Re: LDAP and SSL

[Chasecreek Systemhouse <chasecreek.systemhouse@gmail.com>]

I have this set:
subjectAltName=IP:68.214.83.106,IP:192.168.2.2,DNS:debian.insecurity.org,DNS:*.insecurity.org

And this is indicated in the logs:
Nov 30 11:31:15 debian slapd[728]: line 104 (access to *  
by dn="cn=admin,dc=debian,dc=insecurity,dc=org" write 
by * read) 

The following command -
openssl s_client -connect localhost:636 -showcerts

Results in:

Nov 30 14:07:58 debian slapd[740]: daemon: activity on 1 descriptors 
Nov 30 14:07:58 debian slapd[740]: daemon: new connection on 13 
Nov 30 14:07:58 debian slapd[740]: str2filter "(objectclass=*)" 
Nov 30 14:07:58 debian slapd[740]: begin get_filter 
Nov 30 14:07:58 debian slapd[740]: PRESENT 
Nov 30 14:07:58 debian slapd[740]: end get_filter 0 
Nov 30 14:07:58 debian slapd[740]: conn=0 fd=13 ACCEPT from
IP=127.0.0.1:32778 (IP=0.0.0.0:636)
Nov 30 14:07:58 debian slapd[740]: daemon: added 13r 
Nov 30 14:07:58 debian slapd[740]: daemon: activity on:
Nov 30 14:07:58 debian slapd[740]:  
Nov 30 14:07:58 debian slapd[740]: daemon: select: listen=6
active_threads=0 tvp=NULL
Nov 30 14:07:58 debian slapd[740]: daemon: select: listen=7
active_threads=0 tvp=NULL
Nov 30 14:07:58 debian slapd[740]: daemon: select: listen=8
active_threads=0 tvp=NULL
Nov 30 14:07:58 debian slapd[740]: daemon: activity on 1 descriptors 
Nov 30 14:07:58 debian slapd[740]: daemon: activity on:
Nov 30 14:07:58 debian slapd[740]:  13r
Nov 30 14:07:58 debian slapd[740]:  
Nov 30 14:07:58 debian slapd[740]: daemon: read activity on 13 
Nov 30 14:07:58 debian slapd[740]: connection_get(13) 
Nov 30 14:07:58 debian slapd[740]: connection_get(13): got connid=0 
Nov 30 14:07:58 debian slapd[740]: connection_read(13): checking for
input on id=0

Nothing else happens.  I think it has hung itself.  Is there a timeout
period?  I've read so many docs I can't see straight anymore =(

-- 
WC -Sx- Jones
http://insecurity.org/