ldapsearch's bind fails due to getaddrinfo

[Bernhard Erdmann <be@berdmann.de>]

Hi,

ldapsearch of openldap-2.2.14 and -2.2.15 fails to perform DNS lookups 
on a Linux box (glibc-2.1.3-29, RHL 6.2).

If I specify the ldap server to contact using its IP address, the bind 
and the lookup are ok. However, if ldapsearch has to resolve a hostname, 
it does not even contact the LDAP server. The box has no problem 
resolving "localhost" by gethostbyname which is "files dns".

$ ldapsearch -d 255 -x -H ldap://localhost -b dc=berdmann,dc=de 
'(sn=erdman)'
ldap_create
ldap_url_parse_ext(ldap://localhost)
ldap_bind_s
ldap_simple_bind_s
ldap_sasl_bind_s
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection
ldap_int_open_connection
ldap_connect_to_host: TCP localhost:389
ldap_connect_to_host: getaddrinfo failed: Name or service not known
ldap_perror
ldap_bind: Can't contact LDAP server (-1)


strace clearly shows no system call is made to resolve the hostname into 
an IP address:

$ strace ldapsearch -x -H ldap://localhost -b dc=berdmann,dc=de 
'(sn=erdman)'
[...]
open("/etc/hosts", O_RDONLY)            = 3
fcntl(3, F_GETFD)                       = 0
fcntl(3, F_SETFD, FD_CLOEXEC)           = 0
fstat64(0x3, 0xbfffd7cc)                = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, 
-1, 0) = 0x40015000
read(3, "127.0.0.1\tlocalhost\tlocalhost.lo"..., 4096) = 76
close(3)                                = 0
munmap(0x40015000, 4096)                = 0
getrlimit(RLIMIT_NOFILE, {rlim_cur=1024, rlim_max=1024}) = 0
open("/etc/openldap/ldap.conf", O_RDONLY) = 3
fstat64(0x3, 0xbfffd8d4)                = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, 
-1, 0) = 0x40015000
read(3, "#\n# LDAP Defaults\n#\n\n# See ldap."..., 4096) = 209
read(3, "", 4096)                       = 0
close(3)                                = 0
munmap(0x40015000, 4096)                = 0
open("/home/be/ldaprc", O_RDONLY)       = -1 ENOENT (No such file or 
directory)
open("/home/be/.ldaprc", O_RDONLY)      = -1 ENOENT (No such file or 
directory)
open("ldaprc", O_RDONLY)                = -1 ENOENT (No such file or 
directory)
rt_sigaction(SIGPIPE, {SIG_IGN}, {SIG_DFL}, 8) = 0
brk(0x8111000)                          = 0x8111000
write(2, "ldap_bind: Can\'t contact LDAP se"..., 42ldap_bind: Can't 
contact LDAP server (-1)
) = 42
_exit(1)                                = ?


Using the server's IP address the search runs well (no query result is ok):

$ ldapsearch -L -x -H ldap://127.0.0.1 -b dc=berdmann,dc=de '(sn=erdman)'
version: 1

#
# LDAPv3
# base <dc=berdmann,dc=de> with scope sub
# filter: (sn=erdman)
# requesting: ALL
#

# search result

# numResponses: 1


Here's how the OpenLDAP suite was built:

# 03.09.04
# openldap-2.2.15
#
CPPFLAGS="-I/opt/db42/include -I/opt/openssl/include -I/opt/sasl/include" \
LDFLAGS="-L/opt/db42/lib -L/opt/openssl/lib -L/opt/sasl/lib" \
./configure \
--prefix=/opt/openldap \
--sysconfdir=/etc \
--localstatedir=/var/lib/ldap \
--with-cyrus-sasl \
--disable-ipv6