Marco Strullato
2007-Sep-07 08:10 UTC
[Fedora-directory-users] cleint problems with ssl and tls
Hi all!
I have a problem with ldap and ssl:
I set up the fedora directory server with ssl following this link:
http://directory.fedoraproject.org/wiki/Howto:SSL
The problem is client authentication: I mean when I do an ldapsearch I get
"SSL connection already established" but I don''t have any
other connection
to between client and server (check with netstat).
What do you suggest me?
Thanks
Marco
logs from the FDS server are:
[07/Sep/2007:10:04:09 +0200] conn=10 fd=68 slot=68 SSL connection from
<ip_src> to <ip_dst>
[07/Sep/2007:10:04:09 +0200] conn=10 SSL 256-bit AES
[07/Sep/2007:10:04:09 +0200] conn=10 op=0 EXT
oid="1.3.6.1.4.1.1466.20037"
name="startTLS"
[07/Sep/2007:10:04:09 +0200] conn=10 op=0 RESULT err=1 tag=120 nentries=0
etime=0
[07/Sep/2007:10:04:09 +0200] conn=10 op=-1 fd=68 closed - B1
from client:
ldap_create
ldap_extended_operation_s
ldap_extended_operation
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP ldaps_vm02_admin:636
ldap_new_socket: 3
ldap_prepare_socket: 3
ldap_connect_to_host: Trying <ip_server>:636
ldap_connect_timeout: fd: 3 tm: -1 async: 0
TLS trace: SSL_connect:before/connect initialization
TLS trace: SSL_connect:SSLv2/v3 write client hello A
TLS trace: SSL_connect:SSLv3 read server hello A
TLS certificate verification: depth: 1, err: 0, subject: /C=IT/O=<......>
TLS certificate verification: depth: 0, err: 0, subject: /C=IT/O=<......>
TLS trace: SSL_connect:SSLv3 read server certificate A
TLS trace: SSL_connect:SSLv3 read server certificate request A
TLS trace: SSL_connect:SSLv3 read server done A
TLS trace: SSL_connect:SSLv3 write client certificate A
TLS trace: SSL_connect:SSLv3 write client key exchange A
TLS trace: SSL_connect:SSLv3 write change cipher spec A
TLS trace: SSL_connect:SSLv3 write finished A
TLS trace: SSL_connect:SSLv3 flush data
TLS trace: SSL_connect:SSLv3 read finished A
ldap_open_defconn: successful
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_scanf fmt ({) ber:
ber_flush: 31 bytes to sd 3
ldap_result ld 0x80bc048 msgid 1
ldap_chkResponseList ld 0x80bc048 msgid 1 all 1
ldap_chkResponseList returns ld 0x80bc048 NULL
wait4msg ld 0x80bc048 msgid 1 (infinite timeout)
wait4msg continue ld 0x80bc048 msgid 1 all 1
** ld 0x80bc048 Connections:
* host: ldaps_vm02_admin port: 636 (default)
refcnt: 2 status: Connected
last used: Fri Sep 7 10:05:20 2007
** ld 0x80bc048 Outstanding Requests:
* msgid 1, origid 1, status InProgress
outstanding referrals 0, parent count 0
** ld 0x80bc048 Response Queue:
Empty
ldap_chkResponseList ld 0x80bc048 msgid 1 all 1
ldap_chkResponseList returns ld 0x80bc048 NULL
ldap_int_select
read1msg: ld 0x80bc048 msgid 1 all 1
ber_get_next
ber_get_next: tag 0x30 len 71 contents:
read1msg: ld 0x80bc048 msgid 1 message type extended-result
ber_scanf fmt ({eaa) ber:
read1msg: ld 0x80bc048 0 new referrals
read1msg: mark request completed, ld 0x80bc048 msgid 1
request done: ld 0x80bc048 msgid 1
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 1, msgid 1)
ldap_free_connection 0 1
ldap_free_connection: refcnt 1
ldap_parse_extended_result
ber_scanf fmt ({eaa) ber:
ber_scanf fmt (a) ber:
