[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
ldapsearch and TLS
I'm trying to do an ldapsearch (or add, or modify, or anything...) on
a server that's doing TLS. Here's what happens:
ldapsearch -h localhost -v -Z -D "uid=me,ou=People,o=cs.ubc.ca" -LLL \
-b "uid=someonelse,ou=People,o=cs.ubc.ca"
ldap_init( localhost, 0 )
ldap_start_tls: Connect error
ldap_sasl_interactive_bind_s: Can't contact LDAP server
Here's what the server logs say (-d 1023). Any idea what's going
wrong? The manpages, as usual, incorrectly assume that I already know
what I'm doing.
-chris
daemon: activity on 1 descriptors
daemon: new connection on 12
daemon: conn=278 fd=12 connection from IP=127.0.0.1:48659 (IP=0.0.0.0:389) accepted.
daemon: added 12r
daemon: activity on:
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: select: listen=7 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: activity on: 12r
daemon: read activity on 12
connection_get(12)
connection_get(12): got connid=278
connection_read(12): checking for input on id=278
ber_get_next
ldap_read: want=1, got=1
0000: 30 0
ldap_read: want=1, got=1
0000: 1d .
ldap_read: want=29, got=29
0000: 02 01 01 77 18 80 16 31 2e 33 2e 36 2e 31 2e 34 ...w...1.3.6.1.4
0010: 2e 31 2e 31 34 36 36 2e 32 30 30 33 37 .1.1466.20037
ber_get_next: tag 0x30 len 29 contents:
ber_dump: buf=0x081bf0c8 ptr=0x081bf0c8 end=0x081bf0e5 len=29
0000: 02 01 01 77 18 80 16 31 2e 33 2e 36 2e 31 2e 34 ...w...1.3.6.1.4
0010: 2e 31 2e 31 34 36 36 2e 32 30 30 33 37 .1.1466.20037
ber_get_next
ldap_read: want=1 error=Resource temporarily unavailable
ber_get_next on fd 12 failed errno=11 (Resource temporarily unavailable)
do_extended
ber_scanf fmt ({a) ber:
ber_dump: buf=0x081bf0c8 ptr=0x081bf0cb end=0x081bf0e5 len=26
0000: 77 18 80 16 31 2e 33 2e 36 2e 31 2e 34 2e 31 2e w...1.3.6.1.4.1.
0010: 31 34 36 36 2e 32 30 30 33 37 1466.20037
do_extended: oid=1.3.6.1.4.1.1466.20037
send_ldap_extended 0: (0)
send_ldap_response: msgid=1 tag=120 err=0
ber_flush: 14 bytes to sd 12
0000: 30 0c 02 01 01 78 07 0a 01 00 04 00 04 00 0....x........
ldap_write: want=14, written=14
0000: 30 0c 02 01 01 78 07 0a 01 00 04 00 04 00 0....x........
daemon: select: listen=6 active_threads=1 tvp=NULL
daemon: select: listen=7 active_threads=1 tvp=NULL
daemon: activity on 1 descriptors
daemon: activity on: 12r
daemon: read activity on 12
connection_get(12)
connection_get(12): got connid=278
connection_read(12): checking for input on id=278
TLS trace: SSL_accept:before/accept initialization
tls_read: want=11, got=11
0000: 30 3e 02 01 02 63 39 04 00 0a 01 0>...c9....
TLS trace: SSL_accept:error in SSLv2/v3 read client hello A
TLS: can't accept.
TLS: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol s23_srvr.c:585
connection_read(12): TLS accept error error=-1 id=278, closing
connection_closing: readying conn=278 sd=12 for close
connection_close: conn=278 sd=12
daemon: removing 12
conn=-1 fd=12 closed
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: select: listen=7 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: select: listen=7 active_threads=0 tvp=NULL