Re: User Authentication with nslcd 0.8.13

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Priya Seshaadri <priya.sesh [at] gmail.com>
To: nss-pam-ldapd-users [at] lists.arthurdejong.org
Subject: Re: User Authentication with nslcd 0.8.13
Date: Wed, 7 Aug 2013 14:15:28 -0500

Does nss-pam-ldapd require the LDAP server to provide LDAPS (LDAP over SSL) API? Is it a hard requirement or is it just something that's good to have? My server doesn't provide LDAPS right now. I might have to modify that.

On Wed, Aug 7, 2013 at 9:24 AM, Priya Seshaadri <priya.sesh [at] gmail.com> wrote:

This is the object dump of pam_ldap.so in /usr/lib/security:

-----------------------------------------

usr/lib/security/pam_ldap.so: file format elf32-little

DYNAMIC SYMBOL TABLE:
00005f94 l d .init 00000000 .init
0003f00c l d .jcr 00000000 .jcr

00000000 D *UND* 00000000 X509_NAME_entry_count
00000000 DF *UND* 00000000 GLIBC_2.4 getnameinfo

00000000 D *UND* 00000000 BIO_new_mem_buf
00000000 DF *UND* 00000000 SSL_connect

00000000 DF *UND* 00000000 GLIBC_2.4 strerror
00000000 DF *UND* 00000000 SSL_set_bio

00000000 DF *UND* 00000000 GLIBC_2.4 inet_ntop
00000000 D *UND* 00000000 OpenSSL_add_all_digests

00000000 DF *UND* 00000000 BIO_free
00000000 DF *UND* 00000000 GLIBC_2.4 geteuid
00000000 DF *UND* 00000000 GLIBC_2.4 connect
00000000 DF *UND* 00000000 GLIBC_2.4 srand
00000000 DF *UND* 00000000 SSL_CTX_set_client_CA_list

00000000 DF *UND* 00000000 LIBPAM_1.0 pam_get_user
00000000 DF *UND* 00000000 GLIBC_2.4 memcmp

00000000 DF *UND* 00000000 sk_free
00000000 DF *UND* 00000000 GLIBC_2.4 syslog
00000000 DF *UND* 00000000 SSL_add_dir_cert_subjects_to_stack
00000000 DF *UND* 00000000 LIBPAM_1.0 pam_strerror

00000000 DF *UND* 00000000 GCC_3.5 __aeabi_unwind_cpp_pr0
0000d6a4 g DF .text 00000080 EXPORTED pam_sm_open_session

00000000 D *UND* 00000000 GENERAL_NAMES_free
00000000 D *UND* 00000000 X509_STORE_CTX_get_error

00000000 DF *UND* 00000000 LIBPAM_1.0 pam_get_data
00000000 w D *UND* 00000000 __gmon_start__

00000000 w D *UND* 00000000 _Jv_RegisterClasses
00000000 D *UND* 00000000 X509_NAME_oneline

00000000 D *UND* 00000000 ASN1_STRING_length
00000000 DF *UND* 00000000 DH_size

00000000 DF *UND* 00000000 GLIBC_2.4 vsnprintf
00000000 DF *UND* 00000000 SSL_CTX_set_verify

00000000 DF *UND* 00000000 GLIBC_2.4 strncpy
00000000 DF *UND* 00000000 GLIBC_2.4 fclose
00000000 DF *UND* 00000000 GLIBC_2.4 fgets
00000000 DF *UND* 00000000 GLIBC_2.4 getenv
00000000 DO *UND* 00000000 GLIBC_2.4 sys_nerr

00000000 D *UND* 00000000 RAND_load_file
00000000 DF *UND* 00000000 sk_value

00000000 DF *UND* 00000000 GLIBC_2.4 strchr
00000000 DF *UND* 00000000 GLIBC_2.4 strcasecmp
00000000 D *UND* 00000000 RSA_generate_key_ex
00000000 DF *UND* 00000000 SSL_load_error_strings

00000000 DF *UND* 00000000 GLIBC_2.4 calloc
00000000 DF *UND* 00000000 SSL_CIPHER_get_bits

00000000 DF *UND* 00000000 GLIBC_2.4 fopen
00000000 D *UND* 00000000 X509_STORE_set_flags

00000000 DF *UND* 00000000 GLIBC_2.4 memset
00000000 DF *UND* 00000000 GLIBC_2.4 gai_strerror

00000000 D *UND* 00000000 BN_set_word
00000000 DF *UND* 00000000 GLIBC_2.4 freeaddrinfo

00000000 DF *UND* 00000000 BIO_clear_flags
00000000 DF *UND* 00000000 GLIBC_2.4 strrchr

00000000 DF *UND* 00000000 LIBPAM_1.0 pam_set_data
00000000 DF *UND* 00000000 LIBPAM_1.0 pam_set_item

00000000 D *UND* 00000000 X509V3_EXT_d2i
00000000 DF *UND* 00000000 SSL_get_peer_certificate

00000000 DF *UND* 00000000 GLIBC_2.4 __assert_fail
00000000 DF *UND* 00000000 BIO_new

00000000 DF *UND* 00000000 X509_get_subject_name
00000000 DF *UND* 00000000 SSL_free

00000000 D *UND* 00000000 X509_NAME_get_entry
00000000 g DO *ABS* 00000000 EXPORTED EXPORTED

00000000 DF *UND* 00000000 GLIBC_2.4 getuid
00000000 DF *UND* 00000000 GLIBC_2.4 free
00000000 DF *UND* 00000000 GLIBC_2.4 read

