--On Thursday, March 01, 2007 12:05 PM +0200 Antonis Christofides
I stopped all services that were using libldap*, then started the
compiled slapd (with -u openldap anyway, and nothing else runs as that
user, though I'm not certain the libraries aren't opened before it
switches priviliges), and still I had the same symptom. (And my
compiled slapd is also believed to not use gnutls; it doesn't use
I therefore don't see any evidence that the problem is really
gnutls-related. That you can't reproduce it doesn't quite help,
you've compiled almost everything yourself.
You think I should also try to gradually compile things myself, trying
to locate which library causes the problem? Needless to say I'd
prefer a simpler investigation path, if one exists.
Well, I think the fact that I can't reproduce it points to one of two
(a) A misconfiguration of slapd on your part
(b) A problem in the packaging on the part of debian
Given that SSL tends to work just fine for you as long as you aren't doing
the differing debug level, I doubt it is (a), which points to (b) as the
problem. There's not a whole lot the OpenLDAP folks can do as the upstream
providers about that. It would need to be resolved by the debian folks.
Building out everything yourself or not is obviously your choice. I guess
it depends just how much time you want to spend tracking down where the
Principal Software Developer
ITS/Shared Application Services
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html