On Fri, Aug 27, 2010 at 10:43:43AM -0500, Stephen Figgins wrote:
I can get perdition to query either of my ldap servers
individually, but
not when I specify both.
This entry in my perdition.conf file works:
map_library /usr/lib/libperditiondb_ldap.so.0
map_library_opt
3:ldap://ldap/ou=Accounts,dc=sunflower,dc=com?uid,mailhost?sub?(uid=%25s)
This does not
map_library /usr/lib/libperditiondb_ldap.so.0
map_library_opt 3:ldap://ldap
ldap2/ou=Accounts,dc=sunflower,dc=com?uid,mailhost?sub?(uid=%25s)
When using the second perdition fails to retrieve the mailhost. I don't
see any logs of errors on my ldap servers. It's as if perdition never
reaches them. Instead it appears to time out and then returns this:
-ERR failed: Could not determine server
My perdition server is running on Ubuntu 10.04 and perdition version
1.18-2 installed from ubuntu's packages.
Any ideas on how to get this to work?
Hi Stephen,
Unfortunately multiple LDAP server support was broken in 1.18.
Could you try 1.19-rc3?
For the record, I believe that this problem was fixed by the following
patch which should apply to 1.18.
# HG changeset patch
# User Simon Horman <horms(a)verge.net.au>
# Date 1263540841 -39600
# Node ID 89de734f919c4f2fffd82d0671e4fd62b6cc14e9
# Parent 28264fe9e31b7f34676260de9f26134399bd0372
LDAP: Allow multiple space-delimited hosts in URI
Tested-by: Dominique Marant <Dominique.Marant(a)univ-lille1.fr>
Signed-off-by: Simon Horman <horms(a)verge.net.au>
diff -r 28264fe9e31b -r 89de734f919c perdition/db/ldap/perditiondb_ldap.c
--- a/perdition/db/ldap/perditiondb_ldap.c Thu Jan 14 18:48:47 2010 +1100
+++ b/perdition/db/ldap/perditiondb_ldap.c Fri Jan 15 18:34:01 2010 +1100
@@ -321,6 +321,102 @@
return(0);
}
+#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)
+static char *perdition_ldap_uri (const LDAPURLDesc *lud)
+{
+ int nhost = 1;
+ char *uri, *start, *end;
+
+ /* Multiple hosts may be supplied, space delimited.
+ * But they will all end up with the same port.
+ * This is supported by openldap.
+ * The location of the specification for this is as yet unknown. */
+
+ start = lud->lud_host;
+ while (*start == ' ')
+ start++;
+ while ((start = strchr(start, ' '))) {
+ nhost++;
+ while (*start == ' ')
+ start++;
+ }
+
+ /*
+ * The '+9' on calloc is the worst case scenario of a non-default
+ * LDAP port: 65535 and such. The extra bytes are for the leading
+ * "://" and trailing ' ' or '\n'.
+ */
+ uri = calloc((strlen(lud->lud_scheme) + 9) * nhost +
+ strlen(lud->lud_host) + 1, 1);
+ if (!uri)
+ return NULL;
+
+ start = lud->lud_host;
+ do {
+ while (*start == ' ')
+ start++;
+ end = strchr(start, ' ');
+ if (!end)
+ end = start + strlen(start);
+
+ if (end == start)
+ break;
+
+ if (*uri)
+ strcat(uri, " ");
+ strcat(uri, lud->lud_scheme);
+ strcat(uri, "://");
+ strncat(uri, start, end - start);
+ if (lud->lud_port != LDAP_PORT) {
+ strcat(uri, ":");
+ sprintf(uri + strlen(uri),
+ "%d", lud->lud_port);
+ }
+ } while ((start = strchr(start, ' ')));
+
+ return uri;
+}
+
+static LDAP *perdition_ldap_initialize (const LDAPURLDesc *lud)
+{
+ int err;
+ char *uri;
+ LDAP *connection = NULL;
+
+ uri = perdition_ldap_uri(lud);
+ if (uri == NULL) {
+ VANESSA_LOGGER_DEBUG("perdition_ldap_uri");
+ return NULL;
+ }
+
+ err = ldap_initialize(&connection, uri);
+ if (err != LDAP_SUCCESS) {
+ VANESSA_LOGGER_DEBUG_UNSAFE("ldap_initialize: %s", uri);
+ VANESSA_LOGGER_DEBUG_UNSAFE("ldap_initialize: %s",
+ ldap_err2string(err));
+ connection = NULL;
+ goto leave;
+ }
+
+leave:
+ free(uri);
+ return connection;
+}
+#else
+static LDAP *perdition_ldap_initialize (const LDAPURLDesc *lud)
+{
+ LDAP *connection;
+
+ connection = ldap_init(lud->lud_host, lud->lud_port);
+
+ if (!connection) {
+ VANESSA_LOGGER_DEBUG_ERRNO("ldap_init");
+ return NULL;
+ }
+
+ return connection;
+}
+#endif
/**********************************************************************
* dbserver_get2
@@ -358,7 +454,6 @@
char **returns = NULL;
char *binddn = NULL;
char *bindpw = NULL;
- char *ldap_connect = NULL;
/* get filter string */
if (pldap_get_filter(key_str, pldap_filter, &lud) < 0) {
@@ -369,34 +464,11 @@
}
/* Open LDAP connection */
-#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)
- /*
- * This '+6' on calloc is the worst case scenario of a non-default
- * LDAP port: 65535 and such. The extra byte is for '\0'
- */
- ldap_connect = calloc(strlen (lud->lud_scheme) +
- strlen (lud->lud_host) + 6, sizeof (char));
- if (!ldap_connect)
- goto leave;
- if (lud->lud_port != LDAP_PORT)
- sprintf(ldap_connect, "%s://%s:%d", lud->lud_scheme,
- lud->lud_host, lud->lud_port);
- else
- sprintf(ldap_connect, "%s://%s", lud->lud_scheme,
- lud->lud_host);
- err = ldap_initialize(&connection, ldap_connect);
- if (err != LDAP_SUCCESS) {
- VANESSA_LOGGER_DEBUG_UNSAFE("ldap_initialize: %s",
- ldap_err2string(err));
+ connection = perdition_ldap_initialize(lud);
+ if (!connection) {
+ VANESSA_LOGGER_DEBUG("perdition_ldap_initialize");
goto leave;
}
-#else
- connection = ldap_init(lud->lud_host, lud->lud_port);
- if (!connection) {
- VANESSA_LOGGER_DEBUG_ERRNO("ldap_init");
- goto leave;
- }
-#endif
#ifdef WITH_LDAP_LUD_EXTS
/* Check extensions */
@@ -541,8 +613,6 @@
status = 0;
leave:
- if (ldap_connect)
- free(ldap_connect);
if (returns && status) {
for (count = 0; count < attrcount; count++)
if (returns[count] != NULL)