ldap_parse_result
ber_scanf fmt ({iaa) ber:
ber_scanf fmt (x) ber:
ber_scanf fmt (}) ber:
ldap_msgfree
ldap_perror
ldap_start_tls: Operations error (1)
additional info: SSL connection already established
Satish Chetty
2007-Sep-07 12:34 UTC
Re: [Fedora-directory-users] cleint problems with ssl and tls
Marco, Which ldapsearch are you using? OL''s or the one that comes with FDS? -Satish. Marco Strullato wrote:> Hi all! > I have a problem with ldap and ssl: > I set up the fedora directory server with ssl following this link: > http://directory.fedoraproject.org/wiki/Howto:SSL > <http://directory.fedoraproject.org/wiki/Howto:SSL> > > The problem is client authentication: I mean when I do an ldapsearch I > get "SSL connection already established" but I don''t have any other > connection to between client and server (check with netstat). > > What do you suggest me? > > Thanks > > Marco > > logs from the FDS server are: > [07/Sep/2007:10:04:09 +0200] conn=10 fd=68 slot=68 SSL connection from > <ip_src> to <ip_dst> > [07/Sep/2007:10:04:09 +0200] conn=10 SSL 256-bit AES > [07/Sep/2007:10:04:09 +0200] conn=10 op=0 EXT > oid="1.3.6.1.4.1.1466.20037" name="startTLS" > [07/Sep/2007:10:04:09 +0200] conn=10 op=0 RESULT err=1 tag=120 > nentries=0 etime=0 > [07/Sep/2007:10:04:09 +0200] conn=10 op=-1 fd=68 closed - B1 > > from client: > ldap_create > ldap_extended_operation_s > ldap_extended_operation > ldap_send_initial_request > ldap_new_connection 1 1 0 > ldap_int_open_connection > ldap_connect_to_host: TCP ldaps_vm02_admin:636 > ldap_new_socket: 3 > ldap_prepare_socket: 3 > ldap_connect_to_host: Trying <ip_server>:636 > ldap_connect_timeout: fd: 3 tm: -1 async: 0 > TLS trace: SSL_connect:before/connect initialization > TLS trace: SSL_connect:SSLv2/v3 write client hello A > TLS trace: SSL_connect:SSLv3 read server hello A > TLS certificate verification: depth: 1, err: 0, subject: /C=IT/O=<......> > TLS certificate verification: depth: 0, err: 0, subject: /C=IT/O=<......> > TLS trace: SSL_connect:SSLv3 read server certificate A > TLS trace: SSL_connect:SSLv3 read server certificate request A > TLS trace: SSL_connect:SSLv3 read server done A > TLS trace: SSL_connect:SSLv3 write client certificate A > TLS trace: SSL_connect:SSLv3 write client key exchange A > TLS trace: SSL_connect:SSLv3 write change cipher spec A > TLS trace: SSL_connect:SSLv3 write finished A > TLS trace: SSL_connect:SSLv3 flush data > TLS trace: SSL_connect:SSLv3 read finished A > ldap_open_defconn: successful > ldap_send_server_request > ber_scanf fmt ({it) ber: > ber_scanf fmt ({) ber: > ber_flush: 31 bytes to sd 3 > ldap_result ld 0x80bc048 msgid 1 > ldap_chkResponseList ld 0x80bc048 msgid 1 all 1 > ldap_chkResponseList returns ld 0x80bc048 NULL > wait4msg ld 0x80bc048 msgid 1 (infinite timeout) > wait4msg continue ld 0x80bc048 msgid 1 all 1 > ** ld 0x80bc048 Connections: > * host: ldaps_vm02_admin port: 636 (default) > refcnt: 2 status: Connected > last used: Fri Sep 7 10:05:20 2007 > > ** ld 0x80bc048 Outstanding Requests: > * msgid 1, origid 1, status InProgress > outstanding referrals 0, parent count 0 > ** ld 0x80bc048 Response Queue: > Empty > ldap_chkResponseList ld 0x80bc048 msgid 1 all 1 > ldap_chkResponseList returns ld 0x80bc048 NULL > ldap_int_select > read1msg: ld 0x80bc048 msgid 1 all 1 > ber_get_next > ber_get_next: tag 0x30 len 71 contents: > read1msg: ld 0x80bc048 msgid 1 message type extended-result > ber_scanf fmt ({eaa) ber: > read1msg: ld 0x80bc048 0 new referrals > read1msg: mark request completed, ld 0x80bc048 msgid 1 > request done: ld 0x80bc048 msgid 1 > res_errno: 0, res_error: <>, res_matched: <> > ldap_free_request (origid 1, msgid 1) > ldap_free_connection 0 1 > ldap_free_connection: refcnt 1 > ldap_parse_extended_result > ber_scanf fmt ({eaa) ber: > ber_scanf fmt (a) ber: > ldap_parse_result > ber_scanf fmt ({iaa) ber: > ber_scanf fmt (x) ber: > ber_scanf fmt (}) ber: > ldap_msgfree > ldap_perror > ldap_start_tls: Operations error (1) > additional info: SSL connection already established > > > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users
Marco Strullato
2007-Sep-07 12:47 UTC
Re: [Fedora-directory-users] cleint problems with ssl and tls
Hello, I''m using ldapsearch provided by openldap-clients-2.3.27-5. Marco 2007/9/7, Satish Chetty <satish@suburbia.org.au>:> > Marco, > Which ldapsearch are you using? OL''s or the one that comes with > FDS? > > -Satish. > > Marco Strullato wrote: > > Hi all! > > I have a problem with ldap and ssl: > > I set up the fedora directory server with ssl following this link: > > http://directory.fedoraproject.org/wiki/Howto:SSL > > <http://directory.fedoraproject.org/wiki/Howto:SSL> > > > > The problem is client authentication: I mean when I do an ldapsearch I > > get "SSL connection already established" but I don''t have any other > > connection to between client and server (check with netstat). > > > > What do you suggest me? > > > > Thanks > > > > Marco > > > > logs from the FDS server are: > > [07/Sep/2007:10:04:09 +0200] conn=10 fd=68 slot=68 SSL connection from > > <ip_src> to <ip_dst> > > [07/Sep/2007:10:04:09 +0200] conn=10 SSL 256-bit AES > > [07/Sep/2007:10:04:09 +0200] conn=10 op=0 EXT > > oid="1.3.6.1.4.1.1466.20037" name="startTLS" > > [07/Sep/2007:10:04:09 +0200] conn=10 op=0 RESULT err=1 tag=120 > > nentries=0 etime=0 > > [07/Sep/2007:10:04:09 +0200] conn=10 op=-1 fd=68 closed - B1 > > > > from client: > > ldap_create > > ldap_extended_operation_s > > ldap_extended_operation > > ldap_send_initial_request > > ldap_new_connection 1 1 0 > > ldap_int_open_connection > > ldap_connect_to_host: TCP ldaps_vm02_admin:636 > > ldap_new_socket: 3 > > ldap_prepare_socket: 3 > > ldap_connect_to_host: Trying <ip_server>:636 > > ldap_connect_timeout: fd: 3 tm: -1 async: 0 > > TLS trace: SSL_connect:before/connect initialization > > TLS trace: SSL_connect:SSLv2/v3 write client hello A > > TLS trace: SSL_connect:SSLv3 read server hello A > > TLS certificate verification: depth: 1, err: 0, subject: > /C=IT/O=<......> > > TLS certificate verification: depth: 0, err: 0, subject: > /C=IT/O=<......