Ldap searches don't seem to honour connect_timeout
Franks Andy (IT Technical Architecture Manager)
Andy.Franks at sath.nhs.uk
Wed May 11 13:46:19 CEST 2016
Does this look better? Just thought I'd confirm before I went ahead and installed it all.. No mentioned of gnutls and it's got libssl instead, which belongs to libssl1.0.0, the description being
Description-en: SSL shared libraries
libssl and libcrypto shared libraries needed by programs like
apache-ssl, telnet-ssl and openssh.
It is part of the OpenSSL implementation of SSL.
/home/andy/freeradius-server/build/lib/local/.libs# ldd rlm_ldap.so
linux-vdso.so.1 => (0x00007fff1dfec000)
libldap-2.4.so.2 => /usr/local/lib/libldap-2.4.so.2 (0x00007fb516981000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fb5165b9000)
liblber-2.4.so.2 => /usr/local/lib/liblber-2.4.so.2 (0x00007fb5163a9000)
libresolv.so.2 => /lib/x86_64-linux-gnu/libresolv.so.2 (0x00007fb51618f000)
libsasl2.so.2 => /usr/lib/x86_64-linux-gnu/libsasl2.so.2 (0x00007fb515f74000)
libssl.so.1.0.0 => /lib/x86_64-linux-gnu/libssl.so.1.0.0 (0x00007fb515d15000)
libcrypto.so.1.0.0 => /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 (0x00007fb515939000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007fb515735000)
libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007fb51551b000)
Thanks again all.
From: Freeradius-Users [mailto:freeradius-users-bounces+andy.franks=sath.nhs.uk at lists.freeradius.org] On Behalf Of A.L.M.Buxey at lboro.ac.uk
Sent: 10 May 2016 23:52
To: FreeRadius users mailing list
Subject: Re: Ldap searches don't seem to honour connect_timeout
> I followed part of that, can't profess to be an expert in library interaction and such, sorry.
> I am not sure really what to do next. Most of the libraries I got from standard installs off the ubuntu repos, are we talking fairly significant compilation of other stuff do you think?
remove the openldap2-dev package
grab the latest openldap source from their page (or mirror) , ./configure, make, make install (it'll all go into /usr/local/ )
then redo the freeradius configure stuff..... should pick up the local openldap dev stuff.
ensure tht the local openldap library is known (output of ldconfig -v shows it....may need to add the /usr/local/lib as first path in /etc/ld.so.conf
make ; make install - when you do the ldd stuff against rlm_ldap.so it should show openssl linkage instead
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users