[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
ITS#6661 (Was: FW: (6661))
> Hi Pierangelo,
>
> I replied to the ticket's list but I forgot to include your address.
>
> Here is my reply if you care to read it,
>
> Regards,
>
> George
>
>
>
> -----Original Message-----
> From: George Tzanetis
> Sent: Thursday, September 30, 2010 10:37 AM
> To: 'openldap-its@openldap.org'
> Subject: (ITS#6661)
>
> Hi,
>
> I built openldap using the new code. The rootpw now works, but if a wrong
> password in an ldap query, then the ldap query process locks.
>
> e.g.:
> with rootdn: 'cn=root,dc=example,dc=gr'
> and rootpw: secret
>
> -when rootdn and rootpw are correct:
> ldapwhoami -h 192.168.6.10 -D 'cn=root,dc=example,dc=gr' -w 'secret'
>>dn:cn=root,dc=example,dc=gr
>
> -when rootdn is wrong:
> Ldapwhoami -h 192.168.6.10 -D 'cn=root,dc=example,dc=com' -w 'secret'
>>ldap_bind: Invalid credentials (49)
>
> -when rootdn is correct and rootpw is wrong
> Ldapwhoami -h 192.168.6.10 -D 'cn=root,dc=example,dc=com' -w 'secret1'
> "NO RESULT, the ldapwhoami locks"
>
>
> Here are the logs of the slapd process:
>
>
> ###################################
> #with correct rootdn & rootpw #
> ###################################
> daemon: activity on 1 descriptor
> daemon: activity on:
> slap_listener_activate(8):
> daemon: epoll: listen=7 active_threads=0 tvp=NULL
> daemon: epoll: listen=8 busy
>>>> slap_listener(ldap:///)
> daemon: activity on 1 descriptor
> daemon: activity on:
> daemon: epoll: listen=7 active_threads=0 tvp=NULL
> daemon: epoll: listen=8 active_threads=0 tvp=NULL
> daemon: listen=8, new connection on 23
> daemon: activity on 1 descriptor
> daemon: activity on: 23r
> daemon: read active on 23
> daemon: added 23r (active) listener=(nil)
> daemon: epoll: listen=7 active_threads=0 tvp=NULL
> daemon: epoll: listen=8 active_threads=0 tvp=NULL
> daemon: activity on 1 descriptor
> daemon: activity on:
> daemon: epoll: listen=7 active_threads=0 tvp=NULL
> daemon: epoll: listen=8 active_threads=0 tvp=NULL
> conn=1000 fd=23 ACCEPT from IP=192.168.6.10:47722 (IP=0.0.0.0:389)
> connection_get(23)
> connection_get(23): got connid=1000
> connection_read(23): checking for input on id=1000
> ber_get_next
> ldap_read: want=8, got=8
> ldap_read: want=36, got=36
> ber_get_next: tag 0x30 len 42 contents:
> ber_dump: buf=0x1d047ee0 ptr=0x1d047ee0 end=0x1d047f0a len=42
> op tag 0x60, time 1285831215
> ber_get_next
> ldap_read: want=8 error=Resource temporarily unavailable
> daemon: activity on 1 descriptor
> daemon: activity on:
> daemon: epoll: listen=7 active_threads=0 tvp=NULL
> daemon: epoll: listen=8 active_threads=0 tvp=NULL
> conn=1000 op=0 do_bind
> ber_scanf fmt ({imt) ber:
> ber_dump: buf=0x1d047ee0 ptr=0x1d047ee3 end=0x1d047f0a len=39
> ber_scanf fmt (m}) ber:
> ber_dump: buf=0x1d047ee0 ptr=0x1d047f01 end=0x1d047f0a len=9
>>>> dnPrettyNormal: <cn=root,dc=example,dc=gr>
> => ldap_bv2dn(cn=root,dc=example,dc=gr,0)
> <= ldap_bv2dn(cn=root,dc=example,dc=gr)=0
> => ldap_dn2bv(272)
> <= ldap_dn2bv(cn=root,dc=example,dc=gr)=0
> => ldap_dn2bv(272)
> <= ldap_dn2bv(cn=root,dc=example,dc=gr)=0
> <<< dnPrettyNormal: <cn=root,dc=example,dc=gr>, <cn=root,dc=example,dc=gr>
> conn=1000 op=0 BIND dn="cn=root,dc=example,dc=gr" method=128
> do_bind: version=3 dn="cn=root,dc=example,dc=gr" method=128
> ==> ndb_back_bind: dn: cn=root,dc=example,dc=gr
> conn=1000 op=0 BIND dn="cn=root,dc=example,dc=gr" mech=SIMPLE ssf=0
> do_bind: v3 bind: "cn=root,dc=example,dc=gr" to "cn=root,dc=example,dc=gr"
> send_ldap_result: conn=1000 op=0 p=3
> send_ldap_result: err=0 matched="" text=""
> send_ldap_response: msgid=1 tag=97 err=0
> ber_flush2: 14 bytes to sd 23
> ldap_write: want=14, written=14
> conn=1000 op=0 RESULT tag=97 err=0 text=
> daemon: activity on 1 descriptor
> daemon: activity on: 23r
> daemon: read active on 23
> daemon: epoll: listen=7 active_threads=0 tvp=NULL
> daemon: epoll: listen=8 active_threads=0 tvp=NULL
> connection_get(23)
> connection_get(23): got connid=1000
