Added support for ldap.conf file. See ldap.conf(5) for details.

Modified clients to reduce use of ldapconfig.h.edit.
ldap_{get,set}_option support is relatively complete.  Needs
to be extended to support other "features" of OpenLDAP.

clients/fax500/main.c

@@ -308,7 +308,7 @@ connect_to_x500()
 	int sizelimit = FAX_MAXAMBIGUOUS;
 	int deref = LDAP_DEREF_ALWAYS;
 
-	if ( (ld = ldap_open( LDAPHOST, LDAP_PORT )) == NULL ) {
+	if ( (ld = ldap_open( NULL, 0 )) == NULL ) {
 		syslog( LOG_ALERT, "ldap_open failed" );
 		return( -1 );
 	}
@@ -316,7 +316,7 @@ connect_to_x500()
 	ldap_set_option(ld, LDAP_OPT_SIZELIMIT, &sizelimit);
 	ldap_set_option(ld, LDAP_OPT_DEREF, &deref);
 
-	if ( ldap_simple_bind_s( ld, FAX_BINDDN, FAX_BIND_CRED ) != LDAP_SUCCESS ) {
+	if ( ldap_simple_bind_s( ld, NULL, NULL ) != LDAP_SUCCESS ) {
 		syslog( LOG_ALERT, "ldap_simple_bind_s failed" );
 		return( -1 );
 	}

clients/fax500/rp500.c

@@ -32,8 +32,8 @@
 #define DEFAULT_SIZELIMIT	50
 
 int		debug;
-char	*ldaphost = LDAPHOST;
-char	*base = RP_BASE;
+char	*ldaphost = NULL;
+char	*base = NULL;
 int		deref = LDAP_DEREF_ALWAYS;
 int		sizelimit = DEFAULT_SIZELIMIT;
 LDAPFiltDesc	*filtd;
@@ -116,7 +116,7 @@ main (argc, argv)
 	ldap_set_option(ld, LDAP_OPT_SIZELIMIT, &sizelimit);
 	ldap_set_option(ld, LDAP_OPT_DEREF, &deref);
 
-	if ( ldap_simple_bind_s( ld, RP_BINDDN, RP_BIND_CRED ) != LDAP_SUCCESS ) {
+	if ( ldap_simple_bind_s( ld, NULL, NULL ) != LDAP_SUCCESS ) {
 		fprintf( stderr, "X.500 is temporarily unavailable.\n" );
 		ldap_perror( ld, "ldap_simple_bind_s" );
 		exit( -1 );

clients/finger/main.c

@@ -34,9 +34,9 @@
 
 
 int	dosyslog = 1;
-char	*ldaphost = LDAPHOST;
-int	ldapport = LDAP_PORT;
-char	*base = FINGER_BASE;
+char	*ldaphost = NULL;
+int	ldapport = 0;
+char	*base = NULL;
 int	deref;
 char	*filterfile = FILTERFILE;
 char	*templatefile = TEMPLATEFILE;
@@ -167,7 +167,7 @@ static do_query()
 	}
 	ldap_set_option(ld, LDAP_OPT_DEREF, &deref);
 
-	if ( ldap_simple_bind_s( ld, FINGER_BINDDN, FINGER_BIND_CRED )
+	if ( ldap_simple_bind_s( ld, NULL, NULL )
 		!= LDAP_SUCCESS )
 	{
 		fprintf( stderr, FINGER_UNAVAILABLE );

clients/gopher/go500.c

@@ -44,8 +44,8 @@ int	dosyslog;
 int	inetd;
 int	dtblsize;
 
-char	*ldaphost = LDAPHOST;
-char	*base = GO500_BASE;
+char	*ldaphost = NULL;
+char	*base = NULL;
 int	rdncount = GO500_RDNCOUNT;
 char	*filterfile = FILTERFILE;
 char	*templatefile = TEMPLATEFILE;
@@ -391,7 +391,7 @@ int	s;
 		int deref = GO500_DEREF;
 		ldap_set_option(ld, LDAP_OPT_DEREF, &deref);
 
-		rc = ldap_simple_bind_s( ld, GO500_BINDDN, GO500_BIND_CRED );
+		rc = ldap_simple_bind_s( ld, NULL, NULL );
 		if ( rc != LDAP_SUCCESS ) {
 			fprintf(fp,
 			    "0An error occurred (explanation)\t@%d\t%s\t%d\r\n",

clients/gopher/go500gw.c

@@ -45,8 +45,8 @@ int	dosyslog;
 int	inetd;
 int	dtblsize;
 
-char		*ldaphost = LDAPHOST;
-int		ldapport = LDAP_PORT;
+char		*ldaphost = NULL;
+int		ldapport = 0;
 int		searchaliases = 1;
 char		*helpfile = GO500GW_HELPFILE;
 char		*filterfile = FILTERFILE;
@@ -440,7 +440,7 @@ int	s;
 
 	ldap_set_option(ld, LDAP_OPT_DEREF, &deref);
 
-	if ( (rc = ldap_simple_bind_s( ld, GO500GW_BINDDN, NULL ))
+	if ( (rc = ldap_simple_bind_s( ld, NULL, NULL ))
 	    != LDAP_SUCCESS ) {
 		if ( debug ) ldap_perror( ld, "ldap_simple_bind_s" );
 		fprintf(fp, "0An error occurred (explanation)\tE%d\t%s\t%d\r\n",

clients/mail500/main.c

@@ -56,7 +56,7 @@ char	*vacationhost = NULL;
 char	*errorsfrom = NULL;
 char	*mailfrom = NULL;
 char	*host = NULL;
-char	*ldaphost = LDAPHOST;
+char	*ldaphost = NULL;
 int	hostlen = 0;
 int	debug;
 
@@ -356,7 +356,7 @@ connect_to_x500()
 	opt = LDAP_DEREF_ALWAYS;
 	ldap_set_option(ld, LDAP_OPT_DEREF, &opt);
 
