On Fri, May 04, 2018 at 09:21:59PM +0000, quanah(a)openldap.org wrote:
As noted in the OpenLDAP source
there is an issue with controls being reset with a new extended operation. This
is problematic for a proxy auth mechanism being developed, as it needs to have
the controls preserved while passing an extended op to slapd.
A possibility would be to re-register the control, adding the corresponding
extended operations, but the parsing function resets them so this unfortunately
is not an option.
The issue is actually allowing existing controls to be used with newly
registered exops, since the only way to declare the compatibility would
be by re-registering the control. Problem there is that built-in
controls have everything static to controls.c, so it's not even possible
to do that.
A solution would be to add another piece of API that receives a pair of
(control OID, exop OID), finds the control and adds the OID to the
Going to do just that (register_control_exop() a decent name?).
Senior Software Engineer
Symas Corporation http://www.symas.com
Packaged, certified, and supported LDAP solutions powered by OpenLDAP