Dne út 23. duben 2002 12:55 jste napsal(a):
> Hi,
>
> I commited the first patches to the CVS. Later this day I will publish a
> new snapshot.
>
> The issuer is not yet fixed. It shows the DN in the order which OpenSSL
> uses.
>
> Michael
Looks good, thanks very much
I found some other bugs (or misconfigurations at my side) in new snap
1. Something wrong is in the root Makefile.
When I type "make help" "make ca" or "make ext", it automaticly run "make
configure" without any reason.
I remember this errorr, from some older snap. (04/10/02 maybe). My solution
was to comment lines for the configure option in Makefile, then is it ok.
2. cetificates cannot be added to the LDAP
When I check LDAP after adding certificate, there are new lines inserted, but
the binary sections has 0b size.
>From OpenCA I only recieved error message "certificate 4 FAILED"
Following I attached the openldap debug output. I started LDAP with
"/usr/local/libexec/slapd -d1 2>errfile", then I tryed to add cert to the
LDAP from RA page and stoped LDAP.
Because i'm using LDAP shortly and the output is too long, it's not possible
for me to find the problem :(
3. File openca.ldif from /contrib/openldap can't be added to ldap, because
ldap don't know attribute "o" for Organization Units.
(Removing these lines fixed these problem.)
4. I cannot aprove request by RA with signing
recieved error "Sign is needed to proceed"
where can I add the sign to the RA?
nonimportant questions ;-)
Why are the links "LDAP Admin" and "LDAP Search" inactive at RA page?
My error-ssl.log is full of "unable to write 'random state'" messages. Do you
know, what should be wrong?
--
===================================
Josef "jose" Vesely
mail: [EMAIL PROTECTED], ICQ: 27347332
Faculty of Informatics, Masaryk university
Brno, Czech Republic
===================================
<LDAP debug output>
@(#) $OpenLDAP: slapd 2.0.23-Release (Út úno 26 23:34:05 CET 2002) $
[EMAIL PROTECTED]:/usr/src/RPM/BUILD/openldap-2.0.23/servers/slapd
daemon_init: listen on ldap:///
daemon_init: 1 listeners to open...
ldap_url_parse_ext(ldap:///)
daemon: socket() failed errno=97 (Address family not supported by protocol)
daemon: initialized ldap:///
daemon_init: 1 listeners opened
slapd init: initiated server.
slapd startup: initiated.
slapd starting
connection_get(12): got connid=0
connection_read(12): checking for input on id=0
ber_get_next
ber_get_next: tag 0x30 len 54 contents:
do_bind
ber_get_next
ber_get_next on fd 12 failed errno=11 (Resource temporarily unavailable)
ber_scanf fmt ({iat) ber:
ber_scanf fmt (o}) ber:
do_bind: version=2 dn="cn=Manager,o=Jose-OpenCA server,c=CZ" method=128
dn2entry_r: dn: "CN=MANAGER,O=JOSE-OPENCA SERVER,C=CZ"
=> dn2id( "CN=MANAGER,O=JOSE-OPENCA SERVER,C=CZ" )