> connection_read(23): checking for input on id=1000
> ber_get_next
> ldap_read: want=8, got=8
> ldap_read: want=24, got=24
> ber_get_next: tag 0x30 len 30 contents:
> ber_dump: buf=0x1d045c10 ptr=0x1d045c10 end=0x1d045c2e len=30
> op tag 0x77, time 1285831215
> ber_get_next
> ldap_read: want=8 error=Resource temporarily unavailable
> daemon: activity on 1 descriptor
> daemon: activity on:
> daemon: epoll: listen=7 active_threads=0 tvp=NULL
> daemon: epoll: listen=8 active_threads=0 tvp=NULL
> conn=1000 op=1 do_extended
> ber_scanf fmt ({m) ber:
> ber_dump: buf=0x1d045c10 ptr=0x1d045c13 end=0x1d045c2e len=27
> conn=1000 op=1 EXT oid=1.3.6.1.4.1.4203.1.11.3
> do_extended: oid=1.3.6.1.4.1.4203.1.11.3
> conn=1000 op=1 WHOAMI
> send_ldap_extended: err=0 oid= len=26
> send_ldap_response: msgid=2 tag=120 err=0
> ber_flush2: 42 bytes to sd 23
> ldap_write: want=42, written=42
> conn=1000 op=1 RESULT oid= err=0 text=
> daemon: activity on 1 descriptor
> daemon: activity on: 23r
> daemon: read active on 23
> daemon: epoll: listen=7 active_threads=0 tvp=NULL
> daemon: epoll: listen=8 active_threads=0 tvp=NULL
> connection_get(23)
> connection_get(23): got connid=1000
> connection_read(23): checking for input on id=1000
> ber_get_next
> ldap_read: want=8, got=7
> ber_get_next: tag 0x30 len 5 contents:
> ber_dump: buf=0x1d045c10 ptr=0x1d045c10 end=0x1d045c15 len=5
> op tag 0x42, time 1285831215
> ber_get_next
> ldap_read: want=8, got=0
>
> ber_get_next on fd 23 failed errno=0 (Success)
> connection_read(23): input error=-2 id=1000, closing.
> connection_closing: readying conn=1000 sd=23 for close
> daemon: activity on 1 descriptor
> daemon: activity on:
> daemon: epoll: listen=7 active_threads=0 tvp=NULL
> daemon: epoll: listen=8 active_threads=0 tvp=NULL
> connection_close: deferring conn=1000 sd=23
> conn=1000 op=2 do_unbind
> conn=1000 op=2 UNBIND
> connection_resched: attempting closing conn=1000 sd=23
> connection_close: conn=1000 sd=23
> daemon: removing 23
> conn=1000 fd=23 closed
>
>
> ##########################################
> #with correct rootdn & incorrect rootpw #
> ##########################################
> daemon: activity on 1 descriptor
> daemon: activity on:
> slap_listener_activate(8):
> daemon: epoll: listen=7 active_threads=0 tvp=NULL
> daemon: epoll: listen=8 busy
>>>> slap_listener(ldap:///)
> daemon: listen=8, new connection on 23
> daemon: added 23r (active) listener=(nil)
> conn=1001 fd=23 ACCEPT from IP=192.168.6.10:47723 (IP=0.0.0.0:389)
> daemon: activity on 2 descriptors
> daemon: activity on: 23r
> daemon: read active on 23
> daemon: epoll: listen=7 active_threads=0 tvp=NULL
> daemon: epoll: listen=8 active_threads=0 tvp=NULL
> connection_get(23)
> connection_get(23): got connid=1001
> connection_read(23): checking for input on id=1001
> ber_get_next
> ldap_read: want=8, got=8
> ldap_read: want=37, got=37
> ber_get_next: tag 0x30 len 43 contents:
> ber_dump: buf=0x1d0460b0 ptr=0x1d0460b0 end=0x1d0460db len=43
> op tag 0x60, time 1285831240
> ber_get_next
> ldap_read: want=8 error=Resource temporarily unavailable
> conn=1001 op=0 do_bind
> ber_scanf fmt ({imt) ber:
> ber_dump: buf=0x1d0460b0 ptr=0x1d0460b3 end=0x1d0460db len=40
> ber_scanf fmt (m}) ber:
> ber_dump: buf=0x1d0460b0 ptr=0x1d0460d1 end=0x1d0460db len=10
>>>> dnPrettyNormal: <cn=root,dc=example,dc=gr>
> => ldap_bv2dn(cn=root,dc=example,dc=gr,0)
> <= ldap_bv2dn(cn=root,dc=example,dc=gr)=0
> => ldap_dn2bv(272)
> <= ldap_dn2bv(cn=root,dc=example,dc=gr)=0
> => ldap_dn2bv(272)
> <= ldap_dn2bv(cn=root,dc=example,dc=gr)=0
> <<< dnPrettyNormal: <cn=root,dc=example,dc=gr>, <cn=root,dc=example,dc=gr>
> conn=1001 op=0 BIND dn="cn=root,dc=example,dc=gr" method=128
> do_bind: version=3 dn="cn=root,dc=example,dc=gr" method=128
> ==> ndb_back_bind: dn: cn=root,dc=example,dc=gr
> daemon: activity on 1 descriptor
> daemon: activity on:
> daemon: epoll: listen=7 active_threads=0 tvp=NULL
> daemon: epoll: listen=8 active_threads=0 tvp=NULL
Should be re-fixed now, sorry. Thanks for the report. p.