Module: sip-router
Branch: janakj/ldap
Commit: 0d7657b850b13160ad7ae2f46a09d9d539fe4977
URL:
http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=0d7657b…
Author: Jan Janak <jan(a)iptel.org>
Committer: Jan Janak <jan(a)iptel.org>
Date: Thu Jul 10 14:14:02 2008 +0000
- ticket numbers added
---
modules/db_ldap/todo.txt | 134 ++++++++++++++++++++++++----------------------
1 files changed, 70 insertions(+), 64 deletions(-)
diff --git a/modules/db_ldap/todo.txt b/modules/db_ldap/todo.txt
index ce9c672..3849dee 100644
--- a/modules/db_ldap/todo.txt
+++ b/modules/db_ldap/todo.txt
@@ -1,35 +1,35 @@
X Simple Authentication
- Implement support for simple LDAP authentication with username and
- password. This will take a change in the URI parser because the one provided
- by libldap (which we use to parse the URI right now) does not support
- embedded usernames and passwords in the URI.
+ Implement support for simple LDAP authentication with username and password.
+ This will take a change in the URI parser because the one provided by
+ libldap (which we use to parse the URI right now) does not support embedded
+ usernames and passwords in the URI.
-* SASL Authentication Support
+* SASL Authentication Support (SER-392)
The driver supports no authentication method at the moment, we should
include support for simple authentication at least, but better SASL.
-* TLS/SSL Support
+* TLS/SSL Support (SER-394)
The driver should support encrypted connections to LDAP servers and some
level of certificate validation. Currently there are no options or
parameters to configure SSL/TLS certificates and keys to use.
-* Copy Data from Config Data Structure
+* Copy Data from Config Data Structure (SER-395)
- The driver maintains an internal data structure that gets initialized
- from the supplied configuration file. The structure contains things like
- search filters and field mapping tables. The LDAP specific extension
- structures make a shallow copy of strings from the configuration
- data structure, they should rather copy the whole string so that they
- do not depend on the config structure.
+ The driver maintains an internal data structure that gets initialized from
+ the supplied configuration file. The structure contains things like search
+ filters and field mapping tables. The LDAP specific extension structures
+ make a shallow copy of strings from the configuration data structure, they
+ should rather copy the whole string so that they do not depend on the config
+ structure.
X Implement Support For < And > Operators
- The LDAP search filter syntax (RFC4515) does not support < and >
- operators, only <= and >=. Currently the ldap driver simply uses <= instead
- of < and >= instead of >. We need a better implementation of this.
+ The LDAP search filter syntax (RFC4515) does not support < and > operators,
+ only <= and >=. Currently the ldap driver simply uses <= instead of < and
>=
+ instead of >. We need a better implementation of this.
X Implement Support For Other Than str Parameters
@@ -37,36 +37,36 @@ X Escape Values of Parameters Injected Into the Search Filter
see RFC4515 for description of escaping.
-* Proper handling of NULL Values in Parameter.
+* Proper handling of NULL Values in Parameter (SER-396).
- Is it correct that parameters with NULL values are represented as
- paramName= in the filter?
+ Is it correct that parameters with NULL values are represented as paramName=
+ in the filter?
-* Use Asynchronous API Functions Instead of Synchronous
+* Use Asynchronous API Functions Instead of Synchronous (SER-397)
- This would be useful when we have support for multiple database drivers
+ This would be useful when we have support for multiple database drivers
within one database context, then we could initiate multiple searches
simultaneously without being blocked waiting for the result.
-* Support For Multi-Value Attributes
+* Support For Multi-Value Attributes (SER-398)
The module should support multi-value attributes. Objects containing
- attributes with multi-values should be returned as multiple records,
- each record containing one value of the multi-value attribute. Currently
- the module will report an error if it encounters a multi-value attribute.
+ attributes with multi-values should be returned as multiple records, each
+ record containing one value of the multi-value attribute. Currently the
+ module will report an error if it encounters a multi-value attribute.
-* Support For Time Zones in Generalized Times
+* Support For Time Zones in Generalized Times (SER-399)
The time conversion functions ignore time zones in GeneralizedTime
attributes, this should be fixed.
-* Handle Fractions of Seconds in Generalized Time
+* Handle Fractions of Seconds in Generalized Time (SER-400)
There is no need to account fractions of seconds because we store time
- internally as time_t, but the parses should be able to skip fractions
- of seconds gracefully.
+ internally as time_t, but the parses should be able to skip fractions of
+ seconds gracefully.
