Date: Mon, 22 May 2006 08:08:19 +1000 >From: Alexander Samad <a...@samad.com.au> >------------- >Body: On Sun, May 21, 2006 at 02:17:04PM -0500, Steve Langasek wrote: >> On Sun, May 21, 2006 at 07:25:38PM +1000, Alexander Samad wrote: >> > Package: sudo-ldap >> > Version: 1.6.8p12-4 >> > Severity: grave >> > Justification: renders package unusable >> >> > I have setup sudo-ldap to use the local ldap db. My /etc/ldap/ldap.conf >> > has >> >> > uri ldap://127.0.0.1 >> >> > when I change this to >> >> > uri ldaps://hufpuf.lan1.hme1.samad.com.au >> >> > it faills and I get with with debuging turned on >> >> > LDAP Config Summary >> > =================== >> > uri ldaps://hufpuf.lan1.hme1.samad.com.au >> > ldap_version 3 >> > sudoers_base ou=SUDOers,dc=samad,dc=com,dc=au >> > binddn (anonymous) >> > bindpw (anonymous) >> > ssl (no) >> > =================== >> > ldap_initialize(ld,ldaps://hufpuf.lan1.hme1.samad.com.au) >> > ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,0x03) >> > ldap_simple_bind_s()=81 : Can't contact LDAP server >> >> Why do you say that this is a sudo-ldap bug? What tests have you done to >> verify that this isn't a network/firewall bug or a libldap bug? > >Hi > >I configure a working system to start with. The ldap server is on the >same machine, there are no iptable entries. libnss-ldap and libpam-ldap >work when I make the change from ldap://127.0.0.1 to >ldaps://hufpuf.lan1.hme1.samad.com.au > >when I turn on logging from openldap I notice a connection being made >and then I notice the connectect is closed, no bind is attempted. > >I can't rule out a libldap bug how can I test this ? > >when I use ldapsearch with anon ldaps:// it works, but it links against >the 2.2 ldaplibraries. > > >> >> -- >> Steve Langasek Give me a lever long enough and a Free OS >> Debian Developer to set it on, and I can move the world. >> vor...@debian.org http://www.debian.org/ >>