[Bug 240387] Re: php5-ldap TLS (start_tls) quirks

[Elliot]

I can confirm this issue for both Apache2 with the authnz_ldap module
and php5-ldap running on Ubuntu Hardy x64.

I've tested against both a dapper server running slapd and a hardy
server running slapd.  The problem seems worse when the ldap server is
also running under Hardy.

The failed logins are inconsistent, and when Apache fails it gives a 500
error, php5-ldap seems to just connect and immediately disconnect from
ldap and fail to authenticate.

The only solution we've found is to install stunnel4 as a client and
send requests to ldap on the localhost and have stunnel convert them to
ldaps on the remote host.

I have noticed that in Hardy slapd is now using gnutls instead of openssl, could this be related?  
Does anyone know if php5-ldap is calling the local ldap client to make the connection?  
Does it error because it is using an openldap client to talk to a gnutls server?
Has anyone figured out a more appropriate fix?

-- 
php5-ldap TLS (start_tls) quirks
https://bugs.launchpad.net/bugs/240387
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.