]> git.ipfire.org Git - thirdparty/openldap.git/log
thirdparty/openldap.git
25 years agoUpdate main copyright to y2k
Kurt Zeilenga [Mon, 3 Jan 2000 17:35:20 +0000 (17:35 +0000)] 
Update main copyright to y2k

25 years agominor fix
Predrag "Pele" Balorda [Mon, 3 Jan 2000 12:29:40 +0000 (12:29 +0000)] 
minor fix

25 years agocopyright changes for php3-tool (added 1999 and 2000)
Predrag "Pele" Balorda [Mon, 3 Jan 2000 12:28:05 +0000 (12:28 +0000)] 
copyright changes for php3-tool (added 1999 and 2000)

25 years agomissing icon for gtk-tool
Predrag "Pele" Balorda [Mon, 3 Jan 2000 12:24:42 +0000 (12:24 +0000)] 
missing icon for gtk-tool

25 years agoModifications to gtk-tool (follow aliases, options, bugfixes)
Predrag "Pele" Balorda [Mon, 3 Jan 2000 12:23:15 +0000 (12:23 +0000)] 
Modifications to gtk-tool (follow aliases, options, bugfixes)

25 years agoAdded support for connecting to LDAP servers located using DNS
Luke Howard [Mon, 3 Jan 2000 02:33:22 +0000 (02:33 +0000)] 
Added support for connecting to LDAP servers located using DNS
SRV records. Added lock around resolver library which is shared
by the DNS SRV code and the getdxbyname() code.

25 years agoAdded ldap_pvt_sasl_bind() prototype to ldap_pvt.h. This
Luke Howard [Mon, 3 Jan 2000 00:15:30 +0000 (00:15 +0000)] 
Added ldap_pvt_sasl_bind() prototype to ldap_pvt.h. This
required importing sasl.h into ldap_pvt.h, thus that import
was removed from ldap-int.h.

25 years agoFilled in Cyrus SASL authz/storage callbacks for all backends
Luke Howard [Sun, 2 Jan 2000 05:42:14 +0000 (05:42 +0000)] 
Filled in Cyrus SASL authz/storage callbacks for all backends
(callbacks not yet implemented though).

25 years agoBraced ldap_connect_to_path() in #ifdef LDAP_PF_LOCAL so as to compile
Luke Howard [Sun, 2 Jan 2000 01:56:01 +0000 (01:56 +0000)] 
Braced ldap_connect_to_path() in #ifdef LDAP_PF_LOCAL so as to compile
without PF_LOCAL support.

25 years agoMerged in preliminary support for Cyrus SASL library;
Luke Howard [Sun, 2 Jan 2000 01:21:25 +0000 (01:21 +0000)] 
Merged in preliminary support for Cyrus SASL library;
support for DCE slash-delimited, left-to-right DNs;
support for a domain socket transport (enable with
--enable-ldapi); and extensions to URL parsing to
support the latter transport.

25 years agoInstall schema/*.{at,oc}.conf files.
Kurt Zeilenga [Sat, 1 Jan 2000 20:11:50 +0000 (20:11 +0000)] 
Install schema/*.{at,oc}.conf files.

25 years agoRemove 'mail' as it 'standard', not 'laser'
Kurt Zeilenga [Sat, 1 Jan 2000 20:10:41 +0000 (20:10 +0000)] 
Remove 'mail' as it 'standard', not 'laser'

25 years agoAdd missing \n
Kurt Zeilenga [Sat, 1 Jan 2000 19:40:06 +0000 (19:40 +0000)] 
Add missing \n

25 years agoAPI Update for gtk-- stuff and minor changes and additions
Predrag "Pele" Balorda [Tue, 28 Dec 1999 16:22:47 +0000 (16:22 +0000)] 
API Update for gtk-- stuff and minor changes and additions

25 years agoNT requires $(SECURITY_LIBS) at link time.
Howard Chu [Sun, 26 Dec 1999 00:11:14 +0000 (00:11 +0000)] 
NT requires $(SECURITY_LIBS) at link time.

