This is resolved by yum downgrade on the clients to
openldap-2.4.19-15.el6_0.2.x86_64, the last version before RedHat decided to
change from OpenLDAP to Mozilla NSS for SSL support.
To reproduce:
Fully patched RHEL 6.1 Xen VM on top of RHEL5 2.6.18-238.12.1.el5xen and
xen-3.0.3-120.el5_6.2.
Configure httpd.conf with default prefork MPM settings.
<IfModule prefork.c>
StartServers 8
MinSpareServers 5
MaxSpareServers 20
</IfModule>
Hit ldaptest.php, below, and wait for it to fail. It won't take long.
<?php
echo "Using process id " . getmypid() . "<p>";
ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);
$ldapconn = ldap_connect("ldaps://ldapserver1/ ldaps://ldapserver2/")
or die("Could not connect to LDAP server.");
$ldapbind = ldap_bind($ldapconn);
if ($ldapbind) {
// echo "LDAP bind successful...";
ldap_close($ldapconn);
} else {
echo "LDAP bind failed... $errormsg<br>";
ldap_close($ldapconn);
exit();
}
}
usleep(50000);
echo "<script
language=\"javascript\">location.replace(\"https://ldaptest.php?count=$count\";);</script>";
?>
_______________________________________________
rhelv6-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/rhelv6-list
