Alain Williams' patch for disabling LDAP referrals when requested.

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index d3535f71912ba2bb49e461a629f265a4595f07e1..4a1306d20e6f4795ab4f2ede856198c481cf62bc 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -1,4 +1,4 @@
-$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.378 2006/07/14 14:42:57 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.379 2006/07/17 09:18:09 ph10 Exp $
 
 Change log file for Exim from version 4.21
 -------------------------------------------
@@ -118,6 +118,9 @@ PH/21 Added a call to PQsetNoticeProcessor() to catch pgsql "notices" and
       output them only if debugging. By default they are written stderr,
       apparently, which is not desirable.
 
+PH/22 Added Alain Williams' LDAP patch to support setting REFERRALS=off on
+      queries.
+
 
 Exim version 4.62
 -----------------

diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff
index 1ec1bdd2cf5ee19784963327447da1be0e334917..35d3bde3069d57fcaf59cf366b1adebbf9934880 100644 (file)
--- a/doc/doc-txt/NewStuff
+++ b/doc/doc-txt/NewStuff
@@ -1,4 +1,4 @@
-$Cambridge: exim/doc/doc-txt/NewStuff,v 1.105 2006/07/13 13:53:32 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/NewStuff,v 1.106 2006/07/17 09:18:09 ph10 Exp $
 
 New Features in Exim
 --------------------
@@ -44,6 +44,10 @@ Version 4.63
    smtp_error_code option false. In this case, any SMTP code is quietly
    ignored.
 
+4. There is a new parameter for LDAP lookups called "referrals", which takes
+   one of the settings "follow" (the default) or "nofollow". The latter stops
+   the LDAP library from trying to follow referrals issued by the LDAP server.
+
 
 Version 4.62
 ------------

diff --git a/src/ACKNOWLEDGMENTS b/src/ACKNOWLEDGMENTS
index 7d73b0d1b349360ff6b5d7da8ea961cf6a4c9871..ae04331dd9ff5f8faadc7aebe05bc1846c63ab8c 100644 (file)
--- a/src/ACKNOWLEDGMENTS
+++ b/src/ACKNOWLEDGMENTS
@@ -1,4 +1,4 @@
-$Cambridge: exim/src/ACKNOWLEDGMENTS,v 1.52 2006/07/06 14:28:03 ph10 Exp $
+$Cambridge: exim/src/ACKNOWLEDGMENTS,v 1.53 2006/07/17 09:18:09 ph10 Exp $
 
 EXIM ACKNOWLEDGEMENTS
 
@@ -20,7 +20,7 @@ relatively small patches.
 Philip Hazel
 
 Lists created: 20 November 2002
-Last updated:  06 July 2006
+Last updated:  17 July 2006
 
 
 THE OLD LIST
@@ -253,6 +253,7 @@ Joachim Wieland           Patches for PostgreSQL socket support and other
                           Patch for hosts_avoid_esmtp
 Stephen Wilcox            Patch for ignore_enotdir problem
 Alain Williams            Suggested patch for exicyclog options
+                          PATCH for LDAP referrals option
 David Woodhouse           SQLite support proof of concept code
                           control=freeze/no_tell basic code
 Erik ?                    patch to use select() instead of poll() on OS X

diff --git a/src/src/lookups/ldap.c b/src/src/lookups/ldap.c
index 26fdb2ffc7e681ae1414f459db2aaa9dbb7908e3..55761977c5ad929e889fe8abf6e33dc354053dd6 100644 (file)
--- a/src/src/lookups/ldap.c
+++ b/src/src/lookups/ldap.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/lookups/ldap.c,v 1.11 2006/06/27 13:39:01 ph10 Exp $ */
+/* $Cambridge: exim/src/src/lookups/ldap.c,v 1.12 2006/07/17 09:18:09 ph10 Exp $ */
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
@@ -137,6 +137,7 @@ Arguments:
   tcplimit      max time for network activity, e.g. connect, or 0 for OS default
   deference     the dereference option, which is one of
                   LDAP_DEREF_{NEVER,SEARCHING,FINDING,ALWAYS}
+  referrals     the referral option, which is LDAP_OPT_ON or LDAP_OPT_OFF
 
