slapd breaks NSS, NSS breaks slapd
by manu@netbsd.org
Hello
I have a machine where slapd will not start if ldap://localhost is
listed in /etc/nss_ldap.conf. It just hangs:
# slapd -u slapd -h ldap://localhost -d5
@(#) $OpenLDAP: slapd 2.4.8 (Jun 24 2008 04:21:32) $
root@:/pkg_comp/obj/pkgsrc/databases/openldap-server/default/openldap-2.
4.8/servers/slapd
daemon_init: ldap://localhost
daemon_init: listen on ldap://localhost
daemon_init: 1 listeners to open...
ldap_url_parse_ext(ldap://localhost)
daemon: listener initialized ldap://localhost
daemon_init: 2 listeners opened
ldap_create
ldap_url_parse_ext(ldap://127.0.0.1)
ldap_create
ldap_url_parse_ext(ldap://127.0.0.1)
ldap_create
ldap_url_parse_ext(ldap://127.0.0.1)
ldap_simple_bind
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP 127.0.0.1:389
ldap_new_socket: 8
ldap_prepare_socket: 8
ldap_connect_to_host: Trying 127.0.0.1:389
ldap_pvt_connect: fd: 8 tm: 30 async: 0
ldap_ndelay_on: 8
ldap_int_poll: fd: 8 tm: 30
If I remove ldap://localhost from nss_ldap.conf, is works fine. Any idea
how to get that working?
Here is nss_ldap.conf:
BASE dc=example,dc=net
URI ldap://localhost ldap://ldap.example.net
TLS_CACERT /etc/openssl/certs/ca.crt
TLS_REQCERT demand
--
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu(a)netbsd.org
13 years, 12 months
Multi Master doesn't replicate everything
by Pat Riehecky
I have gotten two boxes setup in multi master and was loading up my test
data when I noticed everything isn't being replicated.
In particular the entire ou=idmap tree is being sent, but not recorded.
When I put slapd into debug I can see the system receiving the entire
tree, but it doesn't seem to be trying to insert it into the database.
After it pulls the data over I get an error
do_syncrep2:
cookie=rid=001,sid=002,csn=20080807221724.788347Z#000000#001#000000
do_syncrep2: rid=001 CSN too old, ignoring
20080807221724.788347Z#000000#001#000000
ldap_msgfree
Which is telling me the entry is being flagged as older than it should
be for getting transferred over. Slapd is doing the efficient thing and
skipping entries that /should/ be on the other system already. My
problem is that it isn't on the other system.
I realize that the replication work is done off of the UUID and CSN, but
about 30% of my replication test came back with the CSN too old message.
I am just sort of wondering, is there a way to have openldap say, "Hey,
I realize this CSN is old and everything, but this is a dn on the one of
us that isn't on the other." Is there something I can do to bulk update
the CSNs (fully expecting downtime and horrid performance as loads of
needless replications happen)? From my perspective, I would rather have
rather horrid performance and a trustworthy mirror than it run like a
dream and not have my trust.
OpenLDAP 2.4.11
Pat
13 years, 12 months
dynlist with back-config examples
by Jeff Strunk
Is anyone using the dynlist overlay and back-config? The slapo-dynlist
man page says it supports configuration via back-config, but it does
not say how. My searches have only come up with old messages from
before the overlay supported back-config and the man page.
So far, I have added "olcModuleLoad: {2}dynlist.la" to
cn=module{0},cn=config . After reloading, I checked cn=subschema for
olcDLattrSet which I found in the dynlist source, but it wasn't there.
I think I would to add the following entry:
dn: olcOverlay={1}dynlist,olcDatabase={1}hdb,cn=config
objectClass: olcOverlayConfig
objectClass: top
olcOverlay: {1}dynlist
olcDLattrSet: groupOfURLs memberURL
When I try, I get:
adding new entry "olcOverlay={1}dynlist,olcDatabase={1}hdb,cn=config"
ldap_add: Object class violation (65)
additional info: attribute 'olcDLattrSet' not allowed
What is the right way to do this?
