[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: commit: ldap/servers/slapd entry.c





--On August 3, 2007 11:49:23 PM +0200 Pierangelo Masarati <ando@sys-net.it> wrote:

Hallvard B Furuseth wrote:
ando@OpenLDAP.org writes:
      Tag: OPENLDAP_REL_ENG_2_3
	entry.c  1.129.2.13 -> 1.129.2.14
import fix to ITS#5071

This (/* require ';binary' when appropriate (ITS#5071) */) is a functionality change which can prevent people from upgrading. I don't think that belongs so late in RE23's life cycle.

You can't load a certificate without ';binary' using ldapadd/ldapmodify; this fix makes slapadd consistent with LDAP operations, so I don't think it's going to break things that much.

Given that without this if you add certificates without ';binary' you
won't be able to search with "(userCertificate;binary=*)", nor to get
them back by requesting "userCertificate;binary", I believe late or not
the pros overcome any cons.

But, of course, I'll be happy to back it up if there's no consensus (I
just gave it for granted).

Looks like a valid bug fix to me. It simply prevents broken behavior that left things in a bad state, so I don't really think it is a functionality change.


--Quanah


-- Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration