aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog1
-rw-r--r--examples/example.ldap6
-rw-r--r--handlers/ldap20
3 files changed, 25 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog
index a0e21f2..5eab333 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -68,6 +68,7 @@ version 0.9.4 -- unreleased
. Removed warning about vserver not running (thanks anarcat)
ldap:
. Compress now happens in-line to save some disk space (Closes: #370778)
+ . ldaphost and tls options added for ldapsearch method (Closes: #362027)
makecd:
. Added nicelevel option (thanks rhatto)
lib changes
diff --git a/examples/example.ldap b/examples/example.ldap
index adc1fcd..ee7c57d 100644
--- a/examples/example.ldap
+++ b/examples/example.ldap
@@ -43,3 +43,9 @@
## to, not needed for slapcat
# binddn =
+## ldaphost (no default): set this to your ldap host if it is not local
+# ldaphost =
+
+## tls (default yes): if set to 'yes' then TLS connection will be
+## attempted to your ldaphost by using the URI base ldaps: otherwise ldap: will be used
+# tls = yes \ No newline at end of file
diff --git a/handlers/ldap b/handlers/ldap
index ee46831..ba3d78a 100644
--- a/handlers/ldap
+++ b/handlers/ldap
@@ -12,6 +12,14 @@ getconf restart no
getconf method ldapsearch
getconf passwordfile
getconf binddn
+getconf ldaphost
+getconf tls yes
+
+if [ $tls = 'yes' ]
+ URLBASE="ldaps"
+else
+ URLBASE="ldap"
+fi
status="ok"
@@ -54,9 +62,17 @@ if [ "$ldif" == "yes" ]; then
debug "$execstr"
else
if [ "$compress" == "yes" ]; then
- execstr="$LDAPSEARCH -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile | $GZIP"
+ if [ -n "$ldaphost" ]
+ execstr="$LDAPSEARCH -H $URLBASE://$ldaphost -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile | $GZIP"
+ else
+ execstr="$LDAPSEARCH -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile | $GZIP"
+ fi
else
- execstr="$LDAPSEARCH -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile"
+ if [ -n "$ldaphost" ]
+ execstr="$LDAPSEARCH -H $URLBASE://$ldaphost -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile"
+ else
+ execstr="$LDAPSEARCH -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile"
+ fi
fi
[ -f "$passwordfile" ] || fatal "Password file $passwordfile not found. When method is set to ldapsearch, you must also specify a password file."
debug "$execstr"