Alain Williams' patch for disabling LDAP referrals when requested.

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index d3535f71912ba2bb49e461a629f265a4595f07e1..4a1306d20e6f4795ab4f2ede856198c481cf62bc 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -1,4 +1,4 @@
-$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.378 2006/07/14 14:42:57 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.379 2006/07/17 09:18:09 ph10 Exp $

 
 Change log file for Exim from version 4.21
 -------------------------------------------
 
 Change log file for Exim from version 4.21
 -------------------------------------------


@@ -118,6 +118,9 @@ PH/21 Added a call to PQsetNoticeProcessor() to catch pgsql "notices" and
       output them only if debugging. By default they are written stderr,
       apparently, which is not desirable.
 
       output them only if debugging. By default they are written stderr,
       apparently, which is not desirable.
 

+PH/22 Added Alain Williams' LDAP patch to support setting REFERRALS=off on
+      queries.
+

 
 Exim version 4.62
 -----------------
 
 Exim version 4.62
 -----------------

diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff
index 1ec1bdd2cf5ee19784963327447da1be0e334917..35d3bde3069d57fcaf59cf366b1adebbf9934880 100644 (file)
--- a/doc/doc-txt/NewStuff
+++ b/doc/doc-txt/NewStuff
@@ -1,4 +1,4 @@
-$Cambridge: exim/doc/doc-txt/NewStuff,v 1.105 2006/07/13 13:53:32 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/NewStuff,v 1.106 2006/07/17 09:18:09 ph10 Exp $

 
 New Features in Exim
 --------------------
 
 New Features in Exim
 --------------------


@@ -44,6 +44,10 @@ Version 4.63
    smtp_error_code option false. In this case, any SMTP code is quietly
    ignored.
 
    smtp_error_code option false. In this case, any SMTP code is quietly
    ignored.
 

+4. There is a new parameter for LDAP lookups called "referrals", which takes
+   one of the settings "follow" (the default) or "nofollow". The latter stops
+   the LDAP library from trying to follow referrals issued by the LDAP server.
+

 
 Version 4.62
 ------------
 
 Version 4.62
 ------------

diff --git a/src/ACKNOWLEDGMENTS b/src/ACKNOWLEDGMENTS
index 7d73b0d1b349360ff6b5d7da8ea961cf6a4c9871..ae04331dd9ff5f8faadc7aebe05bc1846c63ab8c 100644 (file)
--- a/src/ACKNOWLEDGMENTS
+++ b/src/ACKNOWLEDGMENTS
@@ -1,4 +1,4 @@
-$Cambridge: exim/src/ACKNOWLEDGMENTS,v 1.52 2006/07/06 14:28:03 ph10 Exp $
+$Cambridge: exim/src/ACKNOWLEDGMENTS,v 1.53 2006/07/17 09:18:09 ph10 Exp $

 
 EXIM ACKNOWLEDGEMENTS
 
 
 EXIM ACKNOWLEDGEMENTS
 


@@ -20,7 +20,7 @@ relatively small patches.
 Philip Hazel
 
 Lists created: 20 November 2002
 Philip Hazel
 
 Lists created: 20 November 2002

-Last updated:  06 July 2006
+Last updated:  17 July 2006

 
 
 THE OLD LIST
 
 
 THE OLD LIST


@@ -253,6 +253,7 @@ Joachim Wieland           Patches for PostgreSQL socket support and other
                           Patch for hosts_avoid_esmtp
 Stephen Wilcox            Patch for ignore_enotdir problem
 Alain Williams            Suggested patch for exicyclog options
                           Patch for hosts_avoid_esmtp
 Stephen Wilcox            Patch for ignore_enotdir problem
 Alain Williams            Suggested patch for exicyclog options

