[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#8618) ldapsearch - unexpected behavior with "-h URI -p PORT"
- To: openldap-its@OpenLDAP.org
- Subject: (ITS#8618) ldapsearch - unexpected behavior with "-h URI -p PORT"
- From: alex@r42.ch
- Date: Wed, 15 Mar 2017 23:23:42 +0000
- Auto-submitted: auto-generated (OpenLDAP-ITS)
Full_Name: Alexandre Rosenberg
Version: 2.4.44
OS: Linux - CentOS7
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (125.30.6.137)
I found some unexpected behavior when using both '-h' and '-p' option with
ldapserach.
== Reproduce:
- Use the '-h' option with an invalid hostname such as a URI
- Also set a (valid) port using the '-p' option
== Result:
If those condition are met, ldapearch seem to always connect to localhost on
port 389
$ ldapsearch -x -d 255 -h ldap://localhost -p 10389
ldap_create
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP localhost:389
== Expected behavior:
Failure due to invalid hostname
== Note:
This *only* happens when both '-h' and '-p' are used.
When only '-h' is used, following happens which seem fine:
$ ldapsearch -x -d 255 -h ldap://localhost
ldap_create
ldap_url_parse_ext(ldap://ldap:%2F%2Flocalhost)
ldap_err2string
Could not create LDAP session handle for URI=ldap://ldap:
%2F%2Flocalhost (-9): Bad parameter to an ldap routine
== Additional example:
Bellow are some more example - note adding "/" to the hostname is enough to
trigger the issue.
1. $ ldapsearch -x -d 255 -h example.org -p 10636
-> Connects to example.org on port 10636 (as expected)
2. $ ldapsearch -x -d 255 -h /example.org -p 10636
-> Connects to localhost on port 389 (!) - note the added "/"
3. $ ldapsearch -x -d 255 -h /example.org
Running the command will give you the debug output (which I omitted here). Note
I am using openldap 2.4.44.