Graham Leggett wrote:
William A. Rowe, Jr. wrote:
I would be +1 to simply remove auth_ldap from APR 1.0, and reintroduce
the entire feature in the new APR 1.1 (which we can start development
on immediately.) And that presumes httpd 2.1/2.2 will depend on the
1.1 release of apr-util.
I hate to hold up 1.0 any further. I would hate to release apr-util as-in
even more. Thoughts or comments about my solution above?
Why (I feel I have to ask) is this ONLY just coming to light now?
The main fooness is in apr_ldap_url.c. Can we not mark this code as deprecated in v1.0, which should hopefully warn alert coders that the code should not be used, and can be pointed out to coders who are asleep otherwise if they moan.
How much work is needed to fix it? What exactly is broken about it?
Ripping it out is a whole lot of work best avoided IMHO.
Let's take the course of least action shall we?
Is this release creating a record for being the longest in history?
I'm away for most of the rest of the week. I had hoped to have RC5 rolled today, but guess that isn't going to happen now. *sigh*
david
