PHP 4.2.1 + OpenLDAP 2.1.17 + OpenSSL Problems

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

After much anguish, I have finally decided to send an email to see if anyone has any experience with this.

PHP4 is built with both OpenLDAP 2.x support and OpenSSL support.

In PHP, when I attempt to connect using the open_ldap("ldaps://hostname.fqdn/") it fails... but using ldap://hostname.fqdn is successful. (Yes, the OpenSSL certificate used by OpenLDAP has a CN of hostname.fqdn. Here is the output from slapd -dl -h "ldaps://0.0.0.0/":

   connection_get(12): got connid=0
   connection_read(12): checking for input on id=0
   TLS: can't accept.
   connection_read(12): TLS accept error error=-1 id=0, closing
   connection_closing: readying conn=0 sd=12 for close
   connection_close: conn=0 sd=12

As you can see, it doesn't tell me much. Also of note, running ldapsearch -H 'ldaps://hostname.fqdn/' works fine and port 636 is definately open.

The script is pretty simple:

$conn = ldap_connect("ldaps://hostname.fqdn/");
if ($bind = ldap_bind($conn, "username", "password")) {
/* do some stuff... */
}
else {
print "Error connecting to server: " . errno($conn) . ": " error($conn) . "\n";
}

Returns the following:

*Warning*: ldap_bind(): Unable to bind to server: Can't contact LDAP server in */usr/local/www/data/index.php* on line *27*

System error during login 81: Can't contact LDAP server

And for shits n giggles, a tcpdump (with SSL enabled which is where it fails), so you can see the connection:

13:15:04.806242 localhost.49360 > localhost.ldaps: S 3728799017:3728799017(0) win 65535 <mss 16344,nop,wscale 1,nop,nop,timestamp 5987899 0> (DF)
13:15:04.806283 localhost.ldaps > localhost.49360: S 3563970532:3563970532(0) ack 3728799018 win 65535 <mss 16344,nop,wscale 1,nop,nop,timestamp 5987899 5987899> (DF)
13:15:04.806298 localhost.49360 > localhost.ldaps: . ack 1 win 32768 <nop,nop,timestamp 5987899 5987899> (DF)
13:15:04.807042 localhost.49360 > localhost.ldaps: F 1:1(0) ack 1 win 32768 <nop,nop,timestamp 5987899 5987899> (DF)
13:15:04.807072 localhost.ldaps > localhost.49360: . ack 2 win 32768 <nop,nop,timestamp 5987899 5987899> (DF)
13:15:04.807548 localhost.ldaps > localhost.49360: F 1:1(0) ack 2 win 32768 <nop,nop,timestamp 5987899 5987899> (DF)
13:15:04.807575 localhost.49360 > localhost.ldaps: . ack 2 win 32767 <nop,nop,timestamp 5987899 5987899> (DF)

And yes, hostname.fqdn = localhost if you were wondering.

Anyone know what's causing PHP to fail? I'm willing to accept that this is a PHP problem.

Thanks for the help.

Ray Sundland
raymond@SPAMFREEsundland.com


--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[Index of Archives]     [PHP Home]     [PHP Users]     [Postgresql Discussion]     [Kernel Newbies]     [Postgresql]     [Yosemite News]
  Powered by Linux