[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8618) ldapsearch - unexpected behavior with

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#8618) ldapsearch - unexpected behavior with
From: arekkusu@r42.ch
Date: Sun, 04 Mar 2018 12:30:14 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

Andry, I am sorry but I still don't understand...

- You are saying  ldapsearch internally converts '-h' and '-p' parameters into a
URI, correct ?

- The '-p' option in ldapsearch is optional, if it's not set it should use the
default LDAP port (TCP/389).

In the example bellow, when I am calling ldapsearch without specifying the port
(1),  it does not say anything about the ldap URI being invalid. It simply tries
to connect to '/example.org:389' and fails. (which is expected).

On the other hand the same example with the option '-p 389' added, result in the
query going to localhost (2). I don't understand why.

The default LDAP port is TCP/389, therefore I would expect ldapsearch to behave
in the same way regardless if the '-p 389' argument is provided or not.

(1) 
$ ldapsearch -x -d 255 -h /example.org
ldap_create
ldap_url_parse_ext(ldap://%
2Fexample.org)
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ld
ap_int_open_connection
ldap_connect_to_host: TCP /example.org:389
ldap_connect_to_
host: getaddrinfo failed: Name or service not known
ldap_err2string
ldap_sasl_bind
(SIMPLE): Can't contact LDAP server (-1)

(2) 
$ ldapsearch -x -d 255 -h /example.org -p 389
ldap_create
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP localhost:389
ldap_new_socket: 3
ldap_prepare_socket: 3
ldap_connect_to_host: Trying ::1 389
ldap_pvt_connect: fd: 3 tm: -1 async: 0
attempting to connect:
connect errno: 111
ldap_close_socket: 3
ldap_new_socket: 3
ldap_prepare_socket: 3
ldap_connect_to_host: Trying 127.0.0.1:389
ldap_pvt_connect: fd: 3 tm: -1 async: 0
attempting to connect:
connect errno: 111
ldap_close_socket: 3
ldap_err2string
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)

Best, Alex

On Sat, 2018-03-03 at 16:24 +0000, andrew.lawrence@siemens.com wrote:
> @Alex The difference in behaviour is because it constructs a uri from the h=
> ostname and port. If there is no port you end up with an invalid uri. I am =
> not sure if this is necessarily a good thing.
> 
> Cheers,
> Andy
> 
> 
>

Prev by Date: Re: (ITS#8639) Remove support for LANMAN
Next by Date: (ITS#8813) MDB_VL32 causes MDB_TXN_FULL
Index(es):
- Chronological
- Thread