[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problems with multiple DNS names in cert.

[ Howard Chu ]

> All of this still works for me. I suggest you verify the version of
> the ldapsearch client you're using; it may be linked against an
> older libldap that didn't have the subjectAltName support.

beeblebrox.uio.no# ldd /ldap/2.1.16-1/bin/ldapsearch 
        libcrypt.so.1 => /lib/libcrypt.so.1 (0x4001f000)
        libsasl2.so.2 => /ldap/util/lib/libsasl2.so.2 (0x4004d000)
        libssl.so.0 => /local/lib/libssl.so.0 (0x4005e000)
        libcrypto.so.0 => /local/lib/libcrypto.so.0 (0x4008b000)
        libresolv.so.2 => /lib/libresolv.so.2 (0x4014a000)
        libdl.so.2 => /lib/libdl.so.2 (0x4015b000)
        libc.so.6 => /lib/i686/libc.so.6 (0x42000000)
        /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)

It's the 2.1.16 version of ldapsearch.

Both this and the server is compiled with:

 export OPENLDAP_UTIL="/ldap/util" 
 export CPPFLAGS="-I/local/include -I/local/include/openssl \
 export LDFLAGS="-L/local/lib -L$OPENLDAP_UTIL/lib \
                 -Wl,-rpath,/local/lib -Wl,-rpath,$OPENLDAP_UTIL/lib \

 ./configure --with-tls --enable-crypt --enable-aci --prefix=/ldap/2.1.16-1 \

>From 'make', in openldap-2.1.16/client I get:

cc -g -O2 -I../../include        -I../../include   -I/local/include -I/local/include/openssl -I/ldap/util/include     -c -o ldapsearch.o ldapsearch.c
cc -g -O2 -I../../include        -I../../include   -I/local/include -I/local/include/openssl -I/ldap/util/include     -c -o common.o common.c
../../build/mkversion -v "2.1.16" -s ldapsearch > ldsversion.c
cc -g -O2 -I../../include        -I../../include   -I/local/include -I/local/include/openssl -I/ldap/util/include     -c -o ldsversion.o ldsversion.c
/bin/sh /ldap/download/openldap-2.1.16/libtool --mode=link cc -static -g -O2  -L/local/lib -L/ldap/util/lib -Wl,-rpath,/local/lib -Wl,-rpath,/ldap/util/lib -lcrypt   -o ldapsearch ldapsearch.o common.o ldsversion.o ../../libraries/libldif/libldif.a ../../libraries/liblutil/liblutil.a ../../libraries/libldif/libldif.a ../../libraries/libldap/libldap.la ../../libraries/liblber/liblber.la -lsasl2  -lssl -lcrypto    -lresolv -ldl  
cc -g -O2 -Wl,-rpath -Wl,/local/lib -Wl,-rpath -Wl,/ldap/util/lib -o ldapsearch ldapsearch.o common.o ldsversion.o  -L/local/lib -L/ldap/util/lib ../../libraries/liblutil/liblutil.a ../../libraries/libldif/libldif.a ../../libraries/libldap/.libs/libldap.a /usit/beeblebrox/ldap/download/openldap-2.1.16/libraries/liblber/.libs/liblber.a -L/usr/local/lib ../../libraries/liblber/.libs/liblber.a -lcrypt /ldap/util/lib/libsasl2.so -lssl -lcrypto -lresolv -ldl -Wl,--rpath -Wl,/ldap/util/lib -Wl,--rpath -Wl,/ldap/util/lib

ldapsearch: @(#) $OpenLDAP: ldapsearch 2.1.16 (Fri Mar 21 17:56:26 CET 2003) $
        (LDAP library: OpenLDAP 20116)

I can't see any wrong linking. Tha machine is running Redhat 7.3 and
has openldap 2.0.27 installed by default. I don't think this should be
a problem. 

Thanks for all the help so far.

Mathias Meisfjordskar
GNU/Linux addict.

"If it works; HIT IT AGAIN!"