Am 11.03.23 um 14:51 schrieb Sakirnth Nagarasa:
Hi,
On 3/10/23 08:55, Bernhard Schmidt wrote:
I will upload a 3.2.1-3 within the next hours to cherry-pick this, could
you please test the resulting binary and report back? I will then apply
for a freeze exception.
Thank you for uploading the new version. I quickly tested the new binary
in our setup, Freeradius can not bind to ldap server anymore with
version 3.2.1-3.
Meh :-(
TLS: can't connect: (unknown error code).
Sat Mar 11 14:28:38 2023 : Error: rlm_ldap (ldap): Bind with (anonymous)
to ldaps://${LDAP_SERVER}:636 failed: Can't contact LDAP server
Sat Mar 11 14:28:38 2023 : Debug: rlm_ldap: Closing libldap handle
TLS issue, sounds related to my cherry-picked patch.
Unfortunately there are a lot of patches between 3.2.1 and 3.2.2, and
the commit message aren't always as descriptive as they could be.
https://github.com/FreeRADIUS/freeradius-server/compare/release_3_2_1...release_3_2_2
https://github.com/FreeRADIUS/freeradius-server/commit/d23987cbf55821dc56ab70d5ce6af3305cf83289
https://github.com/FreeRADIUS/freeradius-server/commit/3d08027f30c6d9c1eaccf7d60c68c8f7d78017c3
are likely candidates.
Just to make sure, could you quickly verify which of these versions are
broken as well in your setup?
- 3.2.1-1 from testing
- 3.2.1-2 from http://snapshot.debian.org/package/freeradius/3.2.1%2Bdfsg-2/
- 3.2.2-1~exp1 from experimental (just uploaded, might take a few hours
to appear in the archive)
Bernhard