25 years agoRebuild using:
Kurt Zeilenga [Wed, 22 Dec 1999 19:43:20 +0000 (19:43 +0000)] 
Rebuild using:
autoconf 2.13.3
aclocal from automake 1.14a
libtool 1.3.3

25 years agoAdd missing 2nd arg (NULL) in call to Tcl_GetStringFromObj in experimental
Randy Kunkee [Wed, 22 Dec 1999 18:29:34 +0000 (18:29 +0000)] 
Add missing 2nd arg (NULL) in call to Tcl_GetStringFromObj in experimental
trap code.

25 years agoUpdate documentation. Add support for caching, sorting, enabling "all"
Randy Kunkee [Wed, 22 Dec 1999 18:19:11 +0000 (18:19 +0000)] 
Update documentation.  Add support for caching, sorting, enabling "all"
in searches, and experimental "trap" subcommand.

25 years agoITS#408: add missing LDAP_END_DECL
Kurt Zeilenga [Wed, 22 Dec 1999 00:42:05 +0000 (00:42 +0000)] 
ITS#408: add missing LDAP_END_DECL

25 years agoNeed to update revision due to previous minor change.
Kurt Zeilenga [Tue, 21 Dec 1999 19:57:50 +0000 (19:57 +0000)] 
Need to update revision due to previous minor change.

25 years agoMake lawyers happy. s/registered//
Kurt Zeilenga [Tue, 21 Dec 1999 18:44:43 +0000 (18:44 +0000)] 
Make lawyers happy.  s/registered//

25 years agoUpdate todo to min req.
Kurt Zeilenga [Sun, 19 Dec 1999 02:56:30 +0000 (02:56 +0000)] 
Update todo to min req.

25 years agoRemove DNS_DN experimental code.
Kurt Zeilenga [Sat, 18 Dec 1999 19:54:22 +0000 (19:54 +0000)] 
Remove DNS_DN experimental code.

25 years agoAdd comment about removing HANDSOFF may case alignment problems
Kurt Zeilenga [Sat, 18 Dec 1999 19:51:49 +0000 (19:51 +0000)] 
Add comment about removing HANDSOFF may case alignment problems

25 years agoDon't reference draft
Kurt Zeilenga [Sat, 18 Dec 1999 19:50:38 +0000 (19:50 +0000)] 
Don't reference draft

25 years agoFix 2 vs 4 typo
Kurt Zeilenga [Sat, 18 Dec 1999 19:49:39 +0000 (19:49 +0000)] 
Fix 2 vs 4 typo

25 years agoRemove old DLL IMPORT/EXPORT macros
Kurt Zeilenga [Sat, 18 Dec 1999 19:49:13 +0000 (19:49 +0000)] 
Remove old DLL IMPORT/EXPORT macros

25 years agodon't treat undefined oc as extensibleObject
Kurt Zeilenga [Sat, 18 Dec 1999 03:10:22 +0000 (03:10 +0000)] 
don't treat undefined oc as extensibleObject

25 years agoTemporary fix for BEOS.
Kurt Zeilenga [Fri, 17 Dec 1999 21:31:44 +0000 (21:31 +0000)] 
Temporary fix for BEOS.
tcp_read/write should not be used.

25 years agoAdd #ifndef GDBM_NOLOCK clause to LDBM_NOLOCKING
Kurt Zeilenga [Fri, 17 Dec 1999 18:43:02 +0000 (18:43 +0000)] 
Add #ifndef GDBM_NOLOCK clause to LDBM_NOLOCKING

25 years agoTentative fix for ITS #402. (Not tested yet.) If successful, this patch
Howard Chu [Fri, 17 Dec 1999 10:04:31 +0000 (10:04 +0000)] 
Tentative fix for ITS #402. (Not tested yet.) If successful, this patch
should also be applied to back-bdb2/idl.c.

25 years agoremove #include <lber.h> from SYNOPSIS
Kurt Zeilenga [Fri, 17 Dec 1999 05:53:51 +0000 (05:53 +0000)] 
remove #include <lber.h> from SYNOPSIS

25 years agoAdd ber_bvstr and ber_bvstrdup string to berval allocators.
Kurt Zeilenga [Fri, 17 Dec 1999 05:37:33 +0000 (05:37 +0000)] 
Add ber_bvstr and ber_bvstrdup string to berval allocators.

25 years agoAdd BINDDN user-only directive to .ldaprc
Kurt Zeilenga [Fri, 17 Dec 1999 03:27:16 +0000 (03:27 +0000)] 
Add BINDDN user-only directive to .ldaprc
Used only for simple bind when dn == NULL and password != NULL.

