[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#6827) SSL Unbind Hangs
jason.colonno@blackskycomputing.com wrote:
> Full_Name: Jason Colonno
> Version: 2.4.23-0ubuntu3.4
> OS: Ubuntu 10.10
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (76.1.229.99)
>
>
> When binding with a AD server using SSL, ldap functions work properly however
> when the unbind function is called it hangs indefinitely. The point of the
> function is to reset a user's passwords.
>
> AD Server is Windows Server 2008 R2. Ldp.exe testing of connecting with the
> server does not have this problem since it does not use python-ldap.
>
> Sample Code:
> bind_str = "ldaps://" + domain_controller + ":636/"
> l = ldap.initialize(bind_str)
> l.set_option( ldap.OPT_X_TLS_DEMAND, True )
> l.set_option( ldap.OPT_DEBUG_LEVEL, 255 )
> bind_str = "cn=" + binding_username + ",cn=Users,dc=" + domain_dc +
> ",dc=" + domain_ext
> l.simple_bind_s(bind_str, binding_password)
> new_gen_passwd = generate_temp_pw()
> unicode1 = unicode("\"" + new_gen_passwd + "\"", "iso-8859-1")
> unicode2 = unicode1.encode("utf-16-le")
> new_password = unicode2
> mod_attrs = [(ldap.MOD_REPLACE, 'unicodePwd', new_password)]
> l.modify_s(username, mod_attrs)
> l.unbind_s()
>
> Also a simple SSL bind and unbind without any modifications to the AD yields the
> same hanging problem.
>
Sounds like a dup of ITS#6673, already fixed in HEAD/RE24.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/