[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#4180) slapd (back-sql) hangs/segfaults on SASL bind
On Thu, 2005-11-17 at 16:38 +0000, nels@maei.ca wrote:
> Full_Name: Nels Lindquist
> Version: 2.3.11
> OS: Linux (CentOS 3.6)
> URL:
> Submission from: (NULL) (66.225.146.217)
I cannot reproduce this issue, using SASL bind with DIGEST-MD5; can you
provide further details on the offending operation and on the sasl/authz
related configuration of slapd? Do you store credentials in the
database?
>
>
> CentOS 3.6 (RHEL rebuild)
> OpenLDAP 2.3.11 (built from source)
> Cyrus SASL 2.1.20
> PostgreSQL 8.1.0
> unixODBC 2.2.8
>
> Using back-sql with PostgreSQL, slapd hangs indefinitely (when running in the
> background) or segfaults (when run with -d 1) whenever a SASLv2 bind is
> attempted. Simple bind works fine.
>
> Here are the last few lines from the slapd debug output:
>
> <==backsql_search()
> <==slap_sasl2dn: Converted SASL name to cn=nels lindquist,o=maei,c=ca
> slap_sasl_getdn: dn:id converted to cn=nels lindquist,o=maei,c=ca
> SASL Canonicalize [conn=7]: slapAuthcDN="cn=nels lindquist,o=maei,c=ca"
> SASL Canonicalize [conn=7]: authzid="nels"
> SASL proxy authorize [conn=7]: authcid="nels" authzid="nels"
>
> I also managed to get a backtrace from gdb:
>
> [Switching to Thread -1228420176 (LWP 17259)]
> 0x0018977b in strlen () from /lib/tls/libc.so.6
> (gdb) bt
> #0 0x0018977b in strlen () from /lib/tls/libc.so.6
> #1 0x00157611 in vfprintf () from /lib/tls/libc.so.6
> #2 0x00178d14 in vsnprintf () from /lib/tls/libc.so.6
> #3 0x080f4e58 in lutil_debug (debug=7, level=1191210597,
> fmt=0x810ce5c "==>slap_sasl_authorized: can %s become %s?\n") at
> debug.c:83
Can you print the values of authcDN=0xb6c7c678, authzDN=0xb6c7c670
below?
> #4 0x0808fb77 in slap_sasl_authorized (op=0x9777138,
> authcDN=0xb6c7c678, authzDN=0xb6c7c670) at saslauthz.c:2074
> #5 0x08093889 in slap_sasl_authorize (sconn=0x9776370,
> context=0xb7580a18, requested_user=0x9776c80 "nels", rlen=4,
> auth_identity=0x9776d81 "nels", alen=4, def_realm=0x0, urlen=0,
> props=0x97775f8) at sasl.c:697
> #6 0x00b7283e in sasl_server_new () from /usr/lib/libsasl2.so.2
> #7 0x00b72e3f in sasl_server_step () from /usr/lib/libsasl2.so.2
> #8 0x0809450b in slap_sasl_bind (op=0x0, rs=0x9776370) at
> sasl.c:1380
> #9 0x08072718 in fe_op_bind (op=0x9777138, rs=0xb6c7c870) at
> bind.c:276
> #10 0x08071d99 in do_bind (op=0x9777138, rs=0xb6c7c870) at bind.c:200
> #11 0x0805bd4c in connection_operation (ctx=0xb6c7c8f0,
> arg_v=0x9777138) at connection.c:1061
> #12 0x080d71a2 in ldap_int_thread_pool_wrapper (xpool=0x97246b0) at
> tpool.c:485
> #13 0x00960dd8 in start_thread () from /lib/tls/libpthread.so.0
> #14 0x001edd2a in clone () from /lib/tls/libc.so.6
Ing. Pierangelo Masarati
Responsabile Open Solution
SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office: +39.02.23998309
Mobile: +39.333.4963172
Email: pierangelo.masarati@sys-net.it
------------------------------------------