--On Thursday, March 01, 2007 12:05 PM +0200 Antonis Christofides anthony@itia.ntua.gr wrote:
I stopped all services that were using libldap*, then started the compiled slapd (with -u openldap anyway, and nothing else runs as that user, though I'm not certain the libraries aren't opened before it switches priviliges), and still I had the same symptom. (And my compiled slapd is also believed to not use gnutls; it doesn't use libldap anyway.)
I therefore don't see any evidence that the problem is really gnutls-related. That you can't reproduce it doesn't quite help, you've compiled almost everything yourself.
You think I should also try to gradually compile things myself, trying to locate which library causes the problem? Needless to say I'd prefer a simpler investigation path, if one exists.
Well, I think the fact that I can't reproduce it points to one of two things:
(a) A misconfiguration of slapd on your part or (b) A problem in the packaging on the part of debian
Given that SSL tends to work just fine for you as long as you aren't doing the differing debug level, I doubt it is (a), which points to (b) as the problem. There's not a whole lot the OpenLDAP folks can do as the upstream providers about that. It would need to be resolved by the debian folks.
Building out everything yourself or not is obviously your choice. I guess it depends just how much time you want to spend tracking down where the issue resides.
--Quanah
-- Quanah Gibson-Mount Principal Software Developer ITS/Shared Application Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html