I am using OpenLDAP 2.4.9 on ubuntu hardy built with openssl.
Thank you,
Jeff
14 years
Not all ports are open in debug mode?
by Pat Riehecky
I am trying to troubleshoot a sync related issue (which is still in
progress) so I do the sane thing and launch slapd by hand with -d 16384,
but when I do this it doesn't seem to open the 636 port....
It seems like it should as I am running:
/usr/sbin/slapd -h ldap:/// ldaps:/// ldapi:/// -g openldap -u openldap
-f /etc/ldap/slapd.conf -d 16384
When I do not launch it with debugging on 636 is opened.... What obvious
thing am I missing?
OpenLDAP 2.4.11
Pat
14 years
Re: incomplete slapcat output
by Kevin Maguire
Hi
> You could request the operational attrs too, that way you'd keep it:
How? Ah, I add "+" to the ldapsearch. Nice.
> You need to make sure and run db_recover after any power outage, before
> starting slapd. But since (as you noted already) checkpoint does not work
> correctly in OpenLDAP 2.2, this is of limited benefit. What you really need
> to do is invest the time to move to either OpenLDAP 2.3 or OpenLDAP 2.4,
> both of which have auto-recover.
The problem is that the unexpected power outage is often short lived,
and the supplied sles init script seems to make a bad job of
recovering when the system boots again before I get to it. That said
it does have this logic
if [ "$(echo "$OPENLDAP_RUN_DB_RECOVER" | tr 'A-Z' 'a-z')" ==
"yes" ]; then
# only run db_recover if slapd isn't running
checkproc -p /var/run/slapd/slapd.pid $SLAPD_BIN
CHECKPROC_RC=$?
if [ ${CHECKPROC_RC} -ne 0 ]; then
run_db_recover;
fi
fi
where (aghhhh!) OPENLDAP_RUN_DB_RECOVER is set to no by default in
/etc/sysconfig/openldap - I guess I should change it!
I had read in a FAQ/tips page somewhere that a cron entry running
db_checkpoint was worthwhile/advisable for 2.2.x?
As to the move to 2.3/2.4 - that's change management and I'm working
on it. However our requirement is to be running the same stuff as our
main customers, and their current platform is sles9+sp2. They move
forward, we will move forward too - such restrictions are in my
experience quite common.
Thanks,
Kevin
14 years
Re: incomplete slapcat output
by Kevin Maguire
Hi
> .. dumping your entire DB via ldapsearch to an LDIF file.
I did this via:
ldapsearch -LLL -x -W \
-D "my_rootdn" "objectClass=*" > all-dap-info
then copied this file to a sles9 test server and on that test server
stopped ldap
cleared out all files in /var/lib/ldap
slapadd -l /path/to/all-dap-info
started ldap
And my own account/password, which I changed before making this transition,
worked on a test client set to auth against the test server. slapcat also
now sees the entries that it did not see before. I guess that is all good
news. I've got no way to know if all the passwords are the most current ones
(from the users standpoint) I guess, and I lost the last changed time info
too.
After doing so I get this in /var/lib/ldap/
# db_stat -l
40988 Log magic number.
8 Log version number.
32KB Log record cache size.
0600 Log file mode.
10Mb Current log file size.
299KB 531B Log bytes written.
Log bytes written since last checkpoint.
99 Total log file writes.
1 Total log file write due to overflow.
98 Total log file flushes.
1 Current log file number.
306707 Current log file offset.
1 On-disk log file number.
306707 On-disk log file offset.
1 Max commits in a log flush.
0 Min commits in a log flush.
96KB Log region size.
0 The number of region locks granted after waiting.
1361 The number of region locks granted without waiting.
Does that look kind of what it should (there are 81 entries in the ldap db)
What cron entries running db_something, or DB_CONFIG settings, should I use
to keep the DB in good order, up to date, even in case of a power outage,
given my relatively small, ldap DB?
And thanks for answers so far.
