Le ven 2005-10-07 a 18:57:54 -0400, Simon Law <[EMAIL PROTECTED]> a dit: > On Fri, Oct 07, 2005 at 06:47:59PM -0400, SR, ESC wrote: > > does for everything else. both hosts resolve to a single IP, the certs > > are freshly done (the first was done up not so long ago, and the > > second was re-done [had expired]), the CNs match, and i've been > > operating like this for a while. have heimdal kerberos working, etc. > > Hmm... I'm puzzled, really I am. > > It would be nice if I could get a login on a machine of yours with Perl > and strace on it, because I can't really reproduce it here. I'm very > sorry about this!
i don't usually do this, but since it'll bebnfit others, sure.
sending private e-mail with relevant info.
> Man, that's too bizarre. Like, Net::LDAP::new _knows_ how to get
> https:// and use SSL. If you fire up the Perl debugger, does it at
> least try to use SSL?
AFAIK, doesn't seem to: i see lookjups in */ASN1/*/*.pm
(Convert/ASN1/_encode.pm)
but no Net::LDAPS look ups, and it still looks up on port 389:
Net::LDAP::_connect(/usr/lib/perl5/Net/LDAP.pm:119):
119: $ldap->{net_ldap_socket} = IO::Socket::INET->new(
120: PeerAddr => $host,
121: PeerPort => $arg->{port} || '389',
122: Proto => 'tcp',
123: Timeout => defined $arg->{timeout}
124: ? $arg->{timeout}
125: : 120
126: );
DB<1>
> > ./finger-ldap -m simon [it's the v 1.17 checkout]. i don't see any
> > ldap lookups going on, lemme check the other DS's log... none there,
> > but it is working.
>
> The -m switch is designed to pass things directly to finger.real,
> without doing any queries.
ah ok. wasn't working even with -m switch before the fixes.
> --
> Simon Law http://www.law.yi.org/~sfllaw/
--
Cold pizza and cold coffee, second best thing to cold pizza and warm beer.
-- me
pgpa0czp8GH9v.pgp
Description: PGP signature
