[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: c_peer_name unavailable to CLDAP clients

To: lukeh@PADL.COM
Subject: Re: c_peer_name unavailable to CLDAP clients
From: Howard Chu <hyc@symas.com>
Date: Thu, 02 Sep 2004 03:55:21 -0700
Cc: openldap-devel@OpenLDAP.org
In-reply-to: <200409010343.NAA20195@au.padl.com>
References: <200409010343.NAA20195@au.padl.com>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8a2) Gecko/20040714

Luke Howard wrote:

Because connectionless clients share a single connection structure,
their address (ie.  the peer address) cannot be associated with a
connection. However, it would be useful to have the peer address
stored as part of the operation structure, so it can be made
available to SLAPI plugins.

Thoughts?

What exactly would you want to do with this information? Since the UDP transport has no integrity checking of any kind, and only anonymous requests are supported, I don't see that you can make any meaningful policy decisions here. The address is logged for informational purposes, but relying on it for anything else seems like a bad idea.

--
 -- Howard Chu
 Chief Architect, Symas Corp.       Director, Highland Sun
 http://www.symas.com               http://highlandsun.com/hyc
 Symas: Premier OpenSource Development and Support

Follow-Ups:
- Re: c_peer_name unavailable to CLDAP clients
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

References:
- c_peer_name unavailable to CLDAP clients
  - From: Luke Howard <lukeh@PADL.COM>

Prev by Date: Re: Overlays: freeing resources on a hijacked Operation
Next by Date: Re: leaks (was: releng plans)
Index(es):
- Chronological
- Thread