[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: SSL/TLS/clear indication in logs?
--On Tuesday, September 27, 2005 11:28 AM -0500 Digant C Kasundra
<digant@uta.edu> wrote:
Hello everyone,
I'm almost embarrassed to ask this question as I thought I had a clear
understanding of the logs but I'm puzzled. I did three connections (did
a simple bind): (a) over port 389, no TLS; (b) over port 389 with TLS;
(c) over port 636. But each time, the logs indicate the following:
BIND dn="uid=digant,cn=accounts,dc=uta,dc=edu" mech=SIMPLE ssf=0
I would think the ssf would be different from the times I used TLS.
What am I missing?
Hm, with TLS on 389, I see this:
Sep 27 10:32:08 ldap-test3.Stanford.EDU slapd[21702]: [ID 105384
local4.debug] conn=629 fd=60 TLS established tls_ssf=256 ssf=256
With SSL on 636, I see this:
Sep 27 10:33:28 ldap-test3.Stanford.EDU slapd[21702]: [ID 848112
local4.debug] conn=633 fd=60 ACCEPT from IP=171.64.19.55:33671
(IP=0.0.0.0:636)
Sep 27 10:33:28 ldap-test3.Stanford.EDU slapd[21702]: [ID 105384
local4.debug] conn=633 fd=60 TLS established tls_ssf=256 ssf=256
Note that this is on OpenLDAP 2.3.7.
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
"These censorship operations against schools and libraries are stronger
than ever in the present religio-political climate. They often focus on
fantasy and sf books, which foster that deadly enemy to bigotry and blind
faith, the imagination." -- Ursula K. Le Guin