[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: How to configure openLDAP with SASL Digest-MD5 (UNDEFINED SYMBOL: DES_ede3_cbc_encrypt - SOLVED, BUT sasldblistusers2 still fails )
--- Lara Adianto <m1r4cle_26@yahoo.com> wrote:
>
> --- Tony Earnshaw <tonye@billy.demon.nl> wrote:
> > ons, 11.02.2004 kl. 09.28 skrev Lara Adianto:
> >
> > > Well, I found out the source of the error of the
> > above
> > > error message.
> > > Looking into the log messages recorded:
> > > Feb 11 14:36:03 localhost sasldblistusers2:
> unable
> > to
> > > dlopen /usr/lib/sasl2/libdigestmd5.so.2:
> > > /usr/lib/sasl2/libdigestmd5.s
> > > o.2: undefined symbol: DES_ede3_cbc_encrypt
> > >
> > > I'm not sure how to solve the problem though.
> > >
> > > I have an older version of cyrus-sasl in my
> > machine,
> > > and I have no problem with creating and listing
> > the
> > > users using saslpasswd and sasldblistusers.
> > >
> > > Does anybody outhere know how to solve this?
> >
> > Well definitely I do, since, with the help of this
> > list (1,000 years
> > ago), its software, people like Igor, Howard,
> > Halvard and at least 10
> > others from then, + auxiliary thingies it all
> "works
> > for me". But /I/
> > had a target, and that was basically getting
> Postfix
> > smtp SASL AUTH with
> > Openldap. I'm now on Postfix latest snapshot /
> Cyrus
> > SASL / Openldap
> > 2.2.5 and SASL DIGEST-MD5 auxprop for everything.
> > And I'm coasting.
> >
> > What is your target, again?
>
> Nope, I'm not going to setup Postfix SMTP...
> My goal is to include SASL into my LDAP server, so
> that my server will be LDAPv3 complient...My LDAP
> server itself will be used more as as an
> authentication server , also I would like to
> integrate
> the LDAP with Radius server.
>
> So...?
>
> When I do a search in
> /usr/lib/sasl2/libdigestmd5.so.2, I can find
> DES_ede3_cbc_encrypt, but then why is it still
> complaining about undefined symbol
> DES_ede3_cbc_encrypt ?
>
> Could the problem be caused by the case sensitive
> issue: 'des' and 'DES' ?
>
> -lara
>
Hello
I finally managed to solve the undefined sysmbol
DES_ede3_cbc_encrypt problem
by specifying the option --with-openssl to point to my
shared ssl library when configuring the SASL.
By doing that, the error messages in the log file
complaining about the undefined symbol
DES_ede3_cbc_encrypt has indeed gone.
So, following the advice from OpenLDAP Administrator's
guide: "You should use the Cyrus SASL sample client
and sample server to test your SASL installation
before attempting to make use of it with OpenLDAP
software", I perform the test...
*** Starting the server ***
[root@localhost sample]# ./server -s ldap
trying 10, 1, 6
socket: Address family not supported by protocol
trying 2, 1, 6
*** Starting the client ***
[root@localhost sample]# ./client -s ldap
192.168.168.102
receiving capability list... recv: {16}
PLAIN DIGEST-MD5
PLAIN DIGEST-MD5
send: {10}
DIGEST-MD5
send: {1}
N
recv: {126}
nonce="brXPMSCb5xq6TtqvQYU/6wpzGjM7H0AWkHVj40kkUU0=",realm="localhost.localdomain",qop="auth",charset=utf-8,algorithm=md5-sess
please enter an authentication id:
**** while on the server side: ****
[root@localhost sample]# ./server -s ldap
trying 10, 1, 6
socket: Address family not supported by protocol
trying 2, 1, 6
accepted new connection
send: {16}
PLAIN DIGEST-MD5
recv: {10}
DIGEST-MD5
recv: {1}
N
send: {126}
nonce="brXPMSCb5xq6TtqvQYU/6wpzGjM7H0AWkHVj40kkUU0=",realm="localhost.localdomain",qop="auth",charset=utf-8,algorithm=md5-sess
I tried to create a user + password using saslpasswd2
command and using it for the authentication id,
authorization id, and password prompted during the
connection, however, the authentication FAILED !!!
I'm wondering whether it's because of the following
error that still persists although the undefined
symbol: DES_ede3_cbc_encrypt problem has been
resolved:
[root@localhost sample]# sasldblistusers2
db failure
listusers failed
Btw, the log message recorded the following error when
creating a user with saslpasswd2:
Feb 12 18:54:42 localhost saslpasswd2: error fetching
from sasldb: Invalid argum
ent
Feb 12 18:54:42 localhost saslpasswd2: error closing
sasldb: Invalid argument
Feb 12 18:54:42 localhost saslpasswd2: error closing
sasldb: Invalid argument
Feb 12 18:54:42 localhost saslpasswd2: error deleting
entry from sasldb: Invalid
argument
Feb 12 18:54:42 localhost saslpasswd2: error closing
sasldb: Invalid argument
Feb 12 18:54:42 localhost saslpasswd2: error deleting
entry from sasldb: Invalid
argument
Feb 12 18:54:42 localhost saslpasswd2: error closing
sasldb: Invalid argument
Feb 12 18:54:42 localhost saslpasswd2: error deleting
entry from sasldb: Invalid
argument
Feb 12 18:54:42 localhost saslpasswd2: error closing
sasldb: Invalid argument
Feb 12 18:54:42 localhost saslpasswd2: setpass
succeeded for admin
Please help,
-lara-
=====
------------------------------------------------------------------------------------
La vie, voyez-vous, ca n'est jamais si bon ni si mauvais qu'on croit
- Guy de Maupassant -
------------------------------------------------------------------------------------
__________________________________
Do you Yahoo!?
New Yahoo! Photos - easier uploading and sharing.
http://photos.yahoo.com/