-	if ( ldap_simple_bind_s( ld, MAIL500_BINDDN, NULL ) != LDAP_SUCCESS ) {
+	if ( ldap_simple_bind_s( ld, NULL, NULL ) != LDAP_SUCCESS ) {
 		syslog( LOG_ALERT, "ldap_simple_bind_s failed" );
 		return( -1 );
 	}

clients/rcpt500/main.c

@@ -27,9 +27,9 @@ int derefaliases = 1;
 int sizelimit = RCPT500_SIZELIMIT;
 int rdncount = RCPT500_RDNCOUNT;
 int ldapport = 0;
-char *ldaphost = LDAPHOST;
-char *searchbase = RCPT500_BASE;
-char *dapuser = RCPT500_BINDDN;
+char *ldaphost = NULL;
+char *searchbase = NULL;
+char *dapuser = NULL;
 char *filterfile = FILTERFILE;
 char *templatefile = TEMPLATEFILE;
 char reply[ MAXSIZE * RCPT500_LISTLIMIT ];

clients/tools/ldapdelete.c

@@ -12,13 +12,11 @@
 #include <lber.h>
 #include <ldap.h>
 
-#include "ldapconfig.h"
-
-static char	*binddn = LDAPDELETE_BINDDN;
-static char	*passwd = LDAPDELETE_BIND_CRED;
-static char	*base = LDAPDELETE_BASE;
-static char	*ldaphost = LDAPHOST;
-static int	ldapport = LDAP_PORT;
+static char	*binddn = NULL;
+static char	*passwd = NULL;
+static char	*base = NULL;
+static char	*ldaphost = NULL;
+static int	ldapport = 0;
 static int	not, verbose, contoper;
 static LDAP	*ld;
 

clients/tools/ldapmodify.c

@@ -22,13 +22,11 @@
 #include <ldap.h>
 #include <ldif.h>
 
-#include "ldapconfig.h"
-
 static char	*prog;
-static char	*binddn = LDAPMODIFY_BINDDN;
-static char	*passwd = LDAPMODIFY_BIND_CRED;
-static char	*ldaphost = LDAPHOST;
-static int	ldapport = LDAP_PORT;
+static char	*binddn = NULL;
+static char	*passwd = NULL;
+static char	*ldaphost = NULL;
+static int	ldapport = 0;
 static int	new, replace, not, verbose, contoper, force, valsfromfiles;
 static LDAP	*ld;
 

clients/tools/ldapmodrdn.c

@@ -12,13 +12,11 @@
 #include <lber.h>
 #include <ldap.h>
 
-#include "ldapconfig.h"
-
-static char	*binddn = LDAPMODRDN_BINDDN;
-static char	*passwd = LDAPMODRDN_BIND_CRED;
-static char	*base = LDAPMODRDN_BASE;
-static char	*ldaphost = LDAPHOST;
-static int	ldapport = LDAP_PORT;
+static char	*binddn = NULL;
+static char	*passwd = NULL;
+static char	*base = NULL;
+static char	*ldaphost = NULL;
+static int	ldapport = 0;
 static int	not, verbose, contoper;
 static LDAP	*ld;
 

clients/tools/ldapsearch.c

@@ -11,8 +11,6 @@
 #include <ldap.h>
 #include <ldif.h>
 
-#include "ldapconfig.h"
-
 #define DEFSEP		"="
 
 #ifdef LDAP_DEBUG
@@ -76,11 +74,11 @@ static int dosearch LDAP_P((
     char	*filtpatt,
     char	*value));
 
-static char	*binddn = LDAPSEARCH_BINDDN;
-static char	*passwd = LDAPSEARCH_BIND_CRED;
-static char	*base = LDAPSEARCH_BASE;
-static char	*ldaphost = LDAPHOST;
-static int	ldapport = LDAP_PORT;
+static char	*binddn = NULL;
+static char	*passwd = NULL;
+static char	*base = NULL;
+static char	*ldaphost = NULL;
+static int	ldapport = 0;
 static char	*sep = DEFSEP;
 static char	*sortattr = NULL;
 static int	skipsortattr = 0;

clients/ud/auth.c

@@ -257,7 +257,7 @@ int implicit;
 		else
 			ldap_perror(ld, "ldap_bind_s" );
 		(void) ldap_bind_s(ld, default_bind_object,
-			 (char *) UD_BIND_CRED, LDAP_AUTH_SIMPLE);
+			 (char *) NULL, LDAP_AUTH_SIMPLE);
 		if (default_bind_object == NULL)
 			set_bound_dn(NULL);
 		else

clients/ud/main.c

@@ -58,7 +58,7 @@ static char *filter_file = FILTERFILE;
 static int ldap_port = LDAP_PORT;
 static int dereference = TRUE;
 
-char *default_bind_object = UD_BINDDN;
+char *default_bind_object = NULL;
 
 char *bound_dn;			/* bound user's Distinguished Name */
 char *group_base;		/* place in LDAP tree where groups are */
@@ -510,7 +510,7 @@ char **base, *s;
 	/* set the search base back to the original default value */
 	else if (!strcasecmp(s, "default")) {
 		if (type == BASE_SEARCH)
-			StrFreeDup(base, UD_BASE);
+			StrFreeDup(base, NULL);
 		else if (type == BASE_GROUPS)
 			StrFreeDup(base, UD_WHERE_GROUPS_ARE_CREATED);
 		printbase(output_string, *base);
@@ -603,6 +603,16 @@ void initialize_client()
 				if ((*cp == '\0') || (*cp == '\n'))
 					continue;
 				server = strdup(cp);
+			} 
+			else if (!strncasecmp(buffer, "host", 4)) {
+				if (server != NULL)
+					continue;
+				cp = buffer + 4;
+				while (isspace(*cp))
+					cp++;
+				if ((*cp == '\0') || (*cp == '\n'))
+					continue;
+				server = strdup(cp);
 			}
 			else if (!strncasecmp(buffer, "base", 4)) {
 				cp = buffer + 4;
@@ -626,10 +636,6 @@ void initialize_client()
 	}
 	if (group_base == NULL)
 		group_base = strdup(UD_WHERE_GROUPS_ARE_CREATED);
-	if (search_base == NULL)
-		search_base = strdup(UD_BASE);
-	if (server == NULL)
-		server = strdup(LDAPHOST);
 
 	/*
 	 *  Set up our LDAP connection.  The values of retry and timeout
@@ -641,7 +647,7 @@ void initialize_client()
 		exit(0);
 		/* NOTREACHED */
 	}
-	if (ldap_bind_s(ld, (char *) default_bind_object, (char *) UD_BIND_CRED,
+	if (ldap_bind_s(ld, (char *) default_bind_object, NULL,
 	    LDAP_AUTH_SIMPLE) != LDAP_SUCCESS) {
 		int ld_errno = 0;
 		ldap_get_option(ld, LDAP_OPT_ERROR_NUMBER, &ld_errno);

clients/ud/util.c

@@ -526,7 +526,7 @@ char *s;
 	register char **cpp;
 	static char short_DN[BUFSIZ];
 
