I'm using the original trivial-ldap.
I modified the code to avoid to use usocket while using lispworks.
It could be usefull to add the modifications to your trivial-ldap.

Here are the modifications

(defpackage :trivial-ldap
(:use :cl-user :common-lisp
#-lispworks :usocket)
...

-lispworks

(defmethod get-stream ((ldap ldap))
"Open a usocket to the ldap server and set the ldap object's slot.
If the port number is 636 or the SSLflag is not null, the stream
will be made with CL+SSL."
(let ((existing-stream (ldapstream ldap)))
(unless (and (streamp existing-stream)
(open-stream-p existing-stream))
(let* ((sock (usocket:socket-connect (host ldap) (port ldap)
:element-type '(unsigned-byte 8)))
(stream
(if (or (sslflag ldap) (= (port ldap) 636))
(cl+ssl:make-ssl-client-stream (usocket:socket-stream sock))
(usocket:socket-stream sock))))
(debug-mesg ldap "Opening socket and stream.")
(setf (ldapsock ldap) sock)
(setf (ldapstream ldap) stream))))
(ldapstream ldap))

-lispworks

(defmethod close-stream ((ldap ldap))
"Close an ldap connection if it is currently open."
(let ((existing-stream (ldapstream ldap))
(existing-sock (ldapsock ldap)))
(when (and (streamp existing-stream) (open-stream-p existing-stream))
(ignore-errors
(setf (ldapstream ldap) nil)
(setf (ldapsock ldap) nil)
(close existing-stream)
(usocket:socket-close existing-sock)))))

+lispworks

(defmethod get-stream ((ldap ldap))
"Open a usocket to the ldap server and set the ldap object's slot.
If the port number is 636 or the SSLflag is not null, the stream
will be made with CL+SSL."
(let ((connection-timeout 20)
(read-timeout 20)
(write-timeout 20)
(existing-stream (ldapstream ldap))
(certificate-path (certificate-path ldap)))
(unless (and (streamp existing-stream)
(open-stream-p existing-stream))
(let* ((ssl-ctx (when (or (sslflag ldap) (= (port ldap) 636))
(comm:make-ssl-ctx :ssl-side :client)))
stream)
(when (and ssl-ctx certificate-path)
#+ignore ;; To test
(comm:ssl-ctx-use-certificate-file ssl-ctx
certificate-path
comm:SSL_FILETYPE_PEM)
)
(setf stream (comm:open-tcp-stream (host ldap) (port ldap)
:element-type '(unsigned-byte 8)
:timeout connection-timeout
:read-timeout read-timeout
:ssl-ctx ssl-ctx
#-:lw-does-not-have-write-timeout
:write-timeout
#-:lw-does-not-have-write-timeout
write-timeout
:errorp t))
(debug-mesg ldap "Opening socket and stream.")
(setf (ldapstream ldap) stream))
))
(ldapstream ldap))

+lispworks

(defmethod close-stream ((ldap ldap))
"Close an ldap connection if it is currently open."
(let ((existing-stream (ldapstream ldap)))
(when (and (streamp existing-stream) (open-stream-p existing-stream))
(ignore-errors
(setf (ldapstream ldap) nil)
(close existing-stream)
))))

Regards

Fazerty

I was using `ldap:search' to figure whether some user exists in a given directory using this code:

(ldap:search conn `(and (= :uid ,some-user)) :attributes nil)

Somewhat unexpectedly, this seems to retrieve all attributes, because I'm getting this error:

Probably a binary field: jpegPhoto
   [Condition of type TRIVIAL-LDAP:PROBABLY-BINARY-FIELD-ERROR]

My workaround is to pass some dummy attribute name to the attributes argument, but it seems like nil should work there. Am I doing something wrong?

When I try to build trivial-ldap I get a failure "The function COMMON-LISP:SPEED is undefined".

http://report.quicklisp.org/trivial-ldap/2013-01-24/failtail.txt - I think this points to the use of DECLARE at the top level rather than DECLAIM or PROCLAIM or something.

The handling of RDNs, esp. in rdn-from-dn is too trivial. rdn-from-dn breaks on backslash-escaped
characters. Example:

cn=Acme\, Baltimore,c=United States...
Expected: (:cn "Acme, Baltimore")
Got: (:cn "Acme")

and can't handle multi-valued RDNs. Example:

uid=123+gid=456,o=acme
Expoected: ((:uid 123) (:gid 456))
Got: (:uid "123+gid=456")

trivial-ldap.lisp contains the following declaim:

(declaim (optimize (speed 3) (safety 1) (debug 1) (compilation-speed 0)))

According to the CLHS, the effects of such a declaration may persist after that file is compiled. In particular, that is the case in Allegro CL and it causes all subsequent compilation to occur with speed > safety, which can be disastrous. :-)

I'm inclined to suggest simply removing the declaration, but other options include (a) using ASDF's facilities to restrict the declaim to specific files or (b) replacing declaim with declares in specific hotspots.

ldap:new-entry seems to create strange entries:

CL-USER> (inspect  (ldap:new-entry "cn=manager,dc=example,dc=com" 
                                   :attrs '((objectclass . organizationalrole))))

The object is a STANDARD-OBJECT of type TRIVIAL-LDAP:ENTRY.
0. DN: "cn=manager,dc=example,dc=com"
1. RDN: "cn=manager"
2. ATTRS: ((:CN "manager") (OBJECTCLASS . ORGANIZATIONALROLE))

First, OBJECTCLASS should be a keyword and not a symbol in the
current package and second, the second entry in the attrs-list is a pair,
not a list (this is from the example.lisp file. Maybe the examples should
be updated?).