[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: commit: ldap/servers/slapd config.c proto-slap.h schema_init.c slap.h

Hallvard B Furuseth wrote:

Hallvard B Furuseth writes:

I'm talking about the situation where you have a presence index but not
a substring index:

OK. As I understood the idea, it would apply to the above situation. I.e., when no substring indexing is configured for an attribute, but it does have a presence index.

No, I'm also talking about when we do have a substring index, but where
too small search strings are provided - in particular for more complex
queries. And I think I'm also talking about saying good night:-)

I don't think we'd change this. The former situation would be handled entirely in the backend, the latter situation would have to be handled in the frontend. But the frontend currently doesn't handle presence keys, we would need to move that from the backend into the frontend to make this change. And since back-bdb and back-ldbm don't use the same format for presence keys, unifying them in the frontend would require one or both of them to undergo an incompatible database format change.

The unchecked limit would make (mail=*foo*) fail at
once, while (mail=*) might narrow it down enough that the server would
then trawl through a lot of entries - often only to fail to find

Nobody can predict whether such a search would more often fail or succeed, that conclusion is unsupportable. I'm somewhat opposed to setting up mechanisms that prevent a user from retrieving data that exists and the user is authorized to access. But since refining the search (with longer search strings) should allow the search to progress, I guess I don't care too strongly about it.

 -- Howard Chu
 Chief Architect, Symas Corp.       Director, Highland Sun
 http://www.symas.com               http://highlandsun.com/hyc
 Symas: Premier OpenSource Development and Support