[exim-cvs] cvs commit: exim/exim-doc/doc-txt ChangeLog exim/…

ph10 2004/11/10 14:15:21 GMT

  Modified files:
    exim-doc/doc-txt     ChangeLog 
    exim-src             ACKNOWLEDGMENTS 
    exim-src/src/lookups ldap.c 
    exim-test-orig/AutoTest/stderr 901 
    exim-test-orig/AutoTest/stdout 901 
  Log:
  Michael Haardt's patch to do LDAP network timeouts better for OpenLDAP.

  Revision  Changes    Path
  1.20      +4 -0      exim/exim-doc/doc-txt/ChangeLog
  1.4       +1 -0      exim/exim-src/ACKNOWLEDGMENTS
  1.2       +59 -31    exim/exim-src/src/lookups/ldap.c
  1.2       +26 -26    exim/exim-test-orig/AutoTest/stderr/901
  1.2       +1 -1      exim/exim-test-orig/AutoTest/stdout/901

  Index: ChangeLog
  ===================================================================
  RCS file: /home/cvs/exim/exim-doc/doc-txt/ChangeLog,v
  retrieving revision 1.19
  retrieving revision 1.20
  diff -u -r1.19 -r1.20
  --- ChangeLog    10 Nov 2004 10:29:56 -0000    1.19
  +++ ChangeLog    10 Nov 2004 14:15:20 -0000    1.20
  @@ -1,4 +1,4 @@
  -$Cambridge: exim/exim-doc/doc-txt/ChangeLog,v 1.19 2004/11/10 10:29:56 ph10 Exp $
  +$Cambridge: exim/exim-doc/doc-txt/ChangeLog,v 1.20 2004/11/10 14:15:20 ph10 Exp $

   Change log file for Exim from version 4.21
   -------------------------------------------
  @@ -69,6 +69,10 @@
       information about exactly what failed.

   19. Added -dd to debug only the daemon process.
  +
  +20. Incorporated Michael Haardt's patch to ldap.c for improving the way it
  +    handles timeouts, both on the server side and network timeouts. Renamed the
  +    CONNECT parameter as NETTIMEOUT (but kept the old name for compatibility).

Exim version 4.43

  Index: ACKNOWLEDGMENTS
  ===================================================================
  RCS file: /home/cvs/exim/exim-src/ACKNOWLEDGMENTS,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- ACKNOWLEDGMENTS    10 Nov 2004 10:29:56 -0000    1.3
  +++ ACKNOWLEDGMENTS    10 Nov 2004 14:15:20 -0000    1.4
  @@ -1,4 +1,4 @@
  -$Cambridge: exim/exim-src/ACKNOWLEDGMENTS,v 1.3 2004/11/10 10:29:56 ph10 Exp $
  +$Cambridge: exim/exim-src/ACKNOWLEDGMENTS,v 1.4 2004/11/10 14:15:20 ph10 Exp $

EXIM ACKNOWLEDGEMENTS

  @@ -134,6 +134,7 @@
                             Module to support Sieve (RFC 3028) filters and
                               continued maintenance of same
                             Patch for faster sort algorithm in queue.c
  +                          Patch for LDAP timeout handling 
   Thomas Hager              Patch for saslauthd crash bug
   Richard Hall              Fix for file descriptor leak in redirection
   Steve Haslam              Lots of stuff, including

  Index: ldap.c
  ===================================================================
  RCS file: /home/cvs/exim/exim-src/src/lookups/ldap.c,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- ldap.c    7 Oct 2004 13:10:01 -0000    1.1
  +++ ldap.c    10 Nov 2004 14:15:20 -0000    1.2
  @@ -1,4 +1,4 @@
  -/* $Cambridge: exim/exim-src/src/lookups/ldap.c,v 1.1 2004/10/07 13:10:01 ph10 Exp $ */
  +/* $Cambridge: exim/exim-src/src/lookups/ldap.c,v 1.2 2004/11/10 14:15:20 ph10 Exp $ */

   /*************************************************
   *     Exim - an Internet mail transport agent    *
  @@ -72,13 +72,6 @@
   #endif

