[Date Prev][Date Next] [Chronological] [Thread] [Top]

TLS on W2K



Dear All,

Why do I get the following error (0x52)?
(Platform: Client = W2K, Server = Linux)

START_TLS [Local error][0x52]...
ldap_start_tls: Success

=> Debug output from Server:
connection_get(10): got connid=0
connection_read(10): checking for input on id=0
ber_get_next
ber_get_next: tag 0x30 len 29 contents:
do_extended
ber_scanf fmt ({a) ber:
ber_get_next
ber_get_next on fd 10 failed errno=11 (Resource temporarily unavailable)
send_ldap_extended 0: (0)
send_ldap_response: msgid=1 tag=120 err=0
ber_flush: 14 bytes to sd 10
connection_get(10): got connid=0
connection_read(10): checking for input on id=0
TLS trace: SSL_accept:before/accept initialization
TLS trace: SSL_accept:SSLv3 read client hello A
TLS trace: SSL_accept:SSLv3 write server hello A
TLS trace: SSL_accept:SSLv3 write certificate A
TLS trace: SSL_accept:SSLv3 write server done A
TLS trace: SSL_accept:SSLv3 flush data
TLS trace: SSL_accept:error in SSLv3 read client certificate A
TLS trace: SSL_accept:error in SSLv3 read client certificate A
connection_get(10): got connid=0
connection_read(10): checking for input on id=0
TLS trace: SSL_accept:SSLv3 read client key exchange A
TLS trace: SSL_accept:SSLv3 read finished A
TLS trace: SSL_accept:SSLv3 write change cipher spec A
TLS trace: SSL_accept:SSLv3 write finished A
TLS trace: SSL_accept:SSLv3 flush data
connection_get(10): got connid=0
connection_read(10): checking for input on id=0
ber_get_next
ber_get_next on fd 10 failed errno=104 (Connection reset by peer)
connection_read(10): input error=-2 id=0, closing.
connection_closing: readying conn=0 sd=10 for close
connection_close: conn=0 sd=10

=> Server slapd.conf
#Enable TLS/SSL
TLSCertificateFile      /home/gvm/CA/users/ldapcert.pem
TLSCertificateKeyFile   /home/gvm/CA/users/ldap.pem
TLSCACertificateFile    /home/gvm/CA/cacert.pem


=> Client code
   printf ("INIT...\n");
   ld = ldap_init("192.168.0.49", 389);
   if( ld == NULL )
   {
      printf ("Init Error...\n");
      return(1);
   }

   if( ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version )	!=
LDAP_OPT_SUCCESS )
   {
      fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n",
version );
      return 1;
   }

   rc = ldap_pvt_tls_set_option(NULL, LDAP_OPT_X_TLS_RANDOM_FILE,
"FILE.RND");
   if ( rc != LDAP_SUCCESS )
   {
      fprintf( stderr, "Error Setting option [%d]...\n", rc);
   }

   if ( (rc = ldap_start_tls_s( ld, NULL, NULL )) != LDAP_SUCCESS )
   {
      fprintf( stderr, "START_TLS [%s][0x%02X]...\n", ldap_err2string(rc),
rc);
      ldap_perror( ld, "ldap_start_tls");
   }

   return(0);