dbaarda
commented
5 years ago Open dbaarda opened 5 years ago
dbaarda
commented
5 years ago dbaarda
commented
5 years ago We now support the StartTLS extendedRequest, but no other extended request types. This means we support enough request types to fully support pam and nss ldap clients.
We are unlikely to support the other requests any time soon unless someone has a pressing need for them. Please file a bug if you have a need for any other request type and explain why.
dbaarda
commented
4 years ago Forgot to mention; abandonRequest is now supported and will cancel in-flight requests correctly.
This means only the following request types are unsupported; modifyRequest, addRequest, delRequest, modDNRequest, compareRequest, and any extendedRequest beyond StartTLS.
Support for these will be subject to demand. It does make sense to add enough write support to support passwd changes from clients, which is the obvious first thing to add if there is demand.
Currently only bindRequest, unbindRequest, and searchRequest are supported. This is enough for pam_ldap and nss_ldap to work.
The following requests are unsupported; modifyRequest, addRequest, delRequest, modDNRequest, compareRequest, abandonRequest, and extendedRequest. If any of these requests are sent, the connection is terminated.
The abandonRequest should probably not terminate the connection, but having it actually cancel an in-flight request requires other changes.
Requests for modifying entries may never be supported, but might be useful if pam_ldap and nss_ldap support remotely changing passwords etc. Otherwise these could only be changed on the lightldapd server.
The compareRequest might be easy to implement. File a feature request if you want it, and explain why.
I haven't even thought about extendedRequest. File a feature request if you want it, and please explain why.