=> ldbm_cache_open( "dn2id.dbb", 9, 600 )
<= ldbm_cache_open (opened 0)
<= dn2id NOID
dn2entry_r: dn: "O=JOSE-OPENCA SERVER,C=CZ"
=> dn2id( "O=JOSE-OPENCA SERVER,C=CZ" )
=> ldbm_cache_open( "dn2id.dbb", 9, 600 )
<= ldbm_cache_open (cache 0)
<= dn2id 20
=> id2entry_r( 20 )
=> ldbm_cache_open( "id2entry.dbb", 9, 600 )
<= ldbm_cache_open (opened 1)
=> str2entry
<= str2entry(o=Jose-OpenCA server, c=CZ) -> -1 (0x80dc3f0)
<= id2entry_r( 20 ) 0x80dc3f0 (disk)
====> cache_return_entry_r( 20 ): created (0)
do_bind: v2 bind: "cn=Manager,o=Jose-OpenCA server,c=CZ" to
"cn=Manager,o=Jose-OpenCA server,c=CZ"
send_ldap_result: conn=0 op=0 p=2
send_ldap_response: msgid=1 tag=97 err=0
ber_flush: 14 bytes to sd 12
connection_get(12): got connid=0
connection_read(12): checking for input on id=0
ber_get_next
ber_get_next: tag 0x30 len 223 contents:
ber_get_next
ber_get_next on fd 12 failed errno=11 (Resource temporarily unavailable)
do_search
ber_scanf fmt ({aiiiib) ber:
ber_scanf fmt ({oo}) ber:
ber_scanf fmt ({v}}) ber:
=> ldbm_back_search
dn2entry_r: dn: "OU=JOSE-OPENCA SERVER,O=JOSE-OPENCA SERVER,C=CZ"
=> dn2id( "OU=JOSE-OPENCA SERVER,O=JOSE-OPENCA SERVER,C=CZ" )
=> ldbm_cache_open( "dn2id.dbb", 9, 600 )
<= ldbm_cache_open (cache 0)
<= dn2id 24
=> id2entry_r( 24 )
=> ldbm_cache_open( "id2entry.dbb", 9, 600 )
<= ldbm_cache_open (cache 1)
=> str2entry
<= str2entry(OU=Jose-OpenCA server,o=Jose-OpenCA server, c=CZ) -> -1
(0x80dce50)<= id2entry_r( 24 ) 0x80dce50 (disk)
base_candidates: base: "OU=Jose-OpenCA server,o=Jose-OpenCA server, c=CZ"
====> cache_return_entry_r( 24 ): created (0)
=> id2entry_r( 24 )
====> cache_find_entry_id( 24 ) "OU=Jose-OpenCA server,o=Jose-OpenCA server,
c=CZ" (found) (1 tries)
<= id2entry_r( 24 ) 0x80dce50 (cache)
ldbm_search: candidate 24 does not match filter
====> cache_return_entry_r( 24 ): returned (0)
send_ldap_search_result 0::
send_ldap_response: msgid=2 tag=101 err=0
ber_flush: 14 bytes to sd 12
connection_get(12): got connid=0
connection_read(12): checking for input on id=0
ber_get_next
ber_get_next: tag 0x30 len 245 contents:
ber_get_next
ber_get_next on fd 12 failed errno=11 (Resource temporarily unavailable)
do_search
ber_scanf fmt ({aiiiib) ber:
ber_scanf fmt ({oo}) ber:
ber_scanf fmt ({v}}) ber:
=> ldbm_back_search
dn2entry_r: dn: "CN=JOSE-OPENCA SERVER,OU=JOSE-OPENCA SERVER,O=JOSE-OPENCA
SERVER,C=CZ"
=> dn2id( "CN=JOSE-OPENCA SERVER,OU=JOSE-OPENCA SERVER,O=JOSE-OPENCA
SERVER,C=CZ" )
=> ldbm_cache_open( "dn2id.dbb", 9, 600 )
<= ldbm_cache_open (cache 0)
<= dn2id NOID
dn2entry_r: dn: "OU=JOSE-OPENCA SERVER,O=JOSE-OPENCA SERVER,C=CZ"
=> dn2id( "OU=JOSE-OPENCA SERVER,O=JOSE-OPENCA SERVER,C=CZ" )
====> cache_find_entry_dn2id("OU=JOSE-OPENCA SERVER,O=JOSE-OPENCA
