[Fedora-directory-devel] Please Review: Syntax validation design document
Rich Megginson
rmeggins at redhat.com
Fri May 1 15:04:08 UTC 2009
Nathan Kinder wrote:
> Nathan Kinder wrote:
>> Rich Megginson wrote:
>>> Nathan Kinder wrote:
>>>> I've been working on the design document for adding syntax
>>>> validation support to Fedora DS. Feedback would be appreciated.
>>>>
>>>> http://directory.fedoraproject.org/wiki/Syntax_Validation_Design
>>>>
>>>> Thanks,
>>>> -NGK
>>> Looks good. I think it would be better for nsslapd-syntaxcheck to
>>> have different values - off, warn, error, on- or something like that
>>> - rather than have another config parameter nsslapd-syntaxwarn
>> Sure, I can merge those into a single config parameter. I just made
>> them separate since there is already a CONFIG_ON_OFF type that deals
>> with things such as mapping "0/1" to "on/off". Perhaps it would be
>> good to add a new generic config type of CONFIG_ON_OFF_WARN that can
>> take values of "0/1/2" or "on/off/warn".
> Thinking about this some more, it may be best to have two separate
> config settings.
>
> The warning isn't really a warning, but instead a log message for the
> administrator. Sending a warning message to the client is going to be
> of limited value as the client may not display the diagnosticMessage
> text from the LDAPResult for a successful operation. I found that the
> message text was not displayed with ldapmodify (both mozldap and
> openldap) for a successful modify operation that should trigger a
> warning, even in verbose mode. A true warning displayed to the client
> would be nice, but I don't see a way of making it happen without
> client side changes.
>
> Having two separate config settings allows one to only log messages,
> to log messages and disallow illegal values, and to just disallow
> illegal values without filling up the logs. I guess we could also
> just log the syntax errors at a different log level instead of having
> a second config setting.
Ok. A setting like "nsslapd-syntaxlogging: on/off" or something like
that then. I guess ideally we should have "standard" syslog style log
levels (e.g. fatal, critical, error, warn, notice, etc.) but that would
require a lot of code changes and work on the log subsystem.
>>
>> Do you have any thoughts on the non-standard syntaxes that are
>> mentioned in the design doc? The "Binary" syntax would be difficult
>> to remove since it is used by 20 or so attributes, including most of
>> the certificate related attributes. These attributes now have their
>> own specific syntaxes, so we would have to add support for them
>> before getting rid of the "Binary" syntax. I think that the
>> "SpaceInsensitiveString" and "URI" syntaxes can be removed since
>> "URI" isn't used by any of the default schema and
>> "SpaceInsensitiveString" was added specifically for the Presence
>> plug-in.
>>
>> -NGK
>>>>
>>>> --
>>>> Fedora-directory-devel mailing list
>>>> Fedora-directory-devel at redhat.com
>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-devel
>>>
>>> ------------------------------------------------------------------------
>>>
>>>
>>> --
>>> Fedora-directory-devel mailing list
>>> Fedora-directory-devel at redhat.com
>>> https://www.redhat.com/mailman/listinfo/fedora-directory-devel
>>>
>>
>> --
>> Fedora-directory-devel mailing list
>> Fedora-directory-devel at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-devel
>
> --
> Fedora-directory-devel mailing list
> Fedora-directory-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-devel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3258 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-devel/attachments/20090501/cc1a95ec/attachment.bin>
More information about the Fedora-directory-devel
mailing list