25 years agoAdd slappasswd to generate rootpw.
Kurt Zeilenga [Thu, 16 Dec 1999 02:18:50 +0000 (02:18 +0000)] 
Add slappasswd to generate rootpw.

25 years agoITS#399: timelimit/timeout handling
Kurt Zeilenga [Thu, 16 Dec 1999 00:41:18 +0000 (00:41 +0000)] 
ITS#399: timelimit/timeout handling
ITS#400: LDAP_TIMEOUT handling

25 years agoUpdated sasl response to support returning of referrals.
Kurt Zeilenga [Wed, 15 Dec 1999 23:22:47 +0000 (23:22 +0000)] 
Updated sasl response to support returning of referrals.
Updates to extended operation framework to support arbitrary
referrals and extended results without OIDs.
Updated passwd extended operation to support returning update_refs
as needed.  Needs replog support.

25 years agoFix the prior fix.
Julio Sánchez Fernández [Wed, 15 Dec 1999 19:10:08 +0000 (19:10 +0000)] 
Fix the prior fix.

25 years agoThe group list was being managed as an array of Group. This was
Julio Sánchez Fernández [Wed, 15 Dec 1999 18:55:19 +0000 (18:55 +0000)] 
The group list was being managed as an array of Group.  This was
extremely broken and I can only wonder how I got some much mileage out
of it.  The problem is that we deal with pointers to the groups
themselves, either in current_group or current_to and current_nto.
These pointers would break on reallocs.  So now the the basic togroups
is an array to pointers to Group.  Since the array can be resized at
any time, what we actually pass around is pointer to an array of
pointers to Group or Group ***.

25 years agoAdd support for useronly configuration attributes.
Kurt Zeilenga [Tue, 14 Dec 1999 02:26:37 +0000 (02:26 +0000)] 
Add support for useronly configuration attributes.

25 years agoAdd Extended Partial Response draft
Kurt Zeilenga [Tue, 14 Dec 1999 00:51:15 +0000 (00:51 +0000)] 
Add Extended Partial Response draft

25 years agoAdd LDAP_RES_EXTENDED_PARTIAL tag
Kurt Zeilenga [Tue, 14 Dec 1999 00:47:20 +0000 (00:47 +0000)] 
Add LDAP_RES_EXTENDED_PARTIAL tag

25 years agoClarify that the contents of this file need not be update by the
Kurt Zeilenga [Tue, 14 Dec 1999 00:30:02 +0000 (00:30 +0000)] 
Clarify that the contents of this file need not be update by the
installer.

25 years agoRemove lint
Kurt Zeilenga [Mon, 13 Dec 1999 04:53:59 +0000 (04:53 +0000)] 
Remove lint
Add copyrights

25 years agoFix server unavailable handling bug introduced by the ldap_open to
Kurt Zeilenga [Sun, 12 Dec 1999 20:12:39 +0000 (20:12 +0000)] 
Fix server unavailable handling bug introduced by the ldap_open to
ldap_init change.   Fix suggested by Jay D. Allen <jay@fork.com>.

25 years agoStop reducing number of substring candiadates when there is only two or
Kurt Zeilenga [Sun, 12 Dec 1999 19:59:05 +0000 (19:59 +0000)] 
Stop reducing number of substring candiadates when there is only two or
less left.  Based upon suggestion made by bert hubert <ahu@casema.net>

25 years agoAdd password check and generation check.
Kurt Zeilenga [Sun, 12 Dec 1999 18:45:06 +0000 (18:45 +0000)] 
Add password check and generation check.
Modify tests to use -h "ldap://localhost:port/" instead of -p port.

25 years agoRemove lint.
Kurt Zeilenga [Sun, 12 Dec 1999 05:07:17 +0000 (05:07 +0000)] 
Remove lint.

25 years agos/generate/hash/
Kurt Zeilenga [Sun, 12 Dec 1999 05:06:36 +0000 (05:06 +0000)] 
s/generate/hash/

25 years agoAdd checks to ensure arguments are consistent (v2 vs v3).
Kurt Zeilenga [Sun, 12 Dec 1999 05:05:20 +0000 (05:05 +0000)] 
Add checks to ensure arguments are consistent (v2 vs v3).

