LDAP: Test TLS_PROTOCOL_MAX

Author: bukka

.github/scripts/setup-slapd.sh

@@ -163,6 +163,47 @@ EOF
 
 sudo service slapd restart
 
+
+
+# Debug: Test TLS_PROTOCOL_MAX setting like the failing PHP test
+echo "=== TLS DEBUG: Testing TLS_PROTOCOL_MAX 3.2 ==="
+TEMP_LDAP_CONF=$(mktemp)
+echo 'TLS_PROTOCOL_MAX 3.2' > "$TEMP_LDAP_CONF"
+
+echo "Debug info:"
+echo "  Temp config file: $TEMP_LDAP_CONF"
+echo "  Contents:"
+cat "$TEMP_LDAP_CONF"
+echo ""
+
+echo "Testing if LDAPCONF environment variable is being used:"
+echo "  Default system config:"
+cat /etc/ldap/ldap.conf 2>/dev/null || echo "  No system ldap.conf found"
+echo ""
+
+echo "  Testing with explicit -o ldapconf option:"
+ldapsearch -o ldapconf="$TEMP_LDAP_CONF" -H ldap://localhost -D cn=Manager,dc=my-domain,dc=com -w secret -s base -b dc=my-domain,dc=com -Z 'objectclass=*' >/dev/null 2>&1
+explicit_rt=$?
+echo "  Result with -o ldapconf: $([ $explicit_rt -eq 0 ] && echo 'SUCCESS (unexpected)' || echo 'FAILED (expected)')"
+
+echo "  Testing with LDAPCONF environment variable:"
+LDAPCONF="$TEMP_LDAP_CONF" ldapsearch -H ldap://localhost -D cn=Manager,dc=my-domain,dc=com -w secret -s base -b dc=my-domain,dc=com -Z 'objectclass=*' >/dev/null 2>&1
+env_rt=$?
+echo "  Result with LDAPCONF env: $([ $env_rt -eq 0 ] && echo 'SUCCESS (unexpected)' || echo 'FAILED (expected)')"
+
+echo "  Testing with verbose output to see what config is being used:"
+echo "  Command: LDAPCONF=\"$TEMP_LDAP_CONF\" ldapsearch -v -H ldap://localhost -Z -s base -b \"\" 2>&1 | head -10"
+LDAPCONF="$TEMP_LDAP_CONF" ldapsearch -v -H ldap://localhost -Z -s base -b "" 2>&1 | head -10
+
+echo ""
+echo "  Checking OpenLDAP version and library info:"
+ldapsearch -VV 2>&1 | head -5
+
+rm -f "$TEMP_LDAP_CONF"
+echo ""
+
+exit 1
+
 # Verify TLS connection
 tries=0
 while : ; do
@@ -182,3 +223,4 @@ while : ; do
 		fi
 	fi
 done
+