On Thu, Aug 28, 2008 at 7:45 AM, Pierangelo Masarati <ando@sys-net.it> wrote:

Nicholas Dronen wrote:

That's good news. We're currently using OpenLDAP 2.2.13, which is the
version included in RedHat EL 4.6. (RedHat is apparently quite conservative
in the versions of the packages they include in their distribution.) The
next release of our product will run on RedHat EL 5.x, which comes with
OpenLDAP 2.3.27, so we should be okay in the long run.

Sort of: 2.3 is now at 2.3.43, with a quite long list of bugfixes (~500? not to mention new useful features).

Hi, Pierangelo:

Unfortunately, we're more or less at the mercy of Red Hat when it comes to the versions of packages that are included in their distribution. We use a commercial version, not Fedora, for support reasons. In this particular case, the fact that we were exceeding the default limit of 1024 file descriptors for select(2) resulted in pam_authenticate blocking for up to four minutes, which is a huge problem in a production system, enough to justify including a rebuilt RPM. Generally, JPam's use of libldap is pretty simple -- just enough to bind and authenticate a user -- so as long as that basic functionality works as desired, we should be okay with 2.3.27. :-) If we're not, then we'll have to include our own RPM.

That being said, where can I view the list of bug fixes that are in 2.3.43?

Regards,

Nick