[email protected] wrote: > On Fri, May 04, 2018 at 09:21:59PM +0000, [email protected] wrote: >> As noted in the OpenLDAP source >> (http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=blob;f=servers/slapd/controls.c;hb=refs/heads/OPENLDAP_REL_ENG_2_4#l323) >> there is an issue with controls being reset with a new extended operation. >> This >> is problematic for a proxy auth mechanism being developed, as it needs to >> have >> the controls preserved while passing an extended op to slapd. >> >> A possibility would be to re-register the control, adding the corresponding >> extended operations, but the parsing function resets them so this >> unfortunately >> is not an option. > > The issue is actually allowing existing controls to be used with newly > registered exops, since the only way to declare the compatibility would > be by re-registering the control. Problem there is that built-in > controls have everything static to controls.c, so it's not even possible > to do that. > > A solution would be to add another piece of API that receives a pair of > (control OID, exop OID), finds the control and adds the OID to the > sc_extendedops(bv) lists. > > Going to do just that (register_control_exop() a decent name?).
Makes sense. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
