[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#5916) Allow alias dereferencing in search C API
On Jan 31, 2009, at 11:21 AM, hyc@symas.com wrote:
> ando@sys-net.it wrote:
>> h.b.furuseth@usit.uio.no wrote:
>>> ando@sys-net.it writes:
>>>> Proxy backends use ldap_set_option(3) to set alias dereferencing
>>>> when
>>>> requested by a search operation (and do not clean it up
>>>> afterwards, as
>>>> far as I can tell). Since LDAP handlers are pooled and reused,
>>>> this
>>>> behavior is inherently broken.
>>> I note you committed this with an ldap_int_* interface.
>>
>> Yes, that's because I needed it internally.
>
> I think ldap_pvt would make more sense.
_int_ means internal to the library. _pvt_ means private to OpenLDAP
Software.
> I recall complaining about this deficiency in the API back in 1998,
> when I
> first wrote back-ldap. Alias deref has always been a part of the
> protocol, but
> it has always been missing from the API. Perplexing...
Yes, of course, one might use the client control mechanism to add an
ability to set deref on a call by call basis instead of introducing
yet another function.
>
>
>>> But it could
>>> be useful outside OpenLDAP code too.
>>
>> Yes, that will probably be the next step. But to make it publicly
>> available I should have called it ldap_search_ext2, or
>> ldap_search_really_ext or something like that. I think we need to
>> make
>> it public based on demand and after a ballot on the name.
>
> Ok.
>
>>> Seems to me this is what client-side controls are for. Extending
>>> the
>>> client-side functionality without needing a new API.
>>
>> Well, since alias dereferencing is part of the protocol, I think
>> using a
>> client-side control is sort of an overkill :)
>
> Agreed.
>
> --
> -- Howard Chu
> CTO, Symas Corp. http://www.symas.com
> Director, Highland Sun http://highlandsun.com/hyc/
> Chief Architect, OpenLDAP http://www.openldap.org/project/
>
>