-/* For libraries without TCP connect timeouts */
-
-#ifndef LDAP_X_IO_TIMEOUT_NO_TIMEOUT
-#define LDAP_X_IO_TIMEOUT_NO_TIMEOUT (-1)
-#endif
-
-
/* Four types of LDAP search are implemented */

   #define SEARCH_LDAP_MULTIPLE 0       /* Get attributes from multiple entries */
  @@ -136,7 +129,7 @@
     password      password for authentication, or NULL
     sizelimit     max number of entries returned, or 0 for no limit
     timelimit     max time to wait, or 0 for no limit
  -  tcplimit      max time to connect, or NULL for OS default
  +  tcplimit      max time to connect, or 0 for OS default
     deference     the dereference option, which is one of
                     LDAP_DEREF_{NEVER,SEARCHING,FINDING,ALWAYS}

  @@ -376,9 +369,20 @@
     in Netscape SDK v4.1; I don't know about other libraries. */

     #ifdef LDAP_X_OPT_CONNECT_TIMEOUT
  -  ldap_set_option(ld, LDAP_X_OPT_CONNECT_TIMEOUT, (void *)&tcplimit);
  +  if (tcplimit > 0)
  +    {
  +    unsigned int timeout1000 = tcplimit*1000;
  +    ldap_set_option(ld, LDAP_X_OPT_CONNECT_TIMEOUT, (void *)&timeout1000);
  +    }
     #endif

  +  /* Set the TCP connect timeout. This works with OpenLDAP 2.2.14. */
  +
  +  #ifdef LDAP_OPT_NETWORK_TIMEOUT
  +  if (tcplimit > 0)
  +    ldap_set_option(ld, LDAP_OPT_NETWORK_TIMEOUT, (void *)timeoutptr);
  +  #endif 
  +
     /* I could not get TLS to work until I set the version to 3. That version
     seems to be the default nowadays. The RFC is dated 1997, so I would hope
     that all the LDAP libraries support it. Therefore, if eldap_version hasn't
  @@ -443,6 +447,15 @@
         host, porttext);
     }

+/* Whatever follows, obey this timeout in any requests. */
+
+if (tcplimit > 0)
+ {
+ timeout.tv_sec = tcplimit;
+ timeout.tv_usec = 0;
+ timeoutptr = &timeout;
+ }
+
/* Bind with the user/password supplied, or an anonymous bind if these values
are NULL, unless a cached connection is already bound with the same values. */

  @@ -457,23 +470,41 @@
     {
     DEBUG(D_lookup) debug_printf("%sbinding with user=%s password=%s\n",
       (lcp->bound)? "re-" : "", user, password);
  -  if ((rc = ldap_bind_s(lcp->ld, CS user, CS password, LDAP_AUTH_SIMPLE))
  -       != LDAP_SUCCESS)
  +  if ((msgid = ldap_bind(lcp->ld, CS user, CS password, LDAP_AUTH_SIMPLE))
  +       == -1)
       {
  -    /* Invalid credentials when just checking credentials returns FAIL. This
  -    stops any further servers being tried. */
  +    *errmsg = string_sprintf("failed to bind the LDAP connection to server "
  +      "%s%s - LDAP error", host, porttext);
  +    goto RETURN_ERROR;
  +    }

  -    if (search_type == SEARCH_LDAP_AUTH && rc == LDAP_INVALID_CREDENTIALS)
  -      {
  -      DEBUG(D_lookup)
  -        debug_printf("Invalid credentials: ldapauth returns FAIL\n");
  -      error_yield = FAIL;
  -      goto RETURN_ERROR_NOMSG;
  -      }
  +  if ((rc = ldap_result( lcp->ld, msgid, 1, timeoutptr, &result )) <= 0)
  +    {
  +    *errmsg = string_sprintf("failed to bind the LDAP connection to server "
  +      "%s%s - LDAP error: %s", host, porttext, 
  +      rc == -1 ? "result retrieval failed" : "timeout" );
  +    result = NULL;
  +    goto RETURN_ERROR;
  +    }
  +
  +  rc = ldap_result2error( lcp->ld, result, 0 );
  +
  +  /* Invalid credentials when just checking credentials returns FAIL. This
  +  stops any further servers being tried. */

