Your message dated Mon, 17 Mar 2008 19:22:48 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Re: Bug#471354: libgnutls13: gnutls13=1.4.4-3 causes pam_ldap
failures based on transfer size
has caused the Debian Bug report #471354,
regarding libgnutls13: gnutls13=1.4.4-3 causes pam_ldap failures based on
transfer size
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
471354: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=471354
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: libgnutls13
Version: 1.4.4-3
Severity: normal
#470509 turns out to be caused by the version of libgnutls13 - if the
version from stable (1.4.4-3) is in use pam_ldap will return an
incorrect authentication error because the ldap_search_s() call will
fail when gnutls_read() returns an internal error while reading a large
record (e.g. an LDAP record which contains a jpegPhoto attribute):
Mar 14 09:30:47 etch-dev su[17362]: SSL_read() failed: gnutls_read() returned
-59: GnuTLS internal error.
I have submitted a pam_ldap patch which does not retrieve the entire
record since it's unnecessary to transfer that much data but I suspect
that the same internal error could affect other programs. Upgrading to
the version in testing solves the problem.
Chris
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (990, 'stable'), (500, 'testing')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-6-686
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages libgnutls13 depends on:
ii libc6 2.7-6 GNU C Library: Shared libraries
ii libgcrypt11 1.4.0-3 LGPL Crypto library - runtime libr
ii libgpg-error0 1.4-2 library for common error values an
ii liblzo1 1.08-3 data compression library (old vers
ii libopencdk8 0.5.9-2 Open Crypto Development Kit (OpenC
ii libtasn1-3 0.3.6-2 Manage ASN.1 structures (runtime)
ii zlib1g 1:1.2.3.3.dfsg-11 compression library - runtime
libgnutls13 recommends no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Version: 2.0.4-3
On 2008-03-17 Chris Adams <[EMAIL PROTECTED]> wrote:
> Package: libgnutls13
> Version: 1.4.4-3
> Severity: normal
> #470509 turns out to be caused by the version of libgnutls13 - if the
> version from stable (1.4.4-3) is in use pam_ldap will return an
> incorrect authentication error because the ldap_search_s() call will
> fail when gnutls_read() returns an internal error while reading a large
> record (e.g. an LDAP record which contains a jpegPhoto attribute):
> Mar 14 09:30:47 etch-dev su[17362]: SSL_read() failed: gnutls_read()
> returned -59: GnuTLS internal error.
> I have submitted a pam_ldap patch which does not retrieve the entire
> record since it's unnecessary to transfer that much data but I suspect
> that the same internal error could affect other programs.
Thanks for the report.
> Upgrading to
> the version in testing solves the problem.
Ok. I am marking the bug as fixed in that version. Since this is not
rc (speak up if you disagree), that is probably going to be the only
action I am taking.
cu andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
--- End Message ---
