Re: commit: ldap/servers/slapd/overlays pcache.c

[Howard Chu <hyc@symas.com>]

Jong-Hyuk wrote:

> > I've added a backend_startup_one() to condense some of this code. Some
> > more refinement may be nice. But I agree, the creator of the internal
> > database ought to control what other features it needs.

> Hmm... in the proxy cache case, the desired behavior would be to inherit the
> features of the original backend, back-ldap. In fact, a copy is performed in
> proxy_cache_init() { ... cm->db = *be; ... }, but this is done before the
> features are initialized in backend_startup(). Hence, an apparently better
> solution is to move the copy into proxy_cache_open(). This applies to

Yes. I thought of this before and thought there was a problem with it, 
to do with keeping the proper cm->db.bd_info. But I guess that's simple 
enough to work around.

> be_acl, be_pending_csn_list, and be_context_csn. The access control of the
> proxy cache internal database should be set to that of back-ldap, because
> the internal database is accessed by the requesting user when the query is
> answerable. The current code seems to apply the access control of the
> internal database which is incorrect.

The assumption is that overlays are configured after their parent 
backends, so be_acl is already fully initialized before the overlay gets 
control.

For the proxy cache there's barely any need to keep a separate BackendDB 
structure, except for the SLAP_DBFLAG_NO_SCHEMA_CHECK on the internal 
database. I suppose if we added a NO_SCHEMA_CHECK flag to the Operation 
somewhere, we could get rid of this.
--
  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support