[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: slapd segfaults with SASL/GSSAPI binds
On Wed, 2004-07-07 at 21:47, Quanah Gibson-Mount wrote:
>
> Note this is a stripped binary, so not too useful. You should copy over
> the unstripped binary from the servers/slapd/.libs/ area.
Ah, okay. I was worried that I would have to rebuild slapd or
something.
>
> Are all the DB files owned by slapd:slapd?
>
Yep. Here is the gdb backtrace of the unstripped binary. It still
looks like some kind of weird bdb problem, although I'm no expert. For
the record, I'm using SASL 2.1.18, and OpenSSL and Heimdal are both
stock Debian Woody (OpenSSL 0.9.6, Heimdal 0.4e)
osaka:~# gdb GNU gdb 2002-04-01-cvs
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for
details.
This GDB was configured as "i386-linux".
(gdb) file /usr/local/libexec/slapd-debug
Reading symbols from /usr/local/libexec/slapd-debug...done.
(gdb) set args -d 1 -h ldap://0.0.0.0 ldaps://0.0.0.0 -u slapd -g slapd
(gdb) run
Starting program: /usr/local/libexec/slapd-debug -d 1 -h ldap://0.0.0.0
ldaps://0.0.0.0 -u slapd -g slapd
[New Thread 1024 (LWP 11907)]
@(#) $OpenLDAP: slapd 2.2.13 (Jul 6 2004 17:17:27) $
root@osaka:/usr/local/src/openldap2.2/openldap-2.2.13/servers/slapd
daemon_init: listen on ldap://0.0.0.0
daemon_init: 1 listeners to open...
ldap_url_parse_ext(ldap://0.0.0.0)
daemon: initialized ldap://0.0.0.0
daemon_init: 1 listeners opened
slapd-debug init: initiated server.
slap_sasl_init: initialized!
bdb_initialize: initialize BDB backend
bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December 3,
2003)
>>> dnNormalize: <cn=Subschema>
=> ldap_bv2dn(cn=Subschema,0)
<= ldap_bv2dn(cn=Subschema,0)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=subschema,272)=0
<<< dnNormalize: <cn=subschema>
bdb_db_init: Initializing BDB database
>>> dnPrettyNormal: <dc=leet,dc=org>
=> ldap_bv2dn(dc=leet,dc=org,0)
<= ldap_bv2dn(dc=leet,dc=org,0)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(dc=leet,dc=org,272)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(dc=leet,dc=org,272)=0
<<< dnPrettyNormal: <dc=leet,dc=org>, <dc=leet,dc=org>
>>> dnPrettyNormal: <uid=ldapadm,cn=gssapi,cn=auth>
=> ldap_bv2dn(uid=ldapadm,cn=gssapi,cn=auth,0)
<= ldap_bv2dn(uid=ldapadm,cn=gssapi,cn=auth,0)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=ldapadm,cn=gssapi,cn=auth,272)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=ldapadm,cn=gssapi,cn=auth,272)=0
<<< dnPrettyNormal: <uid=ldapadm,cn=gssapi,cn=auth>,
<uid=ldapadm,cn=gssapi,cn=auth>
matching_rule_use_init
1.2.840.113556.1.4.804 (integerBitOrMatch): matchingRuleUse: (
1.2.840.113556.1.4.804 NAME 'integerBitOrMatch' APPLIES (
krb5EncryptionType $ krb5KDCFlags $ krb5MaxRenew $ krb5MaxLife $
krb5KeyVersionNumber $ oncRpcNumber $ ipProtocolNumber $ ipServicePort $
shadowFlag $ shadowExpire $ shadowInactive $ shadowWarning $ shadowMax $
shadowMin $ shadowLastChange $ gidNumber $ uidNumber $
mailPreferenceOption $ supportedLDAPVersion ) )
<skipping a bunch of boring schema stuff>
slapd-debug startup: initiated.