SERVER,C=CZ"): 24 (1 tries)
<= dn2id 24 (in cache)
=> id2entry_r( 24 )
====> cache_find_entry_id( 24 ) "OU=Jose-OpenCA server,o=Jose-OpenCA server,
c=CZ" (found) (1 tries)
<= id2entry_r( 24 ) 0x80dce50 (cache)
====> cache_return_entry_r( 24 ): returned (0)
send_ldap_result: conn=0 op=2 p=2
send_ldap_response: msgid=3 tag=101 err=32
ber_flush: 62 bytes to sd 12
connection_get(12): got connid=0
connection_read(12): checking for input on id=0
ber_get_next
ber_get_next: tag 0x30 len 283 contents:
ber_get_next
ber_get_next on fd 12 failed errno=11 (Resource temporarily unavailable)
do_add
ber_scanf fmt ({a) ber:
ber_scanf fmt ({a{V}}) ber:
ber_scanf fmt ({a{V}}) ber:
ber_scanf fmt ({a{V}}) ber:
ber_scanf fmt ({a{V}}) ber:
ber_scanf fmt ({a{V}}) ber:
ber_scanf fmt ({a{V}}) ber:
ber_scanf fmt (}) ber:
dn2entry_r: dn: "CN=JOSE-OPENCA SERVER,OU=JOSE-OPENCA SERVER,O=JOSE-OPENCA
SERVER,C=CZ"
=> dn2id( "CN=JOSE-OPENCA SERVER,OU=JOSE-OPENCA SERVER,O=JOSE-OPENCA
SERVER,C=CZ" )
=> ldbm_cache_open( "dn2id.dbb", 9, 600 )
<= ldbm_cache_open (cache 0)
<= dn2id NOID
dn2entry_r: dn: "OU=JOSE-OPENCA SERVER,O=JOSE-OPENCA SERVER,C=CZ"
=> dn2id( "OU=JOSE-OPENCA SERVER,O=JOSE-OPENCA SERVER,C=CZ" )
====> cache_find_entry_dn2id("OU=JOSE-OPENCA SERVER,O=JOSE-OPENCA
SERVER,C=CZ"): 24 (1 tries)
<= dn2id 24 (in cache)
=> id2entry_r( 24 )
====> cache_find_entry_id( 24 ) "OU=Jose-OpenCA server,o=Jose-OpenCA server,
c=CZ" (found) (1 tries)
<= id2entry_r( 24 ) 0x80dce50 (cache)
ldbm_referrals: op=104 target="CN=Jose-OpenCA server,OU=Jose-OpenCA
server,o=Jose-OpenCA server, c=CZ" matched="OU=Jose-OpenCA
server,o=Jose-OpenCA server, c=CZ"
====> cache_return_entry_r( 24 ): returned (0)
=> dn2id( "CN=JOSE-OPENCA SERVER,OU=JOSE-OPENCA SERVER,O=JOSE-OPENCA
SERVER,C=CZ" )
=> ldbm_cache_open( "dn2id.dbb", 9, 600 )
<= ldbm_cache_open (cache 0)
<= dn2id NOID
oc_check_required entry (CN=Jose-OpenCA server,OU=Jose-OpenCA
server,o=Jose-OpenCA server, c=CZ), objectClass "top"
oc_check_required entry (CN=Jose-OpenCA server,OU=Jose-OpenCA
server,o=Jose-OpenCA server, c=CZ), objectClass "person"
oc_check_required entry (CN=Jose-OpenCA server,OU=Jose-OpenCA
server,o=Jose-OpenCA server, c=CZ), objectClass "organizationalPerson"
entry_check_schema(CN=Jose-OpenCA server,OU=Jose-OpenCA server,o=Jose-OpenCA
server, c=CZ): "unrecognized objectClass 'inetOrgPerson'" not recognized
entry failed schema check: unrecognized objectClass 'inetOrgPerson'
send_ldap_result: conn=0 op=3 p=2
send_ldap_response: msgid=4 tag=105 err=65
ber_flush: 54 bytes to sd 12
connection_get(12): got connid=0
connection_read(12): checking for input on id=0
ber_get_next
ber_get_next on fd 12 failed errno=0 (Success)
connection_read(12): input error=-2 id=0, closing.
