On Wed, Jun 22, 2005 at 11:31:06PM -0700, Michael Hall wrote: > On Tue, Jun 21, 2005 at 03:45:55PM +0200, Timo Veith wrote: > > > Hello amavis list readers, > > > > I want to suggest writing a little more about how to setuo a SSL > > connection in the LDAP section of the README.lookups file. It took me a > > considerable amount of time to find out that port 636 (default ssl port > > for ldaps) is not being used, although I specified ldaps://<ip>. > > > > With ldapsearch (from the openldap tools) this is the default behaviour, > > thus I thought it would also be the case with amavisd-new. ldaps didn't > > work until I also specified port 636 explicitly. > > > > This is my proposal: > > > > ,---[ README.lookups ]----------------------------------------------- > > > > ... > > > > Definitions and default values of LDAP parameters. > > > > hostname : The hostname or IP address of the LDAP server to > > connect to. A TCP port may be specified after the > > host name followed by a colon (ex. localhost:389). > > You can also specify a URI, such as: > > 'ldaps://127.0.0.1:666' or > > 'ldapi://%2Fvar%2Frun%2Fopenldap%2Fldapi/'. > > May also be a reference to an array of hosts, > > host:port pairs, or URI's, each will be tried in > > order until a connection is made. > > (Default = 'localhost') > > For ldaps you must specify the port where your ldap > > server listens for SSL connections. Do this within > > the URI or see the next parameter 'port'. > > > > ... > > > > `-------------------------------------------------------------------- > > > > Another alternative would be to switch the default port to 636 if someone > > speficies ldaps://... > > I've submitted an update to the code to set the default port to 636 if > SSL/TLS (tls => 1) is specified.
Arrgh, this is incorrect, SSL != TLS. I've modified the code and will submit a new patch to set the default port to 636 if 'ldaps://...' is specifed in the hostname. -- Hard work pays off in the future. Laziness pays off now. Mike Hall, System Admin - Rock Island Communications <[EMAIL PROTECTED]> System Admin - riverside.org, ssdd.org <[EMAIL PROTECTED]> ------------------------------------------------------- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