Kevin
14 years
Re: incomplete slapcat output
by Kevin Maguire
> Nope, you are using it correctly. The __db.* files being gone is correct.
> Looks like you're pretty much SOL. I'd be fairly certain the SuSE Linux BDB
> doesn't have all the required patches, either. I would seriously advise
> building your own BDB and OpenLDAP release on that server.
>
SOL is new one me, I'm guess it's not good.
Remember that my original query is that clients seem to be accessing bits of
the database that slapcat can't see - I just checked that ldapsearch can see
those entries (though I can't see the shadowPassword field - looking into
how to do that). But slapcat doesn't list them, and that's weird, no?
Kevin
14 years
Re: incomplete slapcat output
by Kevin Maguire
Hi
Does that preclude you building your own OpenLDAP server on that platform?
> Using vendor built slapd is not recommended for a variety of reasons.
>
Not really an easy option for a variety of reasons. Anyway I'd rather
understand the problem first than just upgrade without knowing why I'm doing
so.
But not 100% ruled out either.
> Have you tried stopping slapd and running db_recover on the database? Note
> that you cannot run that command while slapd is running.
>
Yes.
# /etc/init.d/ldap stop
Shutting down ldap-server done
# pgrep slapd
# cd /var/lib/ldap/
# ls -l
total 276
drwx------ 3 ldap ldap 4096 Aug 7 20:19 .
drwxr-xr-x 27 root root 4096 Aug 7 04:15 ..
-rw------- 1 ldap ldap 16384 Aug 7 20:19 __db.001
-rw------- 1 ldap ldap 278528 Aug 7 20:19 __db.002
-rw------- 1 ldap ldap 98304 Aug 7 20:19 __db.003
-rw------- 1 ldap ldap 450560 Aug 7 20:19 __db.004
-rw------- 1 ldap ldap 24576 Aug 7 20:19 __db.005
-rw------- 1 ldap ldap 32768 Aug 7 20:15 dn2id.bdb
-rw------- 1 ldap ldap 131072 Aug 7 23:21 id2entry.bdb
-rw-r----- 1 ldap ldap 1612 Aug 7 23:21 log.0000000001
-rw------- 1 ldap ldap 16384 Aug 7 20:15 objectClass.bdb
-rw------- 1 ldap ldap 8192 Aug 7 20:20 userPassword.bdb
# db_recover
db_recover: Log sequence error: page LSN 1 520; previous LSN 1 98700
db_recover: Recovery function for LSN 1 452 failed on forward pass
db_recover: PANIC: Invalid argument
db_recover: PANIC: fatal region error detected; run recovery
db_recover: PANIC: fatal region error detected; run recovery
db_recover: PANIC: fatal region error detected; run recovery
db_recover: PANIC: fatal region error detected; run recovery
db_recover: PANIC: fatal region error detected; run recovery
db_recover: PANIC: fatal region error detected; run recovery
db_recover: DB_ENV->open: DB_RUNRECOVERY: Fatal error, run database recovery
# db_recover -V
Sleepycat Software: Berkeley DB 4.2.52: (June 30, 2004)
#
Maybe I'm using the too wrong? I note that after I run the erring db_recover
the __db.00X files are gone.
Kevin
14 years
incomplete slapcat output
by Kevin Maguire
Hello
I am using an opeldap DB for authentication on Linux clients. Twice in
recent months we have had "issues" with power loss, on recovery recent (and
not so recent) changes have been completely lost and had to be re-added
manually. The number of users is not large, 60 or so. But still ....
I have read a lot on this, and understand that the issue is to do with the
bdb backend, checkpoints and the like. However there seems to be some
contradictory advice, and the getting to the core issue and resolving it has
proved difficult.
Today I returned to look at the issue, and first of all I thought I would
dump the db using slapcat. This I did. But the dump is incomplete - users
who I know exist in the "people" container are not listed. For example I
know the account xxx exists, I can login on a client using that account, I
can change the password, the new password works on other clients straight
away, but the account info does not appear at all in slapcat out.