+                          PATCH for LDAP referrals option

 David Woodhouse           SQLite support proof of concept code
                           control=freeze/no_tell basic code
 Erik ?                    patch to use select() instead of poll() on OS X
 David Woodhouse           SQLite support proof of concept code
                           control=freeze/no_tell basic code
 Erik ?                    patch to use select() instead of poll() on OS X

diff --git a/src/src/lookups/ldap.c b/src/src/lookups/ldap.c
index 26fdb2ffc7e681ae1414f459db2aaa9dbb7908e3..55761977c5ad929e889fe8abf6e33dc354053dd6 100644 (file)
--- a/src/src/lookups/ldap.c
+++ b/src/src/lookups/ldap.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/lookups/ldap.c,v 1.11 2006/06/27 13:39:01 ph10 Exp $ */
+/* $Cambridge: exim/src/src/lookups/ldap.c,v 1.12 2006/07/17 09:18:09 ph10 Exp $ */

 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *


@@ -137,6 +137,7 @@ Arguments:
   tcplimit      max time for network activity, e.g. connect, or 0 for OS default
   deference     the dereference option, which is one of
                   LDAP_DEREF_{NEVER,SEARCHING,FINDING,ALWAYS}
   tcplimit      max time for network activity, e.g. connect, or 0 for OS default
   deference     the dereference option, which is one of
                   LDAP_DEREF_{NEVER,SEARCHING,FINDING,ALWAYS}

+  referrals     the referral option, which is LDAP_OPT_ON or LDAP_OPT_OFF

 
 Returns:        OK or FAIL or DEFER
                 FAIL is given only if a lookup was performed successfully, but
 
 Returns:        OK or FAIL or DEFER
                 FAIL is given only if a lookup was performed successfully, but


@@ -146,7 +147,7 @@ Returns:        OK or FAIL or DEFER
 static int
 perform_ldap_search(uschar *ldap_url, uschar *server, int s_port, int search_type,
   uschar **res, uschar **errmsg, BOOL *defer_break, uschar *user, uschar *password,
 static int
 perform_ldap_search(uschar *ldap_url, uschar *server, int s_port, int search_type,
   uschar **res, uschar **errmsg, BOOL *defer_break, uschar *user, uschar *password,

-  int sizelimit, int timelimit, int tcplimit, int dereference)
+  int sizelimit, int timelimit, int tcplimit, int dereference, void *referrals)

 {
 LDAPURLDesc     *ludp = NULL;
 LDAPMessage     *result = NULL;
 {
 LDAPURLDesc     *ludp = NULL;
 LDAPMessage     *result = NULL;


@@ -556,6 +557,14 @@ an LDAP library without LDAP_OPT_DEREF. */
 ldap_set_option(lcp->ld, LDAP_OPT_DEREF, (void *)&dereference);
 #endif
 
 ldap_set_option(lcp->ld, LDAP_OPT_DEREF, (void *)&dereference);
 #endif
 

+/* Similarly for the referral setting; should the library follow referrals that
+the LDAP server returns? The conditional is just in case someone uses a library
+without it. */
+
+#if defined(LDAP_OPT_REFERRALS)
+ldap_set_option(lcp->ld, LDAP_OPT_REFERRALS, referrals);
+#endif
+

 /* Start the search on the server. */
 
 DEBUG(D_lookup) debug_printf("Start search\n");
 /* Start the search on the server. */
 
 DEBUG(D_lookup) debug_printf("Start search\n");


@@ -977,8 +986,9 @@ BOOL defer_break = FALSE;
 int timelimit = LDAP_NO_LIMIT;
 int sizelimit = LDAP_NO_LIMIT;
 int tcplimit = 0;
 int timelimit = LDAP_NO_LIMIT;
 int sizelimit = LDAP_NO_LIMIT;
 int tcplimit = 0;

-int dereference = LDAP_DEREF_NEVER;

 int sep = 0;
 int sep = 0;

+int dereference = LDAP_DEREF_NEVER;
+void* referrals = LDAP_OPT_ON;

 uschar *url = ldap_url;
 uschar *p;
 uschar *user = NULL;
 uschar *url = ldap_url;
 uschar *p;
 uschar *user = NULL;


