Hi,
I am trying to connect to an LDAP-server with Net::LDAPS, using SASL's
EXTERNAL authentication mechanism. I have the following code:
# LDAP connection to server.
$sasl = Authen::SASL->new('EXTERNAL');
$ldap = Net::LDAPS->new($ldap_host, port => 636, onerror => 'die',
#debug => 15,
clientcert => "/etc/grid-security/uni-njs1.cert.pem",
clientkey => "/etc/grid-security/uni-njs1.key.pem",
verify => 'require',
cafile => "/etc/grid-security/certificates_rootCA/CAcerts.txt")
#verify => 'require',
cafile => "/tmp/CAcerts.txt")
or die $!;
uni-njs1.cert.pem and uni-njs1.key.pem contain a certificate and key in
pem-format. CAcerts.txt contains a number (46) of certificates in
pem-format.
When I run this piece of code I get the following error:
Executing "./ldap2uudb_new.pl"
Deep recursion on subroutine "Net::LDAP::_sendmesg" at
/usr/share/perl5/Net/LDAP/Bind.pm line 58, <DATA> line 283 (#1)
(W recursion) This subroutine has called itself (directly or
indirectly)
100 times more than it has returned. This probably indicates an
infinite recursion, unless you're writing strange benchmark
programs, in
which case it indicates something else.
Deep recursion on subroutine "Net::LDAP::sync" at
/usr/share/perl5/Net/LDAP.pm
line 739, <DATA> line 283 (#1)
Deep recursion on subroutine "Net::LDAP::_recvresp" at
/usr/share/perl5/Net/LDAP.pm line 695, <DATA> line 283 (#1)
Deep recursion on subroutine "Net::LDAP::Bind::decode" at
/usr/share/perl5/Net/LDAP.pm line 791, <DATA> line 283 (#1)
After this the program just hangs. When I turn on debugging I see the
following output:
Executing "./ldap2uudb_new.pl"
Net::LDAPS=HASH(0x844dfa4) sending:
30 16 02 01 01 60 11 02 01 03 04 00 A3 0A 04 08 0....`..........
45 58 54 45 52 4E 41 4C __ __ __ __ __ __ __ __ EXTERNAL
0000 22: SEQUENCE {
0002 1: INTEGER = 1
0005 17: [APPLICATION 0] {
0007 1: INTEGER = 3
000A 0: STRING = ''
000C 10: [CONTEXT 3] {
000E 8: STRING = 'EXTERNAL'
0018 : }
0018 : }
0018 : }
Net::LDAPS=HASH(0x844dfa4) received:
30 0E 02 01 01 61 09 0A 01 0E 04 00 04 00 87 00 0....a..........
0000 14: SEQUENCE {
0002 1: INTEGER = 1
0005 9: [APPLICATION 1] {
0007 1: ENUM = 14
000A 0: STRING = ''
000C 0: STRING = ''
000E 0: [CONTEXT 7]
0010 : }
0010 : }
Net::LDAPS=HASH(0x86e353c) sending:
30 16 02 01 02 60 11 02 01 03 04 00 A3 0A 04 08 0....`..........
45 58 54 45 52 4E 41 4C __ __ __ __ __ __ __ __ EXTERNAL
0000 22: SEQUENCE {
0002 1: INTEGER = 2
0005 17: [APPLICATION 0] {
0007 1: INTEGER = 3
000A 0: STRING = ''
000C 10: [CONTEXT 3] {
000E 8: STRING = 'EXTERNAL'
0018 : }
0018 : }
0018 : }
Net::LDAPS=HASH(0x86e353c) received:
30 0E 02 01 02 61 09 0A 01 0E 04 00 04 00 87 00 0....a..........
0000 14: SEQUENCE {
0002 1: INTEGER = 2
0005 9: [APPLICATION 1] {
0007 1: ENUM = 14
000A 0: STRING = ''
000C 0: STRING = ''
000E 0: [CONTEXT 7]
0010 : }
0010 : }
INTEGER counts up infinitely.
If I specify capath instead of cafile and use the path in which the
CAcerts.txt file resides, or if I use a CAcerts.txt file with only one
certificate in it Net::LDAPS gives me a timeout.
Any ideas on how to fix this?
Thanks and regards,
Martin Pels
SARA Computing & Networking Services
High Performance Computing
Tel. +31 20 592 3000
http://www.sara.nl
