[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#8618) ldapsearch - unexpected behavior with "-h URI -p PORT"

Full_Name: Alexandre Rosenberg
Version: 2.4.44
OS: Linux - CentOS7
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (

I found some unexpected behavior when using both '-h' and '-p' option with

== Reproduce:

- Use the '-h' option with an invalid hostname such as a URI
- Also set a (valid) port using the '-p' option

== Result:
If those condition are met, ldapearch seem to always connect to localhost on
port 389

    $ ldapsearch -x -d 255 -h ldap://localhost -p 10389
    ldap_new_connection 1 1 0
    ldap_connect_to_host: TCP localhost:389 

== Expected behavior:
Failure due to invalid hostname

== Note:
This *only* happens when both '-h' and '-p' are used.
When only '-h' is used, following happens which seem fine:

    $ ldapsearch -x -d 255 -h ldap://localhost
    Could not create LDAP session handle for URI=ldap://ldap:
    %2F%2Flocalhost (-9): Bad parameter to an ldap routine 

== Additional example:
Bellow are some more example - note adding "/" to the hostname is enough to
trigger the issue.

1.    $ ldapsearch -x -d 255 -h example.org -p 10636
    -> Connects to example.org on port 10636 (as expected)

2.    $ ldapsearch -x -d 255 -h /example.org -p 10636

    -> Connects to localhost on port 389 (!) - note the added "/"

3.    $ ldapsearch -x -d 255 -h /example.org

Running the command will give you the debug output (which I omitted here). Note
I am using openldap 2.4.44.