apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eric Covener" <cove...@gmail.com>
Subject Re: Disconnecting -lldap from utilizing apr-util
Date Fri, 16 May 2008 12:33:33 GMT
On Thu, May 15, 2008 at 6:39 PM, Graham Leggett <minfrin@sharp.fm> wrote:

> Wrapping the LDAP library however does make things cleaner, and does empower
> us to create standard behaviour should a future LDAP library come along and
> act funny. So if you want to wrap all the LDAP functions for v2.0, I think
> it is a good idea. It also makes LDAP work like DBD, and as I said above,
> consistent is good.

An added benefit of wrapping all the calls, and not requiring
applications to link with LDAP, is that we won't see applications blow
up due to the use of another LDAP library in /etc/nsswitch.conf (see
crashes in initgroups() and other bizarre behavior when two SDKS end
up loaded at once)

I'm actually using a kludge in my build process where I statically
link my SDK into mod_ldap.so and provide the bits needed by
mod_authnz_ldap and APR as optional functions.  The choice of mod_ldap
instead of APR is of course to keep all the bloat out when mod_ldap
isn't being used, which is resolved by the bigger proposal.

+1 on wrapping it all in 2.0, but I don't think the versioning
restrictions allow apr-util to stop linking against LDAP in 1.3 -- for
example applications that load ldap symbols privately  ("not at all"
shouldn't be an issue because they can't do anything useful with the
apr-util LDAP API in that case).

Eric Covener

View raw message