If I db_stat -l in /var/lib/ldap I get
# db_stat -l
40988 Log magic number.
8 Log version number.
32KB Log record cache size.
0600 Log file mode.
10Mb Current log file size.
27KB 854B Log bytes written.
27KB 854B Log bytes written since last checkpoint.
49 Total log file writes.
0 Total log file write due to overflow.
49 Total log file flushes.
1 Current log file number.
89679 Current log file offset.
1 On-disk log file number.
89679 On-disk log file offset.
1 Max commits in a log flush.
0 Min commits in a log flush.
96KB Log region size.
0 The number of region locks granted after waiting.
826 The number of region locks granted without waiting.
I admit I don't really understand the above, not the real purpose/function
of the __db.XXX and log.XXXXXX files.
If I do db_printlog I can see entries corresponding to the password changing
above, i.e.
repl: 0x10 shadowLastChange0 0x1 0x5 140980 0 0xc userPassword0 0x1
0x14
{crypt}452R6o6ONphks0 0 0x8 entryCSN0 0x1
20080807183642Z#000001#00#0000000 0
0xd modifiersName0 0x1 .uid=xxx,ou=people,dc=company,dc=com0 0x1 .uid
=xxx,ou=people,dc=company,dc=com0 0xf modifyTimestamp0 0x1 0xf 200808
071836
Ideas? I am afraid whatever changes we are making here as going to get lost
somewhere if we lose power again. Perhaps other db_tools can help me, but I
am afraid I make things worse. I have built a parallel VM, with the same
versions, that I can use for testing.
We have the "checkpoint 1024 5" enabled in /etc/openldap/slapd.conf, but
I've read that as we are using 2.2.x this does not have the "obvious"
meaning you might think.
TiA
Kevin
PS: I am running the following versions
# rpm -q openldap2 db
openldap2-2.2.24-4.12
db-4.2.52-86.3
on SLES9+sp2. We are committed to staying with that platform for
compatibility reasons.
14 years
openldap 2.4.11 compile error with openssl-0.9.8-stable
by Éliás Tamás
Udv / Greetings!
I have to compile openldap against the latest openssl libs, with the
following options:
--disable-slurpd --disable-ipv6 --disable-local --enable-syslog --enable-debug \
--disable-cleartext --enable-crypt --disable-bdb --disable-relay --disable-monitor \
--disable-refint --disable-syncprov --enable-unique \
--enable-shared --with-threads --with-tls --with-gnu-ld
CFLAGS="-g -O3 -march=pentium3 -ffast-math -pipe -fomit-frame-pointer -mfpmath=sse,387 -mmmx -msse"
On the system, there is the openssl-0.9.8-stable installed. openldap
compilation results in the following error:
ackages/openldap-2.4.11/libraries/liblber/.libs/liblber.a ../../libraries/liblber/.libs/liblber.a ../../libraries/liblutil/liblutil.a /usr/lib/libsasl2.so -ldl -lssl -lcrypto -lcrypt -lresolv
./.libs/libldap.a(os-ip.o): In function `ldap_pvt_is_socket_ready':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/os-ip.c:211: warning: `sys_errlist' is deprecated; use `strerror' or `strerror_r' instead
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/os-ip.c:211: warning: `sys_nerr' is deprecated; use `strerror' or `strerror_r' instead
./.libs/libldap.a(tls.o): In function `sb_tls_bio_write':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1238: undefined reference to `BIO_clear_flags'
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1242: undefined reference to `BIO_set_flags'
./.libs/libldap.a(tls.o): In function `sb_tls_bio_read':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1211: undefined reference to `BIO_clear_flags'
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1215: undefined reference to `BIO_set_flags'
./.libs/libldap.a(tls.o): In function `sb_tls_bio_write':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1238: undefined reference to `BIO_clear_flags'
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1242: undefined reference to `BIO_set_flags'
./.libs/libldap.a(tls.o): In function `ldap_int_tls_init_ctx':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:871: undefined reference to `SSL_CTX_set_info_callback'
collect2: ld returned 1 exit status
make[2]: *** [urltest] Error 1
make[2]: *** Waiting for unfinished jobs....
