jemeterisan@mail.ru wrote:

I had noticed, that the patch, used for 'schema-map.c' doesn't work correct. I hope, You also had checked it up. So what had I found in the function 'backsql_ad2at': The attribute name is stored in 'struct berval' structure, so if You change '.bv_val' from 'userCertificate;binary' to 'userCertificate', You should change '.bv_len' in accordance to strlen(aaa.bv_val) without strlen(";binary").

I assume you refer to a patch that was submitted along with ITS#4868; that patch is absolutely incorrect and in fact it has been rejected. A consistent fix has been applied to hEAD code. It has never been backported to OpenLDAP 2.3 because nobody fed back about it. If you wish to test HEAD code and report success, I'll be happy to backport it to OpenLDAP 2.3 so that it gets released with the next release.

And by the way I want to store 'userCertificate' attribute type in PostrgreSQL.

What type of the field in the table should I use?

Any blob-like format would be fine (although I haven't tested it with PostgreSQL yet).

Just another question to the developers: I've heared that OpenLDAP is sensible to DOS attacks, so, how can I avoid this trouble? And I want to know more about this problem, if possible.

Please direct software use related questions to the openldap-software mailing list.

p.

Ing. Pierangelo Masarati OpenLDAP Core Team

SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------