GNU bug report logs -
#58605
29.0.50; Commit 2a2f5530fa2 breaks ldap-search-internal
Previous Next
Full log
Message #29 received at 58605 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hi there!
On 2022-10-24, Filipp Gunbin wrote:
> [...]
> But ldap-search expects ldap-ldapsearch-args to be at least what default
> value is, to be able to parse the output (btw, "-LL" was there since
> "forever", which is 20 years in this case; it's just the third L which
> was added recently, to exclude ldif version from the output).
How should users know about that expectation?
> Also, default value can change along with ldap-search internal
> changes. So if you want to let-bind it, you should merge in your
> additional args, not replace them.
If the code requires this, it might separate the necessary arguments
from the customizable ones.
> However, I don't see why you would want to let-bind it:
>
> - -H: Why don't you use host parameter?
> - -x: just pass 'auth = simple
> - -tt: already in ldap-ldapsearch-args
When I started using LDAP, I could not make ldapsearch to use
encrypted connections without -H. That may have changed since
then...
> Even more, I'd say that the user should set ldap-host-parameters-alist
> according to his/her setup, and you should not mess with ldapsearch
> arguments at all. Like:
>
> (setq ldap-host-parameters-alist
> '(("ldap://example.org"
> auth simple
> auth-source t)))
>
> Then just invoke:
>
> (ldap-search "mail=.." "ldap://example.org" '("userCertificate"))
Does this result in encrypted connections?
Best wishes
Jens
[smime.p7s (application/pkcs7-signature, attachment)]
This bug report was last modified 2 years and 265 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.