-	if (strstr(s, UD_BASE) == NULL)
+	if (strstr(s, NULL) == NULL)
 		return(ldap_dn2ufn(s));
 	cpp = ldap_explode_dn(s, TRUE);
 	sprintf(short_DN, "%s, %s", *cpp, *(cpp + 1));

doc/man/man1/ldapdelete.1

@@ -1,4 +1,4 @@
-.TH LDAPDELETE 1 "22 September 1998" "OpenLDAP LDVERSION"
+.TH LDAPDELETE 1 "10 November 1998" "OpenLDAP LDVERSION"
 .SH NAME
 ldapdelete \- ldap delete entry tool
 .SH SYNOPSIS
@@ -67,7 +67,7 @@ is treated as a pattern where the first occurrence of \fB%s\fP is
 replaced with a line from \fIfile\fP.
 .TP
 .B \-D binddn
-Use \fIbinddn\fP to bind to the X.500 directory. \fIbinddn\fP should be
+Use \fIbinddn\fP to bind to the LDAP directory. \fIbinddn\fP should be
 a string-represented DN as defined in RFC 1779.
 .TP
 .B \-w passwd
@@ -93,6 +93,7 @@ course it would probably be necessary to supply a \fIbinddn\fP and
 Exit status is 0 if no errors occur.  Errors result in a non-zero exit
 status and a diagnostic message being written to standard error.
 .SH "SEE ALSO"
+.BR ldap.conf (5),
 .BR ldapadd (1),
 .BR ldapmodify (1),
 .BR ldapmodrdn (1),

doc/man/man1/ldapmodify.1

@@ -1,4 +1,4 @@
-.TH LDAPMODIFY 1 "22 September 1998" "OpenLDAP LDVERSION"
+.TH LDAPMODIFY 1 "10 November 1998" "OpenLDAP LDVERSION"
 .SH NAME
 ldapmodify, ldapadd \- ldap modify entry and ldap add entry tools
 .SH SYNOPSIS
@@ -104,7 +104,7 @@ Read the entry modification information from \fIfile\fP instead of from
 standard input.
 .TP
 .B \-D binddn
-Use \fIbinddn\fP to bind to the X.500 directory. \fIbinddn\fP should be
+Use \fIbinddn\fP to bind to the LDAP directory. \fIbinddn\fP should be
 a string-represented DN as defined in RFC 1779.
 .TP
 .B \-w passwd
@@ -285,6 +285,7 @@ status and a diagnostic message being written to standard error.
 .BR ldapdelete (1),
 .BR ldapmodrdn (1),
 .BR ldapsearch (1),
+.BR ldap.conf (5),
 .BR ldap (3),
 .BR ldap_add (3),
 .BR ldap_delete (3),

doc/man/man1/ldapmodrdn.1

@@ -1,4 +1,4 @@
-.TH LDAPMODRDN 1 "22 September 1998" "OpenLDAP LDVERSION"
+.TH LDAPMODRDN 1 "10 November 1998" "OpenLDAP LDVERSION"
 .SH NAME
 ldapmodrdn \- ldap modify entry RDN tool
 .SH SYNOPSIS
@@ -67,7 +67,7 @@ Read the entry modification information from \fIfile\fP instead of from
 standard input or the command-line.
 .TP
 .B \-D binddn
-Use \fIbinddn\fP to bind to the X.500 directory. \fIbinddn\fP should be
+Use \fIbinddn\fP to bind to the LDAP directory. \fIbinddn\fP should be
 a string-represented DN as defined in RFC 1779.
 .TP
 .B \-w passwd
@@ -120,6 +120,7 @@ status and a diagnostic message being written to standard error.
 .BR ldapdelete (1),
 .BR ldapmodify (1),
 .BR ldapsearch (1),
+.BR ldap.conf (5),
 .BR ldap (3),
 .BR ldap_modrdn2 (3)
 .LP

doc/man/man1/ldapsearch.1

@@ -1,4 +1,4 @@
-.TH LDAPSEARCH 1 "22 September 1998" "OpenLDAP LDVERSION"
+.TH LDAPSEARCH 1 "10 November 1998" "OpenLDAP LDVERSION"
 .SH NAME
 ldapsearch \- ldap search tool
 .SH SYNOPSIS
@@ -123,7 +123,7 @@ replaced with a line from \fIfile\fP.  If \fIfile\fP is a single \fI-\fP
 character, then the lines are read from standard input.
 .TP
 .B \-D binddn
-Use \fIbinddn\fP to bind to the X.500 directory. \fIbinddn\fP should be
+Use \fIbinddn\fP to bind to the LDAP directory. \fIbinddn\fP should be
 a string-represented DN as defined in RFC 1779.
 .TP
 .B \-w bindpasswd
@@ -275,6 +275,7 @@ status and a diagnostic message being written to standard error.
 .BR ldapdelete (1),
 .BR ldapmodify (1),
 .BR ldapmodrdn (1),
+.BR ldap.conf (5),
 .BR ldap (3),
 .BR ldap_search (3)
 .LP

doc/man/man1/ud.1

@@ -1,7 +1,7 @@
-.TH UD 1 "22 September 1998" "OpenLDAP LDVERSION"
+.TH UD 1 "10 November 1998" "OpenLDAP LDVERSION"
 .UC 6
 .SH NAME
-ud \- interactive X.500 Directory Server query program
+ud \- interactive LDAP Directory Server query program
 .SH SYNOPSIS
 .B ud
 [-Dv] [-s 
@@ -59,6 +59,7 @@ Prints out a list of valid ud debug masks.
 ETCDIR/ud.conf		The ud configuration file.
 .SH "SEE ALSO"
 .BR ud.conf (5),
+.BR ldap.conf (5),
 .BR ldap (3)
 .SH DIAGNOSTICS
 .B ud

