| commit | f5f76ee72c5df3533218fb88c7c9172ba9ee64ba | |
| author | Timothy Pearson <kb9vqf@pearsoncomputing.net> | |
| Sat, 26 Sep 2015 21:23:55 +0000 (26 16:23 -0500) | ||
| committer | Timothy Pearson <kb9vqf@pearsoncomputing.net> | |
| Sun, 27 Sep 2015 21:36:24 +0000 (27 16:36 -0500) | ||
| tree | 8f5f5c8f1384da26713e3d4b00b0e43adb084d12 | treesnapshot (tar.gz zip) |
| parent | bb14c02e128d23f7fa1fda7b5a233bcaa2a96519 | commitdiff |
Add ability to store extended principal attributes in LDAP
A careful code review was undertaken, and it was determined
that the best way to store the extended attributes was in a
native ASN1 encoded field. LDAP does not understand the
SEQUENCE of SEQUENCE structures used extensively throughout
the extended attributes structure, and there was already a
precedent set for storing the krb5Key data in a native ASN1
encoded field.
A careful code review was undertaken, and it was determined
that the best way to store the extended attributes was in a
native ASN1 encoded field. LDAP does not understand the
SEQUENCE of SEQUENCE structures used extensively throughout
the extended attributes structure, and there was already a
precedent set for storing the krb5Key data in a native ASN1
encoded field.
| lib/hdb/hdb-ldap.c | diffblobblamehistory | |
| lib/hdb/hdb.schema | diffblobblamehistory |