[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS resource unavailable



At 11:09 AM 4/23/2004, Mark wrote:
>I asked the pamldap list and I got referred back to this list since they think my problem lies at openldap and not pam..
>
>so im trying to authenticate via ldap on solaris 8...the problem is that it works if i dont specify tls..but whenever i do, i can't connect...
>
>i started slap with
>/opt/openldap/current/libexec/slapd -u ldap -g ldap -d 296 -l local6  -f  /etc/depot/openldap/openldap/slapd.conf
>
>and then i did a search..
>
>/opt/openldap/current/bin/ldapsearch -Z -x -v -W -D "uid=test,ou=People,dc=foo,dc=com" "(userid=*)"
>
>now i get a return on my query.....
>but in the debug log i keep seeing this 
>ldap_read: want=8 error=Resource temporarily unavailable

This just means that when slapd(8) when to read data (8 bytes) from
the network (from the client) that the data was not yet available.
As you can see from the logs, once that data did become available,
slapd continued processing.  This is quite normal behavior.

I've added an answer specific to this message (in addition to
comments regarding similar messages) to the FAQ:
  http://www.openldap.org/faq/index.cgi?file=1033

Anyways, as your ldapsearch(1) demonstrates, slapd(8) appears to
behaving properly.

>some people in pamldap thinks this is why i'm can't get the login (or any command such as id ) to work... 
>any help would be appreciated..as I am stomped beyond comprehension...
>
>heres the debug log...
>
>daemon: activity on 1 descriptors
>daemon: new connection on 10
>conn=1 fd=10 ACCEPT from IP=127.0.0.1:34318 (IP=0.0.0.0:389)
>daemon: added 10r
>daemon: activity on:
>daemon: select: listen=6 active_threads=1 tvp=NULL
>daemon: select: listen=7 active_threads=1 tvp=NULL
>daemon: activity on 1 descriptors
>daemon: activity on: 10r
>daemon: read activity on 10
>ldap_read: want=8, got=8
>  0000:  30 1d 02 01 01 77 18 80                            0....w..          
>ldap_read: want=23, got=23
>  0000:  16 31 2e 33 2e 36 2e 31  2e 34 2e 31 2e 31 34 36   .1.3.6.1.4.1.146  
>  0010:  36 2e 32 30 30 33 37                               6.20037           
>ldap_read: want=8 error=Resource temporarily unavailable
>  0000:  30 0c 02 01 01 78 07 0a  01 00 04 00 04 00         0....x........    
>ldap_write: want=14, written=14
>  0000:  30 0c 02 01 01 78 07 0a  01 00 04 00 04 00         0....x........    
>daemon: select: listen=6 active_threads=1 tvp=NULL
>daemon: select: listen=7 active_threads=1 tvp=NULL
>daemon: activity on 1 descriptors
>daemon: activity on: 10r
>daemon: read activity on 10
>tls_read: want=11, got=11
>  0000:  80 92 01 03 01 00 69 00  00 00 20                  ......i...        
>tls_read: want=137, got=137
>  0000:  00 00 39 00 00 38 00 00  35 00 00 16 00 00 13 00   ..9..8..5.......  
>  0010:  00 0a 07 00 c0 00 00 33  00 00 32 00 00 2f 00 00   .......3..2../..  
>  0020:  07 05 00 80 03 00 80 00  00 66 00 00 05 00 00 04   .........f......  
>  0030:  01 00 80 08 00 80 00 00  63 00 00 62 00 00 61 00   ........c..b..a.  
>  0040:  00 15 00 00 12 00 00 09  06 00 40 00 00 65 00 00   ..........@..e..  
>  0050:  64 00 00 60 00 00 14 00  00 11 00 00 08 00 00 06   d..`............  
>  0060:  04 00 80 00 00 03 02 00  80 41 1b fa a1 6a 32 ac   .........A...j2.  
>  0070:  58 87 6c 25 51 06 f8 57  32 b1 3b 7b 05 fc 58 02   X.l%Q..W2.;{..X.  
