[pkg-dhcp-devel] Bug#655364: Server doesn't read LDAP conf correctly

Fabien C. r112i7oldi3yvkc at jetable.org
Tue Jan 10 16:52:02 UTC 2012 

Package: isc-dhcp-server-ldap
Version: 4.1.1-P1-15+squeeze3
Severity: normal

* Summary: I cannot use isc-dhcp-server-ldap from Squeeze with my LDAP configuration. I have an old one (v. 3.0.5) working properly, and the one from unstable (v. 4.2.2-2) working too. 

------

Hello, 

I used a quite old dhcp server (v3.0.5) compiled with the ldap patch. The schema was inserted into the LDAP server when the DHCP server was compiled, so it may be a bit old (and custom?...)

I tried using the server from Squeeze instead, and it didn't work : 
 No subnet declaration for eth0
 [...]
 Not configured to listen on any interfaces!

It seems that the DHCP server now needs a subnet declaration, despite the LDAP configuration, whatever, I added this in dhcpd.conf: 
 subnet 10.3.0.0 netmask 255.255.0.0
  ==> Listening on LPF/eth0/... (good, it starts listening)

I launched wireshark to see that it couldn't get it's config: 
 LDAPMessage searchRequest(4) "cn=DHCP Service Config,conf=Dhcp,ou=City,ou=Servers,dc=mycompany,dc=com" singleLevel 
 Filter: (!(|(|(objectClass=dhcpTSigKey)(objectClass=dhcpClass))(objectClass=dhcpFailOverPeer)))
  ==> LDAPMessage searchResDone(4) success (value does not conform to assertion syntax) [0 results]

It founds the dhcpServiceDN attribute correctly (thanks to the "ldap-base-dn" option in dhcpd.conf) which is [cn=DHCP Service Config,...], but then...

The subnets and hosts configuration is within the subtree (cn=DHCP Service Config,...) but the request returns 0 result because of the filter. I have no dhcpTSigKey, dhcpClass or dhcpFailOverPeer in my subtree. The first son of [cn=DHCP Service Config,...] is a dhcpSharedNetwork one (as explained in the package file /usr/share/doc/isc-dhcp-server-ldap/README.ldap.gz). 

The DHCP server version from Sid however (v. 4.2.2-2) doesn't use such a filter (it uses objectClass=*)  and it manages to read the configuration properly (according to wireshark, but I didn't tested further though). 

Do you know where the problem comes from?

Thank you, 
Fabien 


PS: You can find the problematic filter on line 1772 of dhcp-4.1.0-ldap-code.dpatch within the source pkg. 


-- System Information:
Debian Release: 6.0.3
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages isc-dhcp-server-ldap depends on:
ii  debianutils         3.4                  Miscellaneous utilities specific t
ii  isc-dhcp-common     4.1.1-P1-15+squeeze3 common files used by all the isc-d
ii  isc-dhcp-server     4.1.1-P1-15+squeeze3 ISC DHCP server for automatic IP a
ii  libc6               2.11.2-10            Embedded GNU C Library: Shared lib
ii  libldap-2.4-2       2.4.23-7.2           OpenLDAP libraries
ii  libssl0.9.8         0.9.8o-4squeeze4     SSL shared libraries

isc-dhcp-server-ldap recommends no packages.

isc-dhcp-server-ldap suggests no packages.

-- no debconf information

More information about the pkg-dhcp-devel mailing list