  -    /* Otherwise we have a problem that doesn't stop further servers from being
  -    tried. */
  +  if (search_type == SEARCH_LDAP_AUTH && rc == LDAP_INVALID_CREDENTIALS)
  +    {
  +    DEBUG(D_lookup)
  +      debug_printf("Invalid credentials: ldapauth returns FAIL\n");
  +    error_yield = FAIL;
  +    goto RETURN_ERROR_NOMSG;
  +    }

  +  /* Otherwise we have a problem that doesn't stop further servers from being
  +  tried. */
  +
  +  if (rc != LDAP_SUCCESS)
  +    {
       *errmsg = string_sprintf("failed to bind the LDAP connection to server "
         "%s%s - LDAP error %d: %s", host, porttext, rc, ldap_err2string(rc));
       goto RETURN_ERROR;
  @@ -484,6 +515,9 @@
     lcp->bound = TRUE;
     lcp->user = (user == NULL)? NULL : string_copy(user);
     lcp->password = (password == NULL)? NULL : string_copy(password);
  +
  +  ldap_msgfree(result);
  +  result = NULL;
     }

/* If we are just checking credentials, return OK. */
@@ -528,13 +562,6 @@
/* Loop to pick up results as they come in, setting a timeout if one was
given. */

  -if (timelimit > 0)
  -  {
  -  timeout.tv_sec = timelimit;
  -  timeout.tv_usec = 0;
  -  timeoutptr = &timeout;
  -  }
  -
   while ((rc = ldap_result(lcp->ld, msgid, 0, timeoutptr, &result)) ==
           LDAP_RES_SEARCH_ENTRY)
     {
  @@ -916,7 +943,7 @@
   BOOL defer_break = FALSE;
   int timelimit = LDAP_NO_LIMIT;
   int sizelimit = LDAP_NO_LIMIT;
  -int tcplimit = LDAP_X_IO_TIMEOUT_NO_TIMEOUT;
  +int tcplimit = 0;
   int dereference = LDAP_DEREF_NEVER;
   int sep = 0;
   uschar *url = ldap_url;
  @@ -949,7 +976,8 @@
         else if (strncmpic(name, US"PASS=", namelen) == 0) password = value;
         else if (strncmpic(name, US"SIZE=", namelen) == 0) sizelimit = Uatoi(value);
         else if (strncmpic(name, US"TIME=", namelen) == 0) timelimit = Uatoi(value);
  -      else if (strncmpic(name, US"CONNECT=", namelen) == 0) tcplimit = Uatoi(value) * 1000;
  +      else if (strncmpic(name, US"CONNECT=", namelen) == 0) tcplimit = Uatoi(value);
  +      else if (strncmpic(name, US"NETTIME=", namelen) == 0) tcplimit = Uatoi(value);

