OpenLDAP
Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest

Viewing Software Enhancements/5330
Full headers

From: h.b.furuseth@usit.uio.no
Subject: back-null upgrade
Compose comment
Download message
State:
0 replies:
2 followups: 1 2

Major security issue: yes  no

Notes:

Notification:


Date: Fri, 18 Jan 2008 18:13:09 GMT
From: h.b.furuseth@usit.uio.no
To: openldap-its@OpenLDAP.org
Subject: back-null upgrade
Full_Name: Hallvard B Furuseth
Version: HEAD
OS: 
URL: 
Submission from: (NULL) (129.240.6.233)
Submitted by: hallvard


I'll be upgrading back-null a bit.  At the moment just support for
Back-config, Modify-Increment Extension and empty rootpw.


Maybe grow it to a useful template of a nontrivial backend later
(after I learn how to write that), with access control, referrals,
various extensions...  Might be almost-unused and thus subject to
code rot, but less so than documentation of the backend API.

However I imagine that could slow it down somewhat, so it might
become less useful when used to benchmark backends.  (E.g. if you
run a test with some backend, then with back-null, diff the time
to see how much was spent in the backend.)


Followup 1

Download message
Date: Mon, 21 Jan 2008 05:12:55 -0800
From: Howard Chu <hyc@symas.com>
To: h.b.furuseth@usit.uio.no
CC: openldap-its@openldap.org
Subject: Re: (ITS#5330) back-null upgrade
h.b.furuseth@usit.uio.no wrote:
> Full_Name: Hallvard B Furuseth
> Version: HEAD
> OS:
> URL:
> Submission from: (NULL) (129.240.6.233)
> Submitted by: hallvard
>
>
> I'll be upgrading back-null a bit.  At the moment just support for
> Back-config, Modify-Increment Extension and empty rootpw.

> Maybe grow it to a useful template of a nontrivial backend later
> (after I learn how to write that), with access control, referrals,
> various extensions...  Might be almost-unused and thus subject to
> code rot, but less so than documentation of the backend API.
>
> However I imagine that could slow it down somewhat, so it might
> become less useful when used to benchmark backends.  (E.g. if you
> run a test with some backend, then with back-null, diff the time
> to see how much was spent in the backend.)

I don't believe back-null should ever handle access controls or referrals. It 
shouldn't have any config options at all, really. Create some other backend if 
you want a dummy template that shows how all the other APIs are tied in.

-- 
   -- Howard Chu
   Chief Architect, Symas Corp.  http://www.symas.com
   Director, Highland Sun        http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP     http://www.openldap.org/project/



Followup 2

Download message
From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
Date: Wed, 30 Jan 2008 11:03:38 +0100
To: hyc@symas.com
Cc: openldap-its@openldap.org
Subject: Re: (ITS#5330) back-null upgrade
hyc@symas.com writes:
> h.b.furuseth@usit.uio.no wrote:
>> I'll be upgrading back-null a bit.  At the moment just support for
>> Back-config, Modify-Increment Extension and empty rootpw.
>
>> Maybe grow it to a useful template of a nontrivial backend later
>> (after I learn how to write that), with access control, referrals,
>> various extensions...  Might be almost-unused and thus subject to
>> code rot, but less so than documentation of the backend API.
>> (...)
>
> I don't believe back-null should ever handle access controls or
> referrals.

OK.  However it shouldn't need to _handle_ referrals, since it can have
no referral objects.  I think the complete implementation would be to
set SLAP_BFLAG_REFERRALS and LDAP_CONTROL_MANAGEDSAIT in the init
function.  Assuming the default_referral code in BDB which neither of us
understand (ITS#5339) is unnecessary.

SLAP_BFLAG_INCREMENT and (I think) LDAP_CONTROL_X_PERMISSIVE_MODIFY can
be set without needing any extra code, and LDAP_CONTROL_NOOP will need
one line for the update functions.

> It shouldn't have any config options at all, really.

Does that mean I shouldn't add back-config support either?

I do find "bind on" useful.  And it would be convenient to accept and
ignore the "directory" option, so it can be used as a drop-in
replacement for a minimal back-bdb/back-ldif config.


My current motivation is nothing major, just to push back-null through
"cd tests/ && ./run -b null all".

> Create some other backend if you want a dummy template that shows how
> all the other APIs are tied in.

OK.  Just need to think of something for it to do...

-- 
Hallvard


Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest


The OpenLDAP Issue Tracking System uses a hacked version of JitterBug

______________
© Copyright 2013, OpenLDAP Foundation, info@OpenLDAP.org