Turbo Fredriksson wrote:
You should note some other odds in input/output, since normalization/prettification is consistently used on ACI values. You might also notice some performance improvement, since now access checking heavily relies on the presence of normalized values.
Sorry, but can you take that again, slower? :)
The point is that starting with re23, ACI values in the database are assumed to be normalized. When evaluating access checking, each value is parsed under that assumption, so minimal consistency checking is done. This is supposed to:
- early detect inconsistencies; earlier, (almost) any value was accepted without checks; errors would possibly be detected while evaluating access, and values that couldn't be parsed would be sort of ignored
- reduce the effort required to evaluate access: DNs no longer need to be normalized for __every__access control, and things like that
Normalization rules shouldn't have changed, so there should be no need to dump/reload your database.
Between re22 and re23? Or re23 and re24?
between re23 and re23 after this fix. If normalization rules change, values that already are in the database, and are assumed to be fine, may no longer be valid. This would require a complete dump and reload of the database to make sure that the new normalization rules are in effect. This should not be the case, since the change that's now in re23 does not restrict the syntax; it actually looses it, so more values are accepted, but resulting in the same normalized form.
Of course, as stated in the OpenLDAP license, you're on your own, there's no warranty that no database reload is required ;).
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ------------------------------------------ Office: +39.02.23998309 Mobile: +39.333.4963172 Email: pierangelo.masarati@sys-net.it ------------------------------------------