Menu
▾
▴
python-ldap-dev
|
From: Michael S. <mi...@st...> - 2008-06-16 13:49:12
|
HI! I'd like to hear from the Python community whether support for Python version prior to 2.3 is still needed in python-ldap. Please tell me which Python version you're using and why it'd be important for you to have python-ldap updates still supporting it. BTW: Actually older Python versions are not tested with recent python-ldap since at least two years. But I'd like to clearly decide on that. Ciao, Michael. |
|
From: Ron T. <Ro...@US...> - 2008-06-16 13:56:39
|
Hi Michael, Thank you for all your hard work! We are using python2.4.4, but only because of other software that is tied to it and the lack of available time to upgrade. Ron Teitelbaum > -----Original Message----- > From: pyt...@li... [mailto:python-ldap- > dev...@li...] On Behalf Of Michael Ströder > Sent: Monday, June 16, 2008 9:49 AM > To: pyt...@li... > Subject: Who is using python-ldap with Python 1.5.x and 2.0-2.2? > > HI! > > I'd like to hear from the Python community whether support for Python > version prior to 2.3 is still needed in python-ldap. Please tell me > which Python version you're using and why it'd be important for you to > have python-ldap updates still supporting it. > > BTW: Actually older Python versions are not tested with recent > python-ldap since at least two years. But I'd like to clearly decide on > that. > > Ciao, Michael. > > > ------------------------------------------------------------------------- > Check out the new SourceForge.net Marketplace. > It's the best place to buy or sell services for > just about anything Open Source. > http://sourceforge.net/services/buy/index.php > _______________________________________________ > Python-LDAP-dev mailing list > Pyt...@li... > https://lists.sourceforge.net/lists/listinfo/python-ldap-dev |
|
From: Jens V. <je...@da...> - 2008-06-16 13:59:06
|
On Jun 16, 2008, at 15:48 , Michael Ströder wrote: > HI! > > I'd like to hear from the Python community whether support for Python > version prior to 2.3 is still needed in python-ldap. Please tell me > which Python version you're using and why it'd be important for you to > have python-ldap updates still supporting it. Using Python 2.4 in 95% of all cases, 2.3 for rare cases when someone needs to run Zope older than 2.8. Not using anything older at all, but also not using 2.5. So in essence, I'm not looking for any compatibility for Python versions < 2.3. IMHO it's really not a big deal to tell people they must use older python-ldap releases if they insist on running Python versions that are no longer supported by anyone. jens |
|
From: Torsten K. <pyt...@tk...> - 2008-06-16 14:55:15
|
Hi! >> I'd like to hear from the Python community whether support for Python >> version prior to 2.3 is still needed in python-ldap. Please tell me >> which Python version you're using and why it'd be important for you to >> have python-ldap updates still supporting it. We are solely using 2.4.4 at the moment and will move to 2.5 as soon as the restricted Python in Zope3 fully supports it. > IMHO it's really not a big deal to tell people they must use older > python-ldap releases if they insist on running Python versions that > are no longer supported by anyone. Exactly my opinion! Best regards, Torsten -- Never make anything simple and efficient when a way can be found to make it complex and wonderful. - Murphy's Law No. 13 - |
|
From: Michael S. <mi...@st...> - 2008-06-16 15:07:49
|
Torsten Kurbad wrote: > Jens Vagelpohl wrote: >> IMHO it's really not a big deal to tell people they must use older >> python-ldap releases if they insist on running Python versions that >> are no longer supported by anyone. > > Exactly my opinion! You both want to convince me to keep older versions visible. ;-) Well, that's an admirable plan. But only worth the trouble if someone tracks which python-ldap release is guaranteed to work with which Python release. That's not done at the moment. Voluntary work in this field is appreciated. ;-} Ciao, Michael. |
|
From: Jens V. <je...@da...> - 2008-06-16 15:42:23
