|
Pre-master keys are available in the capture file comments.
Install slapd 2.4.31-1+nmu2ubuntu8 ldap-utils 2.4.31-1+nmu2ubuntu8
cd /etc/ldap/ssl
openssl req -newkey rsa:1024 -x509 -nodes -out slapd.pem -keyout \
slapd.pem -days 3650 -subj /CN='LDAP SSL test/'
chown openldap: slapd.pem && chmod 600 slapd.pem
cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
dn: cn=config
add: olcTLSCertificateFile
olcTLSCertificateFile: /etc/ldap/ssl/slapd.pem
-
add: olcTLSCertificateKeyFile
olcTLSCertificateKeyFile: /etc/ldap/ssl/slapd.pem
EOF
/etc/init.d/slapd restart
Client:
gdb -q -ex break\ gnutls_handshake -ex r --args \
ldapsearch -ZZ ldap://127.0.0.1:389
p session
p/x ((gnutls_session_t)$1)->security_parameters->client_random
p/x ((gnutls_session_t)$1)->security_parameters->master_secret
c
|