[Users] [Bug 3936] LDAP StartTLS LDAPv3 (port 389) does not work for addressbooks

noreply at thewildbeast.co.uk noreply at thewildbeast.co.uk
Thu Dec 14 14:33:02 CET 2017


--- Comment #5 from k847354 at keit.eu ---
The code modification in attachment 1825 get this result from LDAP logs:

conn=1961 fd=41 ACCEPT from IP=...
conn=1961 op=0 EXT oid=
conn=1961 op=0 STARTTLS
conn=1961 op=0 RESULT oid= err=0 text=
conn=1961 fd=41 TLS established tls_ssf=256 ssf=256
conn=1961 op=1 EXT oid=
conn=1961 op=1 STARTTLS
conn=1961 op=1 RESULT oid= err=1 text=TLS already started

=> So it is better but not sufficient. To get more clues, when i do
something like:

ldapwhoami -H ldap://servername -Z -D "userDN" -W

Here is the LDAP logs:

conn=1963 fd=42 ACCEPT from IP=...
conn=1963 op=0 EXT oid=
conn=1963 op=0 STARTTLS
conn=1963 op=0 RESULT oid= err=0 text=
conn=1963 fd=42 TLS established tls_ssf=256 ssf=256
conn=1963 op=1 BIND dn=... method=128
conn=1963 op=1 BIND dn=... mech=SIMPLE ssf=0
RESULT tag=97 err=0 text=
EXT oid=
RESULT oid= err=0 text=

=> So something is wrong in sequencing the connection.

You are receiving this mail because:
You are the assignee for the bug.

More information about the Users mailing list