cc -g -O3 -march=pentium3 -ffast-math -pipe -fomit-frame-pointer -mfpmath=sse,387 -mmmx -msse -o ltest test.o ./.libs/libldap.a /sources/mystaller/packages/openldap-2.4.11/libraries/liblber/.libs/liblber.a ../../libraries/liblber/.libs/liblber.a ../../libraries/liblutil/liblutil.a /usr/lib/libsasl2.so -ldl -lssl -lcrypto -lcrypt -lresolv
./.libs/libldap.a(os-ip.o): In function `ldap_pvt_is_socket_ready':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/os-ip.c:211: warning: `sys_errlist' is deprecated; use `strerror' or `strerror_r' instead
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/os-ip.c:211: warning: `sys_nerr' is deprecated; use `strerror' or `strerror_r' instead
./.libs/libldap.a(tls.o): In function `sb_tls_bio_write':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1238: undefined reference to `BIO_clear_flags'
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1242: undefined reference to `BIO_set_flags'
./.libs/libldap.a(tls.o): In function `sb_tls_bio_read':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1211: undefined reference to `BIO_clear_flags'
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1215: undefined reference to `BIO_set_flags'
./.libs/libldap.a(tls.o): In function `sb_tls_bio_write':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1238: undefined reference to `BIO_clear_flags'
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1242: undefined reference to `BIO_set_flags'
./.libs/libldap.a(tls.o): In function `ldap_int_tls_init_ctx':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:871: undefined reference to `SSL_CTX_set_info_callback'
collect2: ld returned 1 exit status
make[2]: *** [apitest] Error 1
cc -g -O3 -march=pentium3 -ffast-math -pipe -fomit-frame-pointer -mfpmath=sse,387 -mmmx -msse -o ftest ftest.o ./.libs/libldap.a /sources/mystaller/packages/openldap-2.4.11/libraries/liblber/.libs/liblber.a ../../libraries/liblber/.libs/liblber.a ../../libraries/liblutil/liblutil.a /usr/lib/libsasl2.so -ldl -lssl -lcrypto -lcrypt -lresolv
./.libs/libldap.a(os-ip.o): In function `ldap_pvt_is_socket_ready':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/os-ip.c:211: warning: `sys_errlist' is deprecated; use `strerror' or `strerror_r' instead
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/os-ip.c:211: warning: `sys_nerr' is deprecated; use `strerror' or `strerror_r' instead
./.libs/libldap.a(tls.o): In function `sb_tls_bio_write':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1238: undefined reference to `BIO_clear_flags'
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1242: undefined reference to `BIO_set_flags'
./.libs/libldap.a(tls.o): In function `sb_tls_bio_read':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/./.libs/libldap.a(tls.c:1211: undefined reference to `BIO_clear_flags'
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1215: undefined reference to `BIO_set_flags'
./.libs/libldap.a(tls.o): In function `sb_tls_bio_write':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1238: undefined reference to `BIO_clear_flags'
/sources/mystaller/packages/openldapos-ip.o): In function `ldap_pvt_is_socket_ready':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/os-ip.c:211: warning: `sys_errlist' is deprecated; use `strerror' or `strerror_r' instead
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/os-ip.c:211: warning: `sys_nerr' is deprecated; use `strerror' or `strerror_r' instead
./.libs/libldap.a(tls.o): In function `sb_tls_bio_write':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1238: undefined reference to `BIO_clear_flags'
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1242: undefined reference to `BIO_set_flags'
./.libs/libldap.a(tls.o): In function `sb_tls_bio_read':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1211: undefined reference to `BIO_clear_flags'
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1215: undefined reference to `BIO_set_flags'
