OpenLDAP module fails to load

Alan DeKok aland at
Fri Oct 8 14:34:25 CEST 2021

On Oct 8, 2021, at 5:25 AM, Antonio Torres <antorres at> wrote:
> If we build the OpenLDAP package without the LDAP_USE_NON_BLOCKING_TLS
> flag, the issue disappears, so it is probably related to the async
> connection. I've seen there has been some work on the async LDAP
> connection process, but I'm not entirely sure whether it is related,
> and it is only in v4:

  We're moving v4 to be completely async, but that's unrelated to the v3 code.

> I'm wondering whether FreeRADIUS needs to adapt to these changes or
> the issue is entirely on the OpenLDAP side. What do you think?

  The code in v3 uses a function rlm_ldap_bind() to bind to LDAP.  That function takes a "retry" parameter.

  Most callers of the function pass a "retry" option.  That causes the function to immediately retry the connection request.  The main caller which *doesn't* to rebind is the mod_conn_create() function, which tries to create the initial connection.

  The fix might be as simple as changing the retry parameter in mod_conn_create() from "false" to "true".  If that works, we can add it in.

  Alan DeKok.

More information about the Freeradius-Users mailing list