Ldap searches don't seem to honour connect_timeout

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Wed May 11 10:47:41 CEST 2016


> Looks like I have to rebuild my freeradius-ldap too to use openssl
> right? The RedHat documentation on the freeradius site doesn't say
> anything about how to switch to openssl. Are there any pointers how
> to do this?

already told you how

remove any local openldap devel package that was installed from redhat repos - as that
will use NSS

download latest openldap2 code  (obviously I assume you have the openssl-devel package installed)

make install

(this will slap (no pun intended!) everything into /usr/local/*  rather than over the RPM openldap
(which you cannot remove due to many many package dependencies)

then ensure /usr/local/lib is in /etc/ld.so.conf file and run  'ldconfig -v' 

now, rebuild freeradius3 as you've already done.   the ./configure part will pick up the openldap includes
(and only your local one as you've removed the redhat includes....)

et voila.   freeradius now with openldap2 using OpenSSL  (verify check with ldd against the rlm_ldap.so file)

TLS/STARTSSL openldap connections will now open/close/repon/reestablish etc


More information about the Freeradius-Users mailing list