doc/man/man3/ldap.3

@@ -1,4 +1,4 @@
-.TH LDAP 3 "22 September 1998" "OpenLDAP LDVERSION"
+.TH LDAP 3 "10 November 1998" "OpenLDAP LDVERSION"
 .SH NAME
 ldap - Lightweight Directory Access Protocol package
 .SH SYNOPSIS
@@ -12,7 +12,7 @@ ldap - Lightweight Directory Access Protocol package
 .LP
 The Lightweight Directory Access Protocol provides TCP/IP access to
 the X.500 Directory or to a stand-alone LDAP server.
-The University of Michigan LDAP package includes a stand-alone server in
+The OpenLDAP LDAP package includes a stand-alone server in
 .BR slapd (8),
 an LDAP to X.500 gateway in
 .BR ldapd (8),

doc/man/man5/ud.conf.5

@@ -3,7 +3,7 @@
 .SH NAME
 ud.conf \- ud configuration file
 .SH SYNOPSIS
-/etc/ud.conf
+ETCDIR/ud.conf
 .SH DESCRIPTION
 The
 .I ud
@@ -17,13 +17,13 @@ configuration file.
 .SH OPTIONS
 The different configuration options are:
 .TP 1i
-\fBserver <name>\fP
+\fBHOST <name>\fP
 Used to specify the name of an LDAP server to which 
 .I ud 
 should connect.  There may be only one entry per config file.
 The server's name can be specified as a domain-style name or an IP address.
 .TP 1i
-\fBbase <base>\fP
+\fBBASE <base>\fP
 Used to specify the search base to use when performing search operations.
 The base may be changed by those using
 .I ud
@@ -33,7 +33,7 @@ command.
 There may be only one entry per config file.
 The base must be specified as a Distinguished Name in LDAP format.
 .TP 1i
-\fBgroupbase <base>\fP
+\fBGROUPBASE <base>\fP
 Used to specify the base used when creating groups.
 The base may be changed by those using
 .I ud
@@ -43,7 +43,7 @@ command.
 There may be only one entry per config file.
 The base must be specified as a Distinguished Name in LDAP format.
 .TP 1i
-\fBsearch <algorithm>\fP
+\fBSEARCH <algorithm>\fP
 Used to specify a search algorithm to use when performing searches.  More than
 one algorithm may be specified, and each is tried in turn until a suitable
 response is found.
@@ -88,7 +88,7 @@ For example,
 causes this algorithm to be applied when the number of fields is exactly equal
 to one.  If there is exactly one field, the token is looked up as a UID.
 .SH FILES
-.I  /etc/ud.conf
+.I  ETCDIR/ud.conf
 .SH "SEE ALSO"
 ud(1),
 ldap(3)

include/ldapconfig.h.edit

@@ -27,23 +27,10 @@
 #define DEFAULT_SYSCONFDIR	"%SYSCONFDIR%"
 #define DEFAULT_LIBEXECDIR	"%LIBEXECDIR%"
 
-/* default ldap host */
-#define LDAPHOST	"localhost"
+#define DEFAULT_LDAP_CONF_FILE "%SYSCONFDIR%/ldap.conf"
+#define DEFAULT_LDAP_USERRC_FILE "ldaprc"
+#define DEFAULT_LDAP_ENV_PREFIX "LDAP"
 
-#define DEFAULT_LDAPHOST_FILE "%SYSCONFDIR%/ldaphost"
-/* default place to start searching */
-#define DEFAULT_BASE	"o=Your Organization Name, c=US"
-#define DEFAULT_BASE_FILE "%SYSCONFDIR%/ldapbase"
-
-/*
- * default binddn and creditials
- *  use files, make sure they are not generally readable
- */
-#define DEFAULT_BINDDN		NULL
-#define DEFAULT_BINDDN_FILE "%SYSCONFDIR%/ldapbinddn"
-
-#define DEFAULT_BIND_CRED	NULL
-#define DEFAULT_BIND_CRED_FILE "%SYSCONFDIR%/ldapbindcred"
 
 /*********************************************************************
  *                                                                   *
@@ -67,13 +54,8 @@
 /*
  * FINGER DEFINITIONS
  */
-	/* who to bind as */
-#define FINGER_BINDDN			NULL
-#define FINGER_BIND_CRED		NULL
-	/* where to search */
-#define FINGER_BASE				DEFAULT_BASE
 	/* banner to print */
-#define FINGER_BANNER		"X.500 Finger Service...\r\n"
+#define FINGER_BANNER		"OpenLDAP Finger Service...\r\n"
 	/* who to report errors to */
 #define FINGER_ERRORS		"System Administrator"
 	/* what to say if no matches are found */
@@ -106,11 +88,6 @@ Please try again later.\r\n"
 /*
  * GO500 GOPHER GATEWAY DEFINITIONS
  */
-	/* who to bind as */
-#define GO500_BINDDN	NULL
-#define GO500_BIND_CRED	NULL
-	/* where to search */
-#define GO500_BASE	DEFAULT_BASE
 	/* port on which to listen */
 #define GO500_PORT	5555
 	/* how to handle aliases */
@@ -132,9 +109,6 @@ Please try again later.\r\n"
 /*
  * GO500GW GOPHER GATEWAY DEFINITIONS
  */
-	/* who to bind as */
-#define GO500GW_BINDDN			NULL
-#define GO500GW_BIND_CRED		NULL
 	/* where the helpfile lives */
 #define GO500GW_HELPFILE	"%SYSCONFDIR%/go500gw.help"
 	/* port on which to listen */
@@ -156,9 +130,6 @@ Please try again later.\r\n"
 /*
  * RCPT500 MAIL RESPONDER GATEWAY DEFINITIONS
  */
-	/* who to bind as */
-#define RCPT500_BINDDN		NULL
-#define RCPT500_BIND_CRED	NULL
 	/* where the helpfile lives */
 #define RCPT500_HELPFILE	"%SYSCONFDIR%/rcpt500.help"
 	/* maximum number of matches returned */
@@ -168,8 +139,6 @@ Please try again later.\r\n"
 	/* command that will accept an RFC822 message text on standard
 	   input, and send it.  sendmail -t does this nicely. */
 #define RCPT500_PIPEMAILCMD	"%SENDMAIL% -t"
-        /* where to search */
-#define RCPT500_BASE             DEFAULT_BASE
 	/* attribute to use when sorting results */
 #define RCPT500_SORT_ATTR	SORT_ATTR
 	/* max number of hits displayed in full before a list is presented */
@@ -179,48 +148,9 @@ Please try again later.\r\n"
 	/* number of DN components to show in entry displays */
 #define RCPT500_RDNCOUNT	DEFAULT_RDNCOUNT	
 
