Приветствую! Помогите разобраться. Настроил по докам репликацию, но не работает и вываливает такие ошибки: Master: bind to ldap2:389 as cn=Replicator,dc=domain,dc=org (simple) ldap_simple_bind_s ldap_sasl_bind_s ldap_sasl_bind ldap_send_initial_request ldap_new_connection ldap_int_open_connection ldap_connect_to_host: TCP ldap2:389 ldap_new_socket: 6 ldap_prepare_socket: 6 ldap_connect_to_host: Trying 80.249.224.21:389 ldap_connect_timeout: fd: 6 tm: -1 async: 0 ldap_ndelay_on: 6 ldap_is_sock_ready: 6 ldap_ndelay_off: 6 TLS trace: SSL_connect:before/connect initialization tls_write: want=142, written=142 0000: 80 8c 01 03 01 00 63 00 00 00 20 00 00 39 00 00 ......c... ..9.. 0010: 38 00 00 35 00 00 16 00 00 13 00 00 0a 07 00 c0 8..5............ 0020: 00 00 33 00 00 32 00 00 2f 03 00 80 00 00 66 00 ..3..2../.....f. 0030: 00 05 00 00 04 01 00 80 08 00 80 00 00 63 00 00 .............c.. 0040: 62 00 00 61 00 00 15 00 00 12 00 00 09 06 00 40 b..a...........@ 0050: 00 00 65 00 00 64 00 00 60 00 00 14 00 00 11 00 ..e..d..`....... 0060: 00 08 00 00 06 04 00 80 00 00 03 02 00 80 20 c3 .............. . 0070: 15 75 39 42 d6 10 45 41 57 f3 1a 79 7a aa ed 9d .u9B..EAW..yz... 0080: 1e 5d 88 48 c6 c9 0e 9b a2 a7 01 d1 04 1e .].H.......... TLS trace: SSL_connect:SSLv2/v3 write client hello A tls_read: want=7, got=0 TLS: can't connect. ldap_err2string Error: ldap_simple_bind_s for ldap2:389 failed: Can't contact LDAP server ldap_unbind Slave: daemon: new connection on 10 conn=3 fd=10 ACCEPT from IP=x.x.x.x:51449 (IP=y.y.y.y.y:389) daemon: added 10r daemon: activity on: daemon: select: listen=6 active_threads=0 tvp=NULL daemon: select: listen=7 active_threads=0 tvp=NULL daemon: activity on 1 descriptors daemon: activity on: 10r daemon: read activity on 10 connection_get(10) connection_get(10): got connid=3 connection_read(10): checking for input on id=3 ber_get_next ldap_read: want=8, got=8 0000: 80 8c 01 03 01 00 63 00 ......c. ber_get_next on fd 10 failed errno=34 (Result too large) connection_read(10): input error=-2 id=3, closing. connection_closing: readying conn=3 sd=10 for close connection_close: conn=3 sd=10 daemon: removing 10 conn=3 fd=10 closed что бы это значило? и еще: сделал сертификаты, пытаюсь в GQ включить TLS, а он говорит что не может проверить сертификат при этом в логе вот такое daemon: activity on 1 descriptors daemon: new connection on 10 conn=0 fd=10 ACCEPT from IP=x.x.x.x:52642 (IP=y.y.y.y:389) daemon: added 10r daemon: activity on: daemon: select: listen=6 active_threads=0 tvp=NULL daemon: select: listen=7 active_threads=0 tvp=NULL daemon: activity on 1 descriptors daemon: activity on: 10r daemon: read activity on 10 connection_get(10) connection_get(10): got connid=0 connection_read(10): checking for input on id=0 ber_get_next ldap_read: want=8, got=8 0000: 30 1d 02 01 01 77 18 80 0....w.. ldap_read: want=23, got=23 0000: 16 31 2e 33 2e 36 2e 31 2e 34 2e 31 2e 31 34 36 .1.3.6.1.4.1.146 0010: 36 2e 32 30 30 33 37 6.20037 ber_get_next: tag 0x30 len 29 contents: ber_dump: buf=0x0819c940 ptr=0x0819c940 end=0x0819c95d len=29 0000: 02 01 01 77 18 80 16 31 2e 33 2e 36 2e 31 2e 34 ...w...1.3.6.1.4 0010: 2e 31 2e 31 34 36 36 2e 32 30 30 33 37 .1.1466.20037 ber_get_next ldap_read: want=8 error=Resource temporarily unavailable ber_get_next on fd 10 failed errno=35 (Resource temporarily unavailable) daemon: select: listen=6 active_threads=0 tvp=NULL daemon: select: listen=7 active_threads=0 tvp=NULL do_extended ber_scanf fmt ({m) ber: ber_dump: buf=0x0819c940 ptr=0x0819c943 end=0x0819c95d len=26 0000: 77 18 80 16 31 2e 33 2e 36 2e 31 2e 34 2e 31 2e w...1.3.6.1.4.1. 0010: 31 34 36 36 2e 32 30 30 33 37 1466.20037 do_extended: oid=1.3.6.1.4.1.1466.20037 send_ldap_extended: err=0 oid= len=0 send_ldap_response: msgid=1 tag=120 err=0 ber_flush: 14 bytes to sd 10 0000: 30 0c 02 01 01 78 07 0a 01 00 04 00 04 00 0....x........ ldap_write: want=14, written=14 0000: 30 0c 02 01 01 78 07 0a 01 00 04 00 04 00 0....x........ daemon: activity on 1 descriptors daemon: activity on: 10r daemon: read activity on 10 connection_get(10) connection_get(10): got connid=0 connection_read(10): checking for input on id=0 TLS trace: SSL_accept:before/accept initialization tls_read: want=11, got=11 0000: 80 8c 01 03 01 00 63 00 00 00 20 ......c... tls_read: want=131, got=131 0000: 00 00 39 00 00 38 00 00 35 00 00 16 00 00 13 00 ..9..8..5....... 0010: 00 0a 07 00 c0 00 00 33 00 00 32 00 00 2f 03 00 .......3..2../.. 0020: 80 00 00 66 00 00 05 00 00 04 01 00 80 08 00 80 ...f............ 0030: 00 00 63 00 00 62 00 00 61 00 00 15 00 00 12 00 ..c..b..a....... 0040: 00 09 06 00 40 00 00 65 00 00 64 00 00 60 00 00 ....@..e..d..`.. 0050: 14 00 00 11 00 00 08 00 00 06 04 00 80 00 00 03 ................ 0060: 02 00 80 c9 23 b2 12 20 ff 13 b4 85 c4 d5 10 55 ....#.. .......U 0070: 29 79 42 49 af 86 29 cf f6 1e c0 a8 01 e8 10 e1 )yBI..)......... 0080: 1d 75 8e .u. TLS trace: SSL_accept:SSLv3 read client hello A TLS trace: SSL_accept:SSLv3 write server hello A TLS trace: SSL_accept:SSLv3 write certificate A TLS trace: SSL_accept:SSLv3 write server done A tls_write: want=954, written=954 0000: 16 03 01 00 4a 02 00 00 46 03 01 42 4b fc 0e a5 ....J...F..BK... 0010: 04 71 1d d5 8c bb 07 5b 4b a3 40 94 a1 f5 5b f2 .q.....[K.@...[. 0020: ce a2 14 fa 24 2b 07 87 22 9f c8 20 af dd 87 e9 ....$+..".. .... 0030: 35 24 71 4b a6 fc e3 e7 cd 65 f7 62 62 b8 c3 e4 5$qK.....e.bb... 0040: b1 01 89 77 9c ab 1a 10 b0 49 4d 45 00 35 00 16 ...w.....IME.5.. 0050: 03 01 03 5d 0b 00 03 59 00 03 56 00 03 53 30 82 ...]...Y..V..S0. 