 Returns:        OK or FAIL or DEFER
                 FAIL is given only if a lookup was performed successfully, but
@@ -146,7 +147,7 @@ Returns:        OK or FAIL or DEFER
 static int
 perform_ldap_search(uschar *ldap_url, uschar *server, int s_port, int search_type,
   uschar **res, uschar **errmsg, BOOL *defer_break, uschar *user, uschar *password,
-  int sizelimit, int timelimit, int tcplimit, int dereference)
+  int sizelimit, int timelimit, int tcplimit, int dereference, void *referrals)
 {
 LDAPURLDesc     *ludp = NULL;
 LDAPMessage     *result = NULL;
@@ -556,6 +557,14 @@ an LDAP library without LDAP_OPT_DEREF. */
 ldap_set_option(lcp->ld, LDAP_OPT_DEREF, (void *)&dereference);
 #endif
 
+/* Similarly for the referral setting; should the library follow referrals that
+the LDAP server returns? The conditional is just in case someone uses a library
+without it. */
+
+#if defined(LDAP_OPT_REFERRALS)
+ldap_set_option(lcp->ld, LDAP_OPT_REFERRALS, referrals);
+#endif
+
 /* Start the search on the server. */
 
 DEBUG(D_lookup) debug_printf("Start search\n");
@@ -977,8 +986,9 @@ BOOL defer_break = FALSE;
 int timelimit = LDAP_NO_LIMIT;
 int sizelimit = LDAP_NO_LIMIT;
 int tcplimit = 0;
-int dereference = LDAP_DEREF_NEVER;
 int sep = 0;
+int dereference = LDAP_DEREF_NEVER;
+void* referrals = LDAP_OPT_ON;
 uschar *url = ldap_url;
 uschar *p;
 uschar *user = NULL;
@@ -1032,7 +1042,29 @@ while (strncmpic(url, US"ldap", 4) != 0)
         DEBUG(D_lookup) debug_printf("%s\n", *errmsg);
         return DEFER;
         }
+      #endif
 
+      #ifdef LDAP_OPT_REFERRALS
+      else if (strncmpic(name, US"REFERRALS=", namelen) == 0)
+        {
+        if (strcmpic(value, US"follow") == 0) referrals = LDAP_OPT_ON;
+        else if (strcmpic(value, US"nofollow") == 0) referrals = LDAP_OPT_OFF;
+        else
+          {
+          *errmsg = string_sprintf("LDAP option REFERRALS is not \"follow\" "
+            "or \"nofollow\"");
+          DEBUG(D_lookup) debug_printf("%s\n", *errmsg);
+          return DEFER;
+          }
+        }
+      #else
+      else if (strncmpic(name, US"REFERRALS=", namelen) == 0)
+        {
+        *errmsg = string_sprintf("LDAP_OP_REFERRALS not defined in this LDAP "
+          "library - cannot use \"referrals\"");
+        DEBUG(D_lookup) debug_printf("%s\n", *errmsg);
+        return DEFER;
+        }
       #endif
 
       else
@@ -1081,8 +1113,8 @@ if (user != NULL)
 
 DEBUG(D_lookup)
   debug_printf("LDAP parameters: user=%s pass=%s size=%d time=%d connect=%d "
-    "dereference=%d\n", user, password, sizelimit, timelimit, tcplimit,
-    dereference);
+    "dereference=%d referrals=%s\n", user, password, sizelimit, timelimit,
+    tcplimit, dereference, (referrals == LDAP_OPT_ON)? "on" : "off");
 
 /* If the request is just to check authentication, some credentials must
 be given. The password must not be empty because LDAP binds with an empty
@@ -1119,7 +1151,8 @@ if (Ustrncmp(p, "://", 3) != 0)
 if (eldap_default_servers == NULL || p[3] != '/')
   {
   return perform_ldap_search(url, NULL, 0, search_type, res, errmsg,
-    &defer_break, user, password, sizelimit, timelimit, tcplimit, dereference);
+    &defer_break, user, password, sizelimit, timelimit, tcplimit, dereference,
+    referrals);
   }
 