./.libs/libldap.a(tls.o): In function `sb_tls_bio_write':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1238: undefined reference to `BIO_clear_flags'
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1242: undefined reference to `BIO_set_flags'
./.libs/libldap.a(tls.o): In function `ldap_int_tls_init_ctx':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:871: undefined reference to `SSL_CTX_set_info_callback'
collect2: ld returned 1 exit status
-2.4.11/libraries/libldap/tls.c:1242: undefined reference to `BIO_set_flags'
./.libs/libldap.a(tls.o): In function `ldap_int_tls_init_ctx':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:871: undefined reference to `SSL_CTX_set_info_callback'
collect2: ld returned 1 exit status
make[2]: *** [ftest] Error 1
make[2]: *** [ltest] Error 1
cc -g -O3 -march=pentium3 -ffast-math -pipe -fomit-frame-pointer -mfpmath=sse,387 -mmmx -msse -o dntest dntest.o ./.libs/libldap.a /sources/mystaller/packages/openldap-2.4.11/libraries/liblber/.libs/liblber.a ../../libraries/liblber/.libs/liblber.a ../../libraries/liblutil/liblutil.a /usr/lib/libsasl2.so -ldl -lssl -lcrypto -lcrypt -lresolv
./.libs/libldap.a(os-ip.o): In function `ldap_pvt_is_socket_ready':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/os-ip.c:211: warning: `sys_errlist' is deprecated; use `strerror' or `strerror_r' instead
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/os-ip.c:211: warning: `sys_nerr' is deprecated; use `strerror' or `strerror_r' instead
./.libs/libldap.a(tls.o): In function `sb_tls_bio_write':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1238: undefined reference to `BIO_clear_flags'
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1242: undefined reference to `BIO_set_flags'
./.libs/libldap.a(tls.o): In function `sb_tls_bio_read':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1211: undefined reference to `BIO_clear_flags'
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1215: undefined reference to `BIO_set_flags'
./.libs/libldap.a(tls.o): In function `sb_tls_bio_write':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1238: undefined reference to `BIO_clear_flags'
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1242: undefined reference to `BIO_set_flags'
./.libs/libldap.a(tls.o): In function `ldap_int_tls_init_ctx':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:871: undefined reference to `SSL_CTX_set_info_callback'
collect2: ld returned 1 exit status
make[2]: *** [dntest] Error 1
make[2]: Leaving directory `/sources/mystaller/packages/openldap-2.4.11/libraries/libldap'
make[1]: *** [all-common] Error 1
make[1]: Leaving directory `/sources/mystaller/packages/openldap-2.4.11/libraries'
make: *** [all-common] Error 1
cd tests; make test
make[1]: Entering directory `/sources/mystaller/packages/openldap-2.4.11/tests'
make[2]: Entering directory `/sources/mystaller/packages/openldap-2.4.11/tests'
run configure with --enable-bdb to run BDB tests
make[2]: Leaving directory `/sources/mystaller/packages/openldap-2.4.11/tests'
make[2]: Entering directory `/sources/mystaller/packages/openldap-2.4.11/tests'
Initiating LDAP tests for HDB...
Could not locate slapd(8)
make[2]: *** [hdb-yes] Error 1
make[2]: Leaving directory `/sources/mystaller/packages/openldap-2.4.11/tests'
make[1]: *** [test] Error 2
make[1]: Leaving directory `/sources/mystaller/packages/openldap-2.4.11/tests'
make: *** [test] Error 2
Making all in /sources/mystaller/packages/openldap-2.4.11
Entering subdirectory include
make[1]: Entering directory `/sources/mystaller/packages/openldap-2.4.11/include'
make[1]: Nothing to be done for `all'.
make[1]: Leaving directory `/sources/mystaller/packages/openldap-2.4.11/include'
Entering subdirectory libraries
make[1]: Entering directory `/sources/mystaller/packages/openldap-2.4.11/libraries'
Making all in /sources/mystaller/packages/openldap-2.4.11/libraries
Entering subdirectory liblutil
make[2]: Entering directory `/sources/mystaller/packages/openldap-2.4.11/libraries/liblutil'
make[2]: Nothing to be done for `all'.
