[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#3396) slapd crash during SASL Canonicalize



> sasl-secprops none
> sasl-realm "CEDAR.UTA.EDU"
> sasl-host husky.cedar.uta.edu
> sasl-regexp uid=service/nss/(.*),cn=CEDAR.UTA.EDU,cn=gssapi,cn=auth
> ldaps:///cn=$1,cn=nss,cn=services,dc=uta,dc=edu
> sasl-regexp uid=service/(.*),cn=CEDAR.UTA.EDU,cn=gssapi,cn=auth
> ldaps:///cn=$1,cn=services,dc=uta,dc=edu
> sasl-regexp uid=(.*),cn=CEDAR.UTA.EDU,cn=gssapi,cn=auth
> ldaps:///uid=$1,cn=accounts,dc=uta,dc=edu

I think I've found the problem, which could be related to a bug in authz
mapping in slapd.  I'll fix it in a moment in HEAD; but it can be easily
worked around by changing your sasl-regexp directives.  Please try the
following and report the result:

sasl-regexp "^uid=service/nss/(.*),cn=CEDAR\.UTA\.EDU,cn=gssapi,cn=auth$"
        "dn:cn=$1,cn=nss,cn=services,dc=uta,dc=edu"
sasl-regexp "^uid=service/(.*),cn=CEDAR\.UTA\.EDU,cn=gssapi,cn=auth$"
        "dn:cn=$1,cn=services,dc=uta,dc=edu"
sasl-regexp "^uid=(.*),cn=CEDAR\.UTA\.EDU,cn=gssapi,cn=auth$"
        "dn:uid=$1,cn=accounts,dc=uta,dc=edu"

Thanks, p.

-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it


    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497