 /* Loop through the default servers until OK or FAIL */
@@ -1136,7 +1169,8 @@ while ((server = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL
     port = Uatoi(colon+1);
     }
   rc = perform_ldap_search(url, server, port, search_type, res, errmsg,
-    &defer_break, user, password, sizelimit, timelimit, tcplimit, dereference);
+    &defer_break, user, password, sizelimit, timelimit, tcplimit, dereference,
+    referrals);
   if (rc != DEFER || defer_break) return rc;
   }
 

diff --git a/test/scripts/9000-LDAP/9000 b/test/scripts/9000-LDAP/9000
index 0924b79a5063e6da67d7d7438a8ebf9094fb5a12..2bfedbf0017d528dead1cae03bc3f779553e9bcd 100644 (file)
--- a/test/scripts/9000-LDAP/9000
+++ b/test/scripts/9000-LDAP/9000
@@ -173,3 +173,8 @@ exim -be
 Expect ldap_search to fail
 ${lookup ldap {ldap:///o=top?mailRoutingAddress,mailHost,objectClass?sub?(&(mailLocalAddress=3-1546081-domain.net?wendling@stderr.efficientimpacte.com)(objectClass=inetLocalMailRecipient))}{$value}fail}
 ****
+exim -d -be
+Expect "Hazel" - checking referrals syntax
+\${lookup ldap {time=1 referrals=nofollow ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)}{\$value}fail}
+${lookup ldap {time=1 referrals=nofollow ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)}{$value}fail}
+****

