To the PerlDAP experts... I have built perldap 1.4.1 on a linux box against both the Netscape LDAP C 3.0 and 4.1 SDKs (no, not simultaneously). I have also written two basic search clients, one in C and one in Perl. They work great when connecting to an LDAP server on port 389. So far so good.
I have also modified those same client programs to connect via SSL to a non-standard port (22636), using my cert7.db and my LDAP username and password. (I've attached the sources for your perusal/amusement.) The C source compiles and runs fine. The equivalent Perl script exits with an error. To debug the problem, I wrote the Perl script to use Mozilla::LDAP::API, so that it would look very much like my C code. Here is its output: % ./mozapi.pl ldap_simple_bind_s: [81] Can't contact LDAP server Now, this sounds like the program is simply unable to reach the server, but I don't know exactly what causes this error code. I tried emulating this in the C code by changing the port and hostname, but doing so returns a slightly different error code: % a.out // using an intentionally bad hostname ldap_simple_bind_s: [91] Can't connect to the LDAP server Is this a bug in perldap? Does perldap not support versions 3.0 or 4.1 of the NS LDAP SDK? Any advice would be appreciated. Thanks, -- Trevor Leffler, Software Developer PETTT / Ed-Tech Development Group Educational Partnerships & Learning Technologies University of Washington
ldaps_test.c
Description: MS-Word document
#!/usr/local/bin/perl -w
# This is a simple search client in Perl. It uses the low-level C API calls
# to 1) emulate the C version and 2) help debug SSL problems. You would
# normally do this OO-style via Mozilla::LDAP::Connect. Again, this does a
# ONELEVEL search, not a SUB search, so provide the right FIND_DN for your
# FIND_FILTER.
#
# I've tested this with PerlDAP that's been build against NS LDAP SDKs 3.0 and
# 4.1 for linux.
#
# Trevor Leffler
# 07/16/2002
use strict;
use Mozilla::LDAP::API qw(/.+/);
# Fill out the blanks for your LDAP environment.
# Leave CERT7, BIND_DN, and BIND_PW blank to connect w/o SSL.
use constant LDAPS_SERVER => "";
use constant CERT7 => "";
use constant BIND_DN => "";
use constant BIND_PW => "";
use constant FIND_DN => "";
use constant FIND_FILTER => "";
#######################################
## "Main" ##
#######################################
my $ld = undef;
my $result = undef;
my $ber = undef;
my $rc = undef;
if (CERT7) {
if (ldapssl_client_init(CERT7, 0) < 0) {
print("Failed to initialize SSL client...\n");
exit(1);
}
# get a handle to an LDAP connection
my $ld = ldapssl_init(LDAPS_SERVER, LDAPS_PORT, 1) or die "ldapssl_init: $!\n";
} else {
$ld = ldap_init(LDAPS_SERVER, LDAP_PORT) or die "ldap_init: $!\n";
}
# authenticate
$rc = ldap_simple_bind_s($ld, BIND_DN, BIND_PW);
if ($rc != LDAP_SUCCESS) {
printf STDERR "ldap_simple_bind_s: [$rc] %s\n", ldap_err2string($rc);
exit(1);
}
# search for the entry
# (I couldn't quite get ldap_search_ext_s() to work.)
if ( ($rc = ldap_search_s($ld, FIND_DN, LDAP_SCOPE_ONELEVEL, FIND_FILTER,
undef, 0, $result)) != LDAP_SUCCESS ) {
printf STDERR "ldap_search_s: %s\n", ldap_err2string($rc), "\n";
exit(1);
}
# for each entry print out name + all attrs and values
if (my $e = ldap_first_entry($ld, $result)) {
printf "\nFound %s:\n\n", FIND_DN;
# Iterate through each attribute in the entry.
my $a = ldap_first_attribute($ld, $e, $ber);
do {
if (my @vals = ldap_get_values($ld, $e, $a)) {
for my $val (@vals) {
printf "%s: %s\n", $a, $val;
}
}
} while ($a = ldap_next_attribute($ld, $e, $ber));
print "\n";
}
exit 0;
