[Date Prev][Date Next]
Re: (ITS#5916) Allow alias dereferencing in search C API
On Jan 31, 2009, at 11:21 AM, firstname.lastname@example.org wrote:
> email@example.com wrote:
>> firstname.lastname@example.org wrote:
>>> email@example.com writes:
>>>> Proxy backends use ldap_set_option(3) to set alias dereferencing
>>>> requested by a search operation (and do not clean it up
>>>> afterwards, as
>>>> far as I can tell). Since LDAP handlers are pooled and reused,
>>>> behavior is inherently broken.
>>> I note you committed this with an ldap_int_* interface.
>> Yes, that's because I needed it internally.
> I think ldap_pvt would make more sense.
_int_ means internal to the library. _pvt_ means private to OpenLDAP
> I recall complaining about this deficiency in the API back in 1998,
> when I
> first wrote back-ldap. Alias deref has always been a part of the
> protocol, but
> it has always been missing from the API. Perplexing...
Yes, of course, one might use the client control mechanism to add an
ability to set deref on a call by call basis instead of introducing
yet another function.
>>> But it could
>>> be useful outside OpenLDAP code too.
>> Yes, that will probably be the next step. But to make it publicly
>> available I should have called it ldap_search_ext2, or
>> ldap_search_really_ext or something like that. I think we need to
>> it public based on demand and after a ballot on the name.
>>> Seems to me this is what client-side controls are for. Extending
>>> client-side functionality without needing a new API.
>> Well, since alias dereferencing is part of the protocol, I think
>> using a
>> client-side control is sort of an overkill :)
> -- Howard Chu
> CTO, Symas Corp. http://www.symas.com
> Director, Highland Sun http://highlandsun.com/hyc/
> Chief Architect, OpenLDAP http://www.openldap.org/project/