0060: 03 4f 30 82 02 b8 a0 03 02 01 02 02 09 00 9a 7c .O0............| 0070: e6 db c3 95 de 3d 30 0d 06 09 2a 86 48 86 f7 0d .....=0...*.H... 0080: 01 01 04 05 00 30 79 31 0b 30 09 06 03 55 04 06 .....0y1.0...U.. 0090: 13 02 55 41 31 10 30 0e 06 03 55 04 08 13 07 4b ..UA1.0...U....K 00a0: 68 61 72 6b 6f 76 31 10 30 0e 06 03 55 04 07 13 harkov1.0...U... 00b0: 07 4b 68 61 72 6b 6f 76 31 13 30 11 06 03 55 04 .Kharkov1.0...U. 00c0: 0a 13 0a 54 65 6c 65 70 6f 72 74 53 56 31 12 30 ...TeleportSV1.0 00d0: 10 06 03 55 04 0b 13 09 54 45 43 48 2d 44 45 50 ...U....TECH-DEP 00e0: 54 31 1d 30 1b 06 03 55 04 03 13 14 6c 64 61 70 T1.0...U....ldap 00f0: 32 2e 74 65 6c 65 70 6f 72 74 73 76 2e 6e 65 74 2.teleportsv.net 0100: 30 1e 17 0d 30 35 30 33 33 31 31 32 35 34 31 30 0...050331125410 0110: 5a 17 0d 30 36 30 33 33 31 31 32 35 34 31 30 5a Z..060331125410Z 0120: 30 79 31 0b 30 09 06 03 55 04 06 13 02 55 41 31 0y1.0...U....UA1 0130: 10 30 0e 06 03 55 04 08 13 07 4b 68 61 72 6b 6f .0...U....Kharko 0140: 76 31 10 30 0e 06 03 55 04 07 13 07 4b 68 61 72 v1.0...U....Khar 0150: 6b 6f 76 31 13 30 11 06 03 55 04 0a 13 0a 54 65 kov1.0...U....Te 0160: 6c 65 70 6f 72 74 53 56 31 12 30 10 06 03 55 04 leportSV1.0...U. 0170: 0b 13 09 54 45 43 48 2d 44 45 50 54 31 1d 30 1b ...TECH-DEPT1.0. 0180: 06 03 55 04 03 13 14 6c 64 61 70 32 2e 74 65 6c ..U....ldap2.tel 0190: 65 70 6f 72 74 73 76 2e 6e 65 74 30 81 9f 30 0d eportsv.net0..0. 01a0: 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d ..*.H........... 01b0: 00 30 81 89 02 81 81 00 ba cb 4f 41 16 74 8d d9 .0........OA.t.. 01c0: 27 83 08 a9 d6 ca b3 27 61 12 4f bc eb ca a7 34 '......'a.O....4 01d0: 8d 01 81 36 ed 7d 79 50 cb 39 d8 c4 f5 ae 84 91 ...6.}yP.9...... 01e0: a0 39 47 e8 d9 2e 48 64 99 0a 36 ef 13 7d 8c 5f .9G...Hd..6..}._ 01f0: b2 37 80 db ff 22 d0 9c a1 b0 68 6e bf 50 c6 0c .7..."....hn.P.. 0200: 6c 10 c5 ff 2b 52 8c 30 86 d8 a1 31 14 1a be 60 l...+R.0...1...` 0210: aa 8e 66 12 30 ba 57 92 1f 53 db 56 10 f3 1e 65 ..f.0.W..S.V...e 0220: 18 46 ab c8 04 18 e4 8f a4 20 33 42 3e d9 7d 22 .F....... 3B>.}" 0230: af fa ff 49 47 e9 b5 e9 02 03 01 00 01 a3 81 de ...IG........... 0240: 30 81 db 30 1d 06 03 55 1d 0e 04 16 04 14 28 2a 0..0...U......(* 0250: 3a 49 f2 ff 66 a8 94 e4 86 a7 a5 ad 8e 0e 50 df :I..f.........P. 0260: f4 84 30 81 ab 06 03 55 1d 23 04 81 a3 30 81 a0 ..0....U.#...0.. 0270: 80 14 28 2a 3a 49 f2 ff 66 a8 94 e4 86 a7 a5 ad ..(*:I..f....... 0280: 8e 0e 50 df f4 84 a1 7d a4 7b 30 79 31 0b 30 09 ..P....}.{0y1.0. 0290: 06 03 55 04 06 13 02 55 41 31 10 30 0e 06 03 55 ..U....UA1.0...U 02a0: 04 08 13 07 4b 68 61 72 6b 6f 76 31 10 30 0e 06 ....Kharkov1.0.. 