make[2]: Leaving directory `/sources/mystaller/packages/openldap-2.4.11/libraries/liblutil'
Entering subdirectory liblber
make[2]: Entering directory `/sources/mystaller/packages/openldap-2.4.11/libraries/liblber'
make[2]: Nothing to be done for `all'.
make[2]: Leaving directory `/sources/mystaller/packages/openldap-2.4.11/libraries/liblber'
Entering subdirectory liblunicode
make[2]: Entering directory `/sources/mystaller/packages/openldap-2.4.11/libraries/liblunicode'
make[2]: Nothing to be done for `all'.
make[2]: Leaving directory `/sources/mystaller/packages/openldap-2.4.11/libraries/liblunicode'
Entering subdirectory libldap
make[2]: Entering directory `/sources/mystaller/packages/openldap-2.4.11/libraries/libldap'
/bin/sh ../..//libtool --mode=link cc -static -g -O3 -march=pentium3 -ffast-math -pipe -fomit-frame-pointer -mfpmath=sse,387 -mmmx -msse -o apitest apitest.o libldap.la ../../libraries/liblber/liblber.la ../../libraries/liblutil/liblutil.a -lsasl2 -lssl -lcrypto -lcrypt -lresolv
cc -g -O3 -march=pentium3 -ffast-math -pipe -fomit-frame-pointer -mfpmath=sse,387 -mmmx -msse -o apitest apitest.o ./.libs/libldap.a /sources/mystaller/packages/openldap-2.4.11/libraries/liblber/.libs/liblber.a ../../libraries/liblber/.libs/liblber.a ../../libraries/liblutil/liblutil.a /usr/lib/libsasl2.so -ldl -lssl -lcrypto -lcrypt -lresolv
./.libs/libldap.a(os-ip.o): In function `ldap_pvt_is_socket_ready':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/os-ip.c:211: warning: `sys_errlist' is deprecated; use `strerror' or `strerror_r' instead
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/os-ip.c:211: warning: `sys_nerr' is deprecated; use `strerror' or `strerror_r' instead
./.libs/libldap.a(tls.o): In function `sb_tls_bio_write':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1238: undefined reference to `BIO_clear_flags'
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1242: undefined reference to `BIO_set_flags'
./.libs/libldap.a(tls.o): In function `sb_tls_bio_read':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1211: undefined reference to `BIO_clear_flags'
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1215: undefined reference to `BIO_set_flags'
./.libs/libldap.a(tls.o): In function `sb_tls_bio_write':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1238: undefined reference to `BIO_clear_flags'
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:1242: undefined reference to `BIO_set_flags'
./.libs/libldap.a(tls.o): In function `ldap_int_tls_init_ctx':
/sources/mystaller/packages/openldap-2.4.11/libraries/libldap/tls.c:871: undefined reference to `SSL_CTX_set_info_callback'
collect2: ld returned 1 exit status
make[2]: *** [apitest] Error 1
make[2]: Leaving directory `/sources/mystaller/packages/openldap-2.4.11/libraries/libldap'
make[1]: *** [all-common] Error 1
make[1]: Leaving directory `/sources/mystaller/packages/openldap-2.4.11/libraries'
make: *** [all-common] Error 1
any ideas how to resolve it?
--
Éliás Tamás / Thomas Elias
Okleveles mérnök-informatikus / Master of Science in Information Technology (MSC)
Vizsgázott Cisco hálózati mérnök / Certified Cisco Network Engineer
Vizsgázott IBM UDB DB2 Adatbázis Adminisztrátor / Certified IBM UDB DB2 Database Administrator
Rendszerintegrátor - Rendszergazda / IT System Integrator - System administrator
mailto: elias.tamas(a)uni-pen.hu
Tel.: +3630/4971626 ; ICQ UIN: 206-714-459 ; SKYPE: "elias.tamas"
OpenPGP public key: http://pszinfo.hu/elias.tamas.asc
Quote: "Too many people making too many problems!"
14 years