Maybe I'm missing something, but surely fixing the server-side portion is considerably less important than fixing the client libraries?
I mean, clients will surely tend to number servers many times over; for every server user suffering due to the old version there's going to be many more client users also suffering. Further, the server is pretty standalone anyway and benefits least from the package management. If I want slapd 2.2 running I can easily install it from source. It's much more work to get libnss-ldap and pam-ldap and *everything else I want to be able to talk to my directory* upgraded, and it's this area where packaging really yields benefits. If this means resolving whatever "legal" issues (by e.g. using gnutls instead of openssl) surely that's the price that has to be paid and the work that has to be done. > -----Original Message----- > From: Torsten Landschoff [mailto:[EMAIL PROTECTED] > Sent: 09 March 2005 07:51 > To: DrPizza; [EMAIL PROTECTED] > Subject: Re: Bug#273620: libldap2: auth failure using ldap > > Hi Peter, > > On Tue, Mar 08, 2005 at 11:15:55PM +0000, Peter Bright wrote: > > > I'm using libnss-ldap/libpam-ldap against a Windows 2003 Active > > Directory Domain Controller. With SSL disabled in > > /etc/{libnss-,pam_}ldap.conf, all works as expected; I can > authenticate, enumerate users, etc.. > > > > With SSL enabled ("ssl on"), I consistently (as in, every *single* > > time) receive the same error as in the initial report whenever any > > LDAP action is > > performed: > > > /home/roland/debian/openldap/build/2.1.30/openldap2-2.1.30/lib > raries/libldap/cyrus.c:468: > > ldap_int_sasl_open: Assertion lc->lconn_sasl_ctx == ((void > *)0)' failed. > > Bleargh. > > Sorry, can't say more about this at this time. > > Greetings > > Torsten >
