[Date Prev][Date Next]
Re: (ITS#4144) Strange problem in client libs with SSL connect
Aaron Richton wrote:
>>Yes. But the point is "some of the time".
> Is this intermittent with OpenLDAP tools? (e.g. identical ldapsearch
> command works once, doesn't work later?)
No. I can only confirm the failure of the correct connection attempt in
step 1 with RE23's ldapsearch since the OS process of ldapsearch exits
after one test. ldapsearch of 2.2.27 works ok.
web2ldap is a long-running multi-threaded process performing all three
connection attempts without restarting the OS process. As I said the
very same configuration works correctly when python-ldap is linked
against 2.2.27 libs.
I suspect something gets initialized lazily. (Well, don't know how to
express that in English.)
> What is the equivalent ldapsearch command that fails?
IIRC this simple command failed with LDAP_SERVER_DOWN:
ldapsearch -x -H ldaps://directory.example.com -b "" "(objectClass=*)"
> A sanitized -d log
> of that ldapsearch command might be good too.
Hmm, it's not my machine. Therefore this can take until next week.
Maybe I could also write a short test script with Python (but not in C
on top of OpenLDAP libs) and also test with HEAD.