> > While reading the ldap.c lookup code in Exim, I saw that too few entries
> > cause a search to fail (which is ok), but too many defer it. Why?
>
> Not sure. This is mainly contributed code which I did not originate.
> Presumably the belief is that this is a configuration error, so the
> message should be kept and tried again - hopefully when the
> configuration has been corrected. This is similar to deferring for a
> syntax error in an Exim filter file.
Ok, so I vote for fail instead of defer. Someone might use a simple
director for single values and one that uses ldapm for multiple values
that way. I could imagine to match an address against real names
using LDAP: Deliver the mail if the search finds one response and use
an auto responder if there were more than one.
> > Are there any objections against extending the LDAP URLs for exim? If not,
> > I might send a patch later.
>
> I believe the LDAP URLs follow some RFC. I do not know if it would allow
> for such an extension.
The RFC would certainly not allow such an extension, but we don't lose
much by doing something very useful compared to letting a syntactically
false lookup fail (in the context of a config file!).
I don't know if the RFC defines that the protocol://host[:port] part of
an URL has to resolve to an A record or if SRV records would be allowed
as well. I do know that I need a solution to my problem of a fall-back
host urgently and the appended patch appears to provide it. ;)
Michael
----------------------------------------------------------------------
--- ldap.c.orig Thu Jun 10 08:16:10 1999
+++ ldap.c Thu Jun 10 12:01:19 1999
@@ -346,6 +346,38 @@
}
+static int
+perform_xldap_search(void *handle, char *ldap_url, BOOL single, char **res,
+ char **errmsg)
+{
+const char *hostBegin,*hostEnd,*hostSep;
+size_t protlen,dnlen,hostlen;
+char *urlbuf;
+int status;
+
+if ((hostBegin=strstr(ldap_url,"://"))==(char*)0)
+ return perform_ldap_search(handle,ldap_url,single,res,errmsg);
+hostBegin+=3;
+protlen=hostBegin-ldap_url;
+if ((hostEnd=strchr(hostBegin,'/'))==(char*)0)
+ return perform_ldap_search(handle,ldap_url,single,res,errmsg);
+dnlen=strlen(hostEnd);
+do
+ {
+ if ((hostSep=strchr(hostBegin,','))==(char*)0 || hostSep>hostEnd) hostSep=hostEnd;
+ hostlen=hostSep-hostBegin;
+ urlbuf=store_malloc(protlen+hostlen+dnlen+1);
+ strncpy(urlbuf,ldap_url,protlen);
+ if (hostlen) strncpy(urlbuf+protlen,hostBegin,hostlen);
+ strcpy(urlbuf+protlen+hostlen,hostEnd);
+ status=perform_ldap_search(handle,urlbuf,single,res,errmsg);
+ store_free(urlbuf);
+ if (status!=DEFER) return status;
+ hostBegin=hostSep+1;
+ } while (hostBegin<hostEnd);
+ return DEFER;
+}
+
/*************************************************
* Open entry point *
@@ -378,14 +410,14 @@
eldap_find(void *handle, char *filename, char *ldap_url, int length,
char **result, char **errmsg)
{
-return(perform_ldap_search(handle, ldap_url, TRUE, result, errmsg));
+return(perform_xldap_search(handle, ldap_url, TRUE, result, errmsg));
}
int
eldapm_find(void *handle, char *filename, char *ldap_url, int length,
char **result, char **errmsg)
{
-return(perform_ldap_search(handle, ldap_url, FALSE, result, errmsg));
+return(perform_xldap_search(handle, ldap_url, FALSE, result, errmsg));
}
--
*** Exim information can be found at
http://www.exim.org/ ***
