[SRU] libnss-ldap for edgy-proposed: Problem with LDAPS
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libnss-ldap (Ubuntu) |
Invalid
|
High
|
LaMont Jones |
Bug Description
I can't connect with SSL using libnss-ldap version 251-5.2.
It seems that strace always keeps connecting to port 389:
stat64(
connect(4, {sa_family=AF_INET, sin_port=
My /etc/libnss-
===
host 192.168.2.224
ssl on
nss_base_passwd ou=People,
nss_base_shadow ou=People,
nss_base_group ou=Group,
tls_checkpeer no
===
If I copy /lib/libnss_
connect(4, {sa_family=AF_INET, sin_port=
I will assume that you're referring to it hanging inside of glibc...
getent and ldapsearch work; finger and authentication (login, sudo, etc) do not.
This issue is fixed in upstream libnss-ldap 253 with a comment of:
253 Luke Howard <email address hidden>
* fix crasher if an empty buffer is passed to
initgroups (glibc NSS only)
Installing 253 fixes the issue here, I'm working on finding and backporting just that patch.