diff --git a/test/stderr/9000 b/test/stderr/9000
index 346684915d8596380c1fbdf98cf46bb8f3c84f67..17fbb42548184684bbcb5f1bfda5b51205758c73 100644 (file)
--- a/test/stderr/9000
+++ b/test/stderr/9000
@@ -28,7 +28,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
-LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0 referrals=on
 perform_ldap_search: ldap URL = "ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=NULL port=389
 ldap_initialize with URL ldap://:389/
@@ -52,7 +52,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
-LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0 referrals=on
 perform_ldap_search: ldap URL = "ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=/tmp/ldap.sock port=0
 ldap_initialize with URL ldapi://%2Ftmp%2Fldap.sock
@@ -84,7 +84,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="ldap://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldap://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
-LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0 referrals=on
 perform_ldap_search: ldap URL = "ldap://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=/tmp/ldap.sock port=389
 re-using cached connection to LDAP server /tmp/ldap.sock
@@ -105,7 +105,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="ldaps://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldaps://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
-LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0 referrals=on
 perform_ldap_search: ldap URL = "ldaps://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=/tmp/ldap.sock port=636
 re-using cached connection to LDAP server /tmp/ldap.sock
@@ -126,7 +126,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="user="cn=manager,o=University of Cambridge,c=UK" pass=secret ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for user="cn=manager,o=University of Cambridge,c=UK" pass=secret ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
-LDAP parameters: user=cn=manager,o=University of Cambridge,c=UK pass=secret size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=cn=manager,o=University of Cambridge,c=UK pass=secret size=sss time=0 connect=0 dereference=0 referrals=on
 perform_ldap_search: ldap URL = "ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=127.0.0.1 port=636
 ldap_initialize with URL ldaps://127.0.0.1:636/
@@ -150,7 +150,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="user="cn=manager,o=University of Cambridge,c=UK" pass="secret" ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for user="cn=manager,o=University of Cambridge,c=UK" pass="secret" ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
-LDAP parameters: user=cn=manager,o=University of Cambridge,c=UK pass=secret size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=cn=manager,o=University of Cambridge,c=UK pass=secret size=sss time=0 connect=0 dereference=0 referrals=on
 perform_ldap_search: ldap URL = "ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=127.0.0.1 port=636
 re-using cached connection to LDAP server 127.0.0.1:636
@@ -178,7 +178,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
-LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0 referrals=on
 perform_ldap_search: ldap URL = "ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=127.0.0.1 port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=127.0.0.1 port=0
 ldap_initialize with URL ldap://127.0.0.1:389/
@@ -202,7 +202,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
-LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0 referrals=on
 perform_ldap_search: ldap URL = "ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=/tmp/ldap.sock port=0
 ldap_initialize with URL ldapi://%2Ftmp%2Fldap.sock
@@ -231,7 +231,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
-LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0 referrals=on
 perform_ldap_search: ldap URL = "ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=/tmp/ldap.sock port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=/tmp/ldap.sock port=0
 ldap_initialize with URL ldapi://%2Ftmp%2Fldap.sock
@@ -254,7 +254,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
-LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0 referrals=on
 perform_ldap_search: ldap URL = "ldapi://%2Ftmp%2Fldap.sock/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=/tmp/ldap.sock port=0
 re-using cached connection to LDAP server /tmp/ldap.sock
@@ -275,7 +275,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="dereference=always ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for dereference=always ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
-LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=3
+LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=3 referrals=on
 perform_ldap_search: ldap URL = "ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=/tmp/ldap.sock port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=/tmp/ldap.sock port=0
 re-using cached connection to LDAP server /tmp/ldap.sock
@@ -296,7 +296,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="ldapi://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for ldapi://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
-LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=NULL pass=NULL size=sss time=0 connect=0 dereference=0 referrals=on
 perform_ldap_search: ldap URL = "ldapi://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=127.0.0.1 port=0
 ldapi requires an absolute path ("127.0.0.1" given)
@@ -309,7 +309,7 @@ LRU list:
 internal_search_find: file="NULL"
   type=ldap key="user="cn=manager,o=University of Cambridge,c=UK" pass="se\"cret" ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
 database lookup required for user="cn=manager,o=University of Cambridge,c=UK" pass="se\"cret" ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
-LDAP parameters: user=cn=manager,o=University of Cambridge,c=UK pass=se"cret size=sss time=0 connect=0 dereference=0
+LDAP parameters: user=cn=manager,o=University of Cambridge,c=UK pass=se"cret size=sss time=0 connect=0 dereference=0 referrals=on
 perform_ldap_search: ldap URL = "ldaps://127.0.0.1/o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0
 after ldap_url_parse: host=127.0.0.1 port=636
 ldap_initialize with URL ldaps://127.0.0.1:636/
@@ -322,3 +322,36 @@ search_tidyup called
 unbind LDAP connection to 127.0.0.1:636
 unbind LDAP connection to /tmp/ldap.sock:389
 >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>>
+Exim version x.yz ....
+changed uid/gid: -C, -D, -be or -bf forces real uid
+  uid=CALLER_UID gid=CALLER_GID pid=pppp
+configuration file is TESTSUITE/test-config
+admin user
+originator: uid=CALLER_UID gid=CALLER_GID login=CALLER name=CALLER_NAME
+sender address = CALLER@myhost.test.ex
+search_open: ldap "NULL"
+search_find: file="NULL"
+  key="time=1 referrals=nofollow ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" partial=-1 affix=NULL starflags=0
+LRU list:
+internal_search_find: file="NULL"
+  type=ldap key="time=1 referrals=nofollow ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)"
+database lookup required for time=1 referrals=nofollow ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)
+LDAP parameters: user=NULL pass=NULL size=sss time=1 connect=0 dereference=0 referrals=off
+perform_ldap_search: ldap URL = "ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)" server=NULL port=0 sizelimit=0 timelimit=1 tcplimit=0
+after ldap_url_parse: host=NULL port=389
+ldap_initialize with URL ldap://:389/
+initialized for LDAP (v3) server NULL:389
+LDAP_OPT_X_TLS_TRY set
+binding with user=NULL password=NULL
+Start search
+ldap_result loop
+LDAP entry loop
+LDAP attr loop sn:Hazel
+search ended by ldap_result yielding 101
+ldap_parse_result: 0
+ldap_parse_result yielded 0: Success
+LDAP search: returning: Hazel
+lookup yielded: Hazel
+search_tidyup called
+unbind LDAP connection to NULL:389
+>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>>

diff --git a/test/stdout/9000 b/test/stdout/9000
index cfd0c21020563f514ea6b46cfcc1afa41b7766d0..b492cddbf0f80fc4c530da6d09b40a0463717c76 100644 (file)
--- a/test/stdout/9000
+++ b/test/stdout/9000
@@ -177,3 +177,7 @@ cn="P Hazel, Phil Hazel" sn="Hazel" objectClass="person"
 > Expect ldap_search to fail
 > Failed: lookup of "ldap:///o=top?mailRoutingAddress,mailHost,objectClass?sub?(&(mailLocalAddress=3-1546081-domain.net?wendling@stderr.efficientimpacte.com)(objectClass=inetLocalMailRecipient))" gave DEFER: ldap_search failed: -7, Bad search filter
 > 
+> Expect "Hazel" - checking referrals syntax
+> ${lookup ldap {time=1 referrals=nofollow ldap:///o=University%20of%20Cambridge,c=UK?sn?sub?(cn=Philip%20Hazel)}{$value}fail}
+> Hazel
+>