Skip Menu |

This queue is for tickets about the perl-ldap CPAN distribution.

Report information
The Basics
Id: 4114
Status: resolved
Priority: 0/
Queue: perl-ldap
People
Owner: Nobody in particular
Requestors: adv_bug.cpan.org [...] colour-control.com
Cc:
AdminCc:
Bug Information
Severity: Important
Broken in: 0.29
Fixed in: (no value)

History Show all quoted text
  Wed Oct 15 11:15:08 2003 Guest - Ticket created
Subject: Problems with perl-ldap and openssl
I have a Linux System SuSE 7.3 and - Openldap 2.1.22 - openssl 0.9.6j - samba 2.2.8a - smbldap-tools from idealx (modified) - perl-ldap-0.29 with - Convert-ASN1-0.18 - IO-Socket-SSL-0.95 - MIME-Base64-2.21 - Net_SSLeay.pm-1.25 - URI-1.27 LDAP runs with ssl on port 636, PAM-ldap and nss-ldap works. All things are fine until I upgrade from openssl 0.9.6j to 0.9.6k (I can reproduce it with an upgrade from openssl 0.9.7b to 0.9.7c), every smbldap-tool exits with error. I extracted the following sample code from a file and substituted some variables with fixed data ("maschinen" = a unix group only in LDAP, not in /etc/group): ---------------------------------------------------------------------------------- #! /usr/bin/perl use strict; use Net::LDAPS; my $lines = read_group("maschinen"); if (!defined($lines)) { print "$0: group maschinen doesn't exist\n"; exit (1); } print "$lines\n"; exit(0); # search for a group sub read_group { # my $user = shift; my $lines =''; my $ldap = Net::LDAPS->new("server.test.de") or die "erreur LDAP"; $ldap->bind ; my $mesg = $ldap->search ( # perform a search base => "c=de", scope => "sub", filter => "(&(objectclass=posixGroup)(cn=maschinen))" ); $mesg->code && die $mesg->error; foreach my $entry ($mesg->all_entries) { $lines.= "dn: " . $entry->dn."\n"; foreach my $attr ($entry->attributes) { { $lines.= $attr.": ".join(',', $entry->get_value($attr))."\n"; } } } $ldap->unbind; # take down sessio(n chomp $lines; if ($lines eq '') { return undef; } return $lines; } ---------------------------------------------------------------------------------- With openssl 0.9.6j and 0.9.7b I get the following result: server:/tmp # ./test.pl dn: cn=maschinen,ou=gruppen,o=test,c=de objectClass: posixGroup cn: maschinen gidNumber: 600 With openssl 0.9.6k and 0.9.7c I get the following result: server:/tmp # ./test.pl erreur LDAP at ./test.pl line 21, <DATA> line 225. It seems for me that smbldap is not the cause. I think, the error came from perl-ldap / Net_SSLeay or openssl but I am no programmer.
  Thu Oct 16 10:46:52 2003 gbarr [...] pobox.com - Correspondence added
From: Graham Barr <gbarr [...] pobox.com>
Subject: Re: [cpan #4114] Problems with perl-ldap and openssl
Date: Thu, 16 Oct 2003 15:46:12 +0100
To: bug-perl-ldap [...] rt.cpan.org
RT-Send-Cc:
This sounds like an openssl library issue. Maybe the author od IO::Socket::SSL might be able to shed some light on the issue. The IO::Socket::SSL docs do state that the latest library tested is 0.9.7b Graham. On 15 Oct 2003, at 16:15, Guest via RT wrote: Show quoted text
> I have a Linux System SuSE 7.3 and > > - Openldap 2.1.22 > - openssl 0.9.6j > - samba 2.2.8a > - smbldap-tools from idealx (modified) > > - perl-ldap-0.29 with - Convert-ASN1-0.18 > - IO-Socket-SSL-0.95 > - MIME-Base64-2.21 > - Net_SSLeay.pm-1.25 > - URI-1.27 > > LDAP runs with ssl on port 636, PAM-ldap and nss-ldap works. > > All things are fine until I upgrade from openssl 0.9.6j to 0.9.6k > (I can reproduce it with an upgrade from openssl 0.9.7b to 0.9.7c), > every smbldap-tool exits with error. > > I extracted the following sample code from a file and substituted some > variables > with fixed data ("maschinen" = a unix group only in LDAP, not in > /etc/group): > > ----------------------------------------------------------------------- > ----------- > > #! /usr/bin/perl > use strict; > use Net::LDAPS; > > my $lines = read_group("maschinen"); > if (!defined($lines)) { > print "$0: group maschinen doesn't exist\n"; > exit (1); > } > > print "$lines\n"; > exit(0); > > # search for a group > sub read_group > { > # my $user = shift; > my $lines =''; > my $ldap = Net::LDAPS->new("server.test.de") or die "erreur > LDAP"; > $ldap->bind ; > my $mesg = $ldap->search ( # perform a search > base => "c=de", > scope => "sub", > filter => > "(&(objectclass=posixGroup)(cn=maschinen))" > ); > > $mesg->code && die $mesg->error; > foreach my $entry ($mesg->all_entries) { > $lines.= "dn: " . $entry->dn."\n"; > foreach my $attr ($entry->attributes) { > { > $lines.= $attr.": ".join(',', > $entry->get_value($attr))."\n"; > } > } > } > > $ldap->unbind; # take down sessio(n > chomp $lines; > if ($lines eq '') { > return undef; > } > return $lines; > } > > ----------------------------------------------------------------------- > ----------- > > > With openssl 0.9.6j and 0.9.7b I get the following result: > > server:/tmp # ./test.pl > dn: cn=maschinen,ou=gruppen,o=test,c=de > objectClass: posixGroup > cn: maschinen > gidNumber: 600 > > > With openssl 0.9.6k and 0.9.7c I get the following result: > > server:/tmp # ./test.pl > erreur LDAP at ./test.pl line 21, <DATA> line 225. > > > > It seems for me that smbldap is not the cause. I think, the error came > from perl-ldap / Net_SSLeay or openssl but I am no programmer. > > >
  Sat Mar 25 22:58:29 2006 GBARR [...] CPAN.ORG - Status changed from 'new' to 'resolved'