|
On Jun 16, 2008, at 17:07 , Michael Ströder wrote: > Torsten Kurbad wrote: >> Jens Vagelpohl wrote: >>> IMHO it's really not a big deal to tell people they must use older >>> python-ldap releases if they insist on running Python versions that >>> are no longer supported by anyone. >> >> Exactly my opinion! > > You both want to convince me to keep older versions visible. ;-) > > Well, that's an admirable plan. But only worth the trouble if someone > tracks which python-ldap release is guaranteed to work with which > Python > release. That's not done at the moment. Voluntary work in this field > is > appreciated. ;-} I'm not sure what you mean by tracking this compatibility. I can see by looking at e.g. python-ldap-2.2.1 the INSTALL document says "Python 2.0 or greater". IMHO that's enough information. I don't think there's any need to go back and specify the highest release the package is supposed to work with (I'm guessing that's what you mean), like saying "only works with the Python 2.0-2.4 releases". People should be intelligent enough to not expect compatibility with a major Python release that did not exist when a given python-ldap package version was released. jens |
|
From: Garland, K. R <gar...@gm...> - 2008-06-16 16:18:20
|
2.3 to 2.5 in all of my environments. On Mon, Jun 16, 2008 at 9:48 AM, Michael Ströder <mi...@st...> wrote: > HI! > > I'd like to hear from the Python community whether support for Python > version prior to 2.3 is still needed in python-ldap. Please tell me > which Python version you're using and why it'd be important for you to > have python-ldap updates still supporting it. > > BTW: Actually older Python versions are not tested with recent > python-ldap since at least two years. But I'd like to clearly decide on > that. > > Ciao, Michael. > > > ------------------------------------------------------------------------- > Check out the new SourceForge.net Marketplace. > It's the best place to buy or sell services for > just about anything Open Source. > http://sourceforge.net/services/buy/index.php > _______________________________________________ > Python-LDAP-dev mailing list > Pyt...@li... > https://lists.sourceforge.net/lists/listinfo/python-ldap-dev > |
|
From: Ryan L. <ry...@st...> - 2008-06-16 16:46:15
|
On Mon, Jun 16, 2008 at 03:48:39PM +0200, Michael Ströder wrote: > I'd like to hear from the Python community whether support for Python > version prior to 2.3 is still needed in python-ldap. Please tell me > which Python version you're using and why it'd be important for you to > have python-ldap updates still supporting it. We're using the versions that ship with any Ubuntu LTS. From experience they sometimes don't backport crucial fixes, though python-ldap is in their main repository so I'm sure its higher priority for them. Ryan |
|
From: Matej V. <ve...@de...> - 2008-06-16 17:52:54
|
Ryan Lovett <ry...@st...> writes: > On Mon, Jun 16, 2008 at 03:48:39PM +0200, Michael Ströder wrote: >> I'd like to hear from the Python community whether support for Python >> version prior to 2.3 is still needed in python-ldap. Please tell me >> which Python version you're using and why it'd be important for you to >> have python-ldap updates still supporting it. > > We're using the versions that ship with any Ubuntu LTS. From experience > they sometimes don't backport crucial fixes, though python-ldap is in their > main repository so I'm sure its higher priority for them. In this case it shouldn't be a problem, all currently supported versions of Ubuntu use Python 2.4 or higher. Debian currently ships with 2.3 and 2.4. Cheers, Matej |
|
From: Michael S. <mi...@st...> - 2008-06-16 18:18:36
|
