[xymon] bug in ldaptest.c

Henrik Størner henrik at hswn.dk
Mon Sep 27 21:58:19 CEST 2010


In <201009271934.40635.bgmilne at staff.telkomsa.net> Buchan Milne <bgmilne at staff.telkomsa.net> writes:

>On Thursday, 23 September 2010 14:18:51 Henrik "St=C3=B8rner" wrote:
>> The major problem with this is that Xymon uses the OpenLDAP library
>> to talk to the LDAP server (the LDAP protocol itself is a bit too
>> complex for Xymon to do on its own). And OpenLDAP only supports the
>> RFC-way of doing SSL.

>This isn't true. Almost all LDAP client software (pam_ldap, nss_ldap, samba=
>,=20
>freeradius, ldapsearch etc., apache mod_ldap, etc., to name a few) using=20
>OpenLDAP libldap (at least with OpenSSL, I'm not too familiar with=20
>OpenLDAP+gnutls) supports original Netscape-style ldaps (which is usually o=
>n=20
>port 636).

Okay, I haven't looked at OpenLDAP since I implemented the LDAP tests
(quite some time ago). The SSL support then wasn't documented at all,
so I had to go by some sample code included with the library. If that
has changed and we can support port-636-ldaps somehow then sure - let's
do it. We probably need to invent a different tag in bb-hosts for it,
but that's a minor problem.


Regards,
Henrik




More information about the Xymon mailing list