         /* Don't know if all LDAP libraries have LDAP_OPT_DEREF */

  Index: 901
  ===================================================================
  RCS file: /home/cvs/exim/exim-test-orig/AutoTest/stderr/901,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- 901    8 Oct 2004 14:50:08 -0000    1.1
  +++ 901    10 Nov 2004 14:15:20 -0000    1.2
  @@ -39,8 +39,8 @@
   internal_search_find: file="NULL"
     type=ldap key="ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
   database lookup required for ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
  -LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=-1 dereference=0
  -perform_ldap_search: ldap URL = "ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=-1
  +LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=0 dereference=0
  +perform_ldap_search: ldap URL = "ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
   after ldap_url_parse: host=NULL port=389
   ldap_initialize with URL ldap://:389/
   initialized for LDAP (v3) server NULL:389
  @@ -62,8 +62,8 @@
   internal_search_find: file="NULL"
     type=ldap key="ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
   database lookup required for ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
  -LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=-1 dereference=0
  -perform_ldap_search: ldap URL = "ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=-1
  +LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=0 dereference=0
  +perform_ldap_search: ldap URL = "ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
   after ldap_url_parse: host=/tmp/ldap.sock port=0
   ldap_initialize with URL ldapi://%2Ftmp%2Fldap.sock
   initialized for LDAP (v3) server /tmp/ldap.sock
  @@ -93,8 +93,8 @@
   internal_search_find: file="NULL"
     type=ldap key="ldap://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
   database lookup required for ldap://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
  -LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=-1 dereference=0
  -perform_ldap_search: ldap URL = "ldap://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=-1
  +LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=0 dereference=0
  +perform_ldap_search: ldap URL = "ldap://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
   after ldap_url_parse: host=/tmp/ldap.sock port=389
   re-using cached connection to LDAP server /tmp/ldap.sock
   Start search
  @@ -113,8 +113,8 @@
   internal_search_find: file="NULL"
     type=ldap key="ldaps://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
   database lookup required for ldaps://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
  -LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=-1 dereference=0
  -perform_ldap_search: ldap URL = "ldaps://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=-1
  +LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=0 dereference=0
  +perform_ldap_search: ldap URL = "ldaps://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
   after ldap_url_parse: host=/tmp/ldap.sock port=636
   re-using cached connection to LDAP server /tmp/ldap.sock
   Start search
  @@ -133,8 +133,8 @@
   internal_search_find: file="NULL"
     type=ldap key="user="cn=manager,o=University of Cambridge,c=UK" pass=secret ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
   database lookup required for user="cn=manager,o=University of Cambridge,c=UK" pass=secret ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
  -LDAP parameters: user=cn=manager,o=University of Cambridge,c=UK pass=secret size=0 time=0 connect=-1 dereference=0
  -perform_ldap_search: ldap URL = "ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=-1
  +LDAP parameters: user=cn=manager,o=University of Cambridge,c=UK pass=secret size=0 time=0 connect=0 dereference=0
  +perform_ldap_search: ldap URL = "ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
   after ldap_url_parse: host=127.0.0.1 port=636
   ldap_initialize with URL ldaps://127.0.0.1:636/
   initialized for LDAP (v3) server 127.0.0.1:636
  @@ -156,8 +156,8 @@
   internal_search_find: file="NULL"
     type=ldap key="user="cn=manager,o=University of Cambridge,c=UK" pass="secret" ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
   database lookup required for user="cn=manager,o=University of Cambridge,c=UK" pass="secret" ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
  -LDAP parameters: user=cn=manager,o=University of Cambridge,c=UK pass=secret size=0 time=0 connect=-1 dereference=0
  -perform_ldap_search: ldap URL = "ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=-1
  +LDAP parameters: user=cn=manager,o=University of Cambridge,c=UK pass=secret size=0 time=0 connect=0 dereference=0
  +perform_ldap_search: ldap URL = "ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
   after ldap_url_parse: host=127.0.0.1 port=636
   re-using cached connection to LDAP server 127.0.0.1:636
   Start search
  @@ -186,8 +186,8 @@
   internal_search_find: file="NULL"
     type=ldap key="ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
   database lookup required for ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
  -LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=-1 dereference=0
  -perform_ldap_search: ldap URL = "ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=127.0.0.1 port=0 sizelimit=0 timelimit=0 tcplimit=-1
  +LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=0 dereference=0
  +perform_ldap_search: ldap URL = "ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=127.0.0.1 port=0 sizelimit=0 timelimit=0 tcplimit=0
   after ldap_url_parse: host=127.0.0.1 port=0
   ldap_initialize with URL ldap://127.0.0.1:389/
