[Date Prev][Date Next] [Chronological] [Thread] [Top]

slapd (OpenLDAP v2.0.7) won't bind to ldap:/// AND ldaps:///



I'm doing this in a CHROOT installation of Debian GNU/Linux (mostly
because I can't dig up a development machine :).

I'm running OpenLDAP v1.2.11 in the 'real system', so I have to bind
on another default port than 389...

----- s n i p -----
CHROOT:/# /usr/sbin/slapd -d 1 -h ldap://0.0.0.0:3389/ ldaps:///
@(#) $OpenLDAP: slapd 2.0.7-Release (Tue Feb 27 20:34:58 CET 2001) $
        @papadoc:/home/operators/turbo/Air2Net/LDAP/LDAP/OpenLDAP2/openldap2-2.0.7/build-tree/openldap-2.0.7/servers/slapd
daemon_init: listen on ldap://0.0.0.0:3389/
daemon_init: 1 listeners to open...
ldap_url_parse(ldap://0.0.0.0:3389/)
daemon: initialized ldap://0.0.0.0:3389/
daemon_init: 1 listeners opened
slapd init: initiated server.
slap_sasl_init: initialized!
==>backsql_initialize()
<==backsql_initialize()
slapd startup: initiated.
slapd starting
----- s n i p -----

I'm not using backsql, i just didn't bother to remove that option in
the default Debian GNU/Linux package. The only difference between mine
and Ben Collins version, is that I have

        --disable-cleartext
        --disable-rlookups
        --with-tls

wheras Ben had it the other way around... I also build against Berkeley DB
3.0.55...

Binding on ldaps ONLY, seems to work (from the slapd's point of view
atleast. However, the ldapsearch command segfaults.

----- s n i p -----
CHROOT:/# /usr/sbin/slapd -d 1 -h ldaps://0.0.0.0/
@(#) $OpenLDAP: slapd 2.0.7-Release (Tue Feb 27 20:34:58 CET 2001) $
        @papadoc:/home/operators/turbo/Air2Net/LDAP/LDAP/OpenLDAP2/openldap2-2.0.7/build-tree/openldap-2.0.7/servers/slapd
daemon_init: listen on ldaps://0.0.0.0/
daemon_init: 1 listeners to open...
ldap_url_parse(ldaps://0.0.0.0/)
daemon: initialized ldaps://0.0.0.0/
daemon_init: 1 listeners opened
slapd init: initiated server.
slap_sasl_init: initialized!
==>backsql_initialize()
<==backsql_initialize()
slapd startup: initiated.
slapd starting
[
do a search:
        ldapsearch -x -b "" -s base -H ldaps:/// supportedSASLMechanisms
]
ldap_pvt_gethostbyname_a: host=papadoc, r=0
connection_get(8): got connid=0
connection_read(8): checking for input on id=0
TLS trace: SSL_accept:before/accept initialization
TLS trace: SSL_accept:SSLv3 read client hello A
TLS trace: SSL_accept:SSLv3 write server hello A
TLS trace: SSL_accept:SSLv3 write certificate A
TLS trace: SSL_accept:SSLv3 write server done A
TLS trace: SSL_accept:SSLv3 flush data
TLS trace: SSL_accept:SSLv3 read client key exchange A
TLS trace: SSL_accept:SSLv3 read finished A
TLS trace: SSL_accept:SSLv3 write change cipher spec A
TLS trace: SSL_accept:SSLv3 write finished A
TLS trace: SSL_accept:SSLv3 flush data
connection_get(8): got connid=0
connection_read(8): checking for input on id=0
ber_get_next
ber_get_next on fd 8 failed errno=0 (Success)
connection_read(8): input error=-2 id=0, closing.
connection_closing: readying conn=0 sd=8 for close
connection_close: conn=0 sd=8
TLS trace: SSL3 alert write:warning:close notify
----- s n i p -----


-- 
 Turbo     __ _     Debian GNU     Unix _IS_ user friendly - it's just 
 ^^^^^    / /(_)_ __  _   ___  __  selective about who its friends are 
         / / | | '_ \| | | \ \/ /   Debian Certified Linux Developer  
  _ /// / /__| | | | | |_| |>  <  Turbo Fredriksson   turbo@tripnet.se
  \\\/  \____/_|_| |_|\__,_/_/\_\ Stockholm/Sweden