[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Rewrite "lifting" (Was: commit: ldap/servers/slapd sasl.c sl_malloc.c connection.c proto-slap.h)

Pierangelo Masarati wrote:
Hallvard B Furuseth wrote:
Howard Chu writes:
The documentation for this feature presents a bit of a problem, since
most of the functionality of librewrite is documented in
slapo-rwm(5). When SLAP_AUTH_REWRITE is defined (which it is, whenever
--enable-rewrite is used) then all of librewrite's capabilities really
should be in the main slapd documentation.

Possibly big enough to move to a slapd.rewrite(5) page.

I don't want to add too much burden to this thread, but librewrite is showing the signs of age. It needs some reworking. I think Howard started working to (or at least though about) adding some callback capabilities.

Yes, the callback framework went into HEAD a couple weeks ago. This commit was the slapd side of the implementation.

Things like the LDAP map should definitely be reworked
that way, so that slapd internals relying on that feature can use direct internal searches rather than resorting to a real LDAP operation. One thing that would improve and streamline much of the code is the use of bervals for the whole API. Unless that library got in use outside of OpenLDAP's suite (I personally used it in a couple of projects, but I can easily rework them), the current API could be preserved replacing char* with BerValue*; otherwise a rewrite_bv_*() API could be designed, and the current one could be wrapped around it.

  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc
  Chief Architect, OpenLDAP     http://www.openldap.org/project/