[Arthur de Jong] > I have a coulpe of problems with this patch (sorry, your work is > very much appreciated):
No problem. It is a draft, and I am well aware that I do not know enough to get it right on the first try. :) > - I would really like to have the retry mechanism in myldap.c and not > outside because most of the retry code is already there and this > solution will probably conflict with that. I tried this, but the current API did not seem to have the required information available when a search failed, so I decided to move out a few layers until the required information was available. Also, I do not really have enough knowledge about the inner workings of nss-ldapd to rewrite it to do this. > - You should be able to leave the writing of the response header in > place because the NSS code will do things right even if the response > header is present and no entries are returned (it will report that NSS > lookups through LDAP fail). Why did you move it? I moved it because I do not know how the unix socket protocol work, and wanted to make sure I did not return anything more than before when looping over the code that return stuff over that socket. > - This code fails when the search does not return any entries. E.g. when > you lookup a non-existing user it will retry. It is better to check > rc (result from myldap_get_entry()) for errors and retry when it is > either LDAP_UNAVAILABLE or LDAP_SERVER_DOWN. Ah, good point. Luckily a retry in this case is very quick, so it is not a big slowdown in practice. :) > The first point is very important because it makes it easier to test > and also makes it available for the other searches that are done > (e.g. in uid2dn() and dn2uid() and possibly others in the future). I agree, and this was my initial path. Did not succeed there, because I do not know the inner working of nss-ldapd. Happy hacking, -- Petter Reinholdtsen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