>  0080:  b8 61 f3 d2 3f ed e8 77  38                        .a..?..w8         
>tls_write: want=855, written=855
>  0000:  16 03 01 00 4a 02 00 00  46 03 01 40 89 58 5f a8   ....J...F..@.X_.  
>  0010:  a3 39 fe 54 df 37 6f 41  9e b8 29 12 7f aa e9 fc   .9.T.7oA..).....  
>  0020:  d6 49 8a 61 fd ba df 9d  c2 c2 5b 20 3c 75 fe 8b   .I.a......[ <u..  
>  0030:  4d 4c 02 88 e1 e2 cd 9f  0c 19 5d 59 c9 95 d2 ac   ML........]Y....  
>  0040:  1b 1d cb df be cf a0 84  65 8d 9f 6e 00 35 00 16   ........e..n.5..  
>  0050:  03 01 02 fa 0b 00 02 f6  00 02 f3 00 02 f0 30 82   ..............0.  
>  0060:  02 ec 30 82 02 55 a0 03  02 01 02 02 01 02 30 0d   ..0..U........0.  
>  0070:  06 09 2a 86 48 86 f7 0d  01 01 04 05 00 30 2d 31   ..*.H........0-1  
>  0080:  0b 30 09 06 03 55 04 06  13 02 55 53 31 0b 30 09   .0...U....US1.0.  
>  0090:  06 03 55 04 08 13 02 43  41 31 11 30 0f 06 03 55   ..U....CA1.0...U  
>  00a0:  04 0a 13 08 4f 75 74 65  72 62 61 79 30 1e 17 0d   ....foobar0...  
>  00b0:  30 34 30 34 31 34 31 37  34 37 34 31 5a 17 0d 30   040414174741Z..0  
>  00c0:  35 30 34 31 34 31 37 34  37 34 31 5a 30 81 95 31   50414174741Z0..1  
>  00d0:  0b 30 09 06 03 55 04 06  13 02 55 53 31 0b 30 09   .0...U....US1.0.  
>  00e0:  06 03 55 04 08 13 02 43  41 31 12 30 10 06 03 55   ..U....CA1.0...U  
>  00f0:  04 07 13 09 43 75 70 65  72 74 69 6e 6f 31 11 30   ....Cupertino1.0  
>  0100:  0f 06 03 55 04 0a 13 08  4f 75 74 65 72 62 61 79   ...U....Foobar  
>  0110:  31 29 30 27 06 03 55 04  03 13 20 6e 65 65 64 6c   1)0'..U... needl  
>  0120:  65 66 69 73 68 2e 69 6e  74 65 72 6e 61 6c 2e 6f   efish.internal.f 
>  0130:  75 74 65 72 62 61 79 2e  63 6f 6d 31 27 30 25 06   oobar.com1'0%.  
>  0140:  09 2a 86 48 86 f7 0d 01  09 01 16 18 69 74 2d 72   .*.H........it-r  
>  0150:  65 71 75 65 73 74 73 40  6f 75 74 65 72 62 61 79   equests@foo  
>  0160:  2e 63 6f 6d 30 81 9f 30  0d 06 09 2a 86 48 86 f7   .com0..0...*.H..  
>  0170:  0d 01 01 01 05 00 03 81  8d 00 30 81 89 02 81 81   ..........0.....  
>  0180:  00 d4 8b d9 50 17 56 d9  93 72 0c fb e1 93 c0 a7   ....P.V..r......  
>  0190:  73 ae e0 ce b1 51 bb b9  be 11 36 fa 8f 95 c0 79   s....Q....6....y  
>  01a0:  c5 9d dd 33 e4 a3 57 e9  65 28 49 28 f7 6b a5 e2   ...3..W.e(I(.k..  
>  01b0:  8a 53 6c 3d 34 75 1f 1d  28 cb 0f 96 ad 45 84 65   .Sl=4u..(....E.e  
>  01c0:  1f 56 e7 1c 62 bc 8a b8  a1 11 80 ba 62 d3 b9 7b   .V..b.......b..{  
>  01d0:  2c 63 4d a7 a3 da 6e 6b  57 4a c8 ad 5d 81 c8 5f   ,cM...nkWJ..].._  
>  01e0:  43 71 d9 67 c9 69 1a 1d  e4 c8 47 36 2e e8 61 d0   Cq.g.i....G6..a.  
