[Date Prev][Date Next] [Chronological] [Thread] [Top]

ldapsearch hangs "SASL/DIGEST-MD5 authentication started" - yielding

To: openldap-software@OpenLDAP.org
Subject: ldapsearch hangs "SASL/DIGEST-MD5 authentication started" - yielding
From: Alexander Lunyov <lan_mailing@startatom.ru>
Date: Wed, 4 Jun 2003 22:14:04 +0400
Organization: PO Start

Hello openldap-software,

  I was trying to set up MD5 auth with LDAP, OpenLDAP 2.1.20 on
  FreeBSD 4.8R, OpenLDAP was set up from ports, cyrus-sasl-2.1.13 also
  from ports. Config:

=====================
[schema's definition skip]

sasl-regexp uid=(.*),cn=domain.ru,cn=digest-md5,cn=auth
    uid=$1,ou=users,dc=domain,dc=ru

include     /usr/local/etc/openldap/slapd.acl
loglevel -1

database    ldbm
password-hash   {CLEARTEXT}
suffix      "dc=domain,dc=ru"
rootdn      "cn=root,dc=domain,dc=ru"
rootpw      rootsecret
directory   /var/db/openldap-data
index   objectClass eq
=====================

  When i'm trying to search it something like hangs, logs start to grow
  very fast - with this only log entry

=====================
 daemon: select: listen=8 active_threads=1 tvp=idle
 daemon: select timeout - yielding  
=====================

  I have tried to search with/without hostname, with/without binding
  - all the same.

icarus@root [22:02:58] /usr/local/etc/rc.d # ldapsearch -Y digest-md5 -U lan
SASL/DIGEST-MD5 authentication started
^C

  Then it hangs. But

icarus@root [22:11:01] /usr/local/etc/rc.d # ldapsearch -x uid=lan
# extended LDIF
#
# LDAPv3
# base <> with scope sub
# filter: uid=lan
# requesting: ALL
#

# lan, users, domain.ru
dn: uid=lan,ou=users,dc=domain,dc=ru
uid: lan
givenName:: 0JDQu9C10LrRgdCw0L3QtNGA
cn:: 0JDQu9C10LrRgdCw0L3QtNGAINCb0YPQvdC10LI=
departmentNumber: 33
o: Start
ou: users
displayName:: 0JDQu9C10LrRgdCw0L3QtNGAINCb0YPQvdC10LI=
sn:: 0JvRg9C90LXQsg==
objectClass: top
objectClass: person
objectClass: inetorgperson
objectClass: radiusprofile
dialupAccess: 1
mail: lan@domain.ru


   I think it's my SASL misunderstanding or misconfiguration. Do i
   need some config for SASL? All software was set up from ports,
   net/openldap21 and security/cyrus-sasl2.

   slapd.log:
   
=====================
daemon: new connection on 9
 conn=1 fd=9 ACCEPT from IP=66.66.66.4:3422 (IP=0.0.0.0:389)
 daemon: added 9r
 daemon: activity on:

 daemon: select: listen=8 active_threads=0 tvp=NULL
 daemon: activity on 1 descriptors
 daemon: activity on:
  9r

 daemon: read activity on 9
 connection_get(9)
 connection_get(9): got connid=1
 connection_read(9): checking for input on id=1
 ber_get_next on fd 9 failed errno=35 (Resource temporarily unavailable)
 do_bind
 >>> dnPrettyNormal: <>
 <<< dnPrettyNormal: <>, <>
 do_sasl_bind: dn () mech DIGEST-MD5
 conn=1 op=0 BIND dn="" method=163
 ==> sasl_bind: dn="" mech=DIGEST-MD5 datalen=0
 SASL [conn=1] Debug: DIGEST-MD5 server step 1
 daemon: select: listen=8 active_threads=1 tvp=idle
 daemon: select timeout - yielding
 daemon: select: listen=8 active_threads=1 tvp=idle
 daemon: select timeout - yielding
 daemon: select: listen=8 active_threads=1 tvp=idle
 daemon: select timeout - yielding
 daemon: select: listen=8 active_threads=1 tvp=idle
 daemon: select timeout - yielding
 daemon: select: listen=8 active_threads=1 tvp=idle
 daemon: select timeout - yielding
 daemon: select: listen=8 active_threads=1 tvp=idle
 daemon: select timeout - yielding  
=====================

-- 
Best regards,
Alexander                          mailto:lan_mailing@startatom.ru

Prev by Date: Re: OpenLdap 2.0.27 & FreeRadius
Next by Date: SOLVED modify upon the root DSE not supported
Index(es):
- Chronological
- Thread