[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Liberal parsing of schema elements (ITS#1996)

Kurt D. Zeilenga wrote:
> To prevent garbage out, we prevent garbage in.

I understand that OpenLDAP is a reference implementation of LDAPv3 
and therefore the main goal is to strictly adhere to the standards.

But many people using it as a base for developing client apps 
accessing other LDAP servers violating the standard 
(Netscape/iPlanet DS, Novell eDirectory, Domino/LDAP R5, etc.).

Regarding this specific issue here you already have some constants 
to allow a more liberal schema element parsing. That's what I 
suggest to leverage. Off course using these flags makes the 
application responsible for sanitizing the data / handle tricky 
situations if necessary.

Note that I do *not* vote here to make the schema parsing on the 
server-side more liberal. I'm solely talking about client-side 
parsing in my own apps.

> If someone takes the time to allow garbage in (liberal in
> what you accept) in a manner which doesn't cause garbage
> out (strict in what you send), I'm fine with allowing
> such into the distribution.  Patches welcomed.

Well, this really depends on what you expect the application to 
send. As I said before IMHO schema-aware applications should not 
send an OID in any case. OIDs should be treated as opaque index to 
a local schema registry (except some hard-coded LDAP syntaxes). 
That's how I'm currently designing it for python-ldap. The 
attribute type and object class names are what appear in 
LDAPRequests sent to the LDAP server.

Ciao, Michael.