>  01f0:  74 2c e6 89 42 6c 41 c7  1b d3 5d 48 82 89 fc e3   t,..BlA...]H....  
>  0200:  ef 02 03 01 00 01 a3 81  b2 30 81 af 30 09 06 03   .........0..0...  
>  0210:  55 1d 13 04 02 30 00 30  2c 06 09 60 86 48 01 86   U....0.0,..`.H..  
>  0220:  f8 42 01 0d 04 1f 16 1d  4f 70 65 6e 53 53 4c 20   .B......OpenSSL   
>  0230:  47 65 6e 65 72 61 74 65  64 20 43 65 72 74 69 66   Generated Certif  
>  0240:  69 63 61 74 65 30 1d 06  03 55 1d 0e 04 16 04 14   icate0...U......  
>  0250:  01 fa 80 34 97 b5 60 96  e4 fc 5b 8a 87 ba 7d 1b   ...4..`...[...}.  
>  0260:  6d e1 41 c8 30 55 06 03  55 1d 23 04 4e 30 4c 80   m.A.0U..U.#.N0L.  
>  0270:  14 dd 7c f0 c6 a9 35 24  8a d6 44 f2 19 4c 69 c7   ..|...5$..D..Li.  
>  0280:  a6 3f 41 c9 4c a1 31 a4  2f 30 2d 31 0b 30 09 06   .?A.L.1./0-1.0..  
>  0290:  03 55 04 06 13 02 55 53  31 0b 30 09 06 03 55 04   .U....US1.0...U.  
>  02a0:  08 13 02 43 41 31 11 30  0f 06 03 55 04 0a 13 08   ...CA1.0...U....  
>  02b0:  4f 75 74 65 72 62 61 79  82 01 00 30 0d 06 09 2a   Foo...0...*  
>  02c0:  86 48 86 f7 0d 01 01 04  05 00 03 81 81 00 67 89   .H............g.  
>  02d0:  7c bd b7 d7 bf 06 25 22  f6 2d 2e 68 eb a2 6d 25   |.....%".-.h..m%  
>  02e0:  cc d3 16 c8 ae 89 dd a3  bf b4 0d 96 30 06 cd 12   ............0...  
>  02f0:  41 ac cd c3 a9 a1 f0 b0  14 76 b6 e1 a7 33 ea b7   A........v...3..  
>  0300:  18 e9 8a 6f 16 af 65 43  18 42 49 51 f2 dd 53 2d   ...o..eC.BIQ..S-  
>  0310:  3f e9 44 e1 f6 9c f9 44  50 dc 8d 69 9e 83 64 63   ?.D....DP..i..dc  
>  0320:  79 c7 50 f5 80 f9 c1 44  35 e2 a8 7e c2 0e 51 08   y.P....D5..~..Q.  
>  0330:  46 55 cb 73 f5 9d 8e 34  5e 76 5e 6c a8 42 01 73   FU.s...4^v^l.B.s  
>  0340:  2c 50 43 23 d9 57 38 42  b2 00 34 2d 40 5b 16 03   ,PC#.W8B..4-@[..  
>  0350:  01 00 04 0e 00 00 00                               .......           
>tls_read: want=5 error=Resource temporarily unavailable
>daemon: select: listen=6 active_threads=1 tvp=NULL
>daemon: select: listen=7 active_threads=1 tvp=NULL
>daemon: activity on 1 descriptors
>daemon: activity on: 10r
>daemon: read activity on 10
>tls_read: want=5, got=5
>  0000:  16 03 01 00 86                                     .....             
>tls_read: want=134, got=134
>  0000:  10 00 00 82 00 80 5a e3  ee 36 01 03 5a 91 62 ff   ......Z..6..Z.b.  
>  0010:  b0 e4 11 bb ae e8 f1 f2  00 39 9e f2 05 2b 04 36   .........9...+.6  
>  0020:  0b dc 8f b3 df a1 ee e1  ed d5 3d 89 ef 85 6d c7   ..........=...m.  
