bug-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#58605: 29.0.50; Commit 2a2f5530fa2 breaks ldap-search-internal

From: Jens Lechtenboerger
Subject: bug#58605: 29.0.50; Commit 2a2f5530fa2 breaks ldap-search-internal
Date: Tue, 25 Oct 2022 07:55:44 +0200
User-agent: Gnus/5.13 (Gnus v5.13) 
Hi there!

On 2022-10-24, Filipp Gunbin wrote:

> [...]
> But ldap-search expects ldap-ldapsearch-args to be at least what default
> value is, to be able to parse the output (btw, "-LL" was there since
> "forever", which is 20 years in this case; it's just the third L which
> was added recently, to exclude ldif version from the output).

How should users know about that expectation?

> Also, default value can change along with ldap-search internal
> changes.  So if you want to let-bind it, you should merge in your
> additional args, not replace them.

If the code requires this, it might separate the necessary arguments
from the customizable ones.

> However, I don't see why you would want to let-bind it:
>
> - -H: Why don't you use host parameter?
> - -x: just pass 'auth = simple
> - -tt: already in ldap-ldapsearch-args

When I started using LDAP, I could not make ldapsearch to use
encrypted connections without -H.  That may have changed since
then...

> Even more, I'd say that the user should set ldap-host-parameters-alist
> according to his/her setup, and you should not mess with ldapsearch
> arguments at all.  Like:
>
> (setq ldap-host-parameters-alist
>       '(("ldap://example.org";
>          auth simple
>          auth-source t)))
>
> Then just invoke:
>
> (ldap-search "mail=.." "ldap://example.org";  '("userCertificate"))

Does this result in encrypted connections?

Best wishes
Jens

Attachment: smime.p7s
Description: S/MIME cryptographic signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]