Re: (ITS#6531) Modify updateref to generate referrals on the backend - openldap-bugs

24 Apr 2010


      ...
Full_Name: Ryan Steele
Version: 2.4.18
OS: Ubuntu Server
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (207.106.239.81)
Per conversation on the #openldap IRC channel on Freenode with Howard Chu,
it
has been deemed appropriate to modify the behavior of updateref to answer
referrals on the backend.  This would allow one to use updateref to
automatically chase referrals for individual backends, instead of it being
all
or nothing.  Here is the tail end of the channel conversation:
<hyc> when you configure an updateref on a backend, that referral is only
generated in the frontend so putting the overlay on the database, misses
it...
<rgsteele> Well, I am intending to set an updateref on that backend
<hyc> then you have a problem
<rgsteele> Hm, so you can't do automatic referrals on individual backends
then?
<rgsteele> That was my original question, or at least the intent of it.
<hyc> not using updateref, no
<rgsteele> Does your response imply there's another way?
<hyc> probably we should fix updateref to be generated at the backend
level
<rgsteele> That would be good - I'd be happy to write tests or something
to help
with that.
<hyc> the "other way" is the normal referral mechanism - using referral
entries
inside a database
<hyc> but like I said, updateref is a relic, we've carried it forward
without
really adapting it
<hyc> probably should file an ITS about this
<rgsteele> Interesting, I wasn't aware of that method. I'll have to do
some
research on that - thanks! Also, is there anything I can do to help get
the
process of fixing updateref to generate referrals on the backend?
<rgsteele> I can file the ITS if you like?
<hyc> go ahead
It is correct that referrals are generated by the frontend, but the
frontend uses information contained in the updateref of each database. 
The slapo-chain needs to be global, in order to intercept those referrals.
Although redesigning referral generation in slapd could streamline things,
I don't quite see what issues can't be addressed using a global instance
of slapo-chain.  You can configure referral chasing differently for
different domains using the chain-uri directive.  I favor fixing only
what's actually broken.
p.