connection_closing: readying conn=0 sd=12 for close
connection_close: conn=0 sd=12
connection_get(12): got connid=1
connection_read(12): checking for input on id=1
ber_get_next
ber_get_next: tag 0x30 len 54 contents:
ber_get_next
ber_get_next on fd 12 failed errno=11 (Resource temporarily unavailable)
do_bind
ber_scanf fmt ({iat) ber:
ber_scanf fmt (o}) ber:
do_bind: version=2 dn="cn=Manager,o=Jose-OpenCA server,c=CZ" method=128
dn2entry_r: dn: "CN=MANAGER,O=JOSE-OPENCA SERVER,C=CZ"
=> dn2id( "CN=MANAGER,O=JOSE-OPENCA SERVER,C=CZ" )
=> ldbm_cache_open( "dn2id.dbb", 9, 600 )
<= ldbm_cache_open (cache 0)
<= dn2id NOID
dn2entry_r: dn: "O=JOSE-OPENCA SERVER,C=CZ"
=> dn2id( "O=JOSE-OPENCA SERVER,C=CZ" )
====> cache_find_entry_dn2id("O=JOSE-OPENCA SERVER,C=CZ"): 20 (1 tries)
<= dn2id 20 (in cache)
=> id2entry_r( 20 )
====> cache_find_entry_id( 20 ) "o=Jose-OpenCA server, c=CZ" (found) (1 tries)
<= id2entry_r( 20 ) 0x80dc3f0 (cache)
====> cache_return_entry_r( 20 ): returned (0)
do_bind: v2 bind: "cn=Manager,o=Jose-OpenCA server,c=CZ" to
"cn=Manager,o=Jose-OpenCA server,c=CZ"
send_ldap_result: conn=1 op=0 p=2
send_ldap_response: msgid=5 tag=97 err=0
ber_flush: 14 bytes to sd 12
connection_get(12): got connid=1
connection_read(12): checking for input on id=1
ber_get_next
ber_get_next: tag 0x30 len 157 contents:
ber_get_next
ber_get_next on fd 12 failed errno=11 (Resource temporarily unavailable)
do_search
ber_scanf fmt ({aiiiib) ber:
ber_scanf fmt (o) ber:
ber_scanf fmt ({v}}) ber:
=> ldbm_back_search
dn2entry_r: dn: "[EMAIL PROTECTED],CN=JOSE-OPENCA
SERVER,OU=JOSE-OPENCA SERVER,O=JOSE-OPENCA SERVER,C=CZ"
=> dn2id( "[EMAIL PROTECTED],CN=JOSE-OPENCA
SERVER,OU=JOSE-OPENCA SERVER,O=JOSE-OPENCA SERVER,C=CZ" )
=> ldbm_cache_open( "dn2id.dbb", 9, 600 )
<= ldbm_cache_open (cache 0)
<= dn2id NOID
dn2entry_r: dn: "CN=JOSE-OPENCA SERVER,OU=JOSE-OPENCA SERVER,O=JOSE-OPENCA
SERVER,C=CZ"
=> dn2id( "CN=JOSE-OPENCA SERVER,OU=JOSE-OPENCA SERVER,O=JOSE-OPENCA
SERVER,C=CZ" )
=> ldbm_cache_open( "dn2id.dbb", 9, 600 )
<= ldbm_cache_open (cache 0)
<= dn2id NOID
dn2entry_r: dn: "OU=JOSE-OPENCA SERVER,O=JOSE-OPENCA SERVER,C=CZ"
=> dn2id( "OU=JOSE-OPENCA SERVER,O=JOSE-OPENCA SERVER,C=CZ" )
====> cache_find_entry_dn2id("OU=JOSE-OPENCA SERVER,O=JOSE-OPENCA
SERVER,C=CZ"): 24 (1 tries)
<= dn2id 24 (in cache)
=> id2entry_r( 24 )
====> cache_find_entry_id( 24 ) "OU=Jose-OpenCA server,o=Jose-OpenCA server,
c=CZ" (found) (1 tries)
<= id2entry_r( 24 ) 0x80dce50 (cache)
====> cache_return_entry_r( 24 ): returned (0)
send_ldap_result: conn=1 op=1 p=2
send_ldap_response: msgid=6 tag=101 err=32
ber_flush: 62 bytes to sd 12
connection_get(12): got connid=1
connection_read(12): checking for input on id=1
ber_get_next
ber_get_next on fd 12 failed errno=0 (Success)
connection_read(12): input error=-2 id=1, closing.
connection_closing: readying conn=1 sd=12 for close
connection_close: conn=1 sd=12
slap_sig_shutdown: signal 2
slap_sig_shutdown: signal 2
daemon: shutdown requested and initiated.
slapd shutdown: waiting for 0 threads to terminate
slap_sig_shutdown: signal 2
slapd shutdown: initiated
ldbm backend syncing
ldbm flushing db (dn2id.dbb)
ldbm closing db (dn2id.dbb)
ldbm flushing db (id2entry.dbb)
ldbm closing db (id2entry.dbb)
ldbm backend done syncing
====> cache_release_all
slapd shutdown: freeing system resources.
slapd stopped.
</LDAP debug output>
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users