   initialized for LDAP (v3) server 127.0.0.1:389
  @@ -209,8 +209,8 @@
   internal_search_find: file="NULL"
     type=ldap key="ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
   database lookup required for ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
  -LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=-1 dereference=0
  -perform_ldap_search: ldap URL = "ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=-1
  +LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=0 dereference=0
  +perform_ldap_search: ldap URL = "ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
   after ldap_url_parse: host=/tmp/ldap.sock port=0
   ldap_initialize with URL ldapi://%2Ftmp%2Fldap.sock
   initialized for LDAP (v3) server /tmp/ldap.sock
  @@ -240,8 +240,8 @@
   internal_search_find: file="NULL"
     type=ldap key="ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
   database lookup required for ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
  -LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=-1 dereference=0
  -perform_ldap_search: ldap URL = "ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=/tmp/ldap.sock port=0 sizelimit=0 timelimit=0 tcplimit=-1
  +LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=0 dereference=0
  +perform_ldap_search: ldap URL = "ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=/tmp/ldap.sock port=0 sizelimit=0 timelimit=0 tcplimit=0
   after ldap_url_parse: host=/tmp/ldap.sock port=0
   ldap_initialize with URL ldapi://%2Ftmp%2Fldap.sock
   initialized for LDAP (v3) server /tmp/ldap.sock
  @@ -262,8 +262,8 @@
   internal_search_find: file="NULL"
     type=ldap key="ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
   database lookup required for ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
  -LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=-1 dereference=0
  -perform_ldap_search: ldap URL = "ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=-1
  +LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=0 dereference=0
  +perform_ldap_search: ldap URL = "ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
   after ldap_url_parse: host=/tmp/ldap.sock port=0
   re-using cached connection to LDAP server /tmp/ldap.sock
   Start search
  @@ -282,8 +282,8 @@
   internal_search_find: file="NULL"
     type=ldap key="dereference=always ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
   database lookup required for dereference=always ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
  -LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=-1 dereference=3
  -perform_ldap_search: ldap URL = "ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=/tmp/ldap.sock port=0 sizelimit=0 timelimit=0 tcplimit=-1
  +LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=0 dereference=3
  +perform_ldap_search: ldap URL = "ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=/tmp/ldap.sock port=0 sizelimit=0 timelimit=0 tcplimit=0
   after ldap_url_parse: host=/tmp/ldap.sock port=0
   re-using cached connection to LDAP server /tmp/ldap.sock
   Start search
  @@ -302,8 +302,8 @@
   internal_search_find: file="NULL"
     type=ldap key="ldapi://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
   database lookup required for ldapi://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
  -LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=-1 dereference=0
  -perform_ldap_search: ldap URL = "ldapi://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=-1
  +LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=0 dereference=0
  +perform_ldap_search: ldap URL = "ldapi://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
   after ldap_url_parse: host=127.0.0.1 port=0
   ldapi requires an absolute path ("127.0.0.1" given)
   lookup deferred: ldapi requires an absolute path ("127.0.0.1" given)
  @@ -315,8 +315,8 @@
   internal_search_find: file="NULL"
     type=ldap key="user="cn=manager,o=University of Cambridge,c=UK" pass="se\"cret" ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
   database lookup required for user="cn=manager,o=University of Cambridge,c=UK" pass="se\"cret" ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
  -LDAP parameters: user=cn=manager,o=University of Cambridge,c=UK pass=se"cret size=0 time=0 connect=-1 dereference=0
  -perform_ldap_search: ldap URL = "ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=-1
  +LDAP parameters: user=cn=manager,o=University of Cambridge,c=UK pass=se"cret size=0 time=0 connect=0 dereference=0
  +perform_ldap_search: ldap URL = "ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
   after ldap_url_parse: host=127.0.0.1 port=636
   ldap_initialize with URL ldaps://127.0.0.1:636/
   initialized for LDAP (v3) server 127.0.0.1:636

  Index: 901
  ===================================================================
  RCS file: /home/cvs/exim/exim-test-orig/AutoTest/stdout/901,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- 901    8 Oct 2004 14:50:14 -0000    1.1
  +++ 901    10 Nov 2004 14:15:21 -0000    1.2
  @@ -98,7 +98,7 @@

>
> Expect failure to contact server
> ${if ldapauth {size=1 time=0 user="cn=manager,o=University of Cambridge,c=UK" pass=known ldaps://127.0.0.1:9999/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=*)}{yes}{no}}
-> Failed: failed to bind the LDAP connection to server 127.0.0.1:9999 - LDAP error 81: Can't contact LDAP server
+> Failed: failed to bind the LDAP connection to server 127.0.0.1:9999 - LDAP error
>
> Expect "yes"
> ${if ldapauth { size=1 time=0 user="cn=manager,o=University of Cambridge,c=UK" pass=secret ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=*)}{yes}{no}}