[Python-modules-team] Bug#704939: python-ldap: ldaps connections fail

michael schumm michaelschumm64 at gmail.com
Sat Jun 22 15:50:53 BST 2019 

On Mon, 8 Apr 2013 09:10:05 +1000 "Gareth Walters (2K Australia)" <
gareth.walters at 2kaustralia.com> wrote:
>
> Package: python-ldap
> Version: 2.4.10-1
> Severity: important
>
> Dear Maintainer,
> While trying to get a python scrip tof mine to work in Wheezy (have it
> running in Squeeze and several other OSs)
> I come across this error when using ldaps://
>
> ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}
> The server is up and the same script is working on the Squeeze machine.
>
> Its talking to Windows AD 2008 R2
>
> the minimal code to reproduce is;
> import ldap
> myldap=ldap.initialize("ldaps://xx.xx.xx.100")
> myldap.bind_s('bindDN','bindPASS')
>
> but this works
> import ldap
> myldap=ldap.initialize("ldap://xx.xx.xx.100")
> myldap.bind_s('bindDN','bindPASS')
>
> Does not even get far enough to give a certificate error as would
> notmally happen without allow unverified/trusted SSL cert.
>
>
> Output when setting ldap debug on;
>
> ldap_create
> ldap_url_parse_ext(ldaps://xx.xx.xx.105)
> ldap_url_parse_ext(ldaps://xx.xx.xx.100)
> ldap_sasl_bind
> ldap_send_initial_request
> ldap_new_connection 1 1 0
> ldap_int_open_connection
> ldap_connect_to_host: TCP xx.xx.xx.100:636
> ldap_new_socket: 3
> ldap_prepare_socket: 3
> ldap_connect_to_host: Trying xx.xx.xx.100:636
> ldap_pvt_connect: fd: 3 tm: -1 async: 0
> ldap_int_open_connection
> ldap_connect_to_host: TCP xx.xx.xx.105:636
> ldap_new_socket: 5
> ldap_prepare_socket: 5
> ldap_connect_to_host: Trying xx.xx.xx.105:636
> ldap_pvt_connect: fd: 5 tm: -1 async: 0
> ldap_err2string
> Traceback (most recent call last):
>   File "./adauth.py", line 71, in <module>
>
> myldap.bind_s(config.get('ldap','bindDN'),config.get('ldap','bindPASS'))
>   File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 222,
> in bind_s
>     msgid = self.bind(who,cred,method)
>   File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 216,
> in bind
>     return self.simple_bind(who,cred)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/python-modules-team/attachments/20190622/3bf4f2a2/attachment.html>

More information about the Python-modules-team mailing list