Unable to start TLS - Warning on line 577
MediaWiki 1.18.1
PHP 5.3.6 (cgi-fcgi)
MySQL 5.5.12
LdapAuthentication-trunk-r108179
Windows 2008R2 AD
Sometimes I got error:
Warning: ldap_start_tls(): Unable to start TLS: Can't contact LDAP server in LdapAuthentication.php on line 577
After relogon to wiki this text disappear. In configuration $wgLDAPEncryptionType = array('VG' => 'clear');
Small addition. In debug.log I see:
2012-01-13 06:21:56 WikiVG: 2.0a Using servers:
With empty server.
After relogin to wiki in new strings I see:
2012-01-13 06:21:40 WikiVG: 2.0a Using servers: ldap://vs-dc-16-2.vg.local:389
But after small time (about 5 min) I will get error again.
Have you tried applying this patch? MediaWiki 1.18 has a bug that messes up ldap user sessions.
Just applied this patch. Testing. Thanks for help.
This patch not fix my problem. I've got same error after small time after relogin.
I have the same problem. I am also wondering why it reconnects to the ldap server every time a new page loads. Shouldn't the session stay active?
Here's the end of a XDebug stack trace with the relevant info. Any ideas?
[10-Feb-2012 06:03:12] PHP 13. User::newFromName($name = 'Josh', $validate = *uninitialized*) C:\Apache2.2\htdocs\includes\resourceloader\ResourceLoaderUserGroupsModule.php:35 [10-Feb-2012 06:03:12] PHP 14. User::getCanonicalName($name = 'Josh', $validate = 'valid') C:\Apache2.2\htdocs\includes\User.php:361 [10-Feb-2012 06:03:12] PHP 15. LdapAuthenticationPlugin->getCanonicalName($username = 'Josh') C:\Apache2.2\htdocs\includes\User.php:770 [10-Feb-2012 06:03:12] PHP 16. LdapAuthenticationPlugin->connect($domain = *uninitialized*) C:\Apache2.2\htdocs\extensions\LdapAuthentication\LdapAuthentication.php:1172 [10-Feb-2012 06:03:12] PHP 17. ldap_start_tls(resource(247) of type (ldap link)) C:\Apache2.2\htdocs\extensions\LdapAuthentication\LdapAuthentication.php:577
This is the same issue I reported in this thread, and while this patch did fix part of my issue, I'm still getting this error when searching or clicking any "redlink" pages while NOT logged in. Once I log in, the errors go away (for me). I also tried installing LDAP Authentication r108775 without improvement.
I still have high hopes that Ryan will be able to figure it out!
I'm running 1.18.1 and am getting this exact error from time to time. I haven't figured out the pattern, but I AM using the latest TRUNK version of the LDAP Extension (R108775) due to other issues with R90286. This was not happening with R90286...
This is definitely a large issue with our deployment since EVERY user sees the errors occasionally, whereas with R90286 we had errors only on the login page. Thoughts? And thanks for what has generally been a really stable and helpful extension for the past 7 years (for us at least!)
Well, there's a bigger problem in play here. MediaWiki's authentication code stupidly uses the same function for user names and page titles. So, when a redlink is clicked, it will cause an LDAP lookup. I've worked around the issue for anons in r112471. Logged in users will still trigger an LDAP lookup for every redlink click, unless apc or memcache is being used for caching.
I'll try to fix this somehow in MediaWiki core in a way that's hopefully less terrible.
Ryan, thanks for looking into this. Where can I get r112471? And how long do you think it'll be before a comprehensive fix is in place?
