[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Windows LDAP Client - SSL Handshake problem
Hi,
I have compiled the openldap, openssl and cyrus sasl for a windows
client. I am having a problem where the client cannot connect to a
server via SSL on port 636. It's failing in the SSL handshake as the
appended slapd debug log shows.
The server is running on Solaris 7 (Sparc). It can be successfully
accessed by the Unix versions of the client and by other tools such as
ldapsearch - only the windows client fails.
The windows tool s_client.exe (compiled with openssl) is able to connect
to the ldap server quite successfully although it eventually passes the
handshake stage and cannot go any further because it obviously doesn't
understand the LDAP protocol. This leads me to think that the problem
is somehow intertwined with OpenLDAP.
I shall be having a go at debugging this but I'd appreciate any advice
or tips.
Thanks,
Tim
SLAPD DEBUG TRACE OF A CONNECTION FROM A WINDOWS CLIENT:
daemon: activity on 1 descriptors
daemon: new connection on 9
daemon: conn=36 fd=9 connection from IP=192.168.34.101:2518
(IP=0.0.0.0:0) accepted.
daemon: added 9r
daemon: activity on:
daemon: select: listen=7 active_threads=0 tvp=NULL
daemon: select: listen=8 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: activity on: 9r
daemon: read activity on 9
connection_get(9)
connection_get(9): got connid=36
connection_read(9): checking for input on id=36
TLS trace: SSL_accept:before/accept initialization
tls_read: want=11, got=11
0000: 30 39 02 01 01 60 34 02 01 03 04
09...`4....
TLS trace: SSL_accept:error in SSLv2/v3 read client hello A
TLS: can't accept.
TLS: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
s23_srvr.c:565
connection_read(9): TLS accept error error=-1 id=36, closing
connection_closing: readying conn=36 sd=9 for close
connection_close: conn=36 sd=9
daemon: removing 9
conn=-1 fd=9 closed
daemon: select: listen=7 active_threads=0 tvp=NULL
daemon: select: listen=8 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: select: listen=7 active_threads=0 tvp=NULL
daemon: select: listen=8 active_threads=0 tvp=NULL