'll be upgrading back-null a bit. At the moment just support for >> Back-config, Modify-Increment Extension and empty rootpw. > >> Maybe grow it to a useful template of a nontrivial backend later >> (after I learn how to write that), with access control, referrals, >> various extensions... Might be almost-unused and thus subject to >> code rot, but less so than documentation of the backend API. >> (...) > > I don't believe back-null should ever handle access controls or > referrals. OK. However it shouldn't need to _handle_ referrals, since it can have no referral objects. I think the complete implementation would be to set SLAP_BFLAG_REFERRALS and LDAP_CONTROL_MANAGEDSAIT in the init function. Assuming the default_referral code in BDB which neither of us understand (ITS#5339) is unnecessary. SLAP_BFLAG_INCREMENT and (I think) LDAP_CONTROL_X_PERMISSIVE_MODIFY can be set without needing any extra code, and LDAP_CONTROL_NOOP will need one line for the update functions. > It shouldn't have any config options at all, really. Does that mean I shouldn't add back-config support either? I do find "bind on" useful. And it would be convenient to accept and ignore the "directory" option, so it can be used as a drop-in replacement for a minimal back-bdb/back-ldif config. My current motivation is nothing major, just to push back-null through "cd tests/ && ./run -b null all". > Create some other backend if you want a dummy template that shows how > all the other APIs are tied in. OK. Just need to think of something for it to do... -- Hallvard
______________ © Copyright 2013, OpenLDAP Foundation, info@OpenLDAP.org
