715609 – Certificate validation fails with message "Connection error: TLS: hostname does not match CN in peer certificate"

Bug 715609 - Certificate validation fails with message "Connection error: TLS: hostname does not match CN in peer certificate"

Summary: Certificate validation fails with message "Connection error: TLS: hostname do...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	sssd
Sub Component:
Version:	6.2
Hardware:	Unspecified
OS:	Unspecified
Priority:	urgent
Severity:	urgent
Target Milestone:	rc
Target Release:	---
Assignee:	Stephen Gallagher
QA Contact:	Chandrasekar Kannan
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	748849
TreeView+	depends on / blocked

Reported:	2011-06-23 13:45 UTC by Kaushik Banerjee
Modified:	2020-05-02 16:21 UTC (History)
CC List:	8 users (show)
Fixed In Version:	sssd-1.5.1-42.el6
Doc Type:	Bug Fix
Doc Text:	Do not document
Clone Of:
Clones:	748849 (view as bug list)
Environment:
Last Closed:	2011-12-06 16:38:54 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	SSSD sssd issues 1947	0	None	closed	Validation of TLS/SSL certificate of LDAP server fails because IP address is used to connect	2021-02-10 11:15:11 UTC
Red Hat Product Errata	RHBA-2011:1529	0	normal	SHIPPED_LIVE	sssd bug fix and enhancement update	2011-12-06 00:50:20 UTC

Description Kaushik Banerjee 2011-06-23 13:45:25 UTC

Description of problem:
Certificate validation fails with message "Connection error: TLS: hostname does not match CN in peer certificate".

Version-Release number of selected component (if applicable):
sssd-1.5.1-40.el6.i686

How reproducible:
Always

Steps to Reproduce:
1. Configure sssd with the config file as follows:
# cat /etc/sssd/sssd.conf
[sssd]
config_file_version = 2
reconnection_retries = 3
sbus_timeout = 30
services = nss, pam
domains = LDAP
debug_level = 9

[nss]
filter_groups = root
filter_users = root
reconnection_retries = 3
debug_level = 9

[pam]
reconnection_retries = 3
debug_level = 9

[domain/LDAP]
debug_level = 9
id_provider = ldap
ldap_uri = ldaps://cobra.lab.eng.pnq.redhat.com
ldap_search_base = dc=example,dc=com
auth_provider = ldap
ldap_tls_cacert = /etc/openldap/cacerts/cacert.asc


2 . Try to auth as a user on the ldap server.
# ssh -l kaushik2 localhost
kaushik2@localhost's password: 
Permission denied, please try again.
kaushik2@localhost's password: 

  
Actual results:
Auth fails.