@@ -1032,7 +1042,29 @@ while (strncmpic(url, US"ldap", 4) != 0)
         DEBUG(D_lookup) debug_printf("%s\n", *errmsg);
         return DEFER;
         }
         DEBUG(D_lookup) debug_printf("%s\n", *errmsg);
         return DEFER;
         }

+      #endif

 
 

+      #ifdef LDAP_OPT_REFERRALS
+      else if (strncmpic(name, US"REFERRALS=", namelen) == 0)
+        {
+        if (strcmpic(value, US"follow") == 0) referrals = LDAP_OPT_ON;
+        else if (strcmpic(value, US"nofollow") == 0) referrals = LDAP_OPT_OFF;
+        else
+          {
+          *errmsg = string_sprintf("LDAP option REFERRALS is not \"follow\" "
+            "or \"nofollow\"");
+          DEBUG(D_lookup) debug_printf("%s\n", *errmsg);
+          return DEFER;
+          }
+        }
+      #else
+      else if (strncmpic(name, US"REFERRALS=", namelen) == 0)
+        {
+        *errmsg = string_sprintf("LDAP_OP_REFERRALS not defined in this LDAP "
+          "library - cannot use \"referrals\"");
+        DEBUG(D_lookup) debug_printf("%s\n", *errmsg);
+        return DEFER;
+        }

       #endif
 
       else
       #endif
 
       else


@@ -1081,8 +1113,8 @@ if (user != NULL)
 
 DEBUG(D_lookup)
   debug_printf("LDAP parameters: user=%s pass=%s size=%d time=%d connect=%d "
 
 DEBUG(D_lookup)
   debug_printf("LDAP parameters: user=%s pass=%s size=%d time=%d connect=%d "

-    "dereference=%d\n", user, password, sizelimit, timelimit, tcplimit,
-    dereference);
+    "dereference=%d referrals=%s\n", user, password, sizelimit, timelimit,
+    tcplimit, dereference, (referrals == LDAP_OPT_ON)? "on" : "off");

 
 /* If the request is just to check authentication, some credentials must
 be given. The password must not be empty because LDAP binds with an empty
 
 /* If the request is just to check authentication, some credentials must
 be given. The password must not be empty because LDAP binds with an empty


@@ -1119,7 +1151,8 @@ if (Ustrncmp(p, "://", 3) != 0)
 if (eldap_default_servers == NULL || p[3] != '/')
   {
   return perform_ldap_search(url, NULL, 0, search_type, res, errmsg,
 if (eldap_default_servers == NULL || p[3] != '/')
   {
   return perform_ldap_search(url, NULL, 0, search_type, res, errmsg,

-    &defer_break, user, password, sizelimit, timelimit, tcplimit, dereference);
+    &defer_break, user, password, sizelimit, timelimit, tcplimit, dereference,
+    referrals);

   }
 
 /* Loop through the default servers until OK or FAIL */
   }
 
 /* Loop through the default servers until OK or FAIL */


@@ -1136,7 +1169,8 @@ while ((server = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL
     port = Uatoi(colon+1);
     }
   rc = perform_ldap_search(url, server, port, search_type, res, errmsg,
     port = Uatoi(colon+1);
     }
   rc = perform_ldap_search(url, server, port, search_type, res, errmsg,

-    &defer_break, user, password, sizelimit, timelimit, tcplimit, dereference);
+    &defer_break, user, password, sizelimit, timelimit, tcplimit, dereference,
+    referrals);