>  0030:  60 bd ef b7 4f ac 38 90  2d 23 7f 95 88 37 3a d3   `...O.8.-#...7:.  
>  0040:  4a da aa e5 db 2e 30 3f  38 a8 59 5e f2 68 9b 7e   J.....0?8.Y^.h.~  
>  0050:  49 48 27 c0 09 74 85 84  63 53 3b 84 18 0d 0e 8e   IH'..t..cS;.....  
>  0060:  f1 87 27 7c 04 02 02 ab  70 f9 eb c4 45 7a ad 27   ..'|....p...Ez.'  
>  0070:  27 60 da de 0f ed a4 78  3d 91 19 87 51 ea 22 92   '`.....x=...Q.".  
>  0080:  47 54 23 d8 dc 63                                  GT#..c            
>tls_read: want=5, got=5
>  0000:  14 03 01 00 01                                     .....             
>tls_read: want=1, got=1
>  0000:  01                                                 .                 
>tls_read: want=5, got=5
>  0000:  16 03 01 00 30                                     ....0             
>tls_read: want=48, got=48
>  0000:  f9 46 28 0d 5d bd 8b 2a  e5 9a b3 ec 3f 44 96 c3   .F(.]..*....?D..  
>  0010:  1c 0f 5f 46 b8 e3 c7 db  cd 35 4e e9 41 21 1f 43   .._F.....5N.A!.C  
>  0020:  6f c0 2d 2e 90 83 a5 7d  11 53 e0 1d 5d d2 f5 cf   o.-....}.S..]...  
>tls_write: want=59, written=59
>  0000:  14 03 01 00 01 01 16 03  01 00 30 45 fc ab d9 22   ..........0E..."  
>  0010:  37 f5 1e 50 64 71 12 12  f4 c1 f0 c2 0f ca 94 b4   7..Pdq..........  
>  0020:  16 b7 da bf ba 83 08 c7  d4 09 ef 10 31 6d c6 58   ............1m.X  
>  0030:  dd d7 5b da bf 0b 22 be  19 87 ae                  ..[..."....       
>daemon: select: listen=6 active_threads=1 tvp=NULL
>daemon: select: listen=7 active_threads=1 tvp=NULL
>daemon: activity on 1 descriptors
>daemon: activity on: 10r
>daemon: read activity on 10
>tls_read: want=5, got=5
>  0000:  17 03 01 00 20                                     ....              
>tls_read: want=32, got=32
>  0000:  5f db b1 cc 4a 90 15 3e  66 36 3a 51 ae 87 7f a3   _...J..>f6:Q....  
>  0010:  cc bd 6e c2 78 d3 4f 8b  3d cb e7 4f 42 ac 88 c5   ..n.x.O.=..OB...  
>tls_read: want=5, got=5
>  0000:  17 03 01 00 50                                     ....P             
>tls_read: want=80, got=80
>  0000:  5e 5e 73 3f 85 f6 8f d8  07 26 ec 2a 71 95 a1 f4   ^^s?.....&.*q...  
>  0010:  d0 bc 94 48 d8 43 29 c8  01 43 e3 43 79 3c f5 8a   ...H.C)..C.Cy<..  
>  0020:  f0 7e ad f4 25 dd d2 bf  1f 6c ea c3 a7 78 44 35   .~..%....l...xD5  
>  0030:  76 3b 47 2c 76 32 4c d1  6e d2 20 b0 1f 46 57 d7   v;G,v2L.n. ..FW.  
>  0040:  98 a2 19 b1 e6 07 29 ad  8d b0 7d 87 de 35 40 11   ......)...}..5@.  
>ldap_read: want=8, got=8
>  0000:  30 37 02 01 02 60 32 02                            07...`2.          
