Re: [courier-users] ldap error in authldap: ldap_simple_bind_s failed: Protocol error

[Chad Leigh -- Shire . Net LLC]

I kind of fixed it.  I added "allow bind_v2" to  my slapd.conf file and 
now courier can attach to the openldap slapd server.  I looked around 
the courier source and did not see where it was setting the protocol 
version to a v2.  I only saw a #define'd symbol from ldap.h that 
courier was using, that looked like a binary 3 (0011), so I don't know 
what was going on.  However, it now works.

thanks
Chad
On Saturday, Mar 8, 2003, at 20:51 US/Mountain, Chad Leigh -- Shire.Net 
LLC wrote:

Here is a follow up.  The debug output of the OpenLDAP server says 
"requested protocol version not allowed" .  I am not an LDAP guru so I 
don't know what that means...

do_bind: version=2 dn="cn=Manager,dc=shire,dc=net" method=128
send_ldap_result: conn=0 op=0 p=2
send_ldap_response: msgid=1 tag=97 err=2
ber_flush: 52 bytes to sd 12
  0000:  30 32 02 01 01 61 2d 0a  01 02 04 00 04 26 72 65   
02...a-......&re
  0010:  71 75 65 73 74 65 64 20  70 72 6f 74 6f 63 6f 6c   quested 
protocol
  0020:  20 76 65 72 73 69 6f 6e  20 6e 6f 74 20 61 6c 6c    version 
not all
  0030:  6f 77 65 64                                        owed
ldap_write: want=52, written=52
  0000:  30 32 02 01 01 61 2d 0a  01 02 04 00 04 26 72 65   
02...a-......&re
  0010:  71 75 65 73 74 65 64 20  70 72 6f 74 6f 63 6f 6c   quested 
protocol
  0020:  20 76 65 72 73 69 6f 6e  20 6e 6f 74 20 61 6c 6c    version 
not all
  0030:  6f 77 65 64                                        owed
connection_get(12): got connid=0
connection_read(12): checking for input on id=0
ber_get_next
ldap_read: want=9, got=7
  0000:  30 05 02 01 02 42 00                               0....B.
ber_get_next: tag 0x30 len 5 contents:
ber_get_next
ldap_read: want=9, got=0

On Saturday, Mar 8, 2003, at 14:54 US/Mountain, Chad Leigh -- 
Shire.Net LLC wrote:

Hi

On my Linux machine, I am getting an error when authldap is trying to 
authenticate an imap login.

The message in /var/log/messages is

Mar  8 14:03:04 object authdaemond.ldap: ldap_simple_bind_s failed: 
Protocol error

I have made sure that the courier-imap 1.7.0 is linked against the 
same libraries as the OpenLDAP server v2.1.4 that it is trying to 
bind against.

My exim mta can talk to the OpenLDAP server fine, and all the various 
ldap* and slap* commands work fine.

The exact same authldaprc configuration (with changes to point to the 
correct server) works with my earlier courier-imap 1.4.x and OpenLDAP 
v2.0.x I have running on my FreeBSD system, and the ldap database it 
is going against has an identical schema.

I have googled on the error message, but the results did not tell me 
much, unfortunately.

below, after my name, is the openldap slpad debug info it dumps when 
the imap tries to authenticate

