(RADIATOR) Re: OpenLDAP 2 says "unknown LDAP request"
Eric Kilfoil
ekilfoil at viawest.net
Sun May 27 16:50:24 CDT 2001
As a follow-up, I wanted to let everyone know that Radiator will run fine
when PERL is compiled with thread support, but perl-ldap will not work
properly. Compiling PERL non-threaded will solve this problem.
Regards,
Eric
On Tue, 22 May 2001, Hugh Irvine wrote:
>
> Hello Eric -
>
> Radiator itself, as well as many Perl modules, does not support
> multi-threading currently.
>
> regards
>
> Hugh
>
>
> >
> > Hrm. What i meant was OpenLDAP 2.0.8. I'm currently in the process of
> > compiling a non-threaded version of PERL (5.6.1) to see if this fixes it.
> > Apparently perl-ldap 0.23 has a problem running under the threaded version
> > of perl 5.6.0.
> >
> > eric
> >
> > -----
> > ((wrong) && (wrong)) != right
> >
> > On Mon, 21 May 2001, Eric Kilfoil wrote:
> > > Ok, here's my setup:
> > >
> > > Sparc / Solaris8
> > > Perl 5.6.0
> > > OpenLDAP 2.0.12
> > > perl-ldap 0.23
> > >
> > > For some reason... when I try to make Radiator query the LDAP directory
> > > for usernames, OpenLDAP responds with "Unknown LDAP request". Has anyone
> > > had a similar problem? One thing that i have noticed is that some of the
> > > "make test" tests for perl-ldap-0.23 failed. Specifically, the filter
> > > test failed. Has anyone tried get perl-ldap-0.23 going on Solaris?
> > >
> > > I have successfully gotten this working in the past on Solaris7 and a
> > > much older version of perl-ldap.
> > >
> > > Anyway, here is my AuthBY clause for LDAP
> > >
> > > <AuthBy LDAP2>
> > > Host auth1.viawest.net
> > > AuthDN cn=server,dc=ldapusers,dc=viawest,dc=net
> > > AuthPassword XXXXXXXX
> > > BaseDN ou=Customers,dc=viawest,dc=net
> > > Scope sub
> > > UsernameAttr uid
> > > PasswordAttr userPassword
> > > Debug 255
> > > </AuthBy>
> > >
> > > And here is the debug output i have.
> > >
> > > Here is a connection attempt from Radiator:
> > >
> > > ------[ slapd debug output ]--------------
> > > daemon: activity on 1 descriptors
> > > daemon: new connection on 15
> > > daemon: conn=5 fd=15 connection from IP=216.87.64.20:35593
> > > (IP=0.0.0.0:389)
> >
> > accepted.
> >
> > > daemon: added 15r
> > > daemon: activity on:
> > > daemon: select: listen=7 active_threads=0 tvp=NULL
> > > daemon: activity on 1 descriptors
> > > daemon: activity on: 15r
> > > daemon: read activity on 15
> > > connection_get(15)
> > > connection_get(15): got connid=5
> > > connection_read(15): checking for input on id=5
> > > ber_get_next
> > > ldap_read: want=1, got=1
> > > 0000: 30 0
> > > ldap_read: want=1, got=1
> > > 0000: 3d =
> > > ldap_read: want=61, got=61
> > > 0000: 02 01 01 40 38 02 01 02 04 28 63 6e 3d 73 65 72
> > > ... at 8....(cn=ser 0010: 76 65 72 2c 64 63 3d 6c 64 61 70 75 73 65 72 73
> > > ver,dc=ldapusers 0020: 2c 64 63 3d 76 69 61 77 65 73 74 2c 64 63 3d 6e
> > > ,dc=viawest,dc=n 0030: 65 74 80 09 XX XX XX XX XX XX XX XX XX
> > > et..XXXXXXXXX ber_get_next: tag 0x30 len 61 contents:
> > > ber_dump: buf=0x0022e000 ptr=0x0022e000 end=0x0022e03d len=61
> > > 0000: 02 01 01 40 38 02 01 02 04 28 63 6e 3d 73 65 72
> > > ... at 8....(cn=ser 0010: 76 65 72 2c 64 63 3d 6c 64 61 70 75 73 65 72 73
> > > ver,dc=ldapusers 0020: 2c 64 63 3d 76 69 61 77 65 73 74 2c 64 63 3d 6e
> > > ,dc=viawest,dc=n 0030: 65 74 80 09 72 6f 74 6f 21 63 6c 69 70
> > > et..XXXXXXXXX ber_get_next
> > > ldap_read: want=1 error=Resource temporarily unavailable
> > > ber_get_next on fd 15 failed errno=11 (Resource temporarily unavailable)
> > > unknown LDAP request 0x40
> > > send_ldap_disconnect 2:unknown LDAP request
> > > send_ldap_response: msgid=0 tag=120 err=2
> > > ber_flush: 58 bytes to sd 15
> > > 0000: 30 38 02 01 00 78 33 0a 01 02 04 00 04 14 75 6e
> > > 08...x3.......un 0010: 6b 6e 6f 77 6e 20 4c 44 41 50 20 72 65 71 75 65
> > > known LDAP reque 0020: 73 74 8a 16 31 2e 33 2e 36 2e 31 2e 34 2e 31 2e
> > > st..1.3.6.1.4.1. 0030: 31 34 36 36 2e 32 30 30 33 36
> > > 1466.20036 ldap_write: want=58, written=58
> > > 0000: 30 38 02 01 00 78 33 0a 01 02 04 00 04 14 75 6e
> > > 08...x3.......un 0010: 6b 6e 6f 77 6e 20 4c 44 41 50 20 72 65 71 75 65
> > > known LDAP reque 0020: 73 74 8a 16 31 2e 33 2e 36 2e 31 2e 34 2e 31 2e
> > > st..1.3.6.1.4.1. 0030: 31 34 36 36 2e 32 30 30 33 36
> > > 1466.20036 conn=5 op=0 DISCONNECT err=120 tag=2 text=unknown LDAP
> > > request
> > > daemon: select: listen=7 active_threads=1 tvp=NULL
> > > --------------------
> > >
> > > It doesn't really look like it's able to bind to the server properly.
