Hallvard B Furuseth wrote:
ando@OpenLDAP.org writes:
Tag: OPENLDAP_REL_ENG_2_3entry.c 1.129.2.13 -> 1.129.2.14 import fix to ITS#5071
This (/* require ';binary' when appropriate (ITS#5071) */) is a functionality change which can prevent people from upgrading. I don't think that belongs so late in RE23's life cycle.
You can't load a certificate without ';binary' using ldapadd/ldapmodify; this fix makes slapadd consistent with LDAP operations, so I don't think it's going to break things that much.
Given that without this if you add certificates without ';binary' you won't be able to search with "(userCertificate;binary=*)", nor to get them back by requesting "userCertificate;binary", I believe late or not the pros overcome any cons.
But, of course, I'll be happy to back it up if there's no consensus (I just gave it for granted).
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------