25 years agoFix == != typo
Kurt Zeilenga [Sun, 12 Dec 1999 05:02:03 +0000 (05:02 +0000)] 
Fix == != typo

25 years agoFix decoding of sasl bind and extended operation responses.
Kurt Zeilenga [Sun, 12 Dec 1999 03:16:46 +0000 (03:16 +0000)] 
Fix decoding of sasl bind and extended operation responses.

25 years agoAdd RSA ASN.1 guide
Kurt Zeilenga [Sun, 12 Dec 1999 02:44:03 +0000 (02:44 +0000)] 
Add RSA ASN.1 guide

25 years agoWrap request/response bervals in a sequence.
Kurt Zeilenga [Sat, 11 Dec 1999 19:33:45 +0000 (19:33 +0000)] 
Wrap request/response bervals in a sequence.

25 years agoFix mem leak in ldap_start_tls(), treat empty host name as localhost when opening...
Mark Valence [Sat, 11 Dec 1999 03:50:33 +0000 (03:50 +0000)] 
Fix mem leak in ldap_start_tls(), treat empty host name as localhost when opening a connection.

25 years agoUnescape host:port when parsing a host list.
Mark Valence [Sat, 11 Dec 1999 03:46:07 +0000 (03:46 +0000)] 
Unescape host:port when parsing a host list.

25 years agoStart TLS extension: check that TLS was inited successfully, return default referral...
Mark Valence [Fri, 10 Dec 1999 19:18:33 +0000 (19:18 +0000)] 
Start TLS extension: check that TLS was inited successfully, return default referral on failure as appropriate.

25 years agoclient/server controls added to ldap_start_tls().
Mark Valence [Fri, 10 Dec 1999 18:26:12 +0000 (18:26 +0000)] 
client/server controls added to ldap_start_tls().

25 years agoITS#394: index presence bug fix
Kurt Zeilenga [Fri, 10 Dec 1999 18:07:24 +0000 (18:07 +0000)] 
ITS#394: index presence bug fix

25 years agoCondition ldap_start_tls on HAVE_TLS.
Mark Valence [Fri, 10 Dec 1999 17:18:59 +0000 (17:18 +0000)] 
Condition ldap_start_tls on HAVE_TLS.

25 years agoUpdate usage and man page.
Kurt Zeilenga [Fri, 10 Dec 1999 04:59:28 +0000 (04:59 +0000)] 
Update usage and man page.

25 years agoFix slapd SASL/ExternalOps encoding
Kurt Zeilenga [Fri, 10 Dec 1999 04:52:32 +0000 (04:52 +0000)] 
Fix slapd SASL/ExternalOps encoding
Add controls to extended ops API signatures, need impl.
Update password to support optional server side generation of
new password, verification of old password, and changing of
non-bound user's passwords.

25 years agoAdd some mutex symbols, delete unused *_values symbols
Howard Chu [Fri, 10 Dec 1999 03:42:39 +0000 (03:42 +0000)] 
Add some mutex symbols, delete unused *_values symbols

25 years agoReturn protocol error if reqdata was provided.
Kurt Zeilenga [Thu, 9 Dec 1999 23:21:48 +0000 (23:21 +0000)] 
Return protocol error if reqdata was provided.

25 years agoPlace passwd extended op into builtin list.
Kurt Zeilenga [Thu, 9 Dec 1999 23:05:15 +0000 (23:05 +0000)] 
Place passwd extended op into builtin list.

25 years agoStart TLS extended op routine.
Mark Valence [Thu, 9 Dec 1999 22:41:45 +0000 (22:41 +0000)] 
Start TLS extended op routine.

25 years agoAdds for Start TLS functionality on slapd and LDAP C API.
Mark Valence [Thu, 9 Dec 1999 22:33:22 +0000 (22:33 +0000)] 
Adds for Start TLS functionality on slapd and LDAP C API.

25 years agoChanged URL to URI for conf/env setting.
Mark Valence [Thu, 9 Dec 1999 22:17:08 +0000 (22:17 +0000)] 
Changed URL to URI for conf/env setting.

25 years agoOn Windows, WSAENOTSOCK is treated the same as EBADF. This is needed because of...
Mark Valence [Thu, 9 Dec 1999 22:05:00 +0000 (22:05 +0000)] 
On Windows, WSAENOTSOCK is treated the same as EBADF.  This is needed because of a race condition (sock is selected just after another thread closes it), which needs a proper fix.

