Re: Replacement for ldap_sort_entries

[Pierangelo Masarati <pierangelo.masarati@polimi.it>]

On 24/06/2015 16:37, Côme BERNIGAUD wrote:
> On 2015-06-24 16:19, Michael Ströder wrote:
> > Côme BERNIGAUD wrote:
> > > I’m trying to get rid of the -DLDAP_DEPRECATED=1 option when 
> > > building the
> > > php-ldap module.
> > > For other functions it went fine but the php function ldap_sort is 
> > > using
> > > ldap_sort_entries which is deprecated with no replacement.
> > > As I can’t remove ldap_sort from PHP API, I need to find a way to 
> > > replace this
> > > function call if I want to get rid of deprecated calls.
> >
> > How about reimplementing it in PHP?
>
> Not sure if you mean in the PHP language or in the PHP binary. The 
> first one is not possible if I’m not mistaking, the second one is 
> indeed what I’d like to do but not sure how.
>
> I need the API to stay exactly the same.
> ldap_sort is called after the call to ldap_search and before the call 
> to ldap_get_entries.
> So it needs to work on the result themselves so that they are sorted 
> when the next ldap accessing results function is called.
> That’s why it needs to be done in the C code. And that’s why it needs 
> access to the LDAPMessage struct which is internal to OpenLDAP as far 
> as I understood things.
The logic of that sorting is broken.  Sorting by DN (or by value) 
requires the knowledge of the syntax and matching rule(s) of the 
corresponding attributes.  First of all, the client is not supposed to 
know much about it.  Second, a wise implementation would normalize 
values (or DNs), then sort.  An accurate implementation of those 
functionalities based on the deprecated API would be at least 
inefficient.  It would be much wiser to do the sorting at the client's 
side, after extracting data from the LDAP results.  And the PHP 
interface should deprecate those functions as well.

p.


--
Pierangelo Masarati
Associate Professor
Dipartimento di Scienze e Tecnologie Aerospaziali
Politecnico di Milano