On (20/09/2011 17:51), Xin LI wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 09/20/11 14:19, Dag-Erling Smørgrav wrote: > > Xin LI <[email protected]> writes: > >> The main concern I have is that users might want to stay on an > >> older FreeBSD release, while wanting features of a new OpenLDAP. > >> That's why I would prefer a libxml style import -- users always > >> have choice to install a new OpenLDAP without any concern of > >> breaking their system and we can always deliver security fixes > >> with freebsd-update. Would that make the trimmed down and > >> renamed OpenLDAP import sound sensible? > > > > Yes, you have a point. So you're saying: > > > > - client side only (for nss_ldap, pam_ldap etc) - namespace hacks > > to avoid colliding with the port > > > > right? I would definitely support that. > > Yes exactly, the current version is just library to support these nss > and pam modules and have namespace hacks (so programs linking against > port OpenLDAP library will not see conflicts as well). It wasn't explicitly mentioned, but instead of adding ssh-namespace.h like hacks we could add local symbol versions to ldap shared libraries. That would make impact on OpenLDAP from ports and its users minimal. Binary could be linked against both OpenLDAP and ldap from base in case when libbsdldap.so is indirect dependency used by another library from base. That is not the case with libbsdxml.so
Thanks, Gleb. > > Cheers, > - -- > Xin LI <[email protected]> https://www.delphij.net/ > FreeBSD - The Power to Serve! Live free or die > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.18 (FreeBSD) > > iQEcBAEBCAAGBQJOeTUGAAoJEATO+BI/yjfBRCAIAKQzG1dJhrLyKyYxJEH5qfXS > pm11L5cuQQto9yqm1TeMeT3qNMuNBo+bWt2QPJ0ef6qaOiL1oYIHdDyAkHqlDh1Z > q5zuwxZFzNAaBYF+QZLE0jSJpV05YpuN5bdkM5GilYw/xzbI4QmOstgJMyPS92WD > //oFfz9jHdQxJ0jZdp8dTDKMbgpOfUDfm/82zdDJPRnoK4dbJyn1xNFOB2H7KQyI > l246YN/W4/yR1wUDZlgjQ6zVoG4I6WvK1Lv7MU3YD2sNqfsnxoC+928U4Swd05Di > A1KXRWLsSB+2ZFnCXbGq3D22KhnmD4GQqxEZn5PZj0p2mDF3kjYDf3zlsUoofmw= > =DG1c > -----END PGP SIGNATURE----- > _______________________________________________ > [email protected] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "[email protected]" _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
