How to best handle DN+String and DN+Binary in OL?
Howard Chu
hyc at symas.com
Sun Jul 11 19:21:27 MDT 2010
Howard Chu wrote:
> Andrew Bartlett wrote:
>> On Sun, 2010-07-11 at 14:16 -0700, Howard Chu wrote:
>>> Andrew Bartlett wrote:
>>>> What is the best way to get OpenLDAP to understand it needs to match on
>>>> and follow references to the DN part of these values?
>>>
>>> Good question. So far the only way to get DN semantics is by using
>>> distinguishedName syntax. In a few places we've also special-cased recognition
>>> of NameAndOptionalUID syntax, but that's not universal. I suppose, if you can
>>> shoehorn your extra blobs into the UID portion, you can use that syntax and we
>>> can figure out where else it needs to be accepted.
>>
>> Looking over the definition of NameAndOptionalUID, shoehorn would
>> certainly be the correct expression... But yes, it looks to me like I
>> just need to convert every binary or string element into a bitstring of
>> it's bits.
>
> Yeah, bitstrings are a PITA. The better way might be to just define a new
> syntax and matching rules that stores exactly what you want. We can define a
> new syntax flag SLAP_SYNTAX_DN_LIKE or somesuch, and change all of those
> places that were hardcoded to look for DN syntax to use this flag instead.
I've added a SLAP_SYNTAX_DN syntax flag for this purpose. Also updated the
deref overlay to use this flag instead of only checking for distinguishedName
syntax.
> If as you say, the blob portion is irrelevant for matching, then you would
> just store the normalized DN portion as the attribute's normalized values, and
> most things that work with DNs will Just Work.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
More information about the samba-technical
mailing list