[Date Prev][Date Next] [Chronological] [Thread] [Top]

2.1.30 slpad endless loop with DIGEST-MD5

To: OpenLDAP Software List <openldap-software@OpenLDAP.org>
Subject: 2.1.30 slpad endless loop with DIGEST-MD5
From: "Dr. Lars Hanke" <lars@lhanke.de>
Date: Sun, 13 Feb 2005 13:03:48 +0100
Content-disposition: inline
Organization: Microsystem Accessory Consult
User-agent: KMail/1.6.2

Hi,

I have a Debian Sarge system, which uses OpenLDAP 2.1.30 and Cyrus-SASL 
2.1.19. Everything works fine, for
i)  anonymous binds
ii) GSSAPI binds
with or without TLS.

However, using SASL DIGEST-MD5 (seen it with CRAM-MD5 as well, but don't want 
to use it) is likely to put the slapd thread into a mostly endless loop 
(slapd -1):

connection_get(12): got connid=0
connection_write(12): waking output for id=0

iterating to no end. In very rare cases slapd recovers and the authentication 
works successfully!

The client reports something like this:
#> ldapsearch -U mailadmin -W -b 'ou=mailbox,dc=uac,dc=mgr' -Y DIGEST-MD5
Enter LDAP Password:
SASL/DIGEST-MD5 authentication started
*** hang ***

The problem became worse, without me knowingly changing anything. In the 
beginning the problem did usually only appear with TLS. Now, it hits me in 
either way.

Any ideas where the problem may be?

Best regards,
 - lars.

Prev by Date: Re: user space attributes for ldap.conf
Next by Date: Library compatibility 2.1x 2.2.x
Index(es):
- Chronological
- Thread