bdb_db_open: dbenv_open(/usr/local/var/openldap-data)
slapd starting
[New Thread 2049 (LWP 11908)]
[New Thread 1026 (LWP 11909)]
connection_get(15): got connid=0
connection_read(15): checking for input on id=0
ber_get_next
ber_get_next: tag 0x30 len 62 contents:
[New Thread 2051 (LWP 11911)]
ber_get_next
ber_get_next on fd 15 failed errno=11 (Resource temporarily unavailable)
do_search
ber_scanf fmt ({miiiib) ber:
>>> dnPrettyNormal: <>
<<< dnPrettyNormal: <>, <>
ber_scanf fmt (m) ber:
ber_scanf fmt ({M}}) ber:
=> send_search_entry: dn=""
ber_flush: 75 bytes to sd 15
<= send_search_entry
send_ldap_result: conn=0 op=0 p=3
send_ldap_response: msgid=1 tag=101 err=0
ber_flush: 14 bytes to sd 15
connection_get(15): got connid=0
connection_read(15): checking for input on id=0
ber_get_next
ber_get_next: tag 0x30 len 567 contents:
ber_get_next
ber_get_next on fd 15 failed errno=11 (Resource temporarily unavailable)
do_bind
ber_scanf fmt ({imt) ber:
ber_scanf fmt ({m) ber:
ber_scanf fmt (m) ber:
ber_scanf fmt (}}) ber:
>>> dnPrettyNormal: <>
<<< dnPrettyNormal: <>, <>
do_sasl_bind: dn () mech GSSAPI
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 2051 (LWP 11911)]
0x40075872 in __db_associate_arg ()
from /usr/local/BerkeleyDB.4.2/lib/libdb-4.2.so
(gdb) backtrace
#0 0x40075872 in __db_associate_arg ()
from /usr/local/BerkeleyDB.4.2/lib/libdb-4.2.so
#1 0x400756aa in __db_associate_pp ()
from /usr/local/BerkeleyDB.4.2/lib/libdb-4.2.so
#2 0x406c790d in _nss_db_getspnam_r () from /lib/libnss_db.so.2
#3 0x406c79e0 in _nss_db_getspnam_r () from /lib/libnss_db.so.2
#4 0x406c711e in _nss_db_endservent () from /lib/libnss_db.so.2
#5 0x406c73b3 in _nss_db_getservbyname_r () from /lib/libnss_db.so.2
#6 0x402cca83 in getservbyname_r () from /lib/libc.so.6
#7 0x402cc931 in getservbyname () from /lib/libc.so.6
#8 0x40388211 in krb5_getportbyname () from /usr/lib/libkrb5.so.17
#9 0x4038cdbf in krb5_krbhst_init () from /usr/lib/libkrb5.so.17
#10 0x40393d05 in krb5_sendto_kdc2 () from /usr/lib/libkrb5.so.17
#11 0x40393d81 in krb5_sendto_kdc () from /usr/lib/libkrb5.so.17
#12 0x40387b06 in krb5_get_in_cred () from /usr/lib/libkrb5.so.17
#13 0x40389220 in krb5_get_init_creds_keytab () from
/usr/lib/libkrb5.so.17
#14 0x4036538c in gss_acquire_cred () from /usr/lib/libgssapi.so.1
#15 0x40359fd7 in gssapi_server_mech_step (conn_context=0x817a430,
params=0x8179cc0,
clientin=0x817a64c
"`\202\002\027\006\t*\206H\206?\022\001\002\002\001",
clientinlen=539, serverout=0xbf5ff820, serveroutlen=0xbf5ff824,
oparams=0x81799f0) at gssapi.c:618
#16 0x400ce81e in sasl_server_step (conn=0x8179190,
---Type <return> to continue, or q <return> to quit---
clientin=0x817a64c
"`\202\002\027\006\t*\206H\206?\022\001\002\002\001",
clientinlen=539, serverout=0xbf5ff820, serveroutlen=0xbf5ff824)
at server.c:1359
#17 0x400ce6ca in sasl_server_start (conn=0x8179190, mech=0x817a420
"GSSAPI",
clientin=0x817a64c
"`\202\002\027\006\t*\206H\206?\022\001\002\002\001",
clientinlen=539, serverout=0xbf5ff820, serveroutlen=0xbf5ff824)
at server.c:1291
#18 0x08091c4d in slap_sasl_bind (op=0x817a4a0, rs=0xbf5ff8e0) at
sasl.c:1492
#19 0x08076242 in do_bind (op=0x817a4a0, rs=0xbf5ff8e0) at bind.c:301
#20 0x080632df in connection_operation (ctx=0xbf5ff964, arg_v=0x817a4a0)
at connection.c:1007
#21 0x080c1950 in ldap_int_thread_pool_wrapper (xpool=0x812c010) at
tpool.c:467
#22 0x401de0ba in pthread_start_thread () from /lib/libpthread.so.0
#23 0x401de101 in pthread_start_thread_event () from
/lib/libpthread.so.0
> --Quanah
>
> --
> Quanah Gibson-Mount
> Principal Software Developer
> ITSS/Shared Services
> Stanford University
> GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html