-* Eliminate Use of All libldap Functions Marked as Deprecated
+* Eliminate Use of All libldap Functions Marked as Deprecated (SER-401)
We should eliminate the use of all functions that are marked as deprecated
in the header field and remove LDAP_DEPRECATED define from all files.
@@ -83,62 +83,68 @@ X Support for Syntax Specification in the Config File
attributes in the configuration file so that the module knows how to convert
DB API fields into attribute values in command parameters.
-* Support DB_NEQ Operator in Integer Attributes
+* Support DB_NEQ Operator in Integer Attributes (SER-402)
fld!=10 could be converted to the search filter as: (|(fld<=9)(fld>=11))
-* Indicate Underflow/Overflow in Integer Attributes
+* Indicate Underflow/Overflow in Integer Attributes (SER-403)
The operators < and > cannot be used in LDAP search filter, RFC4515 only
- supports <= and >= so we create the search filter like this:
- fld<10 -> (fld<=9)
- fld>10 -> (fld>=11)
- The module should issue an warning when the incremented/decremented field
- value overflows/underflows.
+ supports <= and >= so we create the search filter like this: fld<10 ->
+ (fld<=9) fld>10 -> (fld>=11) The module should issue an warning when the
+ incremented/decremented field value overflows/underflows.
X Support for Older LDAP Libraries
- Older versions of the openldap client library might not contain
+ Older versions of the openldap client library might not contain
LDAP_SCOPE_CHILDREN. We need to handle this case in a graceful manner and
make sure that the module compiles.
-* Check that we escape strings properly according to RFC4514
+* Check that we escape strings properly according to RFC4514 (SER-404)
-* Support for server-side compare operation (could be used for authentication
+* Support for server side comparison (SER-405)
+
+ Support for server-side compare operation (could be used for authentication
where the client would send the digest credentials and the server replies
whether or not they are valid, similar to RADIUS digest authentication)
-* Support for alias-dereferencing
+* Support for alias-dereferencing (SER-406)
- Aliases represent links to other entries or partitions of the namespace.
- When the distinguished name of an alias is used, the entry accessed is
- the entry to which the alias refers.
- Alias dereferencing specifies if aliases are dereferenced-- that is, if
- the alias entry itself or the entry it points to is used. Aliases can be
- dereferenced or not when locating the base object and/or when searching
- under the base object.
+ Aliases represent links to other entries or partitions of the namespace.
+ When the distinguished name of an alias is used, the entry accessed is the
+ entry to which the alias refers. Alias dereferencing specifies if aliases
+ are dereferenced-- that is, if the alias entry itself or the entry it points
+ to is used. Aliases can be dereferenced or not when locating the base object
+ and/or when searching under the base object.
+
+* Support for handling of NULL Values in configuration parameters (SER-407)
+
+ When an optional attribute is missing and also when the attribute is present
+ but has no value; e.g. DN=NULL for anonymous authentication.
-* Support for handling of NULL Values in configuration parameters
+* Support for unsolicited notifications (SER-408)
- When an optional attribute is missing and also when the attribute is
- present but has no value; e.g. DN=NULL for anonymous authentication.
+ The only standardized unsolicited notification seems to be "notice of
+ disconnection" so all that we can do is just log incoming asynchronous
+ notifications from the server
-* Support for asynchronous notifications
- The only standardized async. notification seems to be "notice of
disconnection"
- so all that we can do is just log incoming asynchronous notifications from the
- server
+* Support for asynchronous notifications (SER-409)
-* Support for subscribing to notifications of changes in the DIT (optional)
- This could be useful for updating data that is cached in SER, such as the list
- of supported domains. This is a "nice to have" type of feature, so no time
- estimation for implementation.
+ Support for subscribing to notifications of changes in the DIT (optional)
+ This could be useful for updating data that is cached in SER, such as the
+ list of supported domains. This is a "nice to have" type of feature, so no
+ time estimation for implementation.
+
+* Support for automatic reconnects (SER-410)
+
+ (check if we do it and if we do it properly).
-* Support for automatic reconnects (check if we do it and if we do it properly).
+* Support for referrals (SER-411)
-* Implement support for referrals (in the ldap module, not in the libldap library).
- Including loop detection.
+ Implement support for referrals (in the ldap module, not in the libldap
+ library). Including loop detection.
-* Support for time limited search operations
+* Support for time limited search operations (SER-412)
-* Support for size limited search operations
+* Support for size limited search operations (SER-413)