Matej Vela wrote: > Ryan Lovett <ry...@st...> writes: > >> On Mon, Jun 16, 2008 at 03:48:39PM +0200, Michael Ströder wrote: >>> I'd like to hear from the Python community whether support for Python >>> version prior to 2.3 is still needed in python-ldap. Please tell me >>> which Python version you're using and why it'd be important for you to >>> have python-ldap updates still supporting it. >> We're using the versions that ship with any Ubuntu LTS. From experience >> they sometimes don't backport crucial fixes, though python-ldap is in their >> main repository so I'm sure its higher priority for them. > > In this case it shouldn't be a problem, all currently supported versions of > Ubuntu use Python 2.4 or higher. Debian currently ships with 2.3 and 2.4. And how about OpenLDAP libs and gnutls? Yes, I'm nagging here, but because of very good reasons. Ciao, Michael. |
|
From: Matej V. <ve...@de...> - 2008-06-16 20:36:50
|
Michael Ströder <mi...@st...> writes: > And how about OpenLDAP libs and gnutls? Yes, I'm nagging here, but > because of very good reasons. I don't see it as nagging at all, you're perfectly right not to support modifications you're not comfortable with. I hope we provide a reasonable level of support ourselves, both on this list and through bugs.debian.org. To provide some context, OpenLDAP 2.1 client libraries were not quite as ancient at the time the current Debian release was frozen in late 2006. A newer version didn't make it in time due to problems with symbol versioning -- because of the large number of libraries and plugins linked with libldap, a binary could end up simultaneously using code compiled with different LDAP ABIs, and promptly crash. The next Debian release (due out later this year) will use libldap 2.4 with versioned symbols. I'm not sure which python-ldap package you were looking at, but the one we released with, 2.2.0-3, has a 19-line patch for OpenLDAP 2.1. Later development versions used a 130-line patch, but none of these were released for production use. The patch is a currently a no-op, and I intend to fully remove it before we release. As for GnuTLS, the main reason it's used is the unfortunate incompatibility between the OpenSSL license and the GPL [1]. I'm not aware of stability or security issues in current versions. [1] <http://www.gnome.org/~markmc/openssl-and-the-gpl.html> Cheers, Matej |
|
From: Michael S. <mi...@st...> - 2008-06-16 22:22:05
|
Matej Vela wrote: > Michael Ströder <mi...@st...> writes: > >> And how about OpenLDAP libs and gnutls? Yes, I'm nagging here, but >> because of very good reasons. > > I don't see it as nagging at all, you're perfectly right not to support > modifications you're not comfortable with. I hope we provide a > reasonable level of support ourselves, both on this list and through > bugs.debian.org. Matej, sure I appreciate your contributions to python-ldap's code. Your patches in the past helped a lot. > To provide some context, OpenLDAP 2.1 client libraries were not quite as > ancient at the time the current Debian release was frozen in late 2006. Late 2006 the OpenLDAP 2.3.x branch really matured. Since the OpenLDAP developers never maintain more than two branches at the same time they surely had set at least the status of OpenLDAP 2.1 to historic. Which means: Don't use it. I believe work on OpenLDAP 2.4.x code branch might have already started so 2.2.x was maybe already historic at that time either. The files' timestamp here seem plausible to me (I even remember Kurt releasing OpenLDAP 1.0 back in '98): ftp://ftp.openldap.org/pub/openldap/openldap-release > A newer version didn't make it in time due to problems with symbol > versioning -- because of the large number of libraries and plugins > linked with libldap, a binary could end up simultaneously using code > compiled with different LDAP ABIs, and promptly crash. Well, the even API of python-ldap is different when linked to such old OpenLDAP libs. My aim is to really stream-line that. > The next Debian > release (due out later this year) will use libldap 2.4 with versioned > symbols. I appreciate it. Maybe it would be worth to talk more with upstream developers which version of their code to use in a freezed distribution release. Ciao, Michael. |
|
From: Michael S. <mi...@st...> - 2008-06-16 17:49:16
|
