[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#7301) Improve DNS SRV support in OpenLDAP

--On Tuesday, June 12, 2012 11:25 AM -0700 Howard Chu <hyc@symas.com> wrote:

> quanah@OpenLDAP.org wrote:
>> Full_Name: Quanah Gibson-Mount
>> Version: 2.4.31
>> OS:
>> URL: ftp://ftp.openldap.org/incoming/
>> Submission from: (NULL) (
>> LDAP URI handling via SRV records is not in the library. In
>> particular, an OpenLDAP library client that specifies a
>> (correctly formed or otherwise) LDAP URI of the form:
>> 	ldap:///dc=example,dc=com/
>> will not be connected to the LDAP servers found in the SRV records
>> for _ldap._tcp.example.com. That code is only in the ldapsearch(1)
>> and related tools.
>> The existence of the low-level support functions in the library is
>> of no help to users who want to specify URIs that resolve to the
>> underlying LDAP servers via SRV records.
> Tough luck. Currently ldap:/// means localhost. Changing the library
> behavior here would be a pretty drastic incompatible change and would
> break pretty much all existing software. This has been discussed and shot
> down before, and rejecting this request is the only correct outcome for
> this ITS.

What about an ldap_set_option() parameter for enabling it?

>> Also, the SRV -> host:port list lookup code that is in the library
>> (but not tied to the libraries connection establishment code) is
>> broken, it ignores the weight and priority which is not a good
>> idea, the published SRV priorities and weights must not be ignored.
> priorities/weights are already the subject of ITS#7027.

Ok, so will 7027 be committed, since there is a patch already provided? ;)

The discussion around this started at 



Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
Zimbra ::  the leader in open source messaging and collaboration