On Jan 31, 2009, at 11:21 AM, hyc(a)symas.com wrote:
> h.b.furuseth(a)usit.uio.no wrote:
>> ando(a)sys-net.it writes:
>>> Proxy backends use ldap_set_option(3) to set alias dereferencing
>>> requested by a search operation (and do not clean it up
>>> afterwards, as
>>> far as I can tell). Since LDAP handlers are pooled and reused,
>>> behavior is inherently broken.
>> I note you committed this with an ldap_int_* interface.
> Yes, that's because I needed it internally.
I think ldap_pvt would make more sense.
_int_ means internal to the library. _pvt_ means private to OpenLDAP
I recall complaining about this deficiency in the API back in 1998,
first wrote back-ldap. Alias deref has always been a part of the
it has always been missing from the API. Perplexing...
Yes, of course, one might use the client control mechanism to add an
ability to set deref on a call by call basis instead of introducing
yet another function.
>> But it could
>> be useful outside OpenLDAP code too.
> Yes, that will probably be the next step. But to make it publicly
> available I should have called it ldap_search_ext2, or
> ldap_search_really_ext or something like that. I think we need to
> it public based on demand and after a ballot on the name.
>> Seems to me this is what client-side controls are for. Extending
>> client-side functionality without needing a new API.
> Well, since alias dereferencing is part of the protocol, I think
> using a
> client-side control is sort of an overkill :)
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/