Your message dated Sun, 22 Apr 2012 20:57:06 +0000
with message-id <[email protected]>
and subject line Bug#661955: fixed in nss-pam-ldapd 0.8.7-1
has caused the Debian Bug report #661955,
regarding Spurious SSL warning with DNS SRV mode
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
661955: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661955
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: nslcd
Version: 0.7.15+squeeze1
In DNS, I have SRV records such as
_ldap._tcp.example.org. IN SRV 0 0 636 ldap-host1.example.org.
Notice that it is actually an SSL listener (on port 636). They are not
listed as _ldaps SRV records because ldapsearch (which relies on
libldap) doesn't seem to look at the _ldaps record at all, it just looks
at the URI scheme
In /etc/nslcd.conf, I set:
uri DNS
and I found that I have to explicitly set:
ssl on
as well, or it won't work
Now it is working, but on startup, I get this error:
nslcd: ldap://ldap-host1.example.org:636 doesn't start with ldaps:// and
"ssl on" is specified
Despite the startup error, nslcd appears to be working fine with the TLS
servers and SRV records.
--- End Message ---
--- Begin Message ---
Source: nss-pam-ldapd
Source-Version: 0.8.7-1
We believe that the bug you reported is fixed in the latest version of
nss-pam-ldapd, which is due to be installed in the Debian FTP archive:
libnss-ldapd_0.8.7-1_i386.deb
to main/n/nss-pam-ldapd/libnss-ldapd_0.8.7-1_i386.deb
libpam-ldapd_0.8.7-1_i386.deb
to main/n/nss-pam-ldapd/libpam-ldapd_0.8.7-1_i386.deb
nslcd_0.8.7-1_i386.deb
to main/n/nss-pam-ldapd/nslcd_0.8.7-1_i386.deb
nss-pam-ldapd_0.8.7-1.debian.tar.gz
to main/n/nss-pam-ldapd/nss-pam-ldapd_0.8.7-1.debian.tar.gz
nss-pam-ldapd_0.8.7-1.dsc
to main/n/nss-pam-ldapd/nss-pam-ldapd_0.8.7-1.dsc
nss-pam-ldapd_0.8.7.orig.tar.gz
to main/n/nss-pam-ldapd/nss-pam-ldapd_0.8.7.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Arthur de Jong <[email protected]> (supplier of updated nss-pam-ldapd package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 22 Apr 2012 22:00:00 +0200
Source: nss-pam-ldapd
Binary: nslcd libnss-ldapd libpam-ldapd
Architecture: source i386
Version: 0.8.7-1
Distribution: unstable
Urgency: low
Maintainer: Arthur de Jong <[email protected]>
Changed-By: Arthur de Jong <[email protected]>
Description:
libnss-ldapd - NSS module for using LDAP as a naming service
libpam-ldapd - PAM module for using LDAP as an authentication service
nslcd - Daemon for NSS and PAM lookups using LDAP
Closes: 661955
Changes:
nss-pam-ldapd (0.8.7-1) unstable; urgency=low
.
* new upstream release:
- log the first 10 search results in debug mode to make debugging
easier (patch by Matthijs Kooijman)
- provide more detailed logging information for LDAP errors, this
should especially help for TLS related problems (based on a patch by
Mel Flynn)
- fix logging of invalid pam_authz_search value (LP: #951343)
- when doing DNS queries for SRV records recognise default ldap and
ldaps ports (closes: #661955)
- make whether or not to do case-sensitive filtering configurable
(patch by Matthew L. Dailey)
- document the fact that each thread opens it's own connection (patch
by Chris Hiestand)
- some small portability improvements
- try to prevent some of the Broken pipe messages in nslcd
- increase buffer used for pam_authz_search as suggested by Chris J Arges
* update the X-Start-Before header in the init script to ensure that nslcd
is started before the display managers
* update debhelper dependency and remove lintian override
* mark nslcd as multi-arch foreign to allow it to satisfy dependencies
on any arch
* drop no-symbols-control-file lintian override which is no longer needed
* upgrade to standards-version 3.9.3 (no changes needed)
Checksums-Sha1:
8a53bacfc8a47fb9b6d84f76869ba7544c3127a4 1510 nss-pam-ldapd_0.8.7-1.dsc
7cfeab825b44e165e2a51cd79890db19f5666d12 472515 nss-pam-ldapd_0.8.7.orig.tar.gz
42a7112e6ed4e3caba75108517e6c3ce8f55fc40 88325
nss-pam-ldapd_0.8.7-1.debian.tar.gz
dad66b94c1025342ac75aca5d1f9d265da9db7ca 166508 nslcd_0.8.7-1_i386.deb
7caf59f4dfb957a058b597dada80c04a37bf64f1 62118 libnss-ldapd_0.8.7-1_i386.deb
c52765e4d6461609bb089c06de244a3cbc494e6a 54432 libpam-ldapd_0.8.7-1_i386.deb
Checksums-Sha256:
cf9b5815863e5f843877a40fb68b06b2c296375491e8b76e8feaca9edeb65851 1510
nss-pam-ldapd_0.8.7-1.dsc
c5277def773cb108cdcfcce8a05ab4a49e39944024a493dda1310637d10762b8 472515
nss-pam-ldapd_0.8.7.orig.tar.gz
a86ce00d9d63e658fafca71285bbd70740798316af395e3469d93c31f55ce830 88325
nss-pam-ldapd_0.8.7-1.debian.tar.gz
266688bcd643a991a5426d4d61a9ff28fa3c4e70c5c9a5b15e414aa324aca10b 166508
nslcd_0.8.7-1_i386.deb
8e2081172f91481c30dadf67d4587ac4f73ec6deddbf48f1981584e4c302ca82 62118
libnss-ldapd_0.8.7-1_i386.deb
d65aebe184eb9aed6aa564327c13a3e4bf518c101ecf1409982b7d716dbeefec 54432
libpam-ldapd_0.8.7-1_i386.deb
Files:
da3a743521ab08a792e991db13348f9f 1510 admin extra nss-pam-ldapd_0.8.7-1.dsc
61d60ab9dd5d78d7b4277e5ea51fbbc6 472515 admin extra
nss-pam-ldapd_0.8.7.orig.tar.gz
b6eb31aa552b1f93149fa32f8061307a 88325 admin extra
nss-pam-ldapd_0.8.7-1.debian.tar.gz
389debe5e44f4442652a7310755e4ee7 166508 admin extra nslcd_0.8.7-1_i386.deb
7e966044c55b1b23a812172cb7592f91 62118 admin extra
libnss-ldapd_0.8.7-1_i386.deb
5c5a2a3c5fc8cc3b3f845a6573bb8692 54432 admin extra
libpam-ldapd_0.8.7-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAk+UZSkACgkQVYan35+NCKedpACgjEJQSZ/QTLmJX5fowkkSkmmo
rPMAn2H9wy+UoSMMW8fe2AkF0F6GE8FH
=Bnz+
-----END PGP SIGNATURE-----
--- End Message ---
