Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1445188
Description of problem: Because of a wrong port number used in commandline for ladpmodify, I am getting in error logs - [25/Apr/2017:03:03:32.806827033 -0400] - ERR - log_ber_too_big_error - conn=12 fd=64 Incoming BER Element was 3 bytes, max allowable is 2097152 bytes. Change the nsslapd-maxbersize attribute in cn=config to increase. which is misleading Version-Release number of selected component (if applicable): 389-ds-base-1.3.6.1-9.el7.x86_64 How reproducible: Always Steps to Reproduce: 1. Configure MMR with SSL 2. execute - /usr/lib64/mozldap/ldapmodify -Z -P "/etc/dirsrv/slapd-M1/cert8.db" -W secret12 -p 30100 -h localhost -D "cn=directory manager" -w Secret123 << EOF dn: uid=new_user4,dc=example,dc=com changetype: add objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetorgperson uid: new_user4 sn: new_user4 cn: new_user4 EOF where 30100 is non-ssl port (wrong port number) 3. you will get below on command line - ldap_simple_bind: Can't contact LDAP server SSL error -5938 (Encountered end of file.) 4. And in error messages, it will show - [25/Apr/2017:03:13:17.830291071 -0400] - ERR - log_ber_too_big_error - conn=16 fd=64 Incoming BER Element was 3 bytes, max allowable is 2097152 bytes. Change the nsslapd-maxbersize attribute in cn=config to increase. [25/Apr/2017:03:22:08.700482270 -0400] - ERR - log_ber_too_big_error - conn=22 fd=64 Incoming BER Element was 3 bytes, max allowable is 2097152 bytes. Change the nsslapd-maxbersize attribute in cn=config to increase. Actual results: Error message for a wrong port- [25/Apr/2017:03:13:17.830291071 -0400] - ERR - log_ber_too_big_error - conn=16 fd=64 Incoming BER Element was 3 bytes, max allowable is 2097152 bytes. Change the nsslapd-maxbersize attribute in cn=config to increase. [25/Apr/2017:03:22:08.700482270 -0400] - ERR - log_ber_too_big_error - conn=22 fd=64 Incoming BER Element was 3 bytes, max allowable is 2097152 bytes. Change the nsslapd-maxbersize attribute in cn=config to increase. Expected results: Errors message should be helpful in pointing out the mistake. Additional info:
Metadata Update from @firstyear: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1445188
Metadata Update from @mreynolds: - Custom field component adjusted to None - Custom field origin adjusted to None - Custom field reviewstatus adjusted to None - Custom field type adjusted to None - Custom field version adjusted to None - Issue set to the milestone: 1.3.7.0 (was: 0.0 NEEDS_TRIAGE)
Metadata Update from @firstyear: - Issue assigned to firstyear
<img alt="0001-Ticket-49377-Incoming-BER-too-large-with-TLS-on-plai.patch" src="/389-ds-base/issue/raw/files/e9cad3216d041a4771c0226dfdd67ae49b0831826194dc99f9ca3d08d36d59c4-0001-Ticket-49377-Incoming-BER-too-large-with-TLS-on-plai.patch" />
Metadata Update from @firstyear: - Custom field reviewstatus adjusted to review (was: None)
Metadata Update from @mreynolds: - Custom field reviewstatus adjusted to ack (was: review)
commit b3629af To ssh://git@pagure.io/389-ds-base.git b4497c4..b3629af master -> master
Metadata Update from @firstyear: - Custom field reviewstatus adjusted to review (was: ack) - Issue close_status updated to: fixed - Issue set to the milestone: 1.4 backlog (was: 1.3.7.0) - Issue status updated to: Closed (was: Open)
This also needs to go into 1.3.7...
Metadata Update from @mreynolds: - Issue set to the milestone: 1.3.7.0 (was: 1.4 backlog) - Issue status updated to: Open (was: Closed)
commit f49e4cf To ssh://git@pagure.io/389-ds-base.git 231c28b..f49e4cf 389-ds-base-1.3.7 -> 389-ds-base-1.3.7
Metadata Update from @firstyear: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here: - https://github.com/389ds/389-ds-base/issues/2436
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi: - Issue close_status updated to: wontfix (was: fixed)
Login to comment on this ticket.