On 10.10.2013 13:59, Howard Chu wrote: > Stef Walter wrote: >> On 10.10.2013 12:59, Howard Chu wrote: >>> [email protected] wrote: >>>> Full_Name: Stef Walter >>>> Version: 2.4.35 >>>> OS: Fedora 19 >>>> Submission from: (NULL) (46.5.2.70) >>>> >>>> >>>> Connectionless LDAP (ie: cldap enabled with -DLDAP_CONNECTIONLESS) is >>>> broken for >>>> IPv6 for current versions of openldap. Tested with version 2.4.35 >>>> >>>> It's not clear if this ever worked properly. >>> >>> No, clearly not, the code was written and deprecated before IPv6 >>> existed. Nobody should be using this code today. >> >> Interesting. FWIW, the code is packaged by RHEL and Fedora, and is in >> use by several projects. > > Can you list any of these, offhand? The original spec, RFC1798, is long > obsoleted. There is no such thing as CLDAP in LDAPv3. Support in > OpenLDAP was first removed back in 2000. (commit > 25a9f7427ddc1b584a721ceb0e12690a96d3639e ) > Any apps using this must be quite ancient code and in serious need of a > rewrite.
Well, there's still lots of libldap client code around to support LDAP over UDP. Guarded with LDAP_CONNECTIONLESS #defines, and one can use "cldap://xxxx"; urls with ldap_initialize() and do basic cldap searches and so on. Windows Server is accessed via CLDAP during discovery. Although there is normative documentation for this, it's easier to understand via these descriptions: http://wiki.wireshark.org/MS-CLDAP https://fedorahosted.org/sssd/wiki/DesignDocs/ActiveDirectoryDNSSites#SendingtheCLDAPping So things like samba, IPA, realmd, adcli, and so on ... use and support cldap for talking with AD. I know Samba has reimplemented cldap but the others use libldap for this. Cheers, Stef
