LDAP SDK differences should really be pushed down into APR-Util. In fact your option #1 would probably be the way to go as long as it was implemented in apr_ldap.h.in and you implemented APR_HAS_ZOS_LDAPSDK that is determined during configure time just like the other SDKs. The #define should also be prefixed with APR_. Unfortunately this creates a version dependancy between HTTPD and APR-Util. This is OK for trunk but a problem for 2.2. The release of APR-Util and HTTPD would have to be coordinated. The fallback is to patch util_ldap.c in some way that doesn't alter the way that the other platforms or SDKs are currently working.
Brad >>> On 2/28/2007 at 8:26 AM, in message <[EMAIL PROTECTED]>, "David Jones" <[EMAIL PROTECTED]> wrote: > Sorry for the delay. > We use our own z/OS specific SDK. There is also a Tivoli SDK , [see Eric > Covener's appends and > http://issues.apache.org/bugzilla/attachment.cgi?id=19394 waiting for > input], which shares some commonality with z/OS (Tivoli can accept the -1 > without a problem, but it acts like 0). > > Thoughts are: > > > 1) LDAP_HAS_ZOS_LDAPSDK isn't an apache define yet. (The Tivoli append adds > a LDAP_HAS_TIVOLI_LDAPSDK to apu-conf.m4, and we would do similar). So if it > shouldn't be put in svn yet skip the top 3 lines and what we're left with > isn't much different than the original hardcoded -1, but at least it puts > some doc in the code about whats going on. > > #ifdef LDAP_HAS_ZOS_LDAPSDK > #define LDAP_LIMIT_VALUE LDAP_NO_LIMIT > #else > #ifdef LDAP_DEFAULT_LIMIT > #define LDAP_LIMIT_VALUE LDAP_DEFAULT_LIMIT > #else > #define LDAP_LIMIT_VALUE -1 /* equivalent to LDAP_DEFAULT_LIMIT */ > #endif > #endif > > 2)Or the flipside, assuming everyone else who defines 0 and not -1 wants to > use 0: > > #ifdef LDAP_HAS_NOVELL_LDAPSDK > #define LDAP_LIMIT_VALUE -1 > #else > #ifdef LDAP_DEFAULT_LIMIT > #define LDAP_LIMIT_VALUE LDAP_DEFAULT_TIME > #else > #ifdef LDAP_NO_LIMIT > #define LDAP_LIMIT_VALUE LDAP_NO_LIMIT > #else > #define LDAP_LIMIT_VALUE -1 > #endif > #endif > #endif > > 3) Or maybe moving it and define a APR_LDAP_DEFAULT_SIZELIMIT instead of > keeping it in util_ldap.c > > 4) Or some complicated(?) conf magic that would involve getting a handle and > then calling ldap_set_option(ldap, LDAP_OPT_SIZELIMIT, -1); and setting > APR_LDAP_DEFAULT_SIZELIMIT to -1 or 0 accordingly. > > > On 2/23/07, Brad Nicholes <[EMAIL PROTECTED]> wrote: >> >> What LDAP client SDK does z/OS use? (Novell, OpenLDAP, Netscape, Other???) >> >> Brad >> >> >>> On 2/22/2007 at 12:52 PM, in message >> <[EMAIL PROTECTED]>, "David >> Jones" >> <[EMAIL PROTECTED]> wrote: >> > Its the z/OS, has LDAP_NO_SIZELIMIT defined. Does not have nor support >> > LDAP_DEFAULT_SIZELIMIT >> > >> > On 2/22/07, Brad Nicholes <[EMAIL PROTECTED]> wrote: >> >> >> >> >>> On 2/22/2007 at 7:12 AM, in message >> >> <[EMAIL PROTECTED]>, "David >> >> Jones" >> >> <[EMAIL PROTECTED]> wrote: >> >> > How about something alone these lines? It assumes