[Bug 264545] net-im/ejabberd tls ldap broken
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 08 Jun 2022 12:28:31 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=264545
Bug ID: 264545
Summary: net-im/ejabberd tls ldap broken
Product: Ports & Packages
Version: Latest
Hardware: amd64
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: Individual Port(s)
Assignee: ashish@FreeBSD.org
Reporter: marko.cupac@mimar.rs
Flags: maintainer-feedback?(ashish@FreeBSD.org)
Assignee: ashish@FreeBSD.org
Hi,
I have just upgraded one of my ejabberd jails to 13.1-RELEASE, also updating
all the ports to main (built in my own poudriere):
erlang upgraded: 24.2.2,4 -> 24.3.4,4
ejabberd upgraded: 21.12 -> 22.05
After the upgrade I cannot connect to LDAP server (Active Directory) anymore.
Here's my AUTHENTICATION section which worked before the upgrade:
### ====== AUTHENTICATION ======= ###
auth_method: [ldap]
ldap_servers:
- "ldap.example.org"
ldap_encrypt: tls
ldap_port: 636
ldap_rootdn: "CN=SomeAccount,DC=example,DC=org"
ldap_password: "examplepass"
ldap_base: "DC=example,DC=org"
ldap_uids:
- "sAMAccountName"
ldap_filter: "(memberOf=CN=jabber_users,DC=example,DC=org)"
Here's actual error from ejabberd.log:
2022-06-08 13:57:18.791918+02:00 [error] <0.31354.0>@eldap:connect_bind/1:1092
LDAP connection to ldap.example.org:636 failed: TLS client: In state hello at
ssl_handshake.erl:892 generated CLIENT ALERT: Fatal - Handshake Failure
{unknown_or_malformed_handshake,13}
Searching around the 'net I found the following discussion:
https://github.com/rabbitmq/rabbitmq-server/discussions/4726?sort=old
...which acknowledges issue with LDAP authentication for erlang 24.3.4, and
apparent fix which should come with 24.3.5.
I guess there is nothing else to do except wait for new version of erlang, but
hopefully other ejabberd users on FreeBSD will find this information useful.
Regards,
--
You are receiving this mail because:
You are the assignee for the bug.