[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: SASL authentication problem
On Thu, 28 Sep 2000, Mayers, Philip J wrote:
> I'm seeing the same problem. The OpenLDAP is an all-2.0.4 installation,
> using cyrus-sasl 1.5.24 (as comes with RedHat 7.0, recompiled with gssapi
> support) and MIT Kerberos 1.2 (as comes with RedHat 7.0). "Decoding Error"
> is returned. I can provide any diagnostics necessary.
>
> Rolling back to 2.0.3 solves the problem completely.
I reinstalled everything to be sure. Here are details of the problem that
I encountered, hope that helps:
./configure \
--with-cyrus-sasl \
--with-threads \
--with-tls \
--enable-spasswd \
--enable-aci
openldap 2.0.4 + cyrus SASL 1.5.24
CONFIGURATION -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
/etc/sasldb
user: giuseppe realm: prof.mi.infn.it mech: DIGEST-MD5
user: giuseppe realm: prof.mi.infn.it mech: PLAIN
user: giuseppe realm: prof.mi.infn.it mech: CRAM-MD5
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
ldap.conf
sasl-realm prof.mi.infn.it
sasl-host prof.mi.infn.it
rootdn "uid=giuseppe@prof.mi.infn.it"
COMMAND -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
% ldapsearch -D "uid=giuseppe@prof.mi.infn.it" "objectclass=*"
SASL/DIGEST-MD5 authentication started
ldap_sasl_interactive_bind_s: Can't contact LDAP server
_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_
ldapsearch -b "" -x -s base "objectclass=*" SupportedSASLmechanisms
version: 2
dn:
supportedSASLMechanisms: DIGEST-MD5
supportedSASLMechanisms: CRAM-MD5
SERVER DIAG _+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_
daemon: select: listen=6 active_threads=1 tvp=NULL
daemon: select: listen=7 active_threads=1 tvp=NULL
do_bind
ber_scanf fmt ({iat) ber:
ber_dump: buf 0x80d7080, ptr 0x80d7083, end 0x80d70b4
` / 02 01 03 04 1c u i d = g i u s e
p p e @ p r o f . m i . i n f n
. i t a3 0c 04 0a D I G E S T - M D
5
ber_scanf fmt ({a) ber:
ber_dump: buf 0x80d7080, ptr 0x80d70a6, end 0x80d70b4
a3 0c 04 0a D I G E S T - M D 5
send_ldap_disconnect 2:decoding error
send_ldap_response: msgid=0 tag=120 err=2
ber_flush: 52 bytes to sd 10
CLIENT DIAG _+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_
** Outstanding Requests:
* msgid 2, origid 2, status InProgress
outstanding referrals 0, parent count 0
** Response Queue:
Empty
do_ldap_select
read1msg
ber_get_next
ber_get_next: tag 0x30 len 50 contents:
ber_dump: buf 0x8068fd0, ptr 0x8068fd0, end 0x8069002
02 01 00 x - 0a 01 02 04 00 04 0e d e c o
d i n g 20 e r r o r 8a 16 1 . 3 .
6 . 1 . 4 . 1 . 1 4 6 6 . 2 0 0
3 6
no request for response with msgid 0 (tossing)
** Connections:
* host: prof.mi.infn.it port: 389 (default)
refcnt: 2 status: Connected
last used: Thu Sep 28 19:13:39 2000
** Outstanding Requests:
* msgid 2, origid 2, status InProgress
outstanding referrals 0, parent count 0
** Response Queue:
_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+_+