Date: Fri, 30 Mar 2012 11:43:39 +0200 From: "O. Hartmann" <ohartman@mail.zedat.fu-berlin.de> To: Current FreeBSD <freebsd-current@freebsd.org>, Ports FreeBSD <freebsd-ports@FreeBSD.org> Subject: FreeBSD 10.0-CURRENT/amd64 and SSL connections to PostgreSQL 9.1.3: broken! Message-ID: <4F75804B.6000907@mail.zedat.fu-berlin.de>
next in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig4BC4816D3FF31323F78D2886 Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: quoted-printable A couple of days ago I updated FreeBSD 10.0-CURRENT and deleted old libs and old files via "make delete-old-XXX" in /usr/src, as I saw that Kerberos5/Heimdal got an update. After that, several server/applications didn't work correctly anymore due to missing, already deleted libraries. So i recompiled nearly every port, especially Subversion, OpenLDAP (amongst Cyrus SASL, pam_ldap and nss_ldap). PostgreSQL has also got an update from 9.1.2 to 9.1.3 that time. My hurting problem is, that ALL FreeBSD 10.0-CURRENT based servers using OpenLDAP or SSL connections now fail. I can not exactly nail down the problem, but these (already completely with portmaster -f recompiled applications) ports fail connecting to PostgreSQL when using OpenLDAP/SSL= : pgadmin3 (users in pg_hba are, except superuser, on OpenLDAP) refdb (refdb users are OpenLDAP backed) Mediawiki (Mediawiki users are OpenLDAP backed) These ports connect to PostgreSQL and use for user's authentication OpenLDAP. Our boxes also use OpenLDAP for user authentication, this works, so I assume PostgreSQL is the failing point. In the log I get that a pg_hba entry with SSL off is missing. Somehow, SSL doesn't work anymore or the certificate got invalidated (created with a CA on FreeBSD 9, now used on FBSD 10). Does anyone also experience this weird behaviour? Regards, Oliver --------------enig4BC4816D3FF31323F78D2886 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iQEcBAEBAgAGBQJPdYBQAAoJEOgBcD7A/5N8COUH/3TeMzG1H7Szon+iVmH1XcuW KpvdIrfOFE1bJRhJ5UVkoJ8QvcDZRPr6lAI72cnDZ2PwZj892tO6jbh7NGBa+Z6I ilLYpchW0m04HuM9/Jx3RInImqHXHixbu9d5GKd7Wha1ue39YbDPGZ0AlnB0vZPS +ltydP+E/zvMImdvituRe376rxnPcQvX9fODlpyec0n1sLNHf+/hUqOHQTlPiWZO 3vy9sij5Oglz20YTLQ9oYyNpEZNDqwXWOI8FlLbqr6ODNtsYE+BwLShmKOlY11jz oYHZy5sEsoNRxCcLQCN6HKWeVT5oOa5+OLabUxgjHQb3/Km+0gBieyfvGL9VezM= =COKj -----END PGP SIGNATURE----- --------------enig4BC4816D3FF31323F78D2886--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4F75804B.6000907>