[pkg-dhcp-devel] Bug#723773: ldap patch doesn't appear to support GnuTLS
Mark Pavlichuk
pav5088 at internode.on.net
Sat Feb 15 13:28:01 UTC 2014
I've been trying to use the following option in dhcpd.conf:
ldap-tls-crlfile
...but apparently GnuTLS is not supported by the patch, meaning these openssl options must be used instead:
ldap-tls-crlcheck
ldap-tls-ca-dir
There doesn't seem to be anywhere to specify the location of the CRL. There is a "crl dist point" option that can be specified in the certool CA template, so perhaps this is what must be used:
crl_dist_points = "http://www.example.com/getcrl/"
None of this has helped as I'm still getting the same error as previously:
dhcpd self-test failed. Please fix /etc/dhcp/dhcpd.conf.
The error was:
Internet Systems Consortium DHCP Server 4.2.4
Copyright 2004-2012 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Cannot set LDAP TLS crl check option: Can't contact LDAP server
*** glibc detected *** /usr/sbin/dhcpd: double free or corruption (top): 0x00007f6b054e6300 ***
--
Mark Pavlichuk
More information about the pkg-dhcp-devel
mailing list