[Pkg-openldap-devel] Bug#478883: I have the same bug

[Michael Kiefer]

With lenny both as server and client, I get the same bug here. The first thing 
that I discovered not working was syncrepl between two servers. Then I 
noticed that ldapsearch also is not working:

When I run ldapsearch on the server, accessing the pipe with
ldapsearch -ZZ -H ldapi://%2fvar%2frun%2fldapi/ -d-1 -Y EXTERNAL
I get the following output
(only the last few lines, when the error occurs)
	tls_write: want=139 error=Broken pipe
	TLS: can't connect: Error in the push function..
	ldap_err2string
	ldap_start_tls: Connect error (-11)

at least in most of the cases. Sometimes it is also
	tls_read: want=5 error=Connection reset by peer
	TLS: can't connect: A TLS packet with unexpected length was received..
	ldap_err2string
	ldap_start_tls: Connect error (-11)


When I run ldapsearch on the server or on the client, accessing via
ldapsearch -H ldaps://cresstsrv2.mppmu.mpg.de -d-1 -Y EXTERNAL
the result is sometimes
	tls_write: want=6 error=Broken pipe
	TLS: can't connect: Error in the push function..
	ldap_err2string
	ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)

or alternatively
	tls_read: want=5, got=0
	TLS: can't connect: A TLS packet with unexpected length was received..
	ldap_err2string
	ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)

This is true for debian lenny and Ubuntu 8.04. When trying with an Ubuntu 7.10 
client, the message is 

	TLS trace: SSL_connect:SSLv3 flush data
	tls_read: want=5, got=0
	
	TLS trace: SSL_connect:failed in SSLv3 read finished A
	TLS: can't connect.
	ldap_perror
	ldap_start_tls: Can't contact LDAP server (-1)

Thanks in advance
Michael