On Jan 31, 2009, at 11:21 AM, hyc@symas.com wrote:
ando@sys-net.it wrote:
h.b.furuseth@usit.uio.no wrote:
ando@sys-net.it writes:
Proxy backends use ldap_set_option(3) to set alias dereferencing when requested by a search operation (and do not clean it up afterwards, as far as I can tell). Since LDAP handlers are pooled and reused, this behavior is inherently broken.
I note you committed this with an ldap_int_* interface.
Yes, that's because I needed it internally.
I think ldap_pvt would make more sense.
_int_ means internal to the library. _pvt_ means private to OpenLDAP Software.
I recall complaining about this deficiency in the API back in 1998, when I first wrote back-ldap. Alias deref has always been a part of the protocol, but it has always been missing from the API. Perplexing...
Yes, of course, one might use the client control mechanism to add an ability to set deref on a call by call basis instead of introducing yet another function.
But it could be useful outside OpenLDAP code too.
Yes, that will probably be the next step. But to make it publicly available I should have called it ldap_search_ext2, or ldap_search_really_ext or something like that. I think we need to make it public based on demand and after a ballot on the name.
Ok.
Seems to me this is what client-side controls are for. Extending the client-side functionality without needing a new API.
Well, since alias dereferencing is part of the protocol, I think using a client-side control is sort of an overkill :)
Agreed.
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/