/var/log/sssd/sssd_LDAP.log shows:
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sbus_dispatch] (9): dbus conn: 9AB5678
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sbus_dispatch] (9): Dispatching.
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sbus_message_handler] (9): Received SBUS method [getAccountInfo]
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [be_get_account_info] (4): Got request for [4097][1][name=kaushik2]
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sdap_id_op_connect_step] (9): beginning to connect
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [fo_resolve_service_send] (4): Trying to resolve service 'LDAP'
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [get_server_status] (7): Status of server 'cobra.lab.eng.pnq.redhat.com' is 'name not resolved'
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [get_server_status] (4): Hostname resolution expired, reseting the server status of 'cobra.lab.eng.pnq.redhat.com'
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [set_server_common_status] (4): Marking server 'cobra.lab.eng.pnq.redhat.com' as 'name not resolved'
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [get_port_status] (7): Port status of port 636 for server 'cobra.lab.eng.pnq.redhat.com' is 'neutral'
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [get_server_status] (7): Status of server 'cobra.lab.eng.pnq.redhat.com' is 'name not resolved'
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [resolv_gethostbyname_send] (4): Trying to resolve A record of 'cobra.lab.eng.pnq.redhat.com'
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [schedule_timeout_watcher] (9): Scheduling DNS timeout watcher
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [set_server_common_status] (4): Marking server 'cobra.lab.eng.pnq.redhat.com' as 'resolving name'
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [unschedule_timeout_watcher] (9): Unscheduling DNS timeout watcher
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [set_server_common_status] (4): Marking server 'cobra.lab.eng.pnq.redhat.com' as 'name resolved'
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [be_resolve_server_done] (4): Found address for server cobra.lab.eng.pnq.redhat.com: [10.65.201.57]
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sdap_uri_callback] (6): Constructed uri 'ldaps://10.65.201.57:636'
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sdap_get_rootdse_send] (9): Getting rootdse
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (6): calling ldap_search_ext with [(objectclass=*)][].
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (7): Requesting attrs: [*]
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (7): Requesting attrs: [altServer]
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (7): Requesting attrs: [namingContexts]
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (7): Requesting attrs: [supportedControl]
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (7): Requesting attrs: [supportedExtension]
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (7): Requesting attrs: [supportedFeatures]
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (7): Requesting attrs: [supportedLDAPVersion]
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (7): Requesting attrs: [supportedSASLMechanisms]
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (7): Requesting attrs: [defaultNamingContext]
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (7): Requesting attrs: [lastUSN]
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (7): Requesting attrs: [highestCommittedUSN]
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sdap_ldap_connect_callback_add] (9): New LDAP connection to [ldaps://10.65.201.57:636] with fd [25].
