Bug#514578: libgnutls26: LDAP STARTTLS is broken

Gábor Gombás gombasg at sztaki.hu
Mon Feb 9 08:55:33 UTC 2009

Package: libgnutls26
Version: 2.4.2-5
Severity: important


After upgrading to libgnutls26 2.4.2-5, LDAP authentication fails (including
ldap-utils, libnss-ldap and apache's mod_authnz_ldap). The error message from
ldapsearch ends with:

	TLS: peer cert untrusted or revoked (0x102)
	ldap_start_tls: Connect error (-11)

2.4.2-6 in sid is also affected. Re-installing 2.4.2-4 fixes the problem.


-- System Information:
Debian Release: 5.0
  APT prefers testing
  APT policy: (500, 'testing'), (101, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.26-1-xen-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages libgnutls26 depends on:
ii  libc6                  2.7-18            GNU C Library: Shared libraries
ii  libgcrypt11            1.4.1-1           LGPL Crypto library - runtime libr
ii  libgpg-error0          1.4-2             library for common error values an
ii  libtasn1-3             1.4-1             Manage ASN.1 structures (runtime)
ii  zlib1g                 1: compression library - runtime

libgnutls26 recommends no packages.

Versions of packages libgnutls26 suggests:
pn  gnutls-bin                    <none>     (no description available)

-- no debconf information

More information about the Pkg-gnutls-maint mailing list