[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: sb_sasl_pkt_length: received illegal packet length of 113 bytes



Well, I don't know the answer either.  However, upgrading the openldap
SRPM to 2.0.27 fixed things.  Thanks!

        John


John Morris <openldap@butchwax.com> writes:

> Howdy!  After a week of reading every manual, cookbook, and howto,
> trying every combination of config options, and twenty google searches
> an hour, I've managed to get openldap (redhat stock 2.0.25), krb5
> (redhat nearly stock 1.2.5), SSL/TLS, and sasl (redhat stock 2.1.7,
> which include 1.5.28) working on a RH8.0 box.  Mostly.
> 
> Sorry for the lengthy email, I'm not sure which parts are important
> for debugging, so I'm sticking them all in.  :)
> 
> (One other, separate, little problem, before going on:  with the
> cyrus-sasl-gssapi and cyrus-sasl-plain packages both installed,
> ldapsearch returned "ldap_sasl_interactive_bind_s: Unknown
> authentication method"; after removing the cyrus-sasl-plain package,
> it started working.  Hmm....)
> 
> Here's the problem.  Ldapsearch works like this:
> 
>     # ldapsearch -X u:root -H ldap://ldap-2.lan.butchwax.com/ -v  \
>             -LLL -ZZ o=butchwax
>     ldap_initialize( ldap://ldap-2.lan.butchwax.com/ )
>     SASL/GSSAPI authentication started
>     SASL username: u:root
>     SASL SSF: 56
>     SASL installing layers
>     filter: o=butchwax
>     requesting: ALL
>     dn: o=butchwax
>     objectClass: top
>     objectClass: organization
>     o: butchwax
> 
> Perfect.  But this doesn't work:
> 
>     # ldapsearch -Q -H ldap://ldap-2.lan.butchwax.com/ -v  \
>             -LLL -ZZ o=butchwax
>     ldap_initialize( ldap://ldap-2.lan.butchwax.com/ )
>     filter: o=butchwax
>     requesting: ALL
>     ldap_result: Can't contact LDAP server
> 
> [blah blah blah]