On Thu, Jun 20, 2013 at 8:49 AM, Jan Kaluža <[email protected]> wrote: > On 06/20/2013 02:41 PM, Eric Covener wrote: >> >> On Thu, Jun 20, 2013 at 8:33 AM, Jan Kaluža <[email protected]> wrote: >>> >>> On 06/20/2013 02:25 PM, Eric Covener wrote: >>>> >>>> >>>> Do you think we should tolerate an error turning referrals off? >>> >>> >>> >>> That's good point. >>> >>> I'm not ldap expert, but I would say we should not tolerate that. Admin >>> has >>> to explicitly disable referrals and if he does that, he probably has some >>> reason why to do it. >>> >>> But if someone more experienced thinks we should tolerate that error, I'm >>> not against. >> >> >> I'm only concerned with someone who was getting by with LDAPReferrals >> OFF because the default gave their SDK an error. Now OFF would be >> fatal too. >> >> But it's not so easy to do a separate "default" option because other >> parts of the code need to know if referrals are being chased. >> > > In this case I think we could change the patch to not call ldap_set_option > for referrals at all unless the admin specifies the value in config file. I > mean to define AP_LDAP_CHASEREFERRALS_UNSET and if the ldc->chaseReferrals > == AP_LDAP_CHASEREFERRALS_UNSET, then do nothing. I can submit patch like > that tomorrow. > > This should be good for everyone, right?
I don't know what that means for other and/or older LDAP SDKs, so I would rather not flip that.
