[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
sasl_bind ... Segmentation fault
Using the following software versions on a fully patched Solaris 8 (Sparc):
db-4.1.24
MIT Krb5 1.2.7
openLDAP 2.1.12
openSSL 0.9.6h
Cyrus SASL 2.1.12
Compiled openLDAP with the following configure:
env CPPFLAGS="-I/usr/local/db-4.1.24/include -I/usr/local/openssl/include
-I/usr/local/krb5/include -I/usr/local/sasl2/include
-I/afs/amath/projects/sysadmin/sun4x_58/tcp_wrappers_7.6-ipv6.1"
LDFLAGS="-L/usr/local/db-4.1.24/lib -R/usr/local/db-4.1.24/lib
-L/usr/local/krb5/lib -R/usr/local/krb5/lib -L/usr/local/openssl/lib
-R/usr/local/openssl/lib -L/usr/local/sasl2/lib -R/usr/local/sasl2/lib"
./configure --prefix=/usr/local/openldap-2.1.12 --enable-debug
--enable-syslog --with-cyrus-sasl --with-kerberos --with-tls --enable-slapd
--enable-crypt --enable-kpasswd --enable-spasswd --enable-wrappers
--enable-bdb --enable-slurpd
The configure completes fine. So do make depend, make, make test, and make
install. I have the SSL/TLS certs working fine and am able to do
ldapsearchs with simple bind (-x) (with and without TLS). When I try to
use GSSAPI slapd gives up with a segmentation fault. Last few lines from
slapd -d -1:
>>> dnPrettyNormal: <>
<<< dnPrettyNormal: <>, <>
do_sasl_bind: dn () mech GSSAPI
conn=0 op=2 BIND dn="" method=163
==> sasl_bind: dn="" mech=GSSAPI datalen=474
Segmentation fault
Above was from using the following command:
ldapsearch -H ldaps://<FQDN> -b "" -s base -LLL supportedSASLMechanisms
The slapd crash ony occurs if I have a ticket. If I issue a kdestroy prior
to running the same command as above then I get:
ldap_start_tls: Operations error (1)
additional info: TLS already started
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Local error (82)
additional info: SASL(-1): generic failure: GSSAPI Error:
Miscellaneous failure (No credentials cache found)
Funny thing is that with a valid ticket after runing the ldapsearch command
I then have a ldap ticket in my krb cache.
Is this a Solaris v openSSL crypt issue? Are threads to blame? Ideas?
--Matthew
__________________________________________________________________
Matthew W. Mauzy
Systems Administrator
Applied Math @ UNC-CH
email : mauzy@amath.unc.edu pager : mpager@amath.unc.edu
(W) 919.962.9819 www.amath.unc.edu/~mauzy/ (P) 919.347.0390
__________________________________________________________________