> > > TLS trace: SSL_connect:SSLv3 read server certificate A > > TLS trace: SSL_connect:SSLv3 read server certificate request A > > TLS trace: SSL_connect:SSLv3 read server done A > > TLS trace: SSL_connect:SSLv3 write client certificate A > > TLS trace: SSL_connect:SSLv3 write client key exchange A > > TLS trace: SSL_connect:SSLv3 write change cipher spec A > > TLS trace: SSL_connect:SSLv3 write finished A > > TLS trace: SSL_connect:SSLv3 flush data > > TLS trace: SSL_connect:SSLv3 read finished A > > ldap_open_defconn: successful > > ldap_send_server_request > > ber_scanf fmt ({it) ber: > > ber_scanf fmt ({) ber: > > ber_flush: 31 bytes to sd 3 > > ldap_result ld 0x80bc048 msgid 1 > > ldap_chkResponseList ld 0x80bc048 msgid 1 all 1 > > ldap_chkResponseList returns ld 0x80bc048 NULL > > wait4msg ld 0x80bc048 msgid 1 (infinite timeout) > > wait4msg continue ld 0x80bc048 msgid 1 all 1 > > ** ld 0x80bc048 Connections: > > * host: ldaps_vm02_admin port: 636 (default) > > refcnt: 2 status: Connected > > last used: Fri Sep 7 10:05:20 2007 > > > > ** ld 0x80bc048 Outstanding Requests: > > * msgid 1, origid 1, status InProgress > > outstanding referrals 0, parent count 0 > > ** ld 0x80bc048 Response Queue: > > Empty > > ldap_chkResponseList ld 0x80bc048 msgid 1 all 1 > > ldap_chkResponseList returns ld 0x80bc048 NULL > > ldap_int_select > > read1msg: ld 0x80bc048 msgid 1 all 1 > > ber_get_next > > ber_get_next: tag 0x30 len 71 contents: > > read1msg: ld 0x80bc048 msgid 1 message type extended-result > > ber_scanf fmt ({eaa) ber: > > read1msg: ld 0x80bc048 0 new referrals > > read1msg: mark request completed, ld 0x80bc048 msgid 1 > > request done: ld 0x80bc048 msgid 1 > > res_errno: 0, res_error: <>, res_matched: <> > > ldap_free_request (origid 1, msgid 1) > > ldap_free_connection 0 1 > > ldap_free_connection: refcnt 1 > > ldap_parse_extended_result > > ber_scanf fmt ({eaa) ber: > > ber_scanf fmt (a) ber: > > ldap_parse_result > > ber_scanf fmt ({iaa) ber: > > ber_scanf fmt (x) ber: > > ber_scanf fmt (}) ber: > > ldap_msgfree > > ldap_perror > > ldap_start_tls: Operations error (1) > > additional info: SSL connection already established > > > > > > ------------------------------------------------------------------------ > > > > -- > > Fedora-directory-users mailing list > > Fedora-directory-users@redhat.com > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
Richard Megginson
2007-Sep-07 14:30 UTC
Re: [Fedora-directory-users] cleint problems with ssl and tls
Marco Strullato wrote:> Hello, I''m using ldapsearch provided by openldap-clients-2.3.27-5. > > Marco > > 2007/9/7, Satish Chetty <satish@suburbia.org.au > <mailto:satish@suburbia.org.au>>: > > Marco, > Which ldapsearch are you using? OL''s or the one that comes > with FDS? > > -Satish. > > Marco Strullato wrote: > > Hi all! > > I have a problem with ldap and ssl: > > I set up the fedora directory server with ssl following this link: > > http://directory.fedoraproject.org/wiki/Howto:SSL > > <http://directory.fedoraproject.org/wiki/Howto:SSL> > > > > The problem is client authentication: I mean when I do an > ldapsearch I > > get "SSL connection already established" but I don''t have any other > > connection to between client and server (check with netstat). > > > > What do you suggest me? > > > > Thanks > > > > Marco > > > > logs from the FDS server are: > > [07/Sep/2007:10:04:09 +0200] conn=10 fd=68 slot=68 SSL > connection from > > <ip_src> to <ip_dst> > > [07/Sep/2007:10:04:09 +0200] conn=10 SSL 256-bit AES > > [07/Sep/2007:10:04:09 +0200] conn=10 op=0 EXT > > oid="1.3.6.1.4.1.1466.20037" name="startTLS" > > [07/Sep/2007:10:04:09 +0200] conn=10 op=0 RESULT err=1 tag=120 > > nentries=0 etime=0 > > [07/Sep/2007:10:04:09 +0200] conn=10 op=-1 fd=68 closed - B1 >The problem is that you are attempting to use startTLS on a connection that you have already started TLS/SSL on. The original connection is already a SSL connection: "conn=10 fd=68 slot=68 SSL connection". Then there is an attempt to startTLS on this connection: "conn=10 op=0 EXT > oid="1.3.6.1.4.1.1466.20037" name="startTLS"". If you want to use startTLS, you must do so on a non-encrypted connection.> > > > > from client: > > ldap_create > > ldap_extended_operation_s > > ldap_extended_operation > > ldap_send_initial_request > > ldap_new_connection 1 1 0 > > ldap_int_open_connection > > ldap_connect_to_host: TCP ldaps_vm02_admin:636 > > ldap_new_socket: 3 > > ldap_prepare_socket: 3 > > ldap_connect_to_host: Trying <ip_server>:636 > > ldap_connect_timeout: fd: 3 tm: -1 async: 0 > > TLS trace: SSL_connect:before/connect initialization > > TLS trace: SSL_connect:SSLv2/v3 write client hello A > > TLS trace: SSL_connect:SSLv3 read server hello A > > TLS certificate verification: depth: 1, err: 0, subject: > /C=IT/O=<......> > > TLS certificate verification: depth: 0, err: 0, subject: > /C=IT/O=<......> > > TLS trace: SSL_connect:SSLv3 read server certificate A > > TLS trace: SSL_connect:SSLv3 read server certificate request A > > TLS trace: SSL_connect:SSLv3 read server done A > > TLS trace: SSL_connect:SSLv3 write client certificate A > > TLS trace: SSL_connect:SSLv3 write client key exchange A > > TLS trace: SSL_connect:SSLv3 write change cipher spec A > > TLS trace: SSL_connect:SSLv3 write finished A > > TLS trace: SSL_connect:SSLv3 flush data > > TLS trace: SSL_connect:SSLv3 read finished A > > ldap_open_defconn: successful > > ldap_send_server_request > > ber_scanf fmt ({it) ber: > > ber_scanf fmt ({) ber: > > ber_flush: 31 bytes to sd 3 > > ldap_result ld 0x80bc048 msgid 1 > > ldap_chkResponseList ld 0x80bc048 msgid 1 all 1 > > ldap_chkResponseList returns ld 0x80bc048 NULL > > wait4msg ld 0x80bc048 msgid 1 (infinite timeout) > > wait4msg continue ld 0x80bc048 msgid 1 all 1 > > ** ld 0x80bc048 Connections: > > * host: ldaps_vm02_admin port: 636 (default) > > refcnt: 2 status: Connected > > last used: Fri Sep 7 10:05:20 2007 > > > > ** ld 0x80bc048 Outstanding Requests: > > * msgid 1, origid 1, status InProgress > > outstanding referrals 0, parent count 0 > > ** ld 0x80bc048 Response Queue: > > Empty > > ldap_chkResponseList ld 0x80bc048 msgid 1 all 1 > > ldap_chkResponseList returns ld 0x80bc048 NULL > > ldap_int_select > > read1msg: ld 0x80bc048 msgid 1 all 1 > > ber_get_next > > ber_get_next: tag 0x30 len 71 contents: > > read1msg: ld 0x80bc048 msgid 1 message type extended-result > > ber_scanf fmt ({eaa) ber: > > read1msg: ld 0x80bc048 0 new referrals > > read1msg: mark request completed, ld 0x80bc048 msgid 1 > > request done: ld 0x80bc048 msgid 1 > > res_errno: 0, res_error: <>, res_matched: <> > > ldap_free_request (origid 1, msgid 1) > > ldap_free_connection 0 1 > > ldap_free_connection: refcnt 1 > > ldap_parse_extended_result > > ber_scanf fmt ({eaa) ber: > > ber_scanf fmt (a) ber: > > ldap_parse_result > > ber_scanf fmt ({iaa) ber: > > ber_scanf fmt (x) ber: > > ber_scanf fmt (}) ber: > > ldap_msgfree > > ldap_perror > > ldap_start_tls: Operations error (1) > > additional info: SSL connection already established > > > > > > > ------------------------------------------------------------------------ > > > > > -- > > Fedora-directory-users mailing list > > Fedora-directory-users@redhat.com > <mailto:Fedora-directory-users@redhat.com> > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > <mailto:Fedora-directory-users@redhat.com> > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
Marco Strullato
2007-Sep-07 14:37 UTC
Re: [Fedora-directory-users] cleint problems with ssl and tls
Thanks! changing the uri from ldaps to ldap it works! Marco 2007/9/7, Richard Megginson <rmeggins@redhat.com>:> > Marco Strullato wrote: > > Hello, I''m using ldapsearch provided by openldap-clients-2.3.27-5. > > > > Marco > > > > 2007/9/7, Satish Chetty <satish@suburbia.org.au > > <mailto:satish@suburbia.org.au>>: > > > > Marco, > > Which ldapsearch are you using? OL''s or the one that comes > > with FDS? > > > > -Satish. > > > > Marco Strullato wrote: > > > Hi all! > > > I have a problem with ldap and ssl: > > > I set up the fedora directory server with ssl following this link: > > > http://directory.fedoraproject.org/wiki/Howto:SSL > > > <http://directory.fedoraproject.org/wiki/Howto:SSL> > > > > > > The problem is client authentication: I mean when I do an > > ldapsearch I > > > get "SSL connection already established" but I don''t have any > other > > > connection to between client and server (check with netstat). > > > > > > What do you suggest me? > > > > > > Thanks > > > > > > Marco > > > > > > logs from the FDS server are: > > > [07/Sep/2007:10:04:09 +0200] conn=10 fd=68 slot=68 SSL > > connection from > > > <ip_src> to <ip_dst> > > > [07/Sep/2007:10:04:09 +0200] conn=10 SSL 256-bit AES > > > [07/Sep/2007:10:04:09 +0200] conn=10 op=0 EXT > > > oid="1.3.6.1.4.1.1466.20037" name="startTLS" > > > [07/Sep/2007:10:04:09 +0200] conn=10 op=0 RESULT err=1 tag=120 > > > nentries=0 etime=0 > > > [07/Sep/2007:10:04:09 +0200] conn=10 op=-1 fd=68 closed - B1 > > > > The problem is that you are attempting to use startTLS on a connection > that you have already started TLS/SSL on. The original connection is > already a SSL connection: "conn=10 fd=68 slot=68 SSL connection". Then > there is an attempt to startTLS on this connection: "conn=10 op=0 EXT > > oid="1.3.6.1.4.1.1466.20037" name="startTLS"". If you want to use > startTLS, you must do so on a non-encrypted connection. > > > > > > > > from client: > > > ldap_create > > > ldap_extended_operation_s > > > ldap_extended_operation > > > ldap_send_initial_request > > > ldap_new_connection 1 1 0 > > > ldap_int_open_connection > > > ldap_connect_to_host: TCP ldaps_vm02_admin:636 > > > ldap_new_socket: 3 > > > ldap_prepare_socket: 3 > > > ldap_connect_to_host: Trying <ip_server>:636 > > > ldap_connect_timeout: fd: 3 tm: -1 async: 0 > > > TLS trace: SSL_connect:before/connect initialization > > > TLS trace: SSL_connect:SSLv2/v3 write client hello A > > > TLS trace: SSL_connect:SSLv3 read server hello A > > > TLS certificate verification: depth: 1, err: 0, subject: > > /C=IT/O=<......