-/*
- * LDAPSEARCH TOOL
- */
-	/* who to bind as */
-#define LDAPSEARCH_BINDDN		NULL
-#define LDAPSEARCH_BIND_CRED	NULL
-	/* search base */
-#define LDAPSEARCH_BASE		DEFAULT_BASE
-
-/*
- * LDAPMODIFY TOOL
- */
-	/* who to bind as */
-#define LDAPMODIFY_BINDDN		NULL
-#define LDAPMODIFY_BIND_CRED	NULL
-	/* search base */
-#define LDAPMODIFY_BASE		DEFAULT_BASE
-
-/*
- * LDAPDELETE TOOL
- */
-	/* who to bind as */
-#define LDAPDELETE_BINDDN		NULL
-#define LDAPDELETE_BIND_CRED	NULL
-	/* search base */
-#define LDAPDELETE_BASE		DEFAULT_BASE
-
-/*
- * LDAPMODRDN TOOL
- */
-	/* who to bind as */
-#define LDAPMODRDN_BINDDN		NULL
-#define LDAPMODRDN_BIND_CRED	NULL
-	/* search base */
-#define LDAPMODRDN_BASE		DEFAULT_BASE
-
 /*
  * MAIL500 MAILER DEFINITIONS
  */
-	/* who to bind as */
-#define MAIL500_BINDDN			NULL
-#define MAIL500_BIND_CRED			NULL
 	/* max number of ambiguous matches reported */
 #define MAIL500_MAXAMBIGUOUS	10
 	/* max subscribers allowed (size limit when searching for them ) */
@@ -239,12 +169,6 @@ Please try again later.\r\n"
 #define UD_DEFAULT_EDITOR	"%EDITOR%"
 	/* default bbasename of user config file */
 #define UD_USER_CONFIG_FILE	".udrc"
-	/* default user to bind as */
-#define UD_BINDDN		NULL
-	/* default password to bind with */
-#define UD_BIND_CRED	NULL
-	/* default search base */
-#define UD_BASE		DEFAULT_BASE
 	/* default base where groups are created */
 #define UD_WHERE_GROUPS_ARE_CREATED	""
 	/* default base below which all groups live */
@@ -253,11 +177,6 @@ Please try again later.\r\n"
 /*
  * FAX500 DEFINITIONS
  */
-	/* what to bind as */
-#define FAX_BINDDN		NULL
-#define FAX_BIND_CRED	NULL
-	/* default search base */
-#define FAX_BASE		DEFAULT_BASE
 	/* how long to wait for searches */
 #define FAX_TIMEOUT		180
 	/* maximum number of ambiguous matches reported */
@@ -270,12 +189,6 @@ Please try again later.\r\n"
 /*
  * RP500 DEFINITIONS
  */
-	/* what to bind as */
-#define RP_BINDDN		NULL
-#define RP_BIND_CRED	NULL
-	/* default search base */
-#define RP_BASE			DEFAULT_BASE
-
 	/* prefix to add to non-fully-qualified numbers */
 #define RP_PHONEPREFIX	""
 

include/portable.h.bot

@@ -5,6 +5,7 @@
 #endif
 
 #include "ldap_cdefs.h"
+#include "ldap_features.h"
 
 #endif /* _LDAP_PORTABLE_H */
 

include/portable.h.in

@@ -541,6 +541,7 @@ is provided ``as is'' without express or implied warranty.
 #endif
 
 #include "ldap_cdefs.h"
+#include "ldap_features.h"
 
 #endif /* _LDAP_PORTABLE_H */
 

libraries/libldap/Makefile.in

@@ -33,7 +33,7 @@ ltest:	$(LIBRARY) test.o $(LIBLBER)
 ttest:	$(LIBRARY) tmpltest.o $(LIBLBER)
 	$(CC) $(LDFLAGS) -o $@ tmpltest.o $(LIBS)
 
-CFFILES= ldapfilter.conf ldapfriendly ldaptemplates.conf ldapsearchprefs.conf
+CFFILES= ldap.conf ldapfilter.conf ldapfriendly ldaptemplates.conf ldapsearchprefs.conf
 
 install-local: $(LIBRARY) $(CFFILES) FORCE
 	-$(MKDIR) -p $(libdir)

libraries/libldap/cldap.c

@@ -65,10 +65,6 @@ cldap_open( char *host, int port )
 
     Debug( LDAP_DEBUG_TRACE, "ldap_open\n", 0, 0, 0 );
 
-    if ( port == 0 ) {
-	    port = LDAP_PORT;
-    }
-
     if ( (s = socket( AF_INET, SOCK_DGRAM, 0 )) < 0 ) {
 	return( NULL );
     }
@@ -87,8 +83,8 @@ cldap_open( char *host, int port )
     }
     if ( (ld->ld_sb.sb_fromaddr = (void *) calloc( 1,
 	    sizeof( struct sockaddr ))) == NULL ) {
-	free( ld );
-	close( s );
+
+	ldap_ld_free(ld, 1);
 	return( NULL );
     }	
     ld->ld_sb.sb_sd = s;
@@ -120,8 +116,7 @@ cldap_open( char *host, int port )
 			    (char *)hp->h_addr_list[ i ],
 			    sizeof(sock.sin_addr.s_addr));
 		    if ( add_addr( ld, (struct sockaddr *)&sock ) < 0 ) {
-			close( s );
-			free( ld );
+			ldap_ld_free( ld, 1 );
 			return( NULL );
 		    }
 		}
@@ -129,8 +124,7 @@ cldap_open( char *host, int port )
 	    } else {
 		sock.sin_addr.s_addr = address;
 		if ( add_addr( ld, (struct sockaddr *)&sock ) < 0 ) {
-		    close( s );
-		    free( ld );
+		    ldap_ld_free( ld, 1 );
 		    return( NULL );
 		}
 	    }
@@ -144,8 +138,7 @@ cldap_open( char *host, int port )
 	address = INADDR_LOOPBACK;
 	sock.sin_addr.s_addr = htonl( address );
 	if ( add_addr( ld, (struct sockaddr *)&sock ) < 0 ) {
-	    close( s );
-	    free( ld );
+	    ldap_ld_free( ld, 1 );
 	    return( NULL );
 	}
     }
@@ -155,7 +148,7 @@ cldap_open( char *host, int port )
 	    || ( ld->ld_defconn = ldap_new_connection( ld, NULL, 1,0,0 )) == NULL
 #endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS */
 	    ) {
-	free( ld );
+	ldap_ld_free( ld, 0 );
 	return( NULL );
     }
 

libraries/libldap/init.c

@@ -8,6 +8,7 @@
 #include <ac/time.h>
 
 #include "ldap-int.h"
+#include "ldapconfig.h"
 
 struct ldapoptions openldap_ldap_global_options; 
 
