Re: commit: ldap/servers/slapd entry.c

[Quanah Gibson-Mount <quanah@zimbra.com>]

--On August 3, 2007 11:49:23 PM +0200 Pierangelo Masarati <ando@sys-net.it> 
wrote:

> Hallvard B Furuseth wrote:
> > ando@OpenLDAP.org writes:
> > >       Tag: OPENLDAP_REL_ENG_2_3
> > > 	entry.c  1.129.2.13 -> 1.129.2.14
> > > import fix to ITS#5071
> >
> > This (/* require ';binary' when appropriate (ITS#5071) */) is a
> > functionality change which can prevent people from upgrading.
> > I don't think that belongs so late in RE23's life cycle.
>
> You can't load a certificate without ';binary' using ldapadd/ldapmodify;
> this fix makes slapadd consistent with LDAP operations, so I don't think
> it's going to break things that much.
>
> Given that without this if you add certificates without ';binary' you
> won't be able to search with "(userCertificate;binary=*)", nor to get
> them back by requesting "userCertificate;binary", I believe late or not
> the pros overcome any cons.
>
> But, of course, I'll be happy to back it up if there's no consensus (I
> just gave it for granted).

Looks like a valid bug fix to me.  It simply prevents broken behavior that 
left things in a bad state, so I don't really think it is a functionality 
change.

--Quanah


--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra ::  the leader in open source messaging and collaboration