[Date Prev][Date Next] [Chronological] [Thread] [Top]
Re: help with ldapdb.

To: OpenLDAP <openldap-software@OpenLDAP.org>
Subject: Re: help with ldapdb.
From: Igor Brezac <igor@ipass.net>
Date: Wed, 4 Jun 2003 16:43:52 -0400 (EDT)
In-reply-to: <1054755333.2041.6.camel@urkle.vernon.hills>
References: <1054755333.2041.6.camel@urkle.vernon.hills>
Here is the fix.  EXTERNAL was not affected by this bug.

--- ldapdb.c.orig	Wed Jun  4 16:39:46 2003
+++ ldapdb.c	Wed Jun  4 16:41:30 2003
@@ -220,7 +220,7 @@
     if(!tmp.uri) return SASL_BADPARAM;

     utils->getopt(utils->getopt_context, ldapdb, "ldapdb_id",
-		(const char **)&tmp.id.bv_val, (unsigned *)tmp.id.bv_len);
+		(const char **)&tmp.id.bv_val, (unsigned *)&tmp.id.bv_len);
     utils->getopt(utils->getopt_context, ldapdb, "ldapdb_pw",
 		(const char **)&tmp.pw.bv_val, (unsigned *)&tmp.pw.bv_len);
     utils->getopt(utils->getopt_context, ldapdb, "ldapdb_mech",

Solaris users also need to remove/rewrite the following line:
if(s && setenv("LDAPRC", s, 1)) return SASL_BADPARAM;

-Igor

On Wed, 4 Jun 2003, Edward Rudd wrote:

