aboutsummaryrefslogtreecommitdiff
path: root/handlers
diff options
context:
space:
mode:
Diffstat (limited to 'handlers')
-rw-r--r--handlers/ldap.helper.in10
-rw-r--r--handlers/ldap.in13
2 files changed, 18 insertions, 5 deletions
diff --git a/handlers/ldap.helper.in b/handlers/ldap.helper.in
index 5ccbe7e..35b47a3 100644
--- a/handlers/ldap.helper.in
+++ b/handlers/ldap.helper.in
@@ -7,13 +7,17 @@ while true; do
checkBox "ldap action wizard" "check options (slapcat OR ldapsearch)" \
"slapcat" "export ldif using slapcat" yes \
"ldapsearch" "export ldif using ldapsearch" no \
- "compress" "compress the ldif output files" yes
+ "compress" "compress the ldif output files" yes \
+ "ssl" "use SSL (deprecated)" no \
+ "tls" "use TLS extended operations (RFC2246, RFC2830)" yes
status=$?
compress="compress = no"
method="method = <unset>"
restart="restart = no"
binddn=""
passwordfile=""
+ ssl="ssl = no"
+ tls="tls = no"
[ $status = 1 ] && return;
result="$REPLY"
for opt in $result; do
@@ -33,6 +37,8 @@ while true; do
binddn="binddn = $REPLY"
require_packages ldap-utils
;;
+ '"ssl"') ssl="ssl = yes";;
+ '"tls"') tls="tls = yes";;
esac
done
get_next_filename $configdirectory/30.ldap
@@ -42,6 +48,8 @@ $compress
$restart
$binddn
$passwordfile
+$ssl
+$tls
# backupdir = /var/backups/ldap
# conf = /etc/ldap/slapd.conf
# databases = all
diff --git a/handlers/ldap.in b/handlers/ldap.in
index f6f87c7..e5e21ba 100644
--- a/handlers/ldap.in
+++ b/handlers/ldap.in
@@ -13,9 +13,10 @@ getconf method ldapsearch
getconf passwordfile
getconf binddn
getconf ldaphost
-getconf tls yes
+getconf ssl yes
+getconf tls no
-if [ $tls = 'yes' ]; then
+if [ $ssl = 'yes' ]; then
URLBASE="ldaps"
else
URLBASE="ldap"
@@ -56,10 +57,14 @@ if [ "$ldif" == "yes" ]; then
if [ "$method" == "slapcat" ]; then
execstr="$SLAPCAT -f $conf -b $dbsuffix"
else
+ LDAPARGS=""
+ if [ "$tls" == "yes" ]; then
+ LDAPARGS="-ZZ"
+ fi
if [ -n "$ldaphost" ]; then
- execstr="$LDAPSEARCH -H $URLBASE://$ldaphost -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile"
+ execstr="$LDAPSEARCH $LDAPARGS -H $URLBASE://$ldaphost -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile"
else
- execstr="$LDAPSEARCH -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile"
+ execstr="$LDAPSEARCH -H $URLBASE://$ldaphost -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile"
fi
[ -f "$passwordfile" ] || fatal "Password file $passwordfile not found. When method is set to ldapsearch, you must also specify a password file."
debug "$execstr"