Bug#976991: libldap-2.4-2:amd64: Please consider building with openssl instead of gnutls
Matt Zagrabelny
mzagrabe at d.umn.edu
Wed Dec 9 19:07:11 GMT 2020
Package: libldap-2.4-2
Version: 2.4.56+dfsg-1
Severity: normal
Greetings,
I am using Debian's FreeRADIUS package (freeradius) and the corresponding LDAP
package (freeradius-ldap) to connect to an Active Directory (AD) server over ldaps
(TLS port 636).
Unfortunately FreeRADIUS is linked against openssl and cannot properly use
Debian's libldap-2.4-2, which is linked against gnutls, for TLS communication.
I've rebuilt openldap using openssl and have installed the resulting libldap-2.4-2
package. FreeRADIUS is now able to communicate with AD and my FreeRADIUS setup is
able to correctly communicate with AD (LDAP).
>From what I understand Fedora is building openldap with openssl.
If the licensing is a concern (due to OpenLDAP's license), Debian now considers openssl
to be a system library.
Thank you for considering this change.
-m
-- System Information:
Debian Release: bullseye/sid
APT prefers oldoldstable
APT policy: (500, 'oldoldstable'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 5.4.0-4-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages libldap-2.4-2:amd64 depends on:
ii libc6 2.29-10
ii libsasl2-2 2.1.27+dfsg-2
ii libssl1.1 1.1.1d-2
Versions of packages libldap-2.4-2:amd64 recommends:
ii libldap-common 2.4.49+dfsg-2
libldap-2.4-2:amd64 suggests no packages.
-- no debconf information
More information about the Pkg-openldap-devel
mailing list