From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 459C0906FE for ; Wed, 15 Mar 2023 13:12:37 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 2FC3E994E for ; Wed, 15 Mar 2023 13:12:37 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Wed, 15 Mar 2023 13:12:36 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 6EC9E4167D for ; Wed, 15 Mar 2023 13:12:36 +0100 (CET) Message-ID: <156f9807-cd03-d645-1059-4947f58df212@proxmox.com> Date: Wed, 15 Mar 2023 13:12:35 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:111.0) Gecko/20100101 Thunderbird/111.0 Content-Language: de-AT, en-GB To: Proxmox VE development discussion , Dominik Csapak , Christoph Heiss References: <20230131125043.380402-1-c.heiss@proxmox.com> <20230131125043.380402-2-c.heiss@proxmox.com> <3c2d120e-eb11-aa79-be1f-eba3879cd58a@proxmox.com> <20230315111748.irvdaowr73thr3o5@maui.proxmox.com> <4837827c-33d4-b861-f45e-9e3531b3a99b@proxmox.com> From: Thomas Lamprecht In-Reply-To: <4837827c-33d4-b861-f45e-9e3531b3a99b@proxmox.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-SPAM-LEVEL: Spam detection results: 0 AWL -0.049 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment NICE_REPLY_A -0.001 Looks like a legit reply (A) SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: Re: [pve-devel] [PATCH access-control 1/2] ldap: Allow quoted values for DN attribute values X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Mar 2023 12:12:37 -0000 Am 15/03/2023 um 12:41 schrieb Dominik Csapak: > if my example and all that could have been configured but > would now be invalid are not valid ldap syntax anyway, i think > we can get more strict and "break" someones config > (as you said, shouldn't have worked anyway) > or how do you see that @thomas? yeah fine by me. Breaking semantic is the one thing we want to avoid, technical breakages is basically any change in some form and overly strict argument. And while not all use cases (or implementations not following the spec one bases the decision on) are known. The argument is strong enough for me to go ahead with it, that is as long as there's a pointer in the breaking changes section of release notes that is, as then admins can find a reference to odd/changed behavior quickly and if really an issue we can always fix it up then. ps. trimming out unrelated quotes from mail replies is encouraged ;P