[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: SASL/GSSAPI with 2.1.4 causes segfaults



This is due to a typo in a Debug statement. By the way, when reporting a
crash, you will get a faster resolution if you give us the stack trace from
the crash. It would make it easier for us to locate these errors. You would
even be able to locate and fix the error yourself very quickly, especially
for such simple mistakes as this.

Solaris is particularly sensitive to these problems. Most BSD-derived C
libraries simply print "(null)" when passed a NULL pointer for printing, so a
lot of these errors go unnoticed. Solaris is one of the few OS's that doesn't
protect its C library from NULL pointers, thus attempting to dereference
them, and crashing.

It is ironic, that this behavior causes Debug statements to be the prime
source of bugs in running code.

You can fix this yourself by editing slapd/saslauthz.c, replace line 329 with
a copy of line 325. This fix is already in the CVS HEAD.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support

> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Quanah
> Gibson-Mount

> Some change was made in OpenLDAP-2.1.4 that completely broke my previous
> regexps that worked fine in 2.1.3.  So at this point, I don't know if that
> is a bug with the new code that was put in, or a 'feature' of 2.1.4 that
> I'll need to go and figure out if my regexp's will even work with 2.1.4.
> They were quite simple regexps to boot.
>
> sasl-regexp uid=(.*),cn=(.*),cn=gssapi,cn=auth
> ldaps:///cn=People,dc=stanford,dc=edu??sub?(|(krb5PrincipalName=$1@$2)(suKr
> b5name=$1@$2))
>
> completey kills slapd now, for example.