LDAPS working for first request only

[Raphael Bauduin <rb@be.tiscali.com>]

Hi!

I'm working on a OpenLDAP server with SSL turned on. The environment is
Debian GNU/Linux (testing), kernel 2.2.17, OpenSSL 0.9.6a (distribution
package).
I recompiled all OpenLDAP packages with SSL support. 

When I start slapd, I get those three process running:
 1483 ?        S      0:00 /usr/sbin/slapd -h ldaps://0.0.0.0/
 1485 ?        S      0:00 /usr/sbin/slapd -h ldaps://0.0.0.0/
 1486 ?        S      0:00 /usr/sbin/slapd -h ldaps://0.0.0.0/


When I make a request with the netscape address book (configured to
access the ldaps server), it works. the process with ID 1486 answers the
request (from syslog:  slapd[1496]: => regex_matches: rc: 1 no matches) 
. I then have these processes running (after the firts request). You can
see there is one more process running.

 1483 ?        S      0:00 /usr/sbin/slapd -h ldaps://0.0.0.0/
 1485 ?        S      0:00 /usr/sbin/slapd -h ldaps://0.0.0.0/
 1486 ?        S      0:00 /usr/sbin/slapd -h ldaps://0.0.0.0/
 1496 ?        S      0:00 /usr/sbin/slapd -h ldaps://0.0.0.0/

When I send a new request (or the same again) to the server using the
same way as the first successful request, I get an error from Netscape:
Faile to bind to SERVER due to LDAP error 'Unknown error)' (0xFFFFFFFF).
It was the 1496 process that answered.

I made different test, and it seems that, in the first request, the new
process intervenes too. I could send complete logs if that could help
you.

I hope you can help me, because I'm somewhat clueless......

Thanks!

Raph
-- 
          Open Source and Free Software Developers Meeting
See you at the 2002 edition. Check the 2001 sessions on
www.opensource-tv.com
     Visit http://www.osdem.org and subscribe to the mailing list!