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (3): ldap_search_ext failed: Can't contact LDAP server
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (3): Connection error: TLS: hostname does not match CN in peer certificate
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [fo_set_port_status] (4): Marking port 636 of server 'cobra.lab.eng.pnq.redhat.com' as 'not working'
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sdap_handle_release] (8): Trace: sh[0x9ab9030], connected[1], ops[(nil)], ldap[0x9ab9068], destructor_lock[0], release_memory[0]
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [remove_connection_callback] (9): Successfully removed connection callback.
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [fo_resolve_service_send] (4): Trying to resolve service 'LDAP'
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [get_server_status] (7): Status of server 'cobra.lab.eng.pnq.redhat.com' is 'name resolved'
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [get_port_status] (7): Port status of port 636 for server 'cobra.lab.eng.pnq.redhat.com' is 'not working'
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [fo_resolve_service_send] (1): No available servers for service 'LDAP'
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sdap_id_op_connect_done] (1): Failed to connect, going offline (5 [Input/output error])
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [be_mark_offline] (8): Going offline!
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [be_run_offline_cb] (3): Going offline. Running callbacks.
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sdap_id_op_connect_done] (9): notify offline to op #1
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [acctinfo_callback] (4): Request processed. Returned 1,11,Offline
(Thu Jun 23 10:56:54 2011) [sssd[be[LDAP]]] [sdap_id_release_conn_data] (9): releasing unused connection
(Thu Jun 23 10:56:56 2011) [sssd[be[LDAP]]] [sbus_dispatch] (9): dbus conn: 9AAD710
(Thu Jun 23 10:56:56 2011) [sssd[be[LDAP]]] [sbus_dispatch] (9): Dispatching.
(Thu Jun 23 10:56:56 2011) [sssd[be[LDAP]]] [sbus_message_handler] (9): Received SBUS method [ping]
(Thu Jun 23 10:56:58 2011) [sssd[be[LDAP]]] [sbus_dispatch] (9): dbus conn: 9AB5678
(Thu Jun 23 10:56:58 2011) [sssd[be[LDAP]]] [sbus_dispatch] (9): Dispatching.
(Thu Jun 23 10:56:58 2011) [sssd[be[LDAP]]] [sbus_message_handler] (9): Received SBUS method [getAccountInfo]
(Thu Jun 23 10:56:58 2011) [sssd[be[LDAP]]] [be_get_account_info] (4): Got request for [4097][1][name=kaushik2]
(Thu Jun 23 10:56:58 2011) [sssd[be[LDAP]]] [be_get_account_info] (4): Request processed. Returned 1,11,Fast reply - offline
(Thu Jun 23 10:56:58 2011) [sssd[be[LDAP]]] [sbus_dispatch] (9): dbus conn: 9AB5678
(Thu Jun 23 10:56:58 2011) [sssd[be[LDAP]]] [sbus_dispatch] (9): Dispatching.
(Thu Jun 23 10:56:58 2011) [sssd[be[LDAP]]] [sbus_message_handler] (9): Received SBUS method [getAccountInfo]
(Thu Jun 23 10:56:58 2011) [sssd[be[LDAP]]] [be_get_account_info] (4): Got request for [4097][1][name=kaushik2]
(Thu Jun 23 10:56:58 2011) [sssd[be[LDAP]]] [be_get_account_info] (4): Request processed. Returned 1,11,Fast reply - offline
(Thu Jun 23 10:56:58 2011) [sssd[be[LDAP]]] [sbus_dispatch] (9): dbus conn: 9AB5678
(Thu Jun 23 10:56:58 2011) [sssd[be[LDAP]]] [sbus_dispatch] (9): Dispatching.
(Thu Jun 23 10:56:58 2011) [sssd[be[LDAP]]] [sbus_message_handler] (9): Received SBUS method [getAccountInfo]
(Thu Jun 23 10:56:58 2011) [sssd[be[LDAP]]] [be_get_account_info] (4): Got request for [4097][1][name=kaushik2]
(Thu Jun 23 10:56:58 2011) [sssd[be[LDAP]]] [be_get_account_info] (4): Request processed. Returned 1,11,Fast reply - offline

