Your message dated Sat, 31 Aug 2013 00:13:04 +0200
with message-id <[email protected]>
and subject line Re: Bug#425379: closed by Richard A Nelson (Rick)
<[email protected]> (Bug#425379: fixed in libnss-ldap 258-1)
has caused the Debian Bug report #425379,
regarding libnss-ldap: Can't connect to ldap server anymore
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
425379: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=425379
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libnss-ldap
Version: 255-1
Severity: important
Hi,
When upgrading from 251-7.5 libnss-ldap starts failing. Debug shows the
following:
ldap_connect_to_host: Trying 2001:610:1118:0:204:75ff:fe95:b60 389
ldap_connect_timeout: fd: 4 tm: 30 async: 0
ldap_ndelay_on: 4
ldap_is_sock_ready: 4
ldap_ndelay_off: 4
ldap_int_sasl_open: host=challenger.ipv6.spacelabs.nl
tls_write: want=73, written=73
0000: 16 03 01 00 44 01 00 00 40 03 01 46 51 6f ed 4f [email protected]íO
0010: 9c 6d 09 09 8e a8 5f 00 b6 a8 e2 26 c4 80 18 18 .m...¨_.¶¨â&Ä...
0020: 80 a3 8e 24 0e 39 27 9b 6d 78 ad 00 00 18 00 33 .£.$.9'.mx....3
0030: 00 16 00 39 00 2f 00 0a 00 35 00 05 00 04 00 32 ...9./...5.....2
0040: 00 13 00 38 00 66 02 01 00 ...8.f...
tls_read: want=5, got=0
TLS: can't connect.
ldap_err2string
ldap_err2string
Our ldap server is using a self-signed certificate and ``TLS_REQCERT never''
is specified in /etc/ldap/ldap.conf..
Yes i know, this is not the most secure setup and we should fix it sometime..
But it should still work :)
Sjoerd
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.20-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=nl_NL (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash
Versions of packages libnss-ldap depends on:
ii debconf [debconf-2.0] 1.5.13 Debian configuration management sy
ii libc6 2.5-8 GNU C Library: Shared libraries
ii libkrb53 1.6.dfsg.1-4 MIT Kerberos runtime libraries
ii libldap2 2.1.30-13.4 OpenLDAP libraries
Versions of packages libnss-ldap recommends:
ii libpam-ldap 184-1 Pluggable Authentication Module al
ii nscd 2.5-8 GNU C Library: Name Service Cache
-- debconf information:
* libnss-ldap/dblogin: false
* libnss-ldap/override: false
* shared/ldapns/base-dn: ou=Users,dc=spacelabs,dc=nl
* shared/ldapns/ldap-server: 127.0.0.1
* libnss-ldap/confperm: false
* libnss-ldap/rootbinddn: cn=manager,dc=example,dc=net
* shared/ldapns/ldap_version: 3
libnss-ldap/binddn: cn=proxyuser,dc=example,dc=net
* libnss-ldap/nsswitch:
* libnss-ldap/dbrootlogin: true
--- End Message ---
--- Begin Message ---
Version: libnss-ldap/264-1
Control: retitle -1 libnss-ldap: uses wrong port for ldaps:// URLs
Control: tags -1 + upstream
Control: forwarded -1 http://bugzilla.padl.com/show_bug.cgi?id=379
On Sat, 2008-01-05 at 13:13 +0100, Sjoerd Simons wrote:
> Unfortunately, it still goes wrong.. I'm seeing libnss-ldap trying to connect
> to port 389, while the config says ldaps.
According to:
http://bugzilla.padl.com/show_bug.cgi?id=379
this problem was fixed in version 264 so I'm closing this bug.
If you can still reproduce the problem, feel free to re-open this bug.
Thanks,
--
-- arthur - [email protected] - http://people.debian.org/~adejong --
signature.asc
Description: This is a digitally signed message part
--- End Message ---
