Return-Path: 
 <dev-return-12461-apmail-apr-dev-archive=apr.apache.org@apr.apache.org>
Delivered-To: apmail-apr-dev-archive@www.apache.org
Received: (qmail 88541 invoked from network); 30 Jul 2004 10:15:43 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199)
  by minotaur-2.apache.org with SMTP; 30 Jul 2004 10:15:43 -0000
Received: (qmail 66005 invoked by uid 500); 30 Jul 2004 10:15:42 -0000
Delivered-To: apmail-apr-dev-archive@apr.apache.org
Received: (qmail 65925 invoked by uid 500); 30 Jul 2004 10:15:41 -0000
Mailing-List: contact dev-help@apr.apache.org; run by ezmlm
Precedence: bulk
List-Post: <mailto:dev@apr.apache.org>
List-Help: <mailto:dev-help@apr.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@apr.apache.org>
List-Subscribe: <mailto:dev-subscribe@apr.apache.org>
Delivered-To: mailing list dev@apr.apache.org
Received: (qmail 65898 invoked by uid 99); 30 Jul 2004 10:15:40 -0000
X-ASF-Spam-Status: No, hits=0.0 required=10.0
	tests=FORGED_RCVD_HELO
X-Spam-Check-By: apache.org
Errors-To: <wrowe@rowe-clan.net>
Message-Id: <6.1.2.0.2.20040730033528.0cfa02a0@pop3.rowe-clan.net>
X-Sender: wrowe%rowe-clan.net@pop3.rowe-clan.net
X-Mailer: QUALCOMM Windows Eudora Version 6.1.2.0
Date: Fri, 30 Jul 2004 05:11:14 -0500
To: dev@apr.apache.org
From: "William A. Rowe, Jr." <wrowe@rowe-clan.net>
Subject: apr-util/ldap/  -  sink or really swim to 1.0 release?
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Virus-Checked: Checked
X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N

First, I'm really fairly happy with where apr 1.0 is, with the only exception
of the aprconfig-1 issue, which I believed was close to a solution.  The
same can't be said for apr-util however :(

I had the misfortune of enabling httpd's modules/experimental/util_ldap.c 
for the Sun LDAP C SDK.  I discovered;

1. we offer an apr_ldap_url_desc_t parser.  That's the only properly
   provisioned/namespace protected code (along w/ accessors to it.)

2. our support doesn't provide -any- assistance in establishing an ldap
   connection to a backend server.  None whatsoever.  util_ldap.d in httpd
   is a nasty and ever expanding mis-mash of ldap-specific ssl create
   connection logic.

3. our support provides one ugly stub for const-ness that actually casts
   args.  This is ---so--- uncool.  The only possibly saving grace is that
   no modern ldap sdk would tickle that code.

4. our APR_HAS_XXX_LDAPSDK macros are entirely bogus, still,
   on unix.

5. we *bogusly* define ldap_memfree and ldap_search_ext_s in the
   *ldap*'s namespace.  This is absolutely incorrect, and will immediately
   cause any ldap-based code to fail once the ldap library is upgraded
   (symbolic duplicates.)


DO WE? ...

A.  Pitch this code from apr-util before someone actually uses it (again)?

B.  Namespace-protect what needs protecting, and actually offer
    useful, abstract ldap create/close connection apr_xxx() fns, with
    registered cleanups for odd exceptions like novell's sdk?

My basic thinking - if httpd's util_ldap.c needs ANY #ifdef magic to
work, we got it wrong in apr-util.  Remove all this cruft back to that
module if we are leaving these decisions to the user.

If we are doing it right, add the accessors, hide the version of ldap
behind the covers, and implement all 'non-portable' behaviors as apr_
flavors of the same.

Reactions?  Suggestions?

Bill