On Thu, 9 Mar 2006, Justo Alonso wrote:
> Running strace I see that the lookup tries to search all references, but
> I already set dereference=never, so it seems that it's not working. This is
> the server_condition that I'm using:
>
> server_condition = ${lookup ldap {user="${lookup
> ldapdn{user="LDAP_ACTIVE_USER" pass=${quote:LDAP_ACTIVE_PASS} \
> dereference=never size=1
> ldap:///LDAP_ACTIVE_BASEDN?dn?sub?LDAP_ACTIVE_AUTH_P}}" \
> pass=${quote:$3} dereference=never size=1 \
>
> ldap:///LDAP_ACTIVE_BASEDN?mail?sub?LDAP_ACTIVE_AUTH_P}{1}{0}}
>
> If I set nettime=1 on the ldapdn lookup, then all works (I get the
> timeout in just one second), the second query gets executed following no
> references (maybe it's using the cached connection)
I don't know much about LDAP (most of the code was contributed by
others, though I have hacked it occasionally). However, I see that the
code contains this snippet:
/* Similarly for dereferencing aliases. Don't know if this is possible on
an LDAP library without LDAP_OPT_DEREF. */
#if defined(LDAP_OPT_DEREF)
ldap_set_option(lcp->ld, LDAP_OPT_DEREF, (void *)&dereference);
#endif
This suggests that different LDAP libraries may or may not support the
feature. So the first check is to see if LDAP_OPT_DEREF is defined in
ldap.h on your system. But if it is, I'm not sure how to proceed,
because the above code is all that is done by Exim. (The variable
"deference" contains one of LDAP_DEREF_{NEVER,SEARCHING,FINDING,ALWAYS}
at this stage.)
--
Philip Hazel University of Cambridge Computing Service
Get the Exim 4 book: http://www.uit.co.uk/exim-book