Pierangelo Masarati wrote:
Hallvard B Furuseth wrote:
> Howard Chu writes:
>> The documentation for this feature presents a bit of a problem, since
>> most of the functionality of librewrite is documented in
>> slapo-rwm(5). When SLAP_AUTH_REWRITE is defined (which it is, whenever
>> --enable-rewrite is used) then all of librewrite's capabilities really
>> should be in the main slapd documentation.
> Possibly big enough to move to a slapd.rewrite(5) page.
I don't want to add too much burden to this thread, but librewrite is
showing the signs of age. It needs some reworking. I think Howard
started working to (or at least though about) adding some callback
Yes, the callback framework went into HEAD a couple weeks ago. This commit
was the slapd side of the implementation.
Things like the LDAP map should definitely be reworked
that way, so that slapd internals relying on that feature can use
internal searches rather than resorting to a real LDAP operation. One
thing that would improve and streamline much of the code is the use of
bervals for the whole API. Unless that library got in use outside of
OpenLDAP's suite (I personally used it in a couple of projects, but I
can easily rework them), the current API could be preserved replacing
char* with BerValue*; otherwise a rewrite_bv_*() API could be designed,
and the current one could be wrapped around it.
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
Chief Architect, OpenLDAP http://www.openldap.org/project/