[Pkg-openldap-devel] Bug#462588: Same here

Vedran Furač vedranf at riteh.hr
Wed Jan 30 00:57:37 UTC 2008 

I have the same problem after upgrading. I use start_tls mechanism on port
389 (not 636). After trying some ciphers and doing :

% echo debug 1 >> /etc/libnss-ldap.conf
% getent passwd

I get:

[...]
TLS: can't connect: Insufficient credentials for that request..

or

TLS: can't connect: A TLS packet with unexpected length was received..

...depending on ciphers I choose. Then I commented out ciphers line from
slapd.conf and libnss-ldap.conf/pam_ldap.conf and it seemed to work...for
a second...

Postfix sasl authentication over TLS stopped working:

warning: SASL authentication failure: size read failed
warning: SASL authentication failure: Password verification failed
warning: SASL PLAIN authentication failed: generic failure

smbd crashes on start:

[2008/01/30 01:13:14, 2] lib/smbldap.c:smbldap_open_connection(786)
  smbldap_open_connection: connection opened
[2008/01/30 01:13:14, 2] passdb/pdb_ldap.c:init_group_from_ldap(2158)
  init_group_from_ldap: Entry found for group: 544
[2008/01/30 01:13:14, 0] lib/fault.c:fault_report(41)
  ===============================================================
[2008/01/30 01:13:14, 0] lib/fault.c:fault_report(42)
  INTERNAL ERROR: Signal 11 in pid 6940 (3.0.28)
  Please read the Trouble-Shooting section of the Samba3-HOWTO
[2008/01/30 01:13:14, 0] lib/fault.c:fault_report(44)
  From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf
[2008/01/30 01:13:14, 0] lib/fault.c:fault_report(45)
  ===============================================================
[2008/01/30 01:13:14, 0] lib/util.c:smb_panic(1633)
  PANIC (pid 6940): internal error
[2008/01/30 01:13:14, 0] lib/util.c:log_stack_trace(1737)
  BACKTRACE: 20 stack frames:
   #0 /usr/sbin/smbd(log_stack_trace+0x2d) [0x827c12d]
   #1 /usr/sbin/smbd(smb_panic+0x5d) [0x827c25d]
   #2 /usr/sbin/smbd [0x8266e4a]
   #3 [0x25f2b420]
   #4 /usr/lib/libldap_r-2.4.so.2(ldap_install_tls+0x22) [0x26a70ff2]
   #5 /lib/libnss_ldap.so.2 [0x26a242ae]
   #6 /lib/libnss_ldap.so.2 [0x26a248e6]
   #7 /lib/libnss_ldap.so.2 [0x26a24f5a]
   #8 /lib/libnss_ldap.so.2(_nss_ldap_initgroups_dyn+0x24e) [0x26a2731e]
   #9 /lib/libc.so.6 [0x26264b16]
   #10 /lib/libc.so.6(getgrouplist+0x59) [0x26264db9]
   #11 /usr/sbin/smbd [0x829b498]
   #12 /usr/sbin/smbd(getgroups_unix_user+0x4e) [0x829b54e]
   #13 /usr/sbin/smbd [0x822ecd4]
   #14 /usr/sbin/smbd(pdb_enum_group_memberships+0x3c) [0x823017c]
   #15 /usr/sbin/smbd(make_server_info_sam+0xbc) [0x82c6f3c]
   #16 /usr/sbin/smbd(init_guest_info+0xb3) [0x82c7b03]
   #17 /usr/sbin/smbd(main+0x69b) [0x834a8eb]
   #18 /lib/libc.so.6(__libc_start_main+0xe0) [0x261e8450]
   #19 /usr/sbin/smbd [0x8093fd1]


As I don't have enough knowledge and time to debug this I simply
downgraded slapd (and nss-ldap/pam-ldap to a version before rebuilding
against libldap-2.4-2) and now everything works fine as before.

Regards,

Vedran Furač

More information about the Pkg-openldap-devel mailing list