[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: back-ldap rejects multiple URIs (ITS#3253)



hyc@OpenLDAP.org wrote:

>Full_Name: Howard Chu
>Version: HEAD,2.2.14
>OS: 
>URL: ftp://ftp.openldap.org/incoming/
>Submission from: (NULL) (24.126.120.178)
>Submitted by: hyc
>
>
>If you try to configure multiple target servers in back-ldap using e.g.
>    uri "ldap://server1.foo.bar ldap://server2.foo.bar";
>the uri is rejected because back-ldap calls ldap_url_parse_ext which expects a
>single URL, not a list. The parsed result is saved in li->lud but aside from
>validation in config.c it is never used anywhere else. (back-ldap's Bind
>function only uses the original unparsed URI string.)
>
>I believe the fix for this is to remove lud from the ldapinfo struct, use
>ldap_url_parselist with a temporary pointer and immediately free the result.
>  
>
I think this change came in at some point in an attempt to make referral 
chasing
a bit too clever, i.e. by chaing referrals by entirely parsing the URI. 
 besides fixing
the problem, I think we should consider the opportunity to make URI 
selection
as flexible as possible, since I'm considering the opportunity to make 
it selectable
on a per-operation basis to further expand the rewrite/remap/relay 
capabilities (e.g.
by adding a dnssrv overlay layer, or to allow URI selection based on the 
DN/entry
contents, for content-based database partitioning, and more).

But this is rather for food for -devel...

Ciao, Ando.




    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497