[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5916) Allow alias dereferencing in search C API

On Jan 31, 2009, at 11:21 AM, hyc@symas.com wrote:

> ando@sys-net.it wrote:
>> h.b.furuseth@usit.uio.no wrote:
>>> ando@sys-net.it writes:
>>>> Proxy backends use ldap_set_option(3) to set alias dereferencing  
>>>> when
>>>> requested by a search operation (and do not clean it up  
>>>> afterwards, as
>>>> far as I can tell).  Since LDAP handlers are pooled and reused,  
>>>> this
>>>> behavior is inherently broken.
>>> I note you committed this with an ldap_int_* interface.
>> Yes, that's because I needed it internally.
> I think ldap_pvt would make more sense.

_int_ means internal to the library.  _pvt_ means private to OpenLDAP  

> I recall complaining about this deficiency in the API back in 1998,  
> when I
> first wrote back-ldap. Alias deref has always been a part of the  
> protocol, but
> it has always been missing from the API. Perplexing...

Yes, of course, one might use the client control mechanism to add an  
ability to set deref on a call by call basis instead of introducing  
yet another function.

>>> But it could
>>> be useful outside OpenLDAP code too.
>> Yes, that will probably be the next step.  But to make it publicly
>> available I should have called it ldap_search_ext2, or
>> ldap_search_really_ext or something like that.  I think we need to  
>> make
>> it public based on demand and after a ballot on the name.
> Ok.
>>> Seems to me this is what client-side controls are for.  Extending  
>>> the
>>> client-side functionality without needing a new API.
>> Well, since alias dereferencing is part of the protocol, I think  
>> using a
>> client-side control is sort of an overkill :)
> Agreed.
> -- 
>   -- Howard Chu
>   CTO, Symas Corp.           http://www.symas.com
>   Director, Highland Sun     http://highlandsun.com/hyc/
>   Chief Architect, OpenLDAP  http://www.openldap.org/project/