25 years agoModify password code such that backend end routine calls into
Kurt Zeilenga [Thu, 9 Dec 1999 21:30:32 +0000 (21:30 +0000)] 
Modify password code such that backend end routine calls into
frontend to complete parsing of extended op reqdata.
Modify password extended operation to allow optional id (DN)
entry to change (not tested).  Also, provide room to allow
server side password generation (not implemented).  Added optional old
password field to support proxying (not implemented).
Need to implement replog() support.

25 years agoBug fix: re-used Connection have TLS value for previous conn.
Mark Valence [Thu, 9 Dec 1999 21:06:42 +0000 (21:06 +0000)] 
Bug fix:  re-used Connection have TLS value for previous conn.

25 years agoAdd table of command line arguments used by clients
Kurt Zeilenga [Thu, 9 Dec 1999 17:04:42 +0000 (17:04 +0000)] 
Add table of command line arguments used by clients

25 years agoAdd TAG defines for X_CHANGE_PASSWD ID, OLD, NEW.
Kurt Zeilenga [Thu, 9 Dec 1999 17:00:54 +0000 (17:00 +0000)] 
Add TAG defines for X_CHANGE_PASSWD ID, OLD, NEW.
Relocated modify struct to be next to other structs.

25 years agoFix {CRYPT} and {UNIX} passwords
Kurt Zeilenga [Thu, 9 Dec 1999 01:24:38 +0000 (01:24 +0000)] 
Fix {CRYPT} and {UNIX} passwords

25 years agoAdd simple password test program.
Kurt Zeilenga [Thu, 9 Dec 1999 01:11:16 +0000 (01:11 +0000)] 
Add simple password test program.
Rework lutil_passwd routines to use struct berval instead of strings.

25 years agoFix reader/writer bug that allowed 2 writers! Yiks.
Kurt Zeilenga [Wed, 8 Dec 1999 23:54:33 +0000 (23:54 +0000)] 
Fix reader/writer bug that allowed 2 writers!  Yiks.
Reported by tsarna@endicor.com

25 years agoBackout fix in r1.38
Howard Chu [Wed, 8 Dec 1999 23:50:59 +0000 (23:50 +0000)] 
Backout fix in r1.38

25 years agoFix the 1.71 fix - only offset the length if the last character of the
Howard Chu [Wed, 8 Dec 1999 23:31:11 +0000 (23:31 +0000)] 
Fix the 1.71 fix - only offset the length if the last character of the
referral URL is not a '/'. Also in send_search_reference, corrected the
comparison for the pre-V3 case. Previously, referrals were being dropped
completely for V2 subtree searches. More work is still needed, V2 onelevel
referral handling is wrong.

25 years agoFix ldap_chase_referrals to treat "ldap://host/" referrals the same as
Howard Chu [Wed, 8 Dec 1999 21:37:55 +0000 (21:37 +0000)] 
Fix ldap_chase_referrals to treat "ldap://host/" referrals the same as
"ldap://host".

25 years agoFound and fixed stupid bug in seeded hash generation.
Kurt Zeilenga [Wed, 8 Dec 1999 19:23:32 +0000 (19:23 +0000)] 
Found and fixed stupid bug in seeded hash generation.

25 years agoAdd StartTLS draft
Kurt Zeilenga [Wed, 8 Dec 1999 17:56:57 +0000 (17:56 +0000)] 
Add StartTLS draft

25 years agoReplaced LDAP_EXOP_X_START_TLS with LDAP_EXOP_START_TLS
Mark Valence [Wed, 8 Dec 1999 17:39:11 +0000 (17:39 +0000)] 
Replaced LDAP_EXOP_X_START_TLS with LDAP_EXOP_START_TLS

25 years agoAdded LDAP_EXOP_X_START_TLS
Mark Valence [Wed, 8 Dec 1999 17:25:21 +0000 (17:25 +0000)] 
Added LDAP_EXOP_X_START_TLS

25 years agoNeed to adjust len by saltlen
Kurt Zeilenga [Wed, 8 Dec 1999 07:07:18 +0000 (07:07 +0000)] 
Need to adjust len by saltlen

25 years agoUpdate for new password codes for MSVC5
Kurt Zeilenga [Wed, 8 Dec 1999 06:44:22 +0000 (06:44 +0000)] 
Update for new password codes for MSVC5

25 years agoReengineered ldappasswd(1). Uses extended operation to set
Kurt Zeilenga [Wed, 8 Dec 1999 04:37:59 +0000 (04:37 +0000)] 
Reengineered ldappasswd(1).  Uses extended operation to set
user password.  Likely to be modified to use bind control
instead.  Use of modify deprecated in favor mechanisms that
support passwords stored externally to the directory (such
as in a SASL service).
Modified slapd extended operation infrastructure to support
backend provided extended operations.

