Listeners
LDAP and LDAPS listeners accept client traffic, apply resource limits, and dispatch request bytes into the runtime.
Architecture
Rust listener runtimes, operation FSMs, and LMDB storage
OpenDR separates network handling, protocol parsing, operation state, storage, replication, and monitoring into clear implementation boundaries.
Request flow
From LDAP client request to durable directory response
The current runtime validates transport, decodes BER, parses LDAP requests, dispatches operation state machines, and returns encoded LDAP responses.
TCP or TLS
Resource limits
BER decode
LDAP parse
Schema and controls
Backend transaction
Protocol path
BER decoding, LDAP parsing, control validation, and message ID correlation keep protocol handling explicit.
Operation FSMs
Dedicated state machines handle auth, search, write, compare, extended operations, and replication sessions.
Directory backend
The backend validates schema, indexes attributes, commits writes transactionally, and serves low-latency reads from LMDB.
Replication
Provider-consumer delivery over LDAP Sync semantics
Provider writes are tracked in a bounded changelog. Consumers use an initial refresh, persist a replication cookie, and keep a live change stream open for follow-up updates.
ProviderWrites and changelog
ConsumerRefresh, cookie, persist