[Date Prev][Date Next] [Chronological] [Thread] [Top]

binding using password from kerberos v

To: openldap-software@OpenLDAP.org
Subject: binding using password from kerberos v
From: Steven Hodges <steve.hodges@oit.gatech.edu>
Date: Mon, 28 Jan 2002 18:16:32 -0500

Hello...

I'm having difficulty getting openldap to allow a user to bind by
checking the userPassword against a kerberos V database.  When I
try to bind in this way, I get a core dump. At this point, I just
want to see if there are other people currently using this feature
of openldap, so that I can try to figure out whether it is something
I have misconfigured or some more general problem with the software.
If anyone has run into this and solved the problem, I would be most
grateful for suggestions...

Here are some specifics of my configuration:

openldap 2.0.18
cyrus sasl 1.5.24
openssl 0.9.6
berkeley db 3.2.9
kerberos V 1.2.2b
running on Solaris 8
compiled with Sun cc

configured with the commands:

>CFLAGS="-fast"

>CPPFLAGS="-I/usr/local/include -I/usr/local/ssl/include 
   -I/usr/local/kerberos/include"

>LDFLAGS="-s -L/usr/local/lib -R/usr/local/lib -L/usr/local/ssl/lib
   -R/usr/local/ssl/lib -L/usr/local/kerberos/lib -R/usr/local/kerberos/lib"

>./configure --prefix=/usr/local/ldap --enable-kpasswd --enable-spasswd 
    --enable-wrappers --enable-dynamic --enable-rlookups --enable-cache 
    --with-tls=openssl --with-kerberos=k5 --without-subdir

Contents of the userPassword attribute for the user trying to bind 
is userPassword:
   {KERBEROS}<myUsername>@<myRealm>

Trussing the slapd process, the last things that happen before the 
core dump are:

stat("/etc/krb5.conf", 0xFE981750)              = 0
open("/etc/krb5.conf", O_RDONLY)                = 12
access("/etc/krb5.conf", 2)                     = 0
fstat64(12, 0xFE981588)                         = 0
brk(0x001713C8)                                 = 0
brk(0x001733C8)                                 = 0
ioctl(12, TCGETA, 0xFE981514)                   Err#25 ENOTTY
read(12, " [ l i b d e f a u l t s".., 8192)    = 449
brk(0x001733C8)                                 = 0
brk(0x001753C8)                                 = 0
read(12, 0x00170BCC, 8192)                      = 0
llseek(12, 0, SEEK_CUR)                         = 449
close(12)                                       = 0
stat("/usr/local/kerberos/etc/krb5.conf", 0xFE981750) Err#2 ENOENT
getpid()                                        = 15575 [1]
stat("/etc/krb5.conf", 0xFE9817A0)              = 0
stat("/usr/local/kerberos/etc/krb5.conf", 0xFE9817A0) Err#2 ENOENT
Incurred fault #6, FLTBOUNDS  %pc = 0xFF1610A0
siginfo: SIGSEGV SEGV_MAPERR addr=0x00000014
    Received signal #11, SIGSEGV [caught]
      siginfo: SIGSEGV SEGV_MAPERR addr=0x00000014
sigprocmask(SIG_SETMASK, 0xFEC6F010, 0x00000000) = 0
sigaction(SIGSEGV, 0xFE981338, 0x00000000)      = 0
sigprocmask(SIG_SETMASK, 0xFEC7ADE0, 0x00000000) = 0
setcontext(0xFE9814F0)
Incurred fault #6, FLTBOUNDS  %pc = 0xFF1610A0
siginfo: SIGSEGV SEGV_MAPERR addr=0x00000014
Received signal #11, SIGSEGV [default]
siginfo: SIGSEGV SEGV_MAPERR addr=0x00000014
        *** process killed ***

If I left out relevant info, please ask...

-steve hodges

Follow-Ups:
- RE: binding using password from kerberos v
  - From: "Howard Chu" <hyc@highlandsun.com>

Prev by Date: Re: Search failure during update
Next by Date: Re: Search failure during update
Index(es):
- Chronological
- Thread