Hi Mark, sorry for the confusion, I got the initial bug report wrong.
So your initial enquiry was about ldap-tls-reqcert and ldap-ssl not being recognized by dhcpd. This is actually a different issue than the one that I meant [1], sorry for that. The reason for your issue probably is that the isc-dhcp-server-ldap package does not contain OpenSSL support (configure flag --with-ldapcrypto). I have attached a patch to this mail which should fix this. Conclusion: wheezy's isc-server-dhcp-ldap lacks LDAP crypto support (OpenSSL) and requires isc-dhcp-server-ldap-4.2.4sid-fix-ldapcrypto-support.patch. sid's isc-server-dhcp-ldap lacks LDAP and LDAP crypto support. It requires both isc-dhcp-server-ldap-4.2.4sid-fix-ldap-support.patch and isc-dhcp-server-ldap-4.2.4sid-fix-ldapcrypto-support.patch. By applying both patches I was able to build a package which includes LDAP and LDAPS support (at least according to the compiled-in symbols). Hope this helps. [1] https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/1071928 Kind regards, Christian
Fixing #692808: isc-dhcp-server-ldap lacks LDAPS support The dhcpd binary provided by wheezy's isc-dhcp-server-ldap package lacks OpenSSL support, therefore ldap-ssl and ldap-tls-reqcert were not supported, while previous versions of this package used to provide support for this and the build dependencies suggest that OpenSSL support was intended. This patch is against sid's package, but should apply similarly for wheezy. diff --git a/debian/rules b/debian/rules index d7ca9c0..5dd6b5b 100755 --- a/debian/rules +++ b/debian/rules @@ -46,7 +46,7 @@ build-ldap-stamp: --with-srv6-lease-file=/var/lib/dhcp/dhcpd6.leases \ --with-cli-lease-file=/var/lib/dhcp/dhclient.leases \ --with-cli6-lease-file=/var/lib/dhcp/dhclient6.leases \ - --with-ldap + --with-ldap --with-ldapcrypto $(MAKE) $(CROSS)
Fixing: isc-dhcp-server-ldap lacks LDAP support Initially reported on the Ubuntu bug tracker at: https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/1071928 And got mentioned in http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692808#10 The cause for the problem is a build issue. Debugging was done by Christian Hoffmann <christ...@hoffie.info>, the patch was re-worked by Stéphane "stgraber" Graber for Ubuntu. diff --git a/debian/rules b/debian/rules index cd96512..d7ca9c0 100755 --- a/debian/rules +++ b/debian/rules @@ -38,6 +38,7 @@ CFLAGS += -DNOMINUM build-ldap-stamp: dh_testdir + [ ! -f Makefile ] || $(MAKE) distclean ./configure \ --prefix=/usr \ --sysconfdir=/etc/dhcp \ @@ -56,7 +57,7 @@ build-ldap-stamp: build: build-arch build-indep -build-arch: build-ldap-stamp clean build-non-ldap-stamp build-arch-stamp +build-arch: build-ldap-stamp build-non-ldap-stamp build-arch-stamp build-indep: build-arch-stamp: @@ -66,6 +67,7 @@ build-arch-stamp: build-non-ldap-stamp: dh_testdir + [ ! -f Makefile ] || $(MAKE) distclean ./configure \ --prefix=/usr \ --sysconfdir=/etc/dhcp \
signature.asc
Description: OpenPGP digital signature