Expected results:
Auth should succeed.

Additional info:

Comment 3 Sumit Bose 2011-06-24 10:03:49 UTC

Corresponding upstream ticket https://fedorahosted.org/sssd/ticket/905 .

Comment 5 Kaushik Banerjee 2011-09-22 06:27:30 UTC

Certificate validation and auth succeeds now.

# ssh -l kau20 localhost
kau20@localhost's password: 
Last login: Thu Sep 22 11:48:40 2011 from localhost
Could not chdir to home directory /home/kau20: No such file or directory
-sh-4.1$ logout
Connection to localhost closed.

/var/log/sssd/sssd_LDAP.log shows:
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sbus_dispatch] (9): dbus conn: 1EB7B00
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sbus_dispatch] (9): Dispatching.
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sbus_message_handler] (9): Received SBUS method [getAccountInfo]
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [be_get_account_info] (4): Got request for [4097][1][name=kau20]
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_id_op_connect_step] (9): beginning to connect
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [fo_resolve_service_send] (4): Trying to resolve service 'LDAP'
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [get_server_status] (7): Status of server 'lion.lab.eng.pnq.redhat.com' is 'name not resolved'
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [get_port_status] (7): Port status of port 636 for server 'lion.lab.eng.pnq.redhat.com' is 'neutral'
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [get_server_status] (7): Status of server 'lion.lab.eng.pnq.redhat.com' is 'name not resolved'
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [resolv_is_address] (9): [lion.lab.eng.pnq.redhat.com] does not look like an IP address
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [resolv_gethostbyname_step] (8): Querying files
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [resolv_gethostbyname_files_send] (4): Trying to resolve A record of 'lion.lab.eng.pnq.redhat.com' in files
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [set_server_common_status] (4): Marking server 'lion.lab.eng.pnq.redhat.com' as 'resolving name'
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [resolv_gethostbyname_step] (8): Querying files
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [resolv_gethostbyname_files_send] (4): Trying to resolve AAAA record of 'lion.lab.eng.pnq.redhat.com' in files
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [resolv_gethostbyname_next] (5): No more address families to retry
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [resolv_gethostbyname_step] (8): Querying DNS
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [schedule_timeout_watcher] (9): Scheduling DNS timeout watcher
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [resolv_gethostbyname_dns_query] (4): Trying to resolve A record of 'lion.lab.eng.pnq.redhat.com' in DNS
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [unschedule_timeout_watcher] (9): Unscheduling DNS timeout watcher
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [resolv_gethostbyname_dns_parse] (7): Parsing an A reply
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [set_server_common_status] (4): Marking server 'lion.lab.eng.pnq.redhat.com' as 'name resolved'
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [be_resolve_server_done] (4): Found address for server lion.lab.eng.pnq.redhat.com: [10.65.201.54] TTL 300
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_uri_callback] (6): Constructed uri 'ldaps://lion.lab.eng.pnq.redhat.com'
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sss_ldap_init_send] (9): Using file descriptor [26] for LDAP connection.
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_ldap_connect_callback_add] (9): New LDAP connection to [ldaps://lion.lab.eng.pnq.redhat.com:636/??base] with fd [26].
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_get_rootdse_send] (9): Getting rootdse
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (6): calling ldap_search_ext with [(objectclass=*)][].
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (7): Requesting attrs: [*]
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (7): Requesting attrs: [altServer]
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (7): Requesting attrs: [namingContexts]
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (7): Requesting attrs: [supportedControl]
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (7): Requesting attrs: [supportedExtension]
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (7): Requesting attrs: [supportedFeatures]
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (7): Requesting attrs: [supportedLDAPVersion]
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (7): Requesting attrs: [supportedSASLMechanisms]
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (7): Requesting attrs: [defaultNamingContext]
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (7): Requesting attrs: [lastUSN]
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (7): Requesting attrs: [highestCommittedUSN]
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (8): ldap_search_ext called, msgid = 1
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: sh[0x1ebc630], connected[1], ops[0x1f4db90], ldap[0x1ebcbe0]
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: ldap_result found nothing!
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: sh[0x1ebc630], connected[1], ops[0x1f4db90], ldap[0x1ebcbe0]
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_parse_entry] (9): OriginalDN: [].
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: sh[0x1ebc630], connected[1], ops[0x1f4db90], ldap[0x1ebcbe0]
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_get_generic_done] (6): Search result: Success(0), (null)
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_get_rootdse_done] (9): Got rootdse
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_get_server_opts_from_rootdse] (5): No known USN scheme is supported by this server!
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_get_server_opts_from_rootdse] (5): Will use modification timestamp as usn!
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [simple_bind_send] (4): Executing simple bind as: (null)
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [simple_bind_send] (8): ldap simple bind sent, msgid = 2
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: sh[0x1ebc630], connected[1], ops[0x1f4e500], ldap[0x1ebcbe0]
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: ldap_result found nothing!
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: sh[0x1ebc630], connected[1], ops[0x1f4e500], ldap[0x1ebcbe0]
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [simple_bind_done] (5): Server returned no controls.
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [simple_bind_done] (3): Bind result: Success(0), (null)
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [fo_set_port_status] (4): Marking port 636 of server 'lion.lab.eng.pnq.redhat.com' as 'working'
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [set_server_common_status] (4): Marking server 'lion.lab.eng.pnq.redhat.com' as 'working'
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_id_op_connect_done] (9): notify connected to op #1
(Thu Sep 22 11:52:04 2011) [sssd[be[LDAP]]] [sdap_get_generic_step] (6): calling ldap_search_ext with [(&(uid=kau20)(objectclass=posixAccount))][dc=example,dc=com].

Comment 6 Kaushik Banerjee 2011-09-22 06:28:16 UTC

Verified in version:

# rpm -qi sssd | head
Name        : sssd                         Relocations: (not relocatable)
Version     : 1.5.1                             Vendor: Red Hat, Inc.
Release     : 52.el6                        Build Date: Tue 20 Sep 2011 09:11:03 PM IST
Install Date: Wed 21 Sep 2011 03:07:04 PM IST      Build Host: x86-010.build.bos.redhat.com
Group       : Applications/System           Source RPM: sssd-1.5.1-52.el6.src.rpm
Size        : 3550647                          License: GPLv3+
Signature   : (none)
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
URL         : http://fedorahosted.org/sssd/
Summary     : System Security Services Daemon

Comment 7 Jakub Hrozek 2011-10-27 16:03:15 UTC

    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Do not document

Comment 8 errata-xmlrpc 2011-12-06 16:38:54 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1529.html

Note You need to log in before you can comment on or make changes to this bug.