@@ -16,6 +17,242 @@ struct ldapoptions openldap_ldap_global_options;
 
 int	openldap_ldap_initialized = 0;
 
+#define ATTR_NONE	0
+#define ATTR_BOOL	1
+#define ATTR_INT	2
+#define ATTR_KV		3
+#define ATTR_STRING	4
+
+struct ol_keyvalue {
+	char*		key;
+	int			value;
+};
+
+struct ol_keyvalue deref_kv[] = {
+	{"never", LDAP_DEREF_NEVER},
+	{"searching", LDAP_DEREF_SEARCHING},
+	{"finding", LDAP_DEREF_FINDING},
+	{"always", LDAP_DEREF_ALWAYS},
+	{NULL, 0}
+};
+
+struct ol_attribute {
+	int			type;
+	char*		name;
+	void*		data;
+	size_t		offset;
+} attrs[] = {
+	{ATTR_KV,		"DEREF",		&deref_kv,
+		offsetof(struct ldapoptions, ldo_deref)},
+	{ATTR_INT,		"SIZELIMIT",	NULL,
+		offsetof(struct ldapoptions, ldo_sizelimit)},
+	{ATTR_INT,		"TIMELIMIT",	NULL,
+		offsetof(struct ldapoptions, ldo_timelimit)},
+	{ATTR_STRING,	"BASE",			NULL,
+		offsetof(struct ldapoptions, ldo_defbase)},
+	{ATTR_STRING,	"HOST",			NULL,
+		offsetof(struct ldapoptions, ldo_defhost)},
+	{ATTR_INT,		"PORT",			NULL,
+		offsetof(struct ldapoptions, ldo_defport)},
+	{ATTR_BOOL,		"REFERRALS",	(void *) LDAP_BOOL_REFERRALS, 0},
+	{ATTR_BOOL,		"RESTART",		(void *) LDAP_BOOL_RESTART, 0},
+	{ATTR_BOOL,		"DNS",			(void *) LDAP_BOOL_DNS, 0},
+	{ATTR_NONE,	NULL, 0}
+};
+
+#define MAX_LDAP_ATTR_LEN  sizeof("SIZELIMIT")
+#define MAX_LDAP_ENV_PREFIX_LEN 8
+
+static void openldap_ldap_init_w_conf(const char *file)
+{
+	char buf[MAX_LDAP_ATTR_LEN];
+	char linebuf[128];
+	FILE *fp;
+	int i;
+	char *cmd, *opt;
+	char *start, *end;
+
+	fp = fopen(file, "r");
+	if(fp == NULL) {
+		/* could not open file */
+		return;
+	}
+
+	while((start = fgets(linebuf, sizeof(linebuf), fp)) != NULL) {
+		/* skip lines starting with '#' */
+		if(*start == '#') continue;
+
+		/* trim leading white space */
+		while((*start != '\0') && isspace(*start)) start++;
+
+		/* anything left? */
+		if(*start == '\0') continue;
+
+		/* trim trailing white space */
+		end = &start[strlen(start)-1];
+		while(isspace(*end)) end--;
+		end[1] = '\0';
+
+		/* anything left? */
+		if(*start == '\0') continue;
+		
+
+		/* parse the command */
+		cmd=start;
+		while((*start != '\0') && !isspace(*start)) {
+			start++;
+		}
+		if(*start == '\0') {
+			/* command has no argument */
+			continue;
+		} 
+
+		*start++ = '\0';
+
+		/* we must have some non-whitespace to skip */
+		while(isspace(*start)) start++;
+		opt = start;
+
+		for(i=0; attrs[i].type != ATTR_NONE; i++) {
+			void *p;
+
+			if(strcasecmp(cmd, attrs[i].name) != 0) {
+				continue;
+			}
+
+			p = &((char *) &gopts)[attrs[i].offset];
+
+			switch(attrs[i].type) {
+			case ATTR_BOOL:
+				if((strcasecmp(opt, "on") == 0) 
+					|| (strcasecmp(opt, "yes") == 0)
+					|| (strcasecmp(opt, "true") == 0))
+				{
+					LDAP_BOOL_SET(&gopts, (int) attrs[i].data);
+
+				} else {
+					LDAP_BOOL_CLR(&gopts, (int) attrs[i].data);
+				}
+
+				break;
+
+			case ATTR_INT:
+				* (int*) p = atoi(opt);
+				break;
+
+			case ATTR_KV: {
+					struct ol_keyvalue *kv;
+
+					for(kv = (struct ol_keyvalue *) attrs[i].data;
+						kv->key != NULL;
+						kv++) {
+
+						if(strcasecmp(opt, kv->key) == 0) {
+							* (int*) p = kv->value;
+							break;
+						}
+					}
+				} break;
+
+			case ATTR_STRING:
+				if (* (char**) p != NULL) free(* (char**) p);
+				* (char**) p = strdup(opt);
+				break;
+			}
+		}
+	}
+}
+
+static void openldap_ldap_init_w_userconf(const char *file)
+{
+	char *home = getenv("HOME");
+	char *path = malloc(strlen(home) + strlen(file) + 3);
+
+	/* try ~/file */
+	sprintf(path, "%s/%s", home, file);
+	openldap_ldap_init_w_conf(path);
+
+	/* try ~/.file */
+	sprintf(path, "%s/.%s", home, file);
+	openldap_ldap_init_w_conf(path);
+
+	/* try file */
+	openldap_ldap_init_w_conf(file);
+
+	/* try .file */
+	sprintf(path, "%s/.%s", home, file);
+	openldap_ldap_init_w_conf(path);
+}
+
+static void openldap_ldap_init_w_env(const char *prefix)
+{
+	char buf[MAX_LDAP_ATTR_LEN+MAX_LDAP_ENV_PREFIX_LEN];
+	int len;
+	int i;
+	void *p;
+	char *value;
+
+	if (prefix == NULL) {
+		prefix = DEFAULT_LDAP_ENV_PREFIX;
+	}
+
+	strncpy(buf, prefix, MAX_LDAP_ENV_PREFIX_LEN);
+	buf[MAX_LDAP_ENV_PREFIX_LEN] = '\0';
+	len = strlen(buf);
+
+	for(i=0; attrs[i].type != ATTR_NONE; i++) {
+		strcpy(&buf[len], attrs[i].name);
+		value = getenv(buf);
+
+		if(value == NULL) {
+			continue;
+		}
+
+		p = &((char *) &gopts)[attrs[i].offset];
+
+		switch(attrs[i].type) {
+		case ATTR_BOOL:
+			if((strcasecmp(value, "on") == 0) 
+				|| (strcasecmp(value, "yes") == 0)
+				|| (strcasecmp(value, "true") == 0))
+			{
+				LDAP_BOOL_SET(&gopts, (int) attrs[i].data);
+
+			} else {
+				LDAP_BOOL_CLR(&gopts, (int) attrs[i].data);
+			}
+			break;
+
+		case ATTR_INT:
+			* (int*) p = atoi(value);
+			break;
+
+		case ATTR_KV: {
+				struct ol_keyvalue *kv;
+
+				for(kv = (struct ol_keyvalue *) attrs[i].data;
+					kv->key != NULL;
+					kv++) {
+
+					if(strcasecmp(value, kv->key) == 0) {
+						* (int*) p = kv->value;
+						break;
+					}
+				}
+			} break;
+
+		case ATTR_STRING:
+			if (* (char**) p != NULL) free(* (char**) p);
+			if (*value == '\0') {
+				* (char**) p = NULL;
+			} else {
+				* (char**) p = strdup(value);
+			}
+			break;
+		}
+	}
+}
+
 void openldap_ldap_initialize( void )
 {
 	if ( openldap_ldap_initialized ) {
@@ -30,6 +267,8 @@ void openldap_ldap_initialize( void )
 	gopts.ldo_defhost = strdup("localhost");
 	gopts.ldo_defport = LDAP_PORT;
 