   if (rc != DEFER || defer_break) return rc;
   }
 
   if (rc != DEFER || defer_break) return rc;
   }
 

diff --git a/test/scripts/9000-LDAP/9000 b/test/scripts/9000-LDAP/9000
index 0924b79a5063e6da67d7d7438a8ebf9094fb5a12..2bfedbf0017d528dead1cae03bc3f779553e9bcd 100644 (file)
--- a/test/scripts/9000-LDAP/9000
+++ b/test/scripts/9000-LDAP/9000
@@ -173,3 +173,8 @@ exim -be
 Expect ldap_search to fail
 ${lookup ldap {ldap:///o=top?mailRoutingAddress,mailHost,objectClass?sub?(&(mailLocalAddress=3-1546081-domain.net?wendling@stderr.efficientimpacte.com)(objectClass=inetLocalMailRecipient))}{$value}fail}
 ****
 Expect ldap_search to fail
 ${lookup ldap {ldap:///o=top?mailRoutingAddress,mailHost,objectClass?sub?(&(mailLocalAddress=3-1546081-domain.net?wendling@stderr.efficientimpacte.com)(objectClass=inetLocalMailRecipient))}{$value}fail}
 ****

+exim -d -be
+Expect "Hazel" - checking referrals syntax
+\${lookup ldap {time=1 referrals=nofollow ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)}{\$value}fail}
+${lookup ldap {time=1 referrals=nofollow ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)}{$value}fail}
+****

diff --git a/test/stderr/9000 b/test/stderr/9000
index 346684915d8596380c1fbdf98cf46bb8f3c84f67..17fbb42548184684bbcb5f1bfda5b51205758c73 100644 (file)
--- a/test/stderr/9000
+++ b/test/stderr/9000
@@ -28,7 +28,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
 internal_search_find: file="NULL"
   type=ldap key="ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)

-LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0 referrals=on

 perform_ldap_search: ldap URL = "ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=NULL port=389
 ldap_initialize with URL ldap://:389/
 perform_ldap_search: ldap URL = "ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=NULL port=389
 ldap_initialize with URL ldap://:389/


@@ -52,7 +52,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
 internal_search_find: file="NULL"
   type=ldap key="ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)

-LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0 referrals=on

 perform_ldap_search: ldap URL = "ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=/tmp/ldap.sock port=0
 ldap_initialize with URL ldapi://%2Ftmp%2Fldap.sock
 perform_ldap_search: ldap URL = "ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=/tmp/ldap.sock port=0
 ldap_initialize with URL ldapi://%2Ftmp%2Fldap.sock


@@ -84,7 +84,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="ldap://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldap://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
 internal_search_find: file="NULL"
   type=ldap key="ldap://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldap://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)

-LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0 referrals=on

 perform_ldap_search: ldap URL = "ldap://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=/tmp/ldap.sock port=389
 re-using cached connection to LDAP server /tmp/ldap.sock
 perform_ldap_search: ldap URL = "ldap://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=/tmp/ldap.sock port=389
 re-using cached connection to LDAP server /tmp/ldap.sock


@@ -105,7 +105,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="ldaps://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldaps://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
 internal_search_find: file="NULL"
   type=ldap key="ldaps://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldaps://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)

-LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0 referrals=on

 perform_ldap_search: ldap URL = "ldaps://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=/tmp/ldap.sock port=636
 re-using cached connection to LDAP server /tmp/ldap.sock
 perform_ldap_search: ldap URL = "ldaps://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=/tmp/ldap.sock port=636
 re-using cached connection to LDAP server /tmp/ldap.sock


@@ -126,7 +126,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="user="cn=manager,o=University of Cambridge,c=UK" pass=secret ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for user="cn=manager,o=University of Cambridge,c=UK" pass=secret ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
 internal_search_find: file="NULL"
   type=ldap key="user="cn=manager,o=University of Cambridge,c=UK" pass=secret ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for user="cn=manager,o=University of Cambridge,c=UK" pass=secret ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)

-LDAP parameters: user=cn=manager,o=University of Cambridge,c=UK pass=secret size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=cn=manager,o=University of Cambridge,c=UK pass=secret size=sss time=0 connect=0 dereference=0 referrals=on

 perform_ldap_search: ldap URL = "ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=127.0.0.1 port=636
 ldap_initialize with URL ldaps://127.0.0.1:636/
 perform_ldap_search: ldap URL = "ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=127.0.0.1 port=636
 ldap_initialize with URL ldaps://127.0.0.1:636/