>ldap_read: want=49, got=49
>  0000:  01 03 04 25 75 69 64 3d  74 65 73 74 2c 6f 75 3d   ...%uid=test,ou=  
>  0010:  50 65 6f 70 6c 65 2c 64  63 3d 6f 75 74 65 72 62   People,dc= foo, 
>  0020:  61 79 2c 64 63 3d 63 6f  6d 80 06 66 6f 6f 62 61   dc=com..fooba  
>  0030:  72                                                 r                 
>tls_read: want=5 error=Resource temporarily unavailable
>ldap_read: want=8 error=Resource temporarily unavailable
>daemon: select: listen=6 active_threads=1 tvp=NULL
>daemon: select: listen=7 active_threads=1 tvp=NULL
>daemon: activity on 1 descriptors
>daemon: select: listen=6 active_threads=1 tvp=NULL
>daemon: select: listen=7 active_threads=1 tvp=NULL
>conn=1 op=1 BIND dn="uid=test,ou=People,dc=foo,dc=com" method=128
>conn=1 op=1 BIND dn="uid=test,ou=People,dc=foo,dc=com" mech=simple ssf=0
>  0000:  30 0c 02 01 02 61 07 0a  01 00 04 00 04 00         0....a........    
>daemon: activity on 1 descriptors
>daemon: activity on: 10r
>daemon: read activity on 10
>tls_write: want=90, written=90
>  0000:  17 03 01 00 20 27 2a 10  13 0f ce d2 af be 78 61   .... '*.......xa  
>  0010:  a0 cc 3a eb 0f f5 0d b0  40 e0 62 4e 78 d2 24 ca   ..:.....@.bNx.$.  
>  0020:  b7 cc 16 d9 5d 17 03 01  00 30 5d 2d 3a 9b e8 f9   ....]....0]-:...  
>  0030:  ce 5a cc 22 5d ec 93 57  bd 52 96 4d e5 05 78 6f   .Z."]..W.R.M..xo  
>  0040:  ea 5f 87 d8 b9 d1 44 69  6e 0b 78 af af a7 40 4e   ._....Din.x...@N  
>  0050:  d8 f5 bd 8f c6 42 ce af  1f f7                     .....B....        
>ldap_write: want=14, written=14
>  0000:  30 0c 02 01 02 61 07 0a  01 00 04 00 04 00         0....a........    
>tls_read: want=5, got=5
>  0000:  17 03 01 00 20                                     ....              
>tls_read: want=32, got=32
>  0000:  89 7f d7 38 4f be bd 56  30 f3 7f 83 54 9c d1 87   ...8O..V0...T...  
>  0010:  14 f5 58 ee aa a9 97 5b  42 ee 92 dc 7b 54 29 60   ..X....[B...{T)`  
>tls_read: want=5, got=5
>  0000:  17 03 01 00 50                                     ....P             
>tls_read: want=80, got=80
>  0000:  23 69 a8 c5 77 1a 6a 9b  bc 32 6b 06 03 8b bf 2d   #i..w.j..2k....-  
>  0010:  6d 92 0e 58 1c be 49 54  ec 0b 30 99 d9 fa ba 1d   m..X..IT..0.....  
>  0020:  b2 97 a8 75 fd 68 95 20  1e 93 8a 4d 41 f7 ce 6f   ...u.h. ...MA..o  
>  0030:  b2 e6 c5 d9 28 59 a2 9b  da 16 da e8 8f c1 0f 62   ....(Y.........b  
>  0040:  bf fc b6 72 cf 57 5a d1  5b e7 19 f6 aa 43 e1 73   ...r.WZ.[....C.s  
>ldap_read: want=8, got=8
>  0000:  30 33 02 01 03 63 2e 04                            03...c..          
>ldap_read: want=45, got=45
>  0000:  13 64 63 3d 6f 75 74 65  72 62 61 79 2c 20 64 63   .dc=foo, dc  
>  0010:  3d 63 6f 6d 0a 01 02 0a  01 00 02 01 00 02 01 00   =com............  
>  0020:  01 01 00 87 06 75 73 65  72 69 64 30 00            .....userid0.     
>deferring operation
>daemon: select: listen=6 active_threads=1 tvp=NULL
>daemon: select: listen=7 active_threads=1 tvp=NULL
>conn=1 op=1 RESULT tag=97 err=0 text=
>begin get_filter
>PRESENT
>end get_filter 0
>conn=1 op=2 SRCH base="dc=foo,dc=com" scope=2 filter="(uid=*)"