[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: multiple listener ports

To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: RE: multiple listener ports
From: "Howard Chu" <hyc@highlandsun.com>
Date: Wed, 26 May 1999 13:38:30 -0700
Cc: <openldap-devel@OpenLDAP.org>
Importance: Normal
In-reply-to: <3.0.5.32.19990526091833.00a11a90@localhost>

> As Julio pointed out, using TLS/SSL with SASL does not require
> second port!  LDAP OVER SSL (LDAPv2 style ldaps) does.  Though
> I am not sure of the need to support LDAP OVER SSL (give
> TLS/SSL with SASL), adding such, I guess, is no big deal.
>
No argument here.

> Long term, I actually would prefer we treat the "port"
> directory as defining the "default" port for listening
> but actually use "host" to define the bind() arguments.
>
> port 389		# default LDAP port
> sslport 636		# default LDAP over SSL port
> host ldap:/// \	# listen on LDAP port in LDAP mode
> 	ldaps:///	# listen on LDAPS port in LDAP over SSL mode
>
Given this "host" directive you don't even need a "port" directive,
since you could say

host	ldap://localhost:389/

Also, rather than listing a lot of bindings with a single directive, I still
think it would make sense to list options for individual bindings, e.g.:

host	ldap://localhost/	timeout 60
host	ldap://external-ip/	timeout 300

Follow-Ups:
- RE: multiple listener ports
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

References:
- Re: multiple listener ports
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: Tests fail on RedHat 6.0 (ITS#156)
Next by Date: RE: multiple listener ports
Index(es):
- Chronological
- Thread