@@ -150,7 +150,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="user="cn=manager,o=University of Cambridge,c=UK" pass="secret" ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for user="cn=manager,o=University of Cambridge,c=UK" pass="secret" ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
 internal_search_find: file="NULL"
   type=ldap key="user="cn=manager,o=University of Cambridge,c=UK" pass="secret" ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for user="cn=manager,o=University of Cambridge,c=UK" pass="secret" ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)

-LDAP parameters: user=cn=manager,o=University of Cambridge,c=UK pass=secret size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=cn=manager,o=University of Cambridge,c=UK pass=secret size=sss time=0 connect=0 dereference=0 referrals=on

 perform_ldap_search: ldap URL = "ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=127.0.0.1 port=636
 re-using cached connection to LDAP server 127.0.0.1:636
 perform_ldap_search: ldap URL = "ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=127.0.0.1 port=636
 re-using cached connection to LDAP server 127.0.0.1:636


@@ -178,7 +178,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
 internal_search_find: file="NULL"
   type=ldap key="ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)

-LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0 referrals=on

 perform_ldap_search: ldap URL = "ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=127.0.0.1 port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=127.0.0.1 port=0
 ldap_initialize with URL ldap://127.0.0.1:389/
 perform_ldap_search: ldap URL = "ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=127.0.0.1 port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=127.0.0.1 port=0
 ldap_initialize with URL ldap://127.0.0.1:389/


@@ -202,7 +202,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
 internal_search_find: file="NULL"
   type=ldap key="ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)

-LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0 referrals=on

 perform_ldap_search: ldap URL = "ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=/tmp/ldap.sock port=0
 ldap_initialize with URL ldapi://%2Ftmp%2Fldap.sock
 perform_ldap_search: ldap URL = "ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=/tmp/ldap.sock port=0
 ldap_initialize with URL ldapi://%2Ftmp%2Fldap.sock


@@ -231,7 +231,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
 internal_search_find: file="NULL"
   type=ldap key="ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)

-LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0 referrals=on

 perform_ldap_search: ldap URL = "ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=/tmp/ldap.sock port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=/tmp/ldap.sock port=0
 ldap_initialize with URL ldapi://%2Ftmp%2Fldap.sock
 perform_ldap_search: ldap URL = "ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=/tmp/ldap.sock port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=/tmp/ldap.sock port=0
 ldap_initialize with URL ldapi://%2Ftmp%2Fldap.sock


@@ -254,7 +254,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
 internal_search_find: file="NULL"
   type=ldap key="ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)

-LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0 referrals=on

 perform_ldap_search: ldap URL = "ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=/tmp/ldap.sock port=0
 re-using cached connection to LDAP server /tmp/ldap.sock
 perform_ldap_search: ldap URL = "ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=/tmp/ldap.sock port=0
 re-using cached connection to LDAP server /tmp/ldap.sock


@@ -275,7 +275,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="dereference=always ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for dereference=always ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
 internal_search_find: file="NULL"
   type=ldap key="dereference=always ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for dereference=always ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)

-LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=3
+LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=3 referrals=on

 perform_ldap_search: ldap URL = "ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=/tmp/ldap.sock port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=/tmp/ldap.sock port=0
 re-using cached connection to LDAP server /tmp/ldap.sock
 perform_ldap_search: ldap URL = "ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=/tmp/ldap.sock port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=/tmp/ldap.sock port=0
 re-using cached connection to LDAP server /tmp/ldap.sock


@@ -296,7 +296,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="ldapi://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldapi://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
 internal_search_find: file="NULL"
   type=ldap key="ldapi://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldapi://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)

-LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0 referrals=on

 perform_ldap_search: ldap URL = "ldapi://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=127.0.0.1 port=0
 ldapi requires an absolute path ("127.0.0.1" given)
 perform_ldap_search: ldap URL = "ldapi://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=127.0.0.1 port=0
 ldapi requires an absolute path ("127.0.0.1" given)