02b0: 03 55 04 07 13 07 4b 68 61 72 6b 6f 76 31 13 30 .U....Kharkov1.0 02c0: 11 06 03 55 04 0a 13 0a 54 65 6c 65 70 6f 72 74 ...U....Teleport 02d0: 53 56 31 12 30 10 06 03 55 04 0b 13 09 54 45 43 SV1.0...U....TEC 02e0: 48 2d 44 45 50 54 31 1d 30 1b 06 03 55 04 03 13 H-DEPT1.0...U... 02f0: 14 6c 64 61 70 32 2e 74 65 6c 65 70 6f 72 74 73 .ldap2.teleports 0300: 76 2e 6e 65 74 82 09 00 9a 7c e6 db c3 95 de 3d v.net....|.....= 0310: 30 0c 06 03 55 1d 13 04 05 30 03 01 01 ff 30 0d 0...U....0....0. 0320: 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 03 81 81 ..*.H........... 0330: 00 82 6e 21 b4 0f 26 ef ea 12 af 71 5c 54 65 9b ..n!..&....q\Te. 0340: ef aa 60 1c 3c c3 a0 57 ff 16 01 05 66 3b 71 ef ..`.<..W....f;q. 0350: e8 95 68 7a 61 3a f3 93 08 2d 13 96 e9 97 1c 4a ..hza:...-.....J 0360: 17 68 d4 3e 19 51 b3 bb a6 f3 39 b8 a3 b8 65 f7 .h.>.Q....9...e. 0370: 0b 7f 55 69 9a 14 b9 4f 74 cd f1 d3 c8 50 6d 4f ..Ui...Ot....PmO 0380: 71 90 8d 74 d7 0a 24 c6 33 eb 16 2f a8 e0 14 90 q..t..$.3../.... 0390: 67 66 8e e9 51 0c 1b b8 96 34 08 1b 97 8c 17 3b gf..Q....4.....; 03a0: 00 0e af 32 69 c5 63 93 80 96 d6 55 fc 93 88 23 ...2i.c....U...# 03b0: 15 16 03 01 00 04 0e 00 00 00 .......... TLS trace: SSL_accept:SSLv3 flush data tls_read: want=5 error=Resource temporarily unavailable TLS trace: SSL_accept:error in SSLv3 read client certificate A TLS trace: SSL_accept:error in SSLv3 read client certificate A daemon: select: listen=6 active_threads=0 tvp=NULL daemon: select: listen=7 active_threads=0 tvp=NULL daemon: activity on 1 descriptors daemon: activity on: 10r daemon: read activity on 10 connection_get(10) connection_get(10): got connid=0 connection_read(10): checking for input on id=0 tls_read: want=5, got=5 0000: 15 03 01 00 02 ..... tls_read: want=2, got=2 0000: 02 30 .0 TLS trace: SSL3 alert read:fatal:unknown CA TLS trace: SSL_accept:failed in SSLv3 read client certificate A TLS: can't accept. TLS: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca /usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s3_pkt.c:1052 connection_read(10): TLS accept error error=-1 id=0, closing connection_closing: readying conn=0 sd=10 for close connection_close: conn=0 sd=10 daemon: removing 10 conn=0 fd=10 closed daemon: select: listen=6 active_threads=0 tvp=NULL daemon: select: listen=7 active_threads=0 tvp=NULL daemon: activity on 1 descriptors daemon: select: listen=6 active_threads=0 tvp=NULL daemon: select: listen=7 active_threads=0 tvp=NULL =================================================================== uanog mailing list. To Unsubscribe: send mail to majordomo@uanog.kiev.ua with "unsubscribe uanog" in the body of the message
В догонку: с обоих сторон openldap 2.2.23 из пакетов, FreeBSD 5.4-PRERELEASE =================================================================== uanog mailing list. To Unsubscribe: send mail to majordomo@uanog.kiev.ua with "unsubscribe uanog" in the body of the message
participants (1)
-
Alexander Moskalenko