On Wed, 25 Mar 2009 15:09:09 +0100, Peter Mogensen apm@mutex.dk wrote:
Hi,
[snip]
Second: I have problem with SASL/EXTERNAL and TLS. The server can't seem to find the client certificate. I'm using slapd from Debian Lenny and Ubuntu Hardy, and it's probably due to GnuTLS problems. I get error from slapd like: "TLS: can't accept: A TLS packet with unexpected length was received.." "unable to get TLS client DN, error=-4 id=0"
Are GnuTLS just completely broken on Debian Lenny or can this be made to work?
Which version of OpenLDAP are you using ? If using 2.4.15, the ldap "client" libs have broken SASL/EXTERNAL implementation. These libs are also used for consumer to connect to provider.
Patch already submitted and to be available with 2.4.16.
/Peter
Hope it can help, Sincerely yours, Mathieu.