Howard Chu wrote:

...

The RFCs 4516/2255 hostport part has grammar [host [":" port]], but ldap_url_desc2str() produces [host][":" port].

ldap:// -> host NULL, port 389 -> ldap://:389/??base

That's OK as an ldap_url_parse() OpenLDAP extension, but not as ldap_url_desc2str() output given to non-OpenLDAP applications.

This is a mess. The ldap: scheme definition has always been broken, and it certainly does not conform to the basic URI syntax in RFC3986 section 3. In particular, RFC3986 forbids a URI from containing "//" when the authority component is absent. Looks like RFC4516 should not have been approved in its current state.

Stupid little things like this make me wonder WTF were they smoking when they created LDAP. I no longer ask myself wtf they were thinking, because clearly they weren't...

DNs should have been left in canonical filesystem order, like X.500 tools used. Then we could just treat LDAP URLs like every other hierarchical URL namespace, with relative paths and all the other associated conveniences, and use a single generic parser to handle it all.

It's all so damned moronic.

It's almost aggravating enough to make me switch to pure DAP and leave all of this cruft behind. Mebbe it's time to add a config switch somewhere to set all of slapd and the libraries to default to DCE/X.500 format DNs, and define a new "xdap" URL scheme to go with it.