00000000 DF *UND* 00000000 GLIBC_2.4 write
00000000 DF *UND* 00000000 SSL_get_certificate

00000000 D *UND* 00000000 X509_get_ext_by_NID
00000000 D *UND* 00000000 RAND_egd

00000000 DF *UND* 00000000 GLIBC_2.4 inet_pton
00000000 DF *UND* 00000000 GLIBC_2.4 gettimeofday

00000000 DF *UND* 00000000 CRYPTO_free
00000000 DF *UND* 00000000 GLIBC_2.4 gethostbyname_r

00000000 D *UND* 00000000 ERR_free_strings
00000000 DF *UND* 00000000 GLIBC_2.4 __xpg_strerror_r

00000000 DF *UND* 00000000 GLIBC_2.4 socket
00000000 DF *UND* 00000000 GLIBC_2.4 getaddrinfo

00000000 DF *UND* 00000000 SSL_CTX_new
00000000 DF *UND* 00000000 GLIBC_2.4 fflush

00000000 DF *UND* 00000000 SSL_get_verify_result
00000000 DF *UND* 00000000 GLIBC_2.4 inet_aton

00000000 DF *UND* 00000000 BIO_set_flags
0000cf50 g DF .text 00000724 EXPORTED pam_sm_authenticate

00000000 DF *UND* 00000000 SSL_read
00000000 DF *UND* 00000000 SSL_CTX_set_session_id_context

00000000 D *UND* 00000000 EVP_cleanup
00000000 DF *UND* 00000000 SSL_pending

00000000 DF *UND* 00000000 GLIBC_2.4 strlen
0000e790 g DF .text 00000b38 EXPORTED pam_sm_acct_mgmt

00000000 DF *UND* 00000000 X509_verify_cert_error_string
00000000 DF *UND* 00000000 SSL_get_current_cipher

00000000 D *UND* 00000000 X509_get_ext
00000000 DF *UND* 00000000 GLIBC_2.4 strtoul

00000000 DF *UND* 00000000 GLIBC_2.4 memcpy
00000000 DF *UND* 00000000 GLIBC_2.4 __h_errno_location

00000000 DF *UND* 00000000 RSA_new
00000000 DF *UND* 00000000 GLIBC_2.4 fopen64
00000000 DF *UND* 00000000 GLIBC_2.4 clock
00000000 DF *UND* 00000000 SSL_load_client_CA_file

00000000 DF *UND* 00000000 RSA_free
00000000 DF *UND* 00000000 SSL_CTX_load_verify_locations

00000000 DF *UND* 00000000 GLIBC_2.4 strtol
00000000 DF *UND* 00000000 SSL_alert_desc_string_long

00000000 DF *UND* 00000000 GLIBC_2.4 strcpy
00000000 DF *UND* 00000000 GLIBC_2.4 atol
00000000 DF *UND* 00000000 GLIBC_2.4 ctime

0000d674 g DF .text 00000030 EXPORTED pam_sm_setcred
00000000 D *UND* 00000000 BN_new

00000000 DF *UND* 00000000 GLIBC_2.4 raise
00000000 DF *UND* 00000000 GLIBC_2.4 atoi
00000000 DF *UND* 00000000 GLIBC_2.4 gethostbyaddr

00000000 DF *UND* 00000000 GLIBC_2.4 shutdown
00000000 DF *UND* 00000000 SSL_state_string_long

00000000 DF *UND* 00000000 sk_num
00000000 D *UND* 00000000 PEM_read_bio_DHparams

00000000 D *UND* 00000000 ASN1_STRING_data
00000000 DF *UND* 00000000 GLIBC_2.4 close

0000d724 g DF .text 00000030 EXPORTED pam_sm_close_session
00000000 D *UND* 00000000 RAND_file_name

