Jyri Virkki wrote:
> Jeff Trawick wrote:
>
>> The native Solaris LDAP and OpenLDAP SDKs implement some of the
>> same symbols. Any libraries loaded into the same process as
>> APR-Util and Apache must use the same LDAP SDK, or the behavior
>> is undefined.
>>
>> There are believed to be no other users of the APR-Util LDAP
>> interfaces besides Apache, but it is is unknown if there are
>> other users of APR-Util in general which separately use LDAP.
>> The LDAP SDK use in APR-Util is segregated to the separate
>> library apr_ldap.so which is loaded dynamically if APR-Util
>> LDAP functions are called, so it shouldn't be a problem for
>> such APR-Util applications which separately use LDAP.
>>
>
> Since this is the potentially controversial part of the proposal, the
> spec should preemptively answer questions about it.
>
> "unknown" and "shouldn't" are bad words in an ARC case...
>
> I recommend checking a recent nevada build to list everything which
> links with APR and confirming those app(s) don't have any issues with
> the change and documenting that investigation. For approval, the case
> needs to convincingly show this change won't cause breakage elsewhere
> in nevada/OpenSolaris.
>
>
That was a global statement for all platforms, which is necessarily
imprecise ("There are believed to be no other users of the APR-Util LDAP
interfaces besides Apache, but it is is unknown if there are other users
of APR-Util in general which separately use LDAP.")
As far as references to libaprutil in Nevada (b105), there are (after
running ldd on all executable files under /usr and /opt)
1. Apache and its commands in SUNWapch22
these currently reference Solaris libldap because Apache uses it, but
that will be changed by this project
2. mod_perl's APR.so (no reference to APR-Util ldap functions), also
packaged within SUNWapch22
not impacted since it doesn't use the native LDAP SDK
it references Solaris libldap, but ldd -u reports it as unused
3. many Subversion commands and libraries in SUNWsvn
all of these also reference Solaris libldap, but ldd -u reports it as unused
4. Subversion Perl interface in SUNWsvn-perl
all of these also reference Solaris libldap, but ldd -u reports it as unused
5. Subversion Python interface in SUNWsvn-python
all of these also reference Solaris libldap, but ldd -u reports it as unused
-/-
Note that *anything* that references libapr picks up an unused reference
to libldap.
>> 4.5. Interfaces:
>>
>> This affects both APR-Util and Apache.
>>
>> Interfaces removed:
>>
>
> To avoid confusion I'd write
> "Imported Interfaces removed (no longer imported)"
>
>
>> NAME STABILITY NOTES
>>
>> LDAP Evolving PSARC/1997/276 et seq.
>>
>> Interfaces added:
>>
>
> And same here "Imported Interfaces added:"
>
>
>> NAME STABILITY NOTES
>>
>> OpenLDAP External/Volatile PSARC/2008/507
>>
>
> "External" is an old classification no longer used. In fact, reading
> 2008/507 I see it doesn't declare anything to be "External". So it is
> "Volatile", above.
>
>
>
>
>> 4.6.1. Implications for Apache configuration
>>
>> Refer users to the OpenLDAP-specific details for configuring ldaps
>> connections at
>>
>> http://httpd.apache.org/docs/2.2/mod/mod_ldap.html#settingcerts
>>
>> A sample LDAP configuration showing ldaps connections to the Sun
>> Directory Server is recommended.
>>
>
> Nit, but recommended to whom?
> I guess above is saying next apache integration will include such a
> sample? If so, state it that way: "A sample LDAP configuration
> showing ldaps connections to the Sun Directory Server will be included."
>
>
>
That's a documentation section (" 4.6. Doc Impact:"), so it is a
recommendation to the doc team to show an example configuration.
-/-
Any additional/continuing concerns, or should I try to clarify these
issues in the ARC draft?
Thanks as always,
Jeff
