Fwd: (RADIATOR) Openldap - Network sockets
Mike McCauley
mikem at open.com.au
Tue Jul 15 19:27:46 CDT 2003
Hello Nathan,
Thanks for reporting this issue.
We have made a patch to AuthLDAP2.pm that should fix this issue. I have
attached the new version, and its it also available for download from the 3.6
patches area.
Please let me know how you go with it.
We apologise for this problem.
Cheers.
On Tue, 15 Jul 2003 05:33 pm, Hugh Irvine wrote:
> Mikey -
>
> Could you take a look at this please?
>
> cheers
>
> Hugh
>
> Begin forwarded message:
> > From: "Radiator" <radiator at swiftel.com.au>
> > Date: Tue Jul 15, 2003 16:15:40 Australia/Melbourne
> > To: <radiator at open.com.au>
> > Subject: RE: (RADIATOR) Openldap - Network sockets
> >
> >
> > Update:
> >
> > It looks to be the TLS code somewhere, removing the UseTLS and SSL
> > config makes the problem go away.
> >
> > Regards,
> >
> > Nathan.
> >
> >
> > -----Original Message-----
> > From: Radiator
> > Posted At: Tuesday, 15 July 2003 11:54 AM
> > Posted To: Radiator
> > Conversation: Openldap - Network sockets
> > Subject: (RADIATOR) Openldap - Network sockets
> >
> >
> >
> > I am currently having a problem with Radiator 3.6 and Openldap (2.0.23)
> > where the number of network sockets are exhausted and the LDAP server
> > stops responding with a too many open files error.
> >
> > It looks to me as if the ServerChecksPassword is not set the session is
> > left open (holdserverconnectio is not compatible with openldap it
> > seems)
> > so there are a number of ESTABLISHED sessions (netstat) that are never
> > closed. Could this be a radiator bug ? No unbind ?
> >
> > With the ServerChecksPassword option set, operation is as expected, the
> > sessions are all created individually and closed within appropriate
> > session timeouts.
> >
> > Here is my testing config:
> >
> > <AuthBy LDAP2>
> > Identifier ldap_auth
> > Host hostname
> > # ServerChecksPassword
> > Version 3
> > UseTLS
> > SSLVerify none
> > SSLCAFile
> > BaseDN basedn
> > Scope sub
> > UsernameAttr uid
> > PasswordAttr userPassword
> > Debug 255
> > NoDefault
> > </AuthBy>
> >
> > There is probably a timeout feature in openldap but I'm sure Radiator
> > should be doing a proper unbind and therefore closing the session.
> >
> > Any ideas? Experiences ?
> >
> > Regards,
> >
> > Nathan Alberti
> > ===
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au
> > To unsubscribe, email 'majordomo at open.com.au' with
> > 'unsubscribe radiator' in the body of the message.
> > ===
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au
> > To unsubscribe, email 'majordomo at open.com.au' with
> > 'unsubscribe radiator' in the body of the message.
>
> NB: have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
--
Mike McCauley mikem at open.com.au
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP etc on Unix, Windows, MacOS etc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: AuthLDAP2.pm
Type: text/x-perl
Size: 15769 bytes
Desc: not available
URL: <http://www.open.com.au/pipermail/radiator/attachments/20030716/e575a0e5/attachment.bin>
More information about the radiator
mailing list