@@ -309,7 +309,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="user="cn=manager,o=University of Cambridge,c=UK" pass="se\"cret" ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for user="cn=manager,o=University of Cambridge,c=UK" pass="se\"cret" ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
 internal_search_find: file="NULL"
   type=ldap key="user="cn=manager,o=University of Cambridge,c=UK" pass="se\"cret" ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for user="cn=manager,o=University of Cambridge,c=UK" pass="se\"cret" ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)

-LDAP parameters: user=cn=manager,o=University of Cambridge,c=UK pass=se"cret size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=cn=manager,o=University of Cambridge,c=UK pass=se"cret size=sss time=0 connect=0 dereference=0 referrals=on

 perform_ldap_search: ldap URL = "ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=127.0.0.1 port=636
 ldap_initialize with URL ldaps://127.0.0.1:636/
 perform_ldap_search: ldap URL = "ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=127.0.0.1 port=636
 ldap_initialize with URL ldaps://127.0.0.1:636/


@@ -322,3 +322,36 @@ search_tidyup called
 unbind LDAP connection to 127.0.0.1:636
 unbind LDAP connection to /tmp/ldap.sock:389
 >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>>
 unbind LDAP connection to 127.0.0.1:636
 unbind LDAP connection to /tmp/ldap.sock:389
 >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>>

+Exim version x.yz ....
+changed uid/gid: -C, -D, -be or -bf forces real uid
+  uid=CALLER_UID gid=CALLER_GID pid=pppp
+configuration file is TESTSUITE/test-config
+admin user
+originator: uid=CALLER_UID gid=CALLER_GID login=CALLER name=CALLER_NAME
+sender address = CALLER@myhost.test.ex
+search_open: ldap "NULL"
+search_find: file="NULL"
+  key="time=1 referrals=nofollow ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" partial=-1 affix=NULL starflags=0
+LRU list:
+internal_search_find: file="NULL"
+  type=ldap key="time=1 referrals=nofollow ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
+database lookup required for time=1 referrals=nofollow ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
+LDAP parameters: user=NULL pass=NULL size=sss time=1 connect=0 dereference=0 referrals=off
+perform_ldap_search: ldap URL = "ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=1 tcplimit=0
+after ldap_url_parse: host=NULL port=389
+ldap_initialize with URL ldap://:389/
+initialized for LDAP (v3) server NULL:389
+LDAP_OPT_X_TLS_TRY set
+binding with user=NULL password=NULL
+Start search
+ldap_result loop
+LDAP entry loop
+LDAP attr loop sn:Hazel
+search ended by ldap_result yielding 101
+ldap_parse_result: 0
+ldap_parse_result yielded 0: Success
+LDAP search: returning: Hazel
+lookup yielded: Hazel
+search_tidyup called
+unbind LDAP connection to NULL:389
+>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>>

diff --git a/test/stdout/9000 b/test/stdout/9000
index cfd0c21020563f514ea6b46cfcc1afa41b7766d0..b492cddbf0f80fc4c530da6d09b40a0463717c76 100644 (file)
--- a/test/stdout/9000
+++ b/test/stdout/9000
@@ -177,3 +177,7 @@ cn="P Hazel, Phil Hazel" sn="Hazel" objectClass="person"
 > Expect ldap_search to fail
 > Failed: lookup of "ldap:///o=top?mailRoutingAddress,mailHost,objectClass?sub?(&(mailLocalAddress=3-1546081-domain.net?wendling@stderr.efficientimpacte.com)(objectClass=inetLocalMailRecipient))" gave DEFER: ldap_search failed: -7, Bad search filter
 > 
 > Expect ldap_search to fail
 > Failed: lookup of "ldap:///o=top?mailRoutingAddress,mailHost,objectClass?sub?(&(mailLocalAddress=3-1546081-domain.net?wendling@stderr.efficientimpacte.com)(objectClass=inetLocalMailRecipient))" gave DEFER: ldap_search failed: -7, Bad search filter
 > 

+> Expect "Hazel" - checking referrals syntax
+> ${lookup ldap {time=1 referrals=nofollow ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)}{$value}fail}
+> Hazel
+>