On Wed, 8 Jan 2003, Christian Balzer wrote:
> just tried to upgrade the test-bed box from 4.10 to 4.12, alas:
> ---
> $ exim -v -bt chibi@???
> chibi@??? cannot be resolved at this time:
> [blah blah blah] gave DEFER: failed to bind the LDAP connection to server
> ldapserver:389 - LDAP error 2: Protocol error
> ---
>
> Any ideas which of the numerous LDAP updates in 4.11 brought on this
> unfortunate change and how to get the 4.10 behavior back?
I'm guessing, because I'm not an LDAP guru, but I suspect it is this
change:
9. With OpenLDAP 2.0.25, ldaps:// doesn't seem to work unless the LDAP
protocol level is set to 3. This is now standard in the Exim code, as v3
has been around for 5 years now.
> The LDAP server is still an OpenLDAP 1 box
My guess is that that is too old.
In the source file lookups/ldap.c you will find this code around line 270:
#ifdef LDAP_VERSION3
int version = LDAP_VERSION3;
#else
int version = 2;
#endif
Maybe you need to set version = 1?
Or possibly change the code that sets the version, around line 369:
/* I could not get TLS to work until I set the version to 3. That version
seems to be the default nowadays. The RFC is dated 1997, so I would hope
that all the LDAP libraries support it. Let's go for it. */
#ifdef LDAP_OPT_PROTOCOL_VERSION
ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, (void *)&version);
#endif
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.