Some more comments on a sub-set of the attributes.
Quanah Gibson-Mount wrote:
olcReferral -- case ignore match?
It's already declared SUP labeledURI and therefore has caseExactMatch. This makes sense because it could specify an LDAPI URL with case-sensitive socket path name.
olcRootPw -- case exact match?
Any EQUALITY matching rule needed at all? If yes, use EQUALITY octetStringMatch as with userPassword.
olcTCPBuffer -- case ignore match?
Also might contain listener URL. So maybe same like olcReferral even though an LDAPI URI does not make sense with TCP buffers?
olcTLSCipherSuite -- case ignore match?
I don't have a strong opinion on that because I don't have an oversight how the supported crypto libs treat this strings.
olcTLSSECName -- case ignore match?
??? Cannot find this in 2.4 schema. Is that new in 2.5?
olcTLSProtocolMin -- case ignore match?
---------------- BACKENDS ----------------------- --- back-asyncmeta olcDbURI -- case ignore match?
Same like olcReferral.
olcDbURI -- case ignore match?
Same like olcReferral for back-ldap and back-meta.
--- back-sql olcDbHost -- case ignore match?
This could also contain a Unix domain socket? If yes, caseExactMatch.
olcDbName -- case ignore match?
Hmm, I'm not sure. Also not sure about all the attrs containing SQL statements.
--- dds.c olcDDSmaxTtl -- case ignore match? olcDDSminTtl -- case ignore match? olcDDSdefaultTtl -- case ignore match? olcDDSinterval -- case ignore match? olcDDStolerance -- case ignore match?
Why are the TTL attributes strings at all? I see no reason why there are not defined as Integer syntax.
--- memberof.c olcMemberOfDangling -- case ignore match?
This serves as a good example for an enum type. I'd argue that it should be limited to this particular set of lower-cased values.
olcMemberOfGroupOC -- case ignore match? olcMemberOfMemberAD -- case ignore match? olcMemberOfMemberOfAD -- case ignore match?
AFAICS these always reference a single object class or attribute type. So why not declare them with syntax OID? Same suggestion for similar attributes of other overlays.
olcMemberOfDanglingError -- case ignore match?
Is this just the LDAP error code? If yes, define it as Integer.
Ciao, Michael.