+	gopts.ldo_refhoplimit = LDAP_DEFAULT_REFHOPLIMIT;
+
 	LDAP_BOOL_ZERO(&gopts);
 
 #if defined( LDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS ) || \
@@ -37,5 +276,9 @@ void openldap_ldap_initialize( void )
 	LDAP_BOOL_SET(&gopts, LDAP_BOOL_REFERRALS);
 #endif
 
+	openldap_ldap_init_w_conf(DEFAULT_LDAP_CONF_FILE);
+	openldap_ldap_init_w_userconf(DEFAULT_LDAP_USERRC_FILE);
+	openldap_ldap_init_w_env(NULL);
+
 	openldap_ldap_initialized = 1;
 }

libraries/libldap/ldap-int.h

@@ -67,6 +67,7 @@ struct ldapoptions {
 	int		ldo_timelimit;
 	int		ldo_sizelimit;
 
+	char*	ldo_defbase;
 	char*	ldo_defhost;
 	int		ldo_defport;
 
@@ -90,6 +91,10 @@ struct ldap {
 #define ld_timelimit	ld_options.ldo_timelimit
 #define ld_sizelimit	ld_options.ldo_sizelimit
 
+#define ld_defbase		ld_options.ldo_defbase
+#define ld_defhost		ld_options.ldo_defhost
+#define ld_defport		ld_options.ldo_defport
+
 #define ld_cldaptries	ld_options.ldo_cldaptries
 #define ld_cldaptimeout	ld_options.ldo_cldaptimeout
 #define ld_refhoplimit	ld_options.ldo_refhoplimit
@@ -121,8 +126,6 @@ struct ldap {
 	char		*ld_cldapdn;	/* DN used in connectionless search */
 
 	/* do not mess with the rest though */
-	char		*ld_defhost;	/* full name of default server */
-	int		ld_defport;	/* port of default server */
 	BERTranslateProc ld_lber_encode_translate_proc;
 	BERTranslateProc ld_lber_decode_translate_proc;
 

libraries/libldap/open.c

@@ -53,6 +53,9 @@ ldap_open( char *host, int port )
 		return( NULL );
 	}
 
+	/* we'll assume we're talking version 2 for now */
+	ld->ld_version = LDAP_VERSION2;
+
 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS
 	if (( srv = (LDAPServer *)calloc( 1, sizeof( LDAPServer ))) ==
 	    NULL || ( ld->ld_defhost != NULL && ( srv->lsrv_host =
@@ -88,11 +91,11 @@ ldap_open( char *host, int port )
 /*
  * ldap_init - initialize the LDAP library.  A magic cookie to be used for
  * future communication is returned on success, NULL on failure.
- * "defhost" may be a space-separated list of hosts or IP addresses
+ * "host" may be a space-separated list of hosts or IP addresses
  *
  * Example:
  *	LDAP	*ld;
- *	ld = ldap_open( default_hostname, default_port );
+ *	ld = ldap_open( host, port );
  */
 LDAP *
 ldap_init( char *defhost, int defport )
@@ -146,38 +149,42 @@ ldap_init( char *defhost, int defport )
 		return( NULL );
 	}
 
+	/* copy the global options */
+	memcpy(&ld->ld_options, &openldap_ldap_global_options,
+		sizeof(ld->ld_options));
+
+	/* but not pointers to malloc'ed strings */
+	ld->ld_options.ldo_defbase = NULL;
+	ld->ld_options.ldo_defhost = NULL;
+
+	if ( defhost != NULL ) {
+		ld->ld_options.ldo_defhost = strdup( defhost );
+	} else {
+		ld->ld_options.ldo_defhost = strdup(
+			openldap_ldap_global_options.ldo_defhost);
+	}
+
+	if ( ld->ld_options.ldo_defhost == NULL ) {
+		free( (char*)ld );
+	    WSACleanup( );
+		return( NULL );
+	}
+
 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS
 	if (( ld->ld_selectinfo = ldap_new_select_info()) == NULL ) {
-		free( (char*)ld );
+		free( (char*) ld->ld_options.ldo_defhost );
+		free( (char*) ld->ld_options.ldo_defbase );
+		free( (char*) ld );
 	    WSACleanup( );
 		return( NULL );
 	}
-
-	LDAP_BOOL_ZERO(&ld->ld_options);
-	LDAP_BOOL_SET(&ld->ld_options, LDAP_BOOL_REFERRALS);
-#else
-	LDAP_BOOL_ZERO(&ld->ld_options);
 #endif
 
