[Dovecot] dovecot not reconnecting to ldap after ldap restart

Quentin Garnier cube at NetBSD.org
Mon Apr 5 09:55:14 EEST 2004


On Fri Apr  2 18:17:50 2004
redjar at redjar.org (Jared) wrote:

[...]
> So I'd like to try to not use stunnel with dovecot.  But how do I
> configure dovecot-ldap.conf to connect directly to the LDAP server
> with SSL/TLS?
> 
> I've tried:
> 
> hosts = ldaps://ldap.server.com
> and
> hosts = ldap.server.com:636
> 
> But neither work.
> 
> I didn't see another directive to use to turn SSL/TLS on in the conf 
> file or in the docs.

There is no way in current dovecot source.  I hit the same issue when I
tested dovecot.  I'm attaching the patches that I have in my local
pkgsrc tree.

What they do is:

1. Change default value for 'hosts' to NULL instead of 'localhost'.
   That way, libldap will choose the default list of server as specified
   in OpenLDAP's ldap.conf configuration file.

2. Add a new configuration stance, 'uris', which you can set to a list
   of URIs that will be passed directly to libldap, which understands
   them.

I hope the patches will be included in dovecot tree, however it might be
best to fall back on 'hosts' value if using'uris' fails.  In my patch,
'hosts' is ignored if 'uris' is filled in.

Quentin Garnier.
-------------- next part --------------
$NetBSD$

--- src/auth/db-ldap.c.orig	Sat Nov  8 16:29:20 2003
+++ src/auth/db-ldap.c
@@ -26,6 +26,7 @@
 
 static struct setting_def setting_defs[] = {
 	DEF(SET_STR, hosts),
+	DEF(SET_STR, uris),
 	DEF(SET_STR, dn),
 	DEF(SET_STR, dnpass),
 	DEF(SET_STR, deref),
@@ -42,7 +43,8 @@ static struct setting_def setting_defs[]
 };
 
 struct ldap_settings default_ldap_settings = {
-	MEMBER(hosts) "localhost",
+	MEMBER(hosts) NULL,
+	MEMBER(uris) NULL,
 	MEMBER(dn) NULL,
 	MEMBER(dnpass) NULL,
 	MEMBER(deref) "never",
@@ -178,7 +180,12 @@ static int ldap_conn_open(struct ldap_co
 		return TRUE;
 
 	if (conn->ld == NULL) {
-		conn->ld = ldap_init(conn->set.hosts, LDAP_PORT);
+		if (conn->set.uris != NULL) {
+			if (ldap_initialize(&conn->ld, conn->set.uris) != LDAP_SUCCESS)
+				conn->ld = NULL;
+		} else
+			conn->ld = ldap_init(conn->set.hosts, LDAP_PORT);
+
 		if (conn->ld == NULL)
 			i_fatal("LDAP: ldap_init() failed with hosts: %s",
 				conn->set.hosts);
-------------- next part --------------
$NetBSD$

--- src/auth/db-ldap.h.orig	Thu Mar 20 16:46:33 2003
+++ src/auth/db-ldap.h
@@ -12,6 +12,7 @@ typedef void db_search_callback_t(struct
 
 struct ldap_settings {
 	const char *hosts;
+	const char *uris;
 	const char *dn;
 	const char *dnpass;
 	const char *deref;


More information about the dovecot mailing list