Ryan Lovett wrote: > On Mon, Jun 16, 2008 at 03:48:39PM +0200, Michael Ströder wrote: >> I'd like to hear from the Python community whether support for Python >> version prior to 2.3 is still needed in python-ldap. Please tell me >> which Python version you're using and why it'd be important for you to >> have python-ldap updates still supporting it. > > We're using the versions that ship with any Ubuntu LTS. Can you please explain what that means for the Python versions available in the Ubuntu repository? Just a side note: I vaguely remember that Ubuntu also uses Debian packages (please correct me if I'm wrong). And since there were Debian packages heavily patched in May 2007 to still work with ancient OpenLDAP libs 2.1 and Debian links OpenLDAP to gnutls (which is insecure and sometimes crashes) I don't give any support for their python-ldap packages. Even the API might not be compatible... Ciao, Michael. |
|
From: Ryan L. <ry...@st...> - 2008-06-16 18:36:08
|
On Mon, Jun 16, 2008 at 07:48:33PM +0200, Michael Ströder wrote: > Ryan Lovett wrote: > > We're using the versions that ship with any Ubuntu LTS. > > Can you please explain what that means for the Python versions available > in the Ubuntu repository? http://packages.ubuntu.com/python-ldap gives a good overview. LTS means "long term support" where Ubuntu pledges to support the release for 5 years. (https://wiki.ubuntu.com/LTS) There have been two LTS releases, dapper (6.06) and hardy (8.04) where http://packages.ubuntu.com/dapper/python-ldap which is 2.0.4. http://packages.ubuntu.com/hardy/python-ldap which is 2.3.1. > I vaguely remember that Ubuntu also uses Debian packages (please correct > me if I'm wrong). That is correct, Ubuntu is a Debian-based distro: http://www.ubuntu.com/community/ubuntustory/Debian > And since there were Debian packages heavily patched in May 2007 to still > work with ancient OpenLDAP libs 2.1 and Debian links OpenLDAP to gnutls > (which is insecure and sometimes crashes) I don't give any support for > their python-ldap packages. Even the API might not be compatible... On an amd64 hardy machine: $ ldd /usr/lib/python2.5/site-packages/_ldap.so linux-vdso.so.1 => (0x00007ffff1dfe000) libldap_r-2.4.so.2 => /usr/lib/libldap_r-2.4.so.2 (0x00007f4ee97f2000) liblber-2.4.so.2 => /usr/lib/liblber-2.4.so.2 (0x00007f4ee95e4000) libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x00007f4ee93ca000) libpthread.so.0 => /lib/libpthread.so.0 (0x00007f4ee91ae000) libc.so.6 => /lib/libc.so.6 (0x00007f4ee8e4c000) libresolv.so.2 => /lib/libresolv.so.2 (0x00007f4ee8c35000) libgnutls.so.13 => /usr/lib/libgnutls.so.13 (0x00007f4ee89b1000) libdl.so.2 => /lib/libdl.so.2 (0x00007f4ee87ad000) /lib64/ld-linux-x86-64.so.2 (0x00007f4ee9c63000) libtasn1.so.3 => /usr/lib/libtasn1.so.3 (0x00007f4ee859c000) libz.so.1 => /usr/lib/libz.so.1 (0x00007f4ee8385000) libgcrypt.so.11 => /lib/libgcrypt.so.11 (0x00007f4ee8137000) libgpg-error.so.0 => /lib/libgpg-error.so.0 (0x00007f4ee7f33000) I'm sure the gnutls folks would welcome your bug reports about its security and stability. All in your abundant spare time of course. :) https://savannah.gnu.org/support/?group=gnutls http://www.gnu.org/software/gnutls/bugs.html Ryan |
|
From: Michael S. <mi...@st...> - 2008-06-16 22:10:13
|
Ryan Lovett wrote: > I'm sure the gnutls folks would welcome your bug reports about its security > and stability. Howard Chu did an analysis and discussed that with gnutls developers since OpenLDAP users reported crashes when using LDAP with SSL. I'm not feeling comfortable with what he found out: http://www.openldap.org/lists/openldap-devel/200802/msg00072.html More related postings: http://www.openldap.org/lists/openldap-devel/200802/msg00100.html Well, assuming a single-valued subjectAltName extension is simply naive. I'm aware of Debian's licensing paranoia regarding OpenSSL. But deploying a X.509 lib which is not capable of handling widely used X.509v3 extensions safely is not a solution either. I'm not a C programmer. But I wrote a X.509 cert parser in Python myself running it through a collection of several hundred weird formatted certs when testing. So I know what you have to expect when doing this. Ciao, Michael. |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X