-	if ( defhost != NULL &&
-	    ( ld->ld_defhost = strdup( defhost )) == NULL ) {
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS
-		ldap_free_select_info( ld->ld_selectinfo );
-#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS */
-		free( (char*)ld );
-	    WSACleanup( );
-		return( NULL );
+	if(defport != 0) {
+		ld->ld_defport = defport;
 	}
 
-
-	ld->ld_defport = ( defport == 0 ) ? LDAP_PORT : defport;
-	ld->ld_version = LDAP_VERSION;
 	ld->ld_lberoptions = LBER_USE_DER;
-	ld->ld_options.ldo_refhoplimit = LDAP_DEFAULT_REFHOPLIMIT;
-
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS
-	LDAP_BOOL_SET(&ld->ld_options, LDAP_BOOL_REFERRALS);
-#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS */
 
 #if defined( STR_TRANSLATION ) && defined( LDAP_DEFAULT_CHARSET )
 	ld->ld_lberoptions |= LBER_TRANSLATE_STRINGS;

libraries/libldap/options.c

@@ -112,12 +112,11 @@ ldap_get_option(
 		return 0;
 
 	case LDAP_OPT_PROTOCOL_VERSION:
-		if(ld == NULL) {
-			/* bad param */
-			break;
-		} 
-
-		* (int *) outvalue = ld->ld_version;
+		if ((ld != NULL) && ld->ld_version) {
+			* (int *) outvalue = ld->ld_version;
+		} else { 
+			* (int *) outvalue = lo->ldo_version;
+		}
 		return 0;
 
 	case LDAP_OPT_SERVER_CONTROLS:
@@ -126,11 +125,13 @@ ldap_get_option(
 		break;
 
 	case LDAP_OPT_HOST_NAME:
-		if(ld == NULL) {
-			/* bad param */
-			break;
-		} 
-		* (char **) outvalue = ld->ld_host;
+		/*
+		 * draft-ietf-ldapext-ldap-c-api-01 doesn't state
+		 * whether client to have to free host names or no,
+		 * we do
+		 */
+
+		* (char **) outvalue = strdup(lo->ldo_defhost);
 		return 0;
 
 	case LDAP_OPT_ERROR_NUMBER:
@@ -147,6 +148,17 @@ ldap_get_option(
 			/* bad param */
 			break;
 		} 
+
+		/*
+		 * draft-ietf-ldapext-ldap-c-api-01 doesn't require
+		 *	the client to have to free error strings, we do
+		 */
+
+		if( ld->ld_error == NULL ) {
+			* (char **) outvalue = NULL;
+		} else {
+			* (char **) outvalue = strdup(ld->ld_error);
+		}
 		break;
 
 	default:
@@ -225,11 +237,73 @@ ldap_set_option(
 
 	case LDAP_OPT_SERVER_CONTROLS:
 	case LDAP_OPT_CLIENT_CONTROLS:
-	case LDAP_OPT_HOST_NAME:
-	case LDAP_OPT_ERROR_NUMBER:
-	case LDAP_OPT_ERROR_STRING:
 		/* not yet supported */
 		break;
+
+	case LDAP_OPT_HOST_NAME: {
+			char* host = * (char **) invalue;
+
+			if(lo->ldo_defhost != NULL) {
+				free(lo->ldo_defhost);
+				lo->ldo_defhost = NULL;
+			}
+
+			if(host != NULL) {
+				lo->ldo_defhost = strdup(host);
+				return 0;
+			}
+
+			if(ld == NULL) {
+				/*
+				 * must want global default returned
+				 * to initial condition.
+				 */
+				lo->ldo_defhost = strdup("localhost");
+
+			} else {
+				/*
+				 * must want the session default
+				 *   updated to the current global default
+				 */
+				lo->ldo_defhost = strdup(
+					openldap_ldap_global_options.ldo_defhost);
+			}
+		} return 0;
+
+	case LDAP_OPT_ERROR_NUMBER: {
+			int err = * (int *) invalue;
+
+			if (err != 0 ) {
+				/* not supported */
+				/* we only allow ld_errno to be cleared. */
+				break;
+			}
+
+			if(ld == NULL) {
+				/* need a struct ldap */
+				break;
+			}
+
+			ld->ld_errno = err;
+		} return 0;
+
+	case LDAP_OPT_ERROR_STRING: {
+			char* err = * (char **) invalue;
+
+			if (err != NULL ) {
+				/* not supported */
+				/* we only allow ld_error to be cleared. */
+				break;
+			}
+
+			if(ld == NULL) {
+				/* need a struct ldap */
+				break;
+			}
+
+			ld->ld_error = err;
+		} return 0;
+
 	default:
 		/* bad param */
 		break;

libraries/libldap/unbind.c

@@ -98,8 +98,11 @@ ldap_ld_free( LDAP *ld, int close )
 		ldap_free_select_info( ld->ld_selectinfo );
 #endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS */
 
-	if ( ld->ld_defhost != NULL )
-		free( ld->ld_defhost );
+	if ( ld->ld_options.ldo_defbase != NULL )
+		free( ld->ld_options.ldo_defbase );
+
+	if ( ld->ld_options.ldo_defhost != NULL )
+		free( ld->ld_options.ldo_defhost );
 
 	free( (char *) ld );
 

servers/slapd/tools/centipede.c

@@ -11,7 +11,6 @@
 #include <lber.h>
 #include <ldap.h>
 
-#include <ldapconfig.h>
 #include <ldbm.h>
 
 #define DEFAULT_LDAPFILTER	"(objectclass=*)"
@@ -89,8 +88,8 @@ main( int argc, char **argv )
 
 	ldapsrcurl = NULL;
 	ldapdesturl = NULL;
-	ldaphost = LDAPHOST;
-	ldapbase = DEFAULT_BASE;
+	ldaphost = NULL;
+	ldapbase = NULL;
 	srcldapauthmethod = LDAP_AUTH_SIMPLE;
 	destldapauthmethod = LDAP_AUTH_SIMPLE;
 	srcldapbinddn = NULL;