Adding a source IP to an URI feels wrong to it. I have not read RFC dealing with URI, however having a quick look [1] seems to indicate that using the at sign in this way is non-standard.
Regardless of the syntax, I don't think a Uniform Resource Identifier is the right place to add source IP information. An LDAP URI typically refer to a (usually remote) LDAP server or servers. It's all about the destination. A source IP is machine specific. I think a separate option would make more sense. Any specific reason for wanting to add it in the URI? I am not an OpenLDAP developer/contributor, this is just my opinion. [1] https://en.wikipedia.org/wiki/Uniform_Resource_Identifier On Sun, 2018-05-06 at 06:15 +0000, [email protected] wrote: > Full_Name: Singam Sudhir Reddy > Version: master branch > OS: fedora > URL: ftp://ftp.openldap.org/incoming/sudhirsingam-180505.patch > Submission from: (NULL) (61.1.232.154) > > > The attached file is derived from OpenLDAP Software. All of the modifications > to > OpenLDAP Software represented in the following patch(es) were developed by > NOKIA. NOKIA has not assigned rights and/or interest in this work to any > party. > I, SINGAM SUDHIR REDDY authorized by NOKIA, my employer, to release this work > under the following terms. > > NOKIA hereby place the following modifications to OpenLDAP Software (and only > these modifications) into the public domain. Hence, these modifications may be > freely used and/or redistributed for any purpose with or without attribution > and/or other notice. > > **** > > Description: > > Currently when using the openldap client and try to connect to LDAP server > using > LDAP URL, client automatically binds to an IP address returned by kernel. > > For example, in the below usage, client automatically binds to an IP address > returned by kernel. > > ldapsearch -H ldap://10.63.57.239:389 D "uid=admin, ou=administrators, > ou=topologymanagement, o=netscaperoot" -x -w admin -b "uid=baha, ou=people, > ou=accounts, ou=region-911080, ou=regions, ou=netact, dc=noklab, dc=net, > dc=localdomain" > > But if we want to route the traffic on a specific interface/IP address, > currently there is no provision. And the idea or enhancement is to introduce > such provision by giving source bind IP address in the URL in the following > format. > > ldap://TARGET-IP-ADDRESS@SOURCE-BIND-IP-ADDRESS:PORT > > For example, > > ldapsearch -H ldap://[email protected]:389 D "uid=admin, > ou=administrators, ou=topologymanagement, o=netscaperoot" -x -w admin -b > "uid=baha, ou=people, ou=accounts, ou=region-911080, ou=regions, ou=netact, > dc=noklab, dc=net, dc=localdomain" > > Note this feature is backward compatible, that is, it is optional to provide > source bind IP address in the URL. > > This feature also supports IPV6 addresses. > >
