Futher debug of race condition in 0.9.6b/c
sshd/ftpd/telnetd - pam_ldap - libldap - libssl/libcrypto To recap, when my dual processor Pentium III is idle, I *always* get a return value of 0 from SSL_connect. If I bog down the box, I get 1 and everything works (login sucessful). I added a check for SSL_get_error, and I get SSL_ERROR_SYSCALL. I check the error queue with ERR_get_error() My luck, I get 0 back from ERR_get_error(). The man page says, if ERR_get_error returns 0, an EOF was observed that violates the protocol. sigh I just want my LDAP authentication to work on these two machines out of about a dozen where it works fine. The machines that work are slower 500Mhz boxes, and the failure on a dual P3, and a single CPU AMD 1700+. pam_ldap is using libldap (further using OpenSSL) to do a starttls connection against a remote OpenLDAP server. I'm just banging my head against the keyboard here. Dax __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: Futher debug of race condition in 0.9.6b/c
On Fri, 8 Feb 2002, Howard Chu wrote: Try using strace to log all system calls. Until you know which calls have failed, it's tough to isolate what's going on. when using strace on sshd, I couldn't get it to fail. Not using strace, it fails every time. Dax __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Futher debug of race condition in 0.9.6b/c
On Fri, Feb 08, 2002 at 01:53:11AM -0700, Dax Kelson wrote: sshd/ftpd/telnetd - pam_ldap - libldap - libssl/libcrypto To recap, when my dual processor Pentium III is idle, I *always* get a return value of 0 from SSL_connect. If I bog down the box, I get 1 and everything works (login sucessful). I added a check for SSL_get_error, and I get SSL_ERROR_SYSCALL. I check the error queue with ERR_get_error() My luck, I get 0 back from ERR_get_error(). The man page says, if ERR_get_error returns 0, an EOF was observed that violates the protocol. sigh I just want my LDAP authentication to work on these two machines out of about a dozen where it works fine. The machines that work are slower 500Mhz boxes, and the failure on a dual P3, and a single CPU AMD 1700+. pam_ldap is using libldap (further using OpenSSL) to do a starttls connection against a remote OpenLDAP server. I'm just banging my head against the keyboard here. Start by using ssldump (http://www.rtfm.com/ssldump). We really need to see what is going over the wire... (an EOF... would mean that it is the peer closing the connection... is this really true?). Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]