diff options
-rw-r--r-- | ChangeLog | 1 | ||||
-rw-r--r-- | examples/example.ldap | 6 | ||||
-rw-r--r-- | handlers/ldap | 20 |
3 files changed, 25 insertions, 2 deletions
@@ -68,6 +68,7 @@ version 0.9.4 -- unreleased . Removed warning about vserver not running (thanks anarcat) ldap: . Compress now happens in-line to save some disk space (Closes: #370778) + . ldaphost and tls options added for ldapsearch method (Closes: #362027) makecd: . Added nicelevel option (thanks rhatto) lib changes diff --git a/examples/example.ldap b/examples/example.ldap index adc1fcd..ee7c57d 100644 --- a/examples/example.ldap +++ b/examples/example.ldap @@ -43,3 +43,9 @@ ## to, not needed for slapcat # binddn = +## ldaphost (no default): set this to your ldap host if it is not local +# ldaphost = + +## tls (default yes): if set to 'yes' then TLS connection will be +## attempted to your ldaphost by using the URI base ldaps: otherwise ldap: will be used +# tls = yes
\ No newline at end of file diff --git a/handlers/ldap b/handlers/ldap index ee46831..ba3d78a 100644 --- a/handlers/ldap +++ b/handlers/ldap @@ -12,6 +12,14 @@ getconf restart no getconf method ldapsearch getconf passwordfile getconf binddn +getconf ldaphost +getconf tls yes + +if [ $tls = 'yes' ] + URLBASE="ldaps" +else + URLBASE="ldap" +fi status="ok" @@ -54,9 +62,17 @@ if [ "$ldif" == "yes" ]; then debug "$execstr" else if [ "$compress" == "yes" ]; then - execstr="$LDAPSEARCH -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile | $GZIP" + if [ -n "$ldaphost" ] + execstr="$LDAPSEARCH -H $URLBASE://$ldaphost -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile | $GZIP" + else + execstr="$LDAPSEARCH -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile | $GZIP" + fi else - execstr="$LDAPSEARCH -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile" + if [ -n "$ldaphost" ] + execstr="$LDAPSEARCH -H $URLBASE://$ldaphost -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile" + else + execstr="$LDAPSEARCH -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile" + fi fi [ -f "$passwordfile" ] || fatal "Password file $passwordfile not found. When method is set to ldapsearch, you must also specify a password file." debug "$execstr" |