I have been patching and configuring qmail-ldap with the ldap-control patch. I first went ahead with just qmail-ldap and it's great. Patching it with ldap-control I find some interesting behavior. I found some e-mail threads that seemed to indicate the same behavior but it never got addressed directly in those threads. What I have found is that ldapcontroldn is read on startup and seems to get used but does not actual use it to query ldap. Below are snippets from qmail's debug output and from slapd's log output. Notice that qmail, once it has ldapbasedn, says that it is looking "Below DN: blah", but that slapd says that the search has a basedn of "".
My ~control directory has ldapcontroldn, ldaplogin, ldappassword, ldapserver, me, and rcpthosts (for fallback). If I add an ldapbasedn file, then slapd shows that the searchs for qmailControl objects use that basedn. I had a look at control.c and qldap.c and found that control_ldap_search(), although it references ldap_controldn and even prints it out for "Below DN: ", the call to qldap_lookup() says nothing about it. Additionally qldap_lookup() calls qldap_basedn() to get the dn to search on. qldap_basedn() just returns ldap_basedn.s. The conclusion is that this series of calls never seems to actually use the value set in ldapcontroldn. Now, is this just a specific result of my particular patch set, or do others see this as well? If needed, I suppose I could write a second qldap_lookup function that takes the dn to search on as a parameter, but I'd like to stick to the base patch as closely as possible. Any thoughts or comments are more than welcome. Thanks, Jeff qmail's debug output: ?control_readline: Looking for: 'control/me' ?? Searching FS ?? 2:value(control/me)='tyr.in.echospiral.com' ??control_readline: Looking for: 'control/ldappassword' ?? Searching FS ?? Can't open control/ldappassword (errno=13) ??control_readfile: Looking for: 'control/ldapserver' ?? Searching FS ??control_readline: Looking for: 'control/port_ldap' ?? Searching FS ?? Can't open control/port_ldap (errno=2) ??control_readline: Looking for: 'control/ldapcontroldn' ?? Searching FS ?? 2:value(control/ldapcontroldn)='ou=configs,dc=echospiral,dc=com' ??qldap_ctrl_bind: Allocating memory for LDAP connection: ??SUCCESS ??qldap_ctrl_bind: Opening LDAP connection to localhost: ?? qldap_open: ldap_init(localhost, 389): ??SUCCESS ?? qldap_set_option: set referrals successful ?? -> LDAP connection opened successfully ??qldap_ctrl_bind: Binding to LDAP server as : ?? qldap_bind: successful ??control_readline: Looking for: 'control/ldapbasedn' ?? Searching LDAP ?? me = tyr.in.echospiral.com ?? Search filter: (&(cn=tyr.in.echospiral.com)(objectclass=qmailControl)) ?? Below DN: ou=configs,dc=echospiral,dc=com ?? attribute = ldapbasedn ?? Searching FS ?? Can't open control/ldapbasedn (errno=2) slapd output: daemon: conn=0 fd=9 connection from IP=127.0.0.1:33853 (IP=:: 34049) accepted. conn=0 op=0 BIND dn="CN=QMAIL-LDAP,OU=SERVICES,DC=ECHOSPIRAL,DC=COM" method=128 conn=0 op=0 RESULT tag=97 err=0 text= conn=0 op=1 SRCH base="" scope=2 filter="(&(cn=tyr.in.echospiral.com)(objectClass=qmailControl))" conn=0 op=1 RESULT tag=101 err=32 text=
