LDAP connection types (was Re: LDAP not connecting over IPv6)
Quanah Gibson-Mount
quanah at zimbra.com
Wed Jun 1 01:25:43 CEST 2011
--On Tuesday, May 31, 2011 4:05 PM -0700 Michael Hall <mhall at riverside.org>
wrote:
> On Wed, Jun 01, 2011 at 12:33:52AM +0200, Mark Martinec wrote:
>
>> Quanah,
>>
>> > My one comment about this patch would be that the it doesn't support
>> > using "ldapi", which is connecting to a local LDAP server over a unix
>> > socket.
>>
>> It doesn't? The patch added the 'scheme' attribute to the $default_ldap
>> hash just for this purpose - although I haven't tested it.
>>
>> Something along these lines would probably work according to
>> the Net::LDAP documentation:
>>
>> $default_ldap = {
>> hostname => '/socket/path/to/ldap',
>> scheme => 'ldapi',
>> ...
>> };
>
> I've been using this forever, Net::LDAP takes a list for hostname, and
> tries each in turn:
>
> $default_ldap = {
> hostname => [ 'ldapi://%2Fvar%2Frun%2Fopenldap%2Fldapi/',
> 'ldap://vulcan.pvt.rockisland.com' ],
> ...
The patch in question, if a scheme is not identified, will test the
hostname for "ldaps", and if "ldaps" isn't found, it will change it to
"ldap". So your configuration here would stop working, since it would
break on the ldapi:/// URI.
+ if (!defined $self->{scheme}) {
+ $self->{scheme} = $self->{hostname} =~ /^ldaps/i ? 'ldaps' : 'ldap';
+ }
+ if (!defined $self->{port}) {
+ $self->{port} = lc $self->{scheme} eq 'ldaps' ? 636 : 389;
+ }
Looks like it might unnecessarily set a port too. Sounds like a disaster
for your configuration. ;)
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration
More information about the amavis-users
mailing list