00000000 DF *UND* 00000000 ERR_peek_error
00000000 DF *UND* 00000000 SSL_alert_type_string_long

00000000 DF *UND* 00000000 SSL_CTX_use_PrivateKey_file
00000000 DF *UND* 00000000 SSL_library_init

00000000 DF *UND* 00000000 GLIBC_2.4 strncasecmp
00000000 DF *UND* 00000000 SSL_CTX_use_certificate_file

00000000 DF *UND* 00000000 GLIBC_2.4 time
00000000 D *UND* 00000000 RAND_write_file

00000000 DF *UND* 00000000 GLIBC_2.4 __ctype_b_loc
00000000 DF *UND* 00000000 GLIBC_2.4 fprintf

00000000 DF *UND* 00000000 GLIBC_2.4 strdup
00000000 D *UND* 00000000 X509_STORE_CTX_get_current_cert

00000000 DF *UND* 00000000 GLIBC_2.4 malloc
00000000 DF *UND* 00000000 SSL_CTX_set_cipher_list

00000000 DF *UND* 00000000 GLIBC_2.4 gethostname
00000000 D *UND* 00000000 ERR_remove_state

00000000 DF *UND* 00000000 i2d_X509_NAME
00000000 DF *UND* 00000000 GLIBC_2.4 gmtime_r

00000000 DF *UND* 00000000 SSL_new
00000000 DF *UND* 00000000 SSL_write
00000000 DF *UND* 00000000 GLIBC_2.4 poll
00000000 DO *UND* 00000000 GLIBC_2.4 sys_errlist
00000000 DF *UND* 00000000 SSL_CTX_get_cert_store

00000000 D *UND* 00000000 X509V3_add_standard_extensions
00000000 DF *UND* 00000000 CRYPTO_add_lock

00000000 DF *UND* 00000000 GLIBC_2.4 strcat
00000000 DF *UND* 00000000 GLIBC_2.4 memmove
00000000 DF *UND* 00000000 X509_free
00000000 D *UND* 00000000 OBJ_nid2obj
00000000 DF *UND* 00000000 sk_new_null
00000000 DF *UND* 00000000 GLIBC_2.4 getpid
00000000 DF *UND* 00000000 SSL_accept
00000000 D *UND* 00000000 ERR_error_string_n

00000000 D *UND* 00000000 DH_generate_parameters
00000000 DF *UND* 00000000 SSL_shutdown

00000000 DF *UND* 00000000 GLIBC_2.4 fcntl
00000000 D *UND* 00000000 BIO_new_file

00000000 DF *UND* 00000000 SSL_CTX_set_info_callback
00000000 DO *UND* 00000000 GLIBC_2.4 stderr

00000000 DF *UND* 00000000 GLIBC_2.4 rand
00000000 D *UND* 00000000 X509_get_issuer_name

00000000 D *UND* 00000000 RAND_status
00000000 DF *UND* 00000000 SSL_CTX_set_default_verify_paths

00000000 DF *UND* 00000000 GLIBC_2.4 crypt
00000000 DF *UND* 00000000 GLIBC_2.4 snprintf
00000000 D *UND* 00000000 ERR_get_error_line
00000000 DF *UND* 00000000 SSL_CTX_set_tmp_rsa_callback

00000000 DF *UND* 00000000 GLIBC_2.4 strncmp
00000000 DF *UND* 00000000 SSL_CTX_ctrl

00000000 D *UND* 00000000 OBJ_cmp
00000000 DF *UND* 00000000 GLIBC_2.4 getpeername

00000000 D *UND* 00000000 X509_STORE_CTX_get_error_depth
00000000 DF *UND* 00000000 GLIBC_2.4 gethostbyname

00000000 DF *UND* 00000000 GLIBC_2.4 realloc
0000d754 g DF .text 0000103c EXPORTED pam_sm_chauthtok

00000000 DF *UND* 00000000 SSL_CTX_set_tmp_dh_callback
00000000 DF *UND* 00000000 GLIBC_2.4 setsockopt

00000000 DF *UND* 00000000 GCC_3.5 __aeabi_unwind_cpp_pr1
00000000 DF *UND* 00000000 LIBPAM_1.0 pam_get_item

00000000 DF *UND* 00000000 GLIBC_2.4 memchr
00000000 D *UND* 00000000 BN_free
00000000 DF *UND* 00000000 GLIBC_2.4 strcmp
00000000 D *UND* 00000000 X509_NAME_ENTRY_get_data

00000000 DF *UND* 00000000 SSL_get_error
00000000 DF *UND* 00000000 GLIBC_2.4 __errno_location

00000000 DF *UND* 00000000 SSL_CTX_free
00000000 w DF *UND* 00000000 GLIBC_2.4 __cxa_finalize

00000000 DF *UND* 00000000 GLIBC_2.4 sprintf
00000000 DF *UND* 00000000 SSLv23_method

00000000 DF *UND* 00000000 GLIBC_2.4 fputs
-------------------------------------------------------------

On Wed, Aug 7, 2013 at 9:01 AM, Priya Seshaadri <priya.sesh [at] gmail.com> wrote:

Are you sure /lib/security/pam_ldap.so is the nss-pam-ldapd version? Can
you do:
ldd /lib/security/pam_ldap.so
objdump -TC /lib/security/pam_ldap.so

There was another pam_ldap.so in /usr/lib/security. I got different object dumps for the 2 copies of the pam_ldap.so files that I had. I changed the files in /etc/pam.d to use the .so file from /usr/lib/security. But no luck. Still doesn't work.

-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/

Re: User Authentication with nslcd 0.8.13, (continued)

Prev by Date: Re: User Authentication with nslcd 0.8.13
Next by Date: Re: User Authentication with nslcd 0.8.13
Previous by thread: Re: User Authentication with nslcd 0.8.13
Next by thread: Re: User Authentication with nslcd 0.8.13