Package: ldapvi Version: 1.6-3 Severity: important Hello,
we are using Kerberos 5 and LDAP for user authentificationa and management at our site. The KDC and LDAP servers are still running sarge. So far we used a locally built version of ldapvi (1.3pfn_sasl, with the SASL patches applied) on sarge clients for administration and everything was fine. We wanted to update to etch and use the regular ldapvi 1.6 Debian package now. When ldapvi is started with SSL (by URL) or TLS ldapvi -Z --tls strict -Y GSSAPI '(uid=XXXX)' it takes about 40-50 seconds until the actual editor is opened. During this time the CPU has 100% load (2GHz Athlon) from ldapvi. This does not happen and the editor is opened immediately when no SSL/TLS is used. For comparison ldapsearch -ZZ -Y GSSAPI '(uid=XXXX)' which, as I understand, does exactly the same as ldapvi until the editor is opened, yields a search result immediately and does not use a noticable amount of CPU on the exact same client machine. An strace of a running ldapvi with TLS shows that during the 40 second period ldapvi is going trough the certificates in /etc/ssl/certs, which is what ldapsearch also does on startup, yet ldapvi is using considerably more resources and time. I mark this bug as important since it renders ldapvi practicably unusable for administration and general LDAP editing at sites that employ either SSL (-h ldaps://hostname) or STARTTLS (-Z). Kind regards, Ch. Scheurer -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-4-k7 Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15) Versions of packages ldapvi depends on: ii emacs21 [editor] 21.4a+1-3 The GNU Emacs editor ii libc6 2.3.6.ds1-13 GNU C Library: Shared libraries ii libglib2.0-0 2.12.4-2 The GLib library of C routines ii libldap2 2.1.30-13.3 OpenLDAP libraries ii libncurses5 5.5-5 Shared libraries for terminal hand ii libpopt0 1.10-3 lib for parsing cmdline parameters ii libreadline5 5.2-2 GNU readline and history libraries ii nano [editor] 2.0.2-1 free Pico clone with some new feat ii vim [editor] 1:7.0-122+1etch2 Vi IMproved - enhanced vi editor ldapvi recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]