25 years agorelease build needs advapi32.lib added to link
Gary Williams [Tue, 7 Dec 1999 20:08:05 +0000 (20:08 +0000)] 
release build needs advapi32.lib added to link

25 years agobuild project doesnt need to create an exe, just a txt will do
Gary Williams [Tue, 7 Dec 1999 20:06:54 +0000 (20:06 +0000)] 
build project doesnt need to create an exe, just a txt will do

25 years agobuild -Win32 Release wants a make file
Gary Williams [Tue, 7 Dec 1999 20:05:44 +0000 (20:05 +0000)] 
build -Win32 Release wants a make file

25 years agoChanges for URI spport: New routines ldap_initialize and ldap_create; LDAPURLDesc...
Mark Valence [Tue, 7 Dec 1999 19:47:00 +0000 (19:47 +0000)] 
Changes for URI spport:  New routines ldap_initialize and ldap_create; LDAPURLDesc replaces LDAPServer, LDAPURLDesc list used instead of ldo_defhost.

25 years agoChanges for URI spport: New routines ldap_initialize and ldap_create; LDAPURLDesc...
Mark Valence [Tue, 7 Dec 1999 18:52:05 +0000 (18:52 +0000)] 
Changes for URI spport:  New routines ldap_initialize and ldap_create; LDAPURLDesc replaces LDAPServer, LDAPURLDesc list used instead of ldo_defhost.

25 years agoChanges for URI spport: New routines ldap_initialize and ldap_create; LDAPURLDesc...
Mark Valence [Tue, 7 Dec 1999 18:42:25 +0000 (18:42 +0000)] 
Changes for URI spport:  New routines ldap_initialize and ldap_create; LDAPURLDesc replaces LDAPServer, LDAPURLDesc list used instead of ldo_defhost.

25 years agoreduce slap_passwd_check to simple form
Kurt Zeilenga [Mon, 6 Dec 1999 21:42:10 +0000 (21:42 +0000)] 
reduce slap_passwd_check to simple form

25 years agoadd -r switch to man page
Gary Williams [Mon, 6 Dec 1999 19:02:39 +0000 (19:02 +0000)] 
add -r switch to man page

25 years agoSet ber_errno here and there.
Kurt Zeilenga [Mon, 6 Dec 1999 06:33:26 +0000 (06:33 +0000)] 
Set ber_errno here and there.

25 years agoChanged ldap_pvt_tls_init_def_ctx() to not fail if there is no cacertfile/dir specifi...
Mark Valence [Mon, 6 Dec 1999 04:44:22 +0000 (04:44 +0000)] 
Changed ldap_pvt_tls_init_def_ctx() to not fail if there is no cacertfile/dir specified.  This lets LDAP_OPT_X_TLS_REQUIRE_CERT=0 work.  If LDAP_OPT_X_TLS_REQUIRE_CERT=1, connection will fail as appropriate since there is no CA list.

25 years agoRemoved some unused vars.
Mark Valence [Mon, 6 Dec 1999 04:11:50 +0000 (04:11 +0000)] 
Removed some unused vars.

25 years agoBug fix. == NULL changed to != NULL before freeing mem.
Mark Valence [Sun, 5 Dec 1999 22:22:37 +0000 (22:22 +0000)] 
Bug fix.   == NULL changed to  != NULL before freeing mem.

25 years agoRemoved unused local var.
Mark Valence [Sun, 5 Dec 1999 22:19:08 +0000 (22:19 +0000)] 
Removed unused local var.

25 years agoRemove istty test otherwise we may not detach.
Kurt Zeilenga [Sun, 5 Dec 1999 05:25:02 +0000 (05:25 +0000)] 
Remove istty test otherwise we may not detach.