there is nobody >> with >> >> > LDAP_DEFAULT_LIMIT undefined AND LDAP_NO_LIMIT defined, but still >> >> supports >> >> > and wishes to use the -1 value. >> >> > >> >> > --- util_ldap.c.defaultlimit Wed Feb 21 16:08:51 2007 >> >> > +++ util_ldap.c.nolimit Thu Feb 15 12:50:09 2007 >> >> > @@ -52,15 +52,9 @@ >> >> > #define LDAP_CA_TYPE_BASE64 2 >> >> > #define LDAP_CA_TYPE_CERT7_DB 3 >> >> > >> >> > -#ifdef LDAP_DEFAULT_LIMIT >> >> > -#define LDAP_LIMIT_VALUE LDAP_DEFAULT_LIMIT >> >> > -#else >> >> > -#ifndef LDAP_NO_LIMIT /* Have neither LDAP_DEFAULT_LIMIT or >> >> LDAP_NO_LIMIT >> >> > */ >> >> > -#define LDAP_LIMIT_VALUE -1 >> >> > -#else /* Have LDAP_NO_LIMIT, but not >> >> LDAP_DEFAULT_LIMIT */ >> >> > -#define LDAP_LIMIT_VALUE LDAP_NO_LIMIT >> >> > -#endif /* !LDAP_NO_LIMIT */ >> >> > -#endif /* LDAP_DEFAULT_LIMIT */ >> >> > +#ifndef LDAP_NO_LIMIT >> >> > +#define LDAP_NO_LIMIT -1 >> >> > +#endif >> >> > >> >> > module AP_MODULE_DECLARE_DATA ldap_module; >> >> > >> >> > @@ -680,7 +674,7 @@ >> >> > /* search for reqdn */ >> >> > if ((result = ldap_search_ext_s(ldc->ldap, (char *)reqdn, >> >> > LDAP_SCOPE_BASE, >> >> > "(objectclass=*)", NULL, 1, >> >> > - NULL, NULL, NULL, >> LDAP_LIMIT_VALUE, >> >> > &res)) >> >> > + NULL, NULL, NULL, LDAP_NO_LIMIT, >> >> &res)) >> >> > == LDAP_SERVER_DOWN) >> >> > { >> >> > ldc->reason = "DN Comparison ldap_search_ext_s() " >> >> > @@ -958,7 +952,7 @@ >> >> > if ((result = ldap_search_ext_s(ldc->ldap, >> >> > (char *)basedn, scope, >> >> > (char *)filter, attrs, 0, >> >> > - NULL, NULL, NULL, >> LDAP_LIMIT_VALUE, >> >> > &res)) >> >> > + NULL, NULL, NULL, LDAP_NO_LIMIT, >> >> &res)) >> >> > == LDAP_SERVER_DOWN) >> >> > { >> >> > ldc->reason = "ldap_search_ext_s() for user failed with >> server >> >> > down"; >> >> > @@ -1198,7 +1192,7 @@ >> >> > if ((result = ldap_search_ext_s(ldc->ldap, >> >> > (char *)basedn, scope, >> >> > (char *)filter, attrs, 0, >> >> > - NULL, NULL, NULL, >> LDAP_LIMIT_VALUE, >> >> > &res)) >> >> > + NULL, NULL, NULL, LDAP_NO_LIMIT, >> >> &res)) >> >> > == LDAP_SERVER_DOWN) >> >> > { >> >> > ldc->reason = "ldap_search_ext_s() for user failed with >> server >> >> > down"; >> >> > >> >> >> >> Maybe I missed this before, but what platform or LDAP SDK does this >> fail >> >> on? The Novell LDAP SDK obviously supports LDAP_DEFAULT_SIZELIMIT (-1) >> and >> >> according to the OpenLDAP source code, it also supports the same >> >> functionality if the value of sizelimit is -1 even though it does not >> >> specifically define LDAP_DEFAULT_SIZELIMIT. I don't know what the >> Netscape >> >> or Microsoft SDKs support other than the fact that we have been passing >> >> those SDKs the same -1 value without a problem. I believe that the >> only >> >> reason why we see the hardcoded -1 rather than a #define is simply >> because >> >> not all of the SDKs provide a #define yet they all seems to support the >> >> functionality. We just need to validate that theory. >> >> >> >> Brad >> >> >> > >> >> >