Any hints or help appreciated

Thanks
Chad
daemon: activity on 1 descriptors
daemon: new connection on 12
daemon: added 12r
daemon: activity on:
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: activity on: 12r
daemon: read activity on 12
connection_get(12): got connid=13
connection_read(12): checking for input on id=13
ber_get_next
ber_get_next: tag 0x30 len 46 contents:
ber_get_next
ber_get_next on fd 12 failed errno=11 (Resource temporarily 
unavailable)
do_bind
ber_scanf fmt ({imt) ber:
ber_scanf fmt (m}) ber:
>>> dnPrettyNormal: <cn=Manager, dc=shire, dc=net>
=> ldap_bv2dn(cn=Manager, dc=shire, dc=net,0)
<= ldap_bv2dn(cn=Manager, dc=shire, dc=net,0)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=Manager,dc=shire,dc=net,272)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=manager,dc=shire,dc=net,272)=0
<<< dnPrettyNormal: <cn=Manager,dc=shire,dc=net>, 
<cn=manager,dc=shire,dc=net>
do_bind: version=2 dn="cn=Manager,dc=shire,dc=net" method=128
send_ldap_result: conn=13 op=0 p=2
send_ldap_response: msgid=1 tag=97 err=2
ber_flush: 52 bytes to sd 12
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: activity on: 12r
daemon: read activity on 12
connection_get(12): got connid=13
connection_read(12): checking for input on id=13
ber_get_next
ber_get_next: tag 0x30 len 5 contents:
ber_get_next
ber_get_next on fd 12 failed errno=0 (Success)
connection_read(12): input error=-2 id=13, closing.
connection_closing: readying conn=13 sd=12 for close
connection_close: deferring conn=13 sd=12
do_unbind
connection_resched: attempting closing conn=13 sd=12
connection_close: conn=13 sd=12
daemon: removing 12
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: new connection on 12
daemon: added 12r
daemon: activity on:
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: activity on: 12r
daemon: read activity on 12
connection_get(12): got connid=14
connection_read(12): checking for input on id=14
ber_get_next
ber_get_next: tag 0x30 len 46 contents:
ber_get_next
ber_get_next on fd 12 failed errno=11 (Resource temporarily 
unavailable)
do_bind
ber_scanf fmt ({imt) ber:
ber_scanf fmt (m}) ber:
>>> dnPrettyNormal: <cn=Manager, dc=shire, dc=net>
=> ldap_bv2dn(cn=Manager, dc=shire, dc=net,0)
<= ldap_bv2dn(cn=Manager, dc=shire, dc=net,0)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=Manager,dc=shire,dc=net,272)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=manager,dc=shire,dc=net,272)=0
<<< dnPrettyNormal: <cn=Manager,dc=shire,dc=net>, 
<cn=manager,dc=shire,dc=net>
do_bind: version=2 dn="cn=Manager,dc=shire,dc=net" method=128
send_ldap_result: conn=14 op=0 p=2
send_ldap_response: msgid=1 tag=97 err=2
ber_flush: 52 bytes to sd 12
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: activity on: 12r
daemon: read activity on 12
connection_get(12): got connid=14
connection_read(12): checking for input on id=14
ber_get_next
ber_get_next: tag 0x30 len 5 contents:
ber_get_next
ber_get_next on fd 12 failed errno=0 (Success)
connection_read(12): input error=-2 id=14, closing.
connection_closing: readying conn=14 sd=12 for close
connection_close: deferring conn=14 sd=12
do_unbind
connection_resched: attempting closing conn=14 sd=12
connection_close: conn=14 sd=12
daemon: removing 12
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: select: listen=6 active_threads=0 tvp=NULL



-------------------------------------------------------
This SF.net email is sponsored by: Etnus, makers of TotalView, The 
debugger for complex code. Debugging C/C++ programs can leave you 
feeling lost and disoriented. TotalView can help you find your way. 
Available on major UNIX and Linux platforms. Try it free. > 
www.etnus.com
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: 
https://lists.sourceforge.net/lists/listinfo/courier-users


-------------------------------------------------------
This SF.net email is sponsored by: Etnus, makers of TotalView, The 
debugger for complex code. Debugging C/C++ programs can leave you 
feeling lost and disoriented. TotalView can help you find your way. 
Available on major UNIX and Linux platforms. Try it free. > www.etnus.com
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users


-------------------------------------------------------
This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger 
for complex code. Debugging C/C++ programs can leave you feeling lost and 
disoriented. TotalView can help you find your way. Available on major UNIX 
and Linux platforms. Try it free. www.etnus.com
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users