Hi Harry,
I just did a build from srpm, and currently I trying to get the scenario of a pipe between sockets working. Just to make sure this pipe is working correctly before I am moving to the tcp/tls connection.
Of course my problem persists with socat using something like this. socat -s -d -d -d -t 3 UNIX-CONNECT:/var/run/ldapi,raw,ignoreeof UNIX-LISTEN:/var/run/bla,raw,ignoreeof,fork
You have a suggestion how to to do this with dpipe, I have tried this
dpipe vde_plug /var/run/ldapi = vde_plug /var/run/bla
But it does not launch nor reports the error.
-----Original Message----- Subject: Re: Socat tcp to local socket
With this I am able to issue just one ldap search on the socket. Subsequent queries fail with 'ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)'
Sure, use either very long timeouts or use an other tool, i.e. dpipe.
The problem with socat is, socat terminates after each ldapsearch.
dpipe only stops, if manual terminated. Their are some other useful tools in vde2 package.
socat -d -d OPENSSL:192.168.10.18:8443,cafile=/etc/openldap/cacerts/ca.crt,verify= 0, keepalive,reuseaddr,ignoreeof UNIX-LISTEN:/var/run/ldapi,reuseaddr,type=1,ignoreeof
I am just wondering if this is even possible, maybe the tcp connections keeps an authorized session? Or ldapi communication is
just different?
If this ldapi communication is different from ldaps. I guess I am only
left with the options like
- connecting with some forwarded ssh session to the local ldapi server
socket
- maybe export ldapi with stunnel on the server, and capture it again
with stunnel/socat
- look into slapd proxy/meta
-- Harry Jede
openldap-technical@openldap.org