> > >
> > > I turned on a level 4 trace on radiator, and put "debug 255" in the
> > > AuthBy LDAP2 clause. It provided this information
> > >
> > > --------[ radiator debug output ]-------------
> > >
> > > Mon May 21 16:33:08 2001: INFO: Server started: Radiator 2.18 on
> >
> > book.viawest.net
> >
> > > Mon May 21 16:33:13 2001: DEBUG: Packet dump:
> > > *** Received from 127.0.0.1 port 41436 ....
> > > Code: Access-Request
> > > Identifier: 133
> > > Authentic: 1234567890123456
> > > Attributes:
> > > User-Name = "edk"
> > > Service-Type = Framed-User
> > > NAS-IP-Address = 203.63.154.1
> > > NAS-Port = 1234
> > > Called-Station-Id = "123456789"
> > > Calling-Station-Id = "987654321"
> > > NAS-Port-Type = Async
> > > Password = "<15>!<30><250>8<195><28><246>O<156><203>d<I3g"
> > >
> > > Mon May 21 16:33:13 2001: DEBUG: Handling request with Handler
> >
> > 'Realm=test.viawest.net'
> >
> > > Mon May 21 16:33:13 2001: DEBUG: Rewrote user name to edk
> > > Mon May 21 16:33:13 2001: DEBUG: Deleting session for edk, 203.63.154.1,
> >
> > 1234
> >
> > > Mon May 21 16:33:13 2001: DEBUG: do query is: delete from radonline where
> >
> > username='edk' and nasidentifier='203.63.154.1' and nasport=1234
> >
> > > Mon May 21 16:33:13 2001: DEBUG: Handling with Radius::AuthSQL
> > > Mon May 21 16:33:13 2001: DEBUG: Handling with Radius::AuthLDAP2
> > > Mon May 21 16:33:13 2001: DEBUG: Connecting to auth1.viawest.net, port
> > > 389 Net::LDAP=HASH(0x98cb88) sending:
> > >
> > > 30 3D 02 01 01 40 38 02 01 02 04 28 63 6E 3D 73 0=... at 8....(cn=s
> > > 65 72 76 65 72 2C 64 63 3D 6C 64 61 70 75 73 65 erver,dc=ldapuse
> > > 72 73 2C 64 63 3D 76 69 61 77 65 73 74 2C 64 63 rs,dc=viawest,dc
> > > 3D 6E 65 74 80 09 XX XX XX XX XX XX XX XX XX __ =net..XXXXXXXXX
> > >
> > > 0000 30 61: SEQUENCE {
> > > 0002 02 1: INTEGER = 1
> > > 0005 40 56: [APPLICATION 0]
> > > 0007 : 02 01 02 04 28 63 6E 3D 73 65 72 76 65 72 2C 64
> >
> > .....(cn=server,d
> >
> > > 0017 : 63 3D 6C 64 61 70 75 73 65 72 73 2C 64 63 3D 76
> >
> > c=ldapusers,dc=v
> >
> > > 0027 : 69 61 77 65 73 74 2C 64 63 3D 6E 65 74 80 09 XX
> >
> > iawest,dc=net..X
> >
> > > 0037 : XX XX XX XX XX XX XX XX __ __ __ __ __ __ __ __
> > > XXXXXXXX 003F : }
> > > Net::LDAP=HASH(0x98cb88) received:
> > >
> > > 30 38 02 01 00 78 33 0A 01 02 04 00 04 14 75 6E 08...x3.......un
> > > 6B 6E 6F 77 6E 20 4C 44 41 50 20 72 65 71 75 65 known LDAP reque
> > > 73 74 8A 16 31 2E 33 2E 36 2E 31 2E 34 2E 31 2E st..1.3.6.1.4.1.
> > > 31 34 36 36 2E 32 30 30 33 36 __ __ __ __ __ __ 1466.20036
> > >
> > > 0000 30 56: SEQUENCE {
> > > 0002 02 1: INTEGER = 0
> > > 0005 78 51: [APPLICATION 24] {
> > > 0007 0A 1: ENUM = 2
> > > 000A 04 0: STRING = ''
> > > 000C 04 20: STRING = 'unknown LDAP request'
> > > 0022 8A 22: [CONTEXT 10]
> > > 0024 : 31 2E 33 2E 36 2E 31 2E 34 2E 31 2E 31 34 36 36
> >
> > 1.3.6.1.4.1.1466
> >
> > > 0034 : 2E 32 30 30 33 36 __ __ __ __ __ __ __ __ __ __
> > > .20036 003A : }
> > > 003A : }
> > > Unexpected PDU, ignored
> > > ----------------
> > >
> > > Has anyone had a similar problem?
> >
> > ---End of forwarded mail from owner-radiator at open.com.au
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list