Re: [Exim] OpenLDAP v2 client vs. v1 server issue in Exim 4.…

Pàgina inicial
Delete this message
Reply to this message
Autor: Philip Hazel
Data:  
A: Christian Balzer
CC: exim-users
Assumpte: Re: [Exim] OpenLDAP v2 client vs. v1 server issue in Exim 4.12
On Wed, 8 Jan 2003, Christian Balzer wrote:

> just tried to upgrade the test-bed box from 4.10 to 4.12, alas:
> ---
> $ exim -v -bt chibi@???
> chibi@??? cannot be resolved at this time:
> [blah blah blah] gave DEFER: failed to bind the LDAP connection to server
> ldapserver:389 - LDAP error 2: Protocol error
> ---
>


> Any ideas which of the numerous LDAP updates in 4.11 brought on this
> unfortunate change and how to get the 4.10 behavior back?


I'm guessing, because I'm not an LDAP guru, but I suspect it is this
change:

 9. With OpenLDAP 2.0.25, ldaps:// doesn't seem to work unless the LDAP
    protocol level is set to 3. This is now standard in the Exim code, as v3
    has been around for 5 years now.


> The LDAP server is still an OpenLDAP 1 box


My guess is that that is too old.

In the source file lookups/ldap.c you will find this code around line 270:

#ifdef LDAP_VERSION3
int version = LDAP_VERSION3;
#else
int version = 2;
#endif

Maybe you need to set version = 1?

Or possibly change the code that sets the version, around line 369:

/* I could not get TLS to work until I set the version to 3. That version
seems to be the default nowadays. The RFC is dated 1997, so I would hope
that all the LDAP libraries support it. Let's go for it. */

#ifdef LDAP_OPT_PROTOCOL_VERSION
ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, (void *)&version);
#endif


--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.