> Has anyone successfully gotten ldapdb working??
> I've been trying for a few days, trying to figure out why it's not
> working...
> I'm running openldap 2.1.19, and cyrus-sasl 2.1.13
>
> I can run the following command with the user I created and it works fine..
> ldapdb just refuses to do the same.
>
> > To emulate ldapdb, you need to:
> >
> > ldapwhoami -U auxprop -X u:eddie -Y DIGEST-MD5 -H ldapi:///
> >
> > This will return a dn which you need to use in ldapsearch:
> >
> > ldapsearch -H ldapi:/// -U auxprop -W auxprop -X u:eddie -Y DIGEST-MD5
> -s base -b <dn> '(objectclass=*)' userPassword
>
>
> it looks as though it never even gets to the sasl bind.. I just get the
> message in the logs "sasl bind in progress". and that's it.. I'm not
> getting any calls to the sasl_regexp function to map the DN.
>
> all I get in the server log (with log_level 255) is the following
>
> ldap_pvt_gethostbyname_a: host=devel.vernon.hills, r=0
> str2filter "(objectclass=*)"
> put_filter: "(objectclass=*)"
> put_filter: simple
> put_simple_filter: "objectclass=*"
> begin get_filter
> PRESENT
> ber_scanf fmt (m) ber:
> ber_dump: buf=0x08219780 ptr=0x08219780 end=0x0821978d len=13
>   0000:  87 0b 6f 62 6a 65 63 74  63 6c 61 73 73
> ..objectclass
> end get_filter 0
> daemon: added 12r
> daemon: activity on:
> daemon: select: listen=6 active_threads=0 tvp=NULL
> daemon: activity on 1 descriptors
> daemon: activity on: 12r
> daemon: read activity on 12
> connection_get(12)
> connection_get(12): got connid=0
> connection_read(12): checking for input on id=0
> ber_get_next
> ldap_read: want=8, got=8
>   0000:  30 18 02 01 01 60 13 02
> 0....`..
> ldap_read: want=18, got=18
>   0000:  01 03 04 00 a3 0c 04 0a  44 49 47 45 53 54 2d 4d
> ........DIGEST-M
>   0010:  44 35
> D5
> ber_get_next: tag 0x30 len 24 contents:
> ber_dump: buf=0x08219390 ptr=0x08219390 end=0x082193a8 len=24
>   0000:  02 01 01 60 13 02 01 03  04 00 a3 0c 04 0a 44 49
> ...`..........DI
>   0010:  47 45 53 54 2d 4d 44 35
> GEST-MD5
> do_bind
> ber_get_next
> ldap_read: want=8 error=Resource temporarily unavailable
> ber_get_next on fd 12 failed errno=11 (Resource temporarily unavailable)
> ber_scanf fmt ({imt) ber:
> ber_dump: buf=0x08219390 ptr=0x08219393 end=0x082193a8 len=21
>   0000:  60 13 02 01 03 04 00 a3  0c 04 0a 44 49 47 45 53
> `..........DIGES
>   0010:  54 2d 4d 44 35
> T-MD5
> ber_scanf fmt ({o) ber:
> ber_dump: buf=0x08219390 ptr=0x0821939a end=0x082193a8 len=14
>   0000:  00 0c 04 0a 44 49 47 45  53 54 2d 4d 44 35
> ....DIGEST-MD5
> ber_scanf fmt (}}) ber:
> ber_dump: buf=0x08219390 ptr=0x082193a8 end=0x082193a8 len=0
>
> >>> dnPrettyNormal: <>
> <<< dnPrettyNormal: <>, <>
> do_sasl_bind: dn () mech DIGEST-MD5
> ==> sasl_bind: dn="" mech=DIGEST-MD5 datalen=0
> SASL [conn=0] Debug: DIGEST-MD5 server step 1
> send_ldap_sasl: err=14 len=191
> daemon: select: listen=6 active_threads=1 tvp=NULL
> send_ldap_response: msgid=1 tag=97 err=14
> ber_flush: 210 bytes to sd 12
>   0000:  30 81 cf 02 01 01 61 81  c9 0a 01 0e 04 00 04 00
> 0.....a.........
>   0010:  87 81 bf 6e 6f 6e 63 65  3d 22 45 45 31 6f 72 67
> ...nonce="EE1org
>   0020:  76 63 52 5a 63 46 72 69  4e 6d 79 75 74 70 61 53
> vcRZcFriNmyutpaS
>   0030:  4e 69 74 55 6a 69 43 46  64 55 75 75 58 58 4a 46
> NitUjiCFdUuuXXJF
>   0040:  30 42 67 7a 38 3d 22 2c  72 65 61 6c 6d 3d 22 64
> 0Bgz8=",realm="d
>   0050:  65 76 65 6c 2e 76 65 72  6e 6f 6e 2e 68 69 6c 6c
> evel.vernon.hill
>   0060:  73 22 2c 71 6f 70 3d 22  61 75 74 68 2c 61 75 74
> s",qop="auth,aut
>   0070:  68 2d 69 6e 74 2c 61 75  74 68 2d 63 6f 6e 66 22
> h-int,auth-conf"
>   0080:  2c 63 69 70 68 65 72 3d  22 72 63 34 2d 34 30 2c
> ,cipher="rc4-40,
>   0090:  72 63 34 2d 35 36 2c 72  63 34 2c 64 65 73 2c 33
> rc4-56,rc4,des,3
>   00a0:  64 65 73 22 2c 6d 61 78  62 75 66 3d 36 35 35 33
> des",maxbuf=6553
>   00b0:  36 2c 63 68 61 72 73 65  74 3d 75 74 66 2d 38 2c
> 6,charset=utf-8,
>   00c0:  61 6c 67 6f 72 69 74 68  6d 3d 6d 64 35 2d 73 65
> algorithm=md5-se
>   00d0:  73 73
> ss
> daemon: activity on 1 descriptors
> daemon: activity on: 12r
> daemon: read activity on 12
> connection_get(12)
> ldap_write: want=210, written=210
>   0000:  30 81 cf 02 01 01 61 81  c9 0a 01 0e 04 00 04 00
> 0.....a.........
>   0010:  87 81 bf 6e 6f 6e 63 65  3d 22 45 45 31 6f 72 67
> ...nonce="EE1org
>   0020:  76 63 52 5a 63 46 72 69  4e 6d 79 75 74 70 61 53
> vcRZcFriNmyutpaS
>   0030:  4e 69 74 55 6a 69 43 46  64 55 75 75 58 58 4a 46
> NitUjiCFdUuuXXJF
>   0040:  30 42 67 7a 38 3d 22 2c  72 65 61 6c 6d 3d 22 64
> 0Bgz8=",realm="d
>   0050:  65 76 65 6c 2e 76 65 72  6e 6f 6e 2e 68 69 6c 6c
> evel.vernon.hill
>   0060:  73 22 2c 71 6f 70 3d 22  61 75 74 68 2c 61 75 74
> s",qop="auth,aut
>   0070:  68 2d 69 6e 74 2c 61 75  74 68 2d 63 6f 6e 66 22
> h-int,auth-conf"
>   0080:  2c 63 69 70 68 65 72 3d  22 72 63 34 2d 34 30 2c
> ,cipher="rc4-40,
>   0090:  72 63 34 2d 35 36 2c 72  63 34 2c 64 65 73 2c 33
> rc4-56,rc4,des,3
>   00a0:  64 65 73 22 2c 6d 61 78  62 75 66 3d 36 35 35 33
> des",maxbuf=6553
>   00b0:  36 2c 63 68 61 72 73 65  74 3d 75 74 66 2d 38 2c
> 6,charset=utf-8,
>   00c0:  61 6c 67 6f 72 69 74 68  6d 3d 6d 64 35 2d 73 65
> algorithm=md5-se
>   00d0:  73 73
> ss
> connection_get(12): got connid=0
> connection_read(12): checking for input on id=0
> ber_get_next
> ldap_read: want=8, got=7
>   0000:  30 05 02 01 02 42 00
> 0....B.
> ber_get_next: tag 0x30 len 5 contents:
> ber_dump: buf=0x0821a870 ptr=0x0821a870 end=0x0821a875 len=5
>   0000:  02 01 02 42 00
> ...B.
> deferring operation
> <== slap_sasl_bind: rc=14
> daemon: select: listen=6 active_threads=2 tvp=NULL
> daemon: activity on 1 descriptors
> daemon: activity on: 12r
> daemon: read activity on 12
> connection_get(12)
> connection_get(12): got connid=0
> connection_read(12): checking for input on id=0
> ber_get_next
> ldap_read: want=8, got=0
>
> ber_get_next on fd 12 failed errno=0 (Success)
> connection_read(12): input error=-2 id=0, closing.
> connection_closing: readying conn=0 sd=12 for close
> connection_close: deferring conn=0 sd=12
> daemon: select: listen=6 active_threads=1 tvp=NULL
> daemon: activity on 1 descriptors
> daemon: select: listen=6 active_threads=1 tvp=NULL
> connection_operation: error: SASL bind in progress (tag=66).
> send_ldap_result: conn=0 op=1 p=3
> send_ldap_result: err=1 matched="" text="SASL bind in progress"
> send_ldap_response: msgid=0 tag=48 err=1
> connection_resched: attempting closing conn=0 sd=12
> connection_close: conn=0 sd=12
> daemon: removing 12
>
>

-- 
Igor
References:
- help with ldapdb.
  - From: Edward Rudd <eddie@omegaware.com>
Prev by Date: db_config and other questions
Next by Date: Help needed with OpenLDAP/ILS configuration for Netmeeting
Index(es):
- Chronological
- Thread