[Date Prev][Date Next] [Chronological] [Thread] [Top]

sasl_bind ... Segmentation fault

To: LDAP Mailing List <openldap-software@OpenLDAP.org>
Subject: sasl_bind ... Segmentation fault
From: Matthew Mauzy <matthew_mauzy@unc.edu>
Date: Tue, 14 Jan 2003 15:21:02 -0500
Content-disposition: inline


Using the following software versions on a fully patched Solaris 8 (Sparc):

db-4.1.24
MIT Krb5 1.2.7
openLDAP 2.1.12
openSSL 0.9.6h
Cyrus SASL 2.1.12

Compiled openLDAP with the following configure:

env CPPFLAGS="-I/usr/local/db-4.1.24/include -I/usr/local/openssl/include -I/usr/local/krb5/include -I/usr/local/sasl2/include -I/afs/amath/projects/sysadmin/sun4x_58/tcp_wrappers_7.6-ipv6.1" LDFLAGS="-L/usr/local/db-4.1.24/lib -R/usr/local/db-4.1.24/lib -L/usr/local/krb5/lib -R/usr/local/krb5/lib -L/usr/local/openssl/lib -R/usr/local/openssl/lib -L/usr/local/sasl2/lib -R/usr/local/sasl2/lib" ./configure --prefix=/usr/local/openldap-2.1.12 --enable-debug --enable-syslog --with-cyrus-sasl --with-kerberos --with-tls --enable-slapd --enable-crypt --enable-kpasswd --enable-spasswd --enable-wrappers --enable-bdb --enable-slurpd

The configure completes fine. So do make depend, make, make test, and make install. I have the SSL/TLS certs working fine and am able to do ldapsearchs with simple bind (-x) (with and without TLS). When I try to use GSSAPI slapd gives up with a segmentation fault. Last few lines from slapd -d -1:

	>>> dnPrettyNormal: <>
	<<< dnPrettyNormal: <>, <>
	do_sasl_bind: dn () mech GSSAPI
	conn=0 op=2 BIND dn="" method=163
	==> sasl_bind: dn="" mech=GSSAPI datalen=474
	Segmentation fault

Above was from using the following command:

  ldapsearch -H ldaps://<FQDN> -b "" -s base -LLL supportedSASLMechanisms

The slapd crash ony occurs if I have a ticket. If I issue a kdestroy prior to running the same command as above then I get:

ldap_start_tls: Operations error (1) additional info: TLS already started SASL/GSSAPI authentication started ldap_sasl_interactive_bind_s: Local error (82) additional info: SASL(-1): generic failure: GSSAPI Error: Miscellaneous failure (No credentials cache found)

Funny thing is that with a valid ticket after runing the ldapsearch command I then have a ldap ticket in my krb cache.

Is this a Solaris v openSSL crypt issue?  Are threads to blame?  Ideas?

--Matthew
__________________________________________________________________
                       Matthew W. Mauzy
                     Systems Administrator
                     Applied Math @ UNC-CH
email : mauzy@amath.unc.edu           pager : mpager@amath.unc.edu
(W) 919.962.9819   www.amath.unc.edu/~mauzy/   (P) 919.347.0390
__________________________________________________________________

Prev by Date: RE: Anyone on this list patient with stupid questions?
Next by Date: hang on startup with TLS enabled?
Index(es):
- Chronological
- Thread