> > > > TLS certificate verification: depth: 0, err: 0, subject: > > /C=IT/O=<......> > > > TLS trace: SSL_connect:SSLv3 read server certificate A > > > TLS trace: SSL_connect:SSLv3 read server certificate request A > > > TLS trace: SSL_connect:SSLv3 read server done A > > > TLS trace: SSL_connect:SSLv3 write client certificate A > > > TLS trace: SSL_connect:SSLv3 write client key exchange A > > > TLS trace: SSL_connect:SSLv3 write change cipher spec A > > > TLS trace: SSL_connect:SSLv3 write finished A > > > TLS trace: SSL_connect:SSLv3 flush data > > > TLS trace: SSL_connect:SSLv3 read finished A > > > ldap_open_defconn: successful > > > ldap_send_server_request > > > ber_scanf fmt ({it) ber: > > > ber_scanf fmt ({) ber: > > > ber_flush: 31 bytes to sd 3 > > > ldap_result ld 0x80bc048 msgid 1 > > > ldap_chkResponseList ld 0x80bc048 msgid 1 all 1 > > > ldap_chkResponseList returns ld 0x80bc048 NULL > > > wait4msg ld 0x80bc048 msgid 1 (infinite timeout) > > > wait4msg continue ld 0x80bc048 msgid 1 all 1 > > > ** ld 0x80bc048 Connections: > > > * host: ldaps_vm02_admin port: 636 (default) > > > refcnt: 2 status: Connected > > > last used: Fri Sep 7 10:05:20 2007 > > > > > > ** ld 0x80bc048 Outstanding Requests: > > > * msgid 1, origid 1, status InProgress > > > outstanding referrals 0, parent count 0 > > > ** ld 0x80bc048 Response Queue: > > > Empty > > > ldap_chkResponseList ld 0x80bc048 msgid 1 all 1 > > > ldap_chkResponseList returns ld 0x80bc048 NULL > > > ldap_int_select > > > read1msg: ld 0x80bc048 msgid 1 all 1 > > > ber_get_next > > > ber_get_next: tag 0x30 len 71 contents: > > > read1msg: ld 0x80bc048 msgid 1 message type extended-result > > > ber_scanf fmt ({eaa) ber: > > > read1msg: ld 0x80bc048 0 new referrals > > > read1msg: mark request completed, ld 0x80bc048 msgid 1 > > > request done: ld 0x80bc048 msgid 1 > > > res_errno: 0, res_error: <>, res_matched: <> > > > ldap_free_request (origid 1, msgid 1) > > > ldap_free_connection 0 1 > > > ldap_free_connection: refcnt 1 > > > ldap_parse_extended_result > > > ber_scanf fmt ({eaa) ber: > > > ber_scanf fmt (a) ber: > > > ldap_parse_result > > > ber_scanf fmt ({iaa) ber: > > > ber_scanf fmt (x) ber: > > > ber_scanf fmt (}) ber: > > > ldap_msgfree > > > ldap_perror > > > ldap_start_tls: Operations error (1) > > > additional info: SSL connection already established > > > > > > > > > > > > ------------------------------------------------------------------------ > > > > > > > > -- > > > Fedora-directory-users mailing list > > > Fedora-directory-users@redhat.com > > <mailto:Fedora-directory-users@redhat.com> > > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > -- > > Fedora-directory-users mailing list > > Fedora-directory-users@redhat.com > > <mailto:Fedora-directory-users@redhat.com> > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > > > ------------------------------------------------------------------------ > > > > -- > > Fedora-directory-users mailing list > > Fedora-directory-users@redhat.com > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > >