When I ran an ldapsearch with SASL bind instead of using simple
authentication, I was expecting to get a error message like that:
ldap_sasl_interactive_bind_s: Internal (implementation specific) error
(80)
additional info: SASL(-13): user not found: no secret in database
Instead I got a segmentation fault:
info-ldap-006:~# ldapsearch -H ldap://localhost
SASL/DIGEST-MD5 authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
I compiled cyrus-sasl 2.1.21 with the following options:
$ ./configure \
--disable-cram --disable-otp --disable-anon \
--without-pam --without-saslauthd \
--enable-plain --enable-login \
--enable-digest \
--disable-gssapi \
--with-gnu-ld \
--with-plugindir=/usr/local/lib/sasl2 \
--with-devrandom=/dev/random \
--with-openssl=/usr/local/ssl
OL 2.3.20 was compiled with the following options:
$ export CPPFLAGS="-I/usr/local/BerkeleyDB.4.2/include
-I/usr/local/ssl/include"
$ export LDFLAGS="-L/usr/local/BerkeleyDB.4.2/lib
-L/usr/local/ssl/lib"
$ ./configure \
--prefix=/usr/local --sysconfdir=/etc \
--enable-dynamic \
--disable-ipv6 \
--enable-slapd \
--enable-crypt \
--enable-spasswd \
--enable-modules \
--enable-rlookups \
--enable-wrappers \
--enable-bdb=mod \
--enable-hdb=mod \
--enable-monitor=mod \
--disable-relay \
--enable-overlays=mod \
--with-cyrus-sasl \
--with-tls
Here is my stack back trace:
stran@info-ldap-006:/usr/local/src/openldap-2.3.20/servers/slapd/.libs$
sudo gdb ./slapd
GNU gdb 6.3-debian
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for
details.
This GDB was configured as "i386-linux"...Using host libthread_db
library "/lib/tls/libthread_db.so.1".
(gdb) set width 70
(gdb) run -d 0 -f /etc/openldap/slapd.conf
Starting
program: /usr/local/src/openldap-2.3.20/servers/slapd/.libs/slapd -d 0
-f /etc/openldap/slapd.conf
[Thread debugging using libthread_db enabled]
[New Thread -1212804992 (LWP 26283)]
[New Thread -1284973648 (LWP 26286)]
[Thread -1284973648 (LWP 26286) exited]
[New Thread -1284973648 (LWP 26287)]
[New Thread -1293362256 (LWP 26288)]
[New Thread -1301750864 (LWP 26289)]
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1293362256 (LWP 26288)]
0xb7aa705a in __bam_defpfx () from /usr/lib/libdb3.so.3
(gdb) bt full
#0 0xb7aa705a in __bam_defpfx () from /usr/lib/libdb3.so.3
No symbol table info available.
#1 0xb7b432e2 in berkeleydb_open (utils=0x81cd8f0, conn=0x81ccbe0,
rdwr=0, mbdb=0xb2e8b474) at db_berkeley.c:89
path = 0xb7b44060 "/etc/sasldb2"
ret = 0
flags = 0
cntxt = (void *) 0x81ccbe0
getopt = (sasl_getopt_t *) 0xb7e8b030 <_sasl_conn_getopt>
#2 0xb7b434d5 in _sasldb_getdata (utils=0x81cd8f0,
context=0x81ccbe0, auth_identity=0x81d28b0 "root",
realm=0x81d2898 "info-ldap-006",
propName=0xb7b54f78 "userPassword", out=0xb2e8b520 "",
max_out=8192, out_len=0xb2e8b514) at db_berkeley.c:173
result = 0
key = 0x81d28c0 "root"
key_len = 31
dbkey = {data = 0x0, size = 0, ulen = 3001595096,
dlen = 3085515871, doff = 136108272, flags = 136128648}
data = {data = 0x81d28b0, size = 136128648, ulen = 0,
dlen = 136231944, doff = 3001595096, flags = 3085921488}
mbdb = (DB *) 0x81d28e8
#3 0xb7b413c3 in sasldb_auxprop_lookup (glob_context=0x0,
sparams=0x81cd718, flags=0, user=0x81cd5f1 "root",
ulen=136164012) at sasldb.c:113
realname = 0xb7b54f78 "userPassword"
userid = 0x81d28b0 "root"
realm = 0x81d2898 "info-ldap-006"
user_realm = 0x7361732f <Address 0x7361732f out of bounds>
ret = 1935766319
to_fetch = (const struct propval *) 0x7361732f
cur = (const struct propval *) 0x81db2ac
value = '\0' <repeats 468 times>, "ÈÀ··L·è²<+ï·Ô\200¸·O\bÍ·\000
\000\000\000\000\000\000\0006\bÍ· ", '\0' <repeats 15 times>, "\226
\201¸·8/¸·8¤··èéÌ·\017\000\000\000È`··\230d·· \034ð·\\>ê·Î
\006Í·ä·è²¿4ï·Î\006Í·y:<\ahÿÌ· ·è²P¡î·\f\000\000\000\230d··\000\000\000
\000\001\000\000\000 ·è²", '\0' <repeats 16 times>, "y:<\a\034¸è²À<ê·
\000\000\000\000\000\000\000\000ÈÀ··èéÌ·", '\0' <repeats 44 times>,
"\030\001Í·,¸è²<+ï"...
---Type <return> to continue, or q <return> to quit---
value_len = 778595949
user_buf = 0x81d2888 "root"
#4 0xb7e863cb in _sasl_auxprop_lookup (sparams=0x81cd718, flags=0,
user=0x81cd5f1 "root", ulen=4) at auxprop.c:870
getopt = (sasl_getopt_t *) 0xb7e8b030 <_sasl_conn_getopt>
ret = 1935766319
found = 1
context = (void *) 0x81ccbe0
plist = 0x0
ptr = (auxprop_plug_list_t *) 0x813f770
#5 0xb7e86b5b in _sasl_canon_user (conn=0x81ccbe0,
user=0x81cd5f1 "root", ulen=4, flags=1, oparams=0x81cd440)
at canonusr.c:190
ptr = (canonuser_plug_list_t *) 0x0
sconn = (sasl_server_conn_t *) 0x81ccbe0
cconn = (sasl_client_conn_t *) 0x0
cuser_cb = (
sasl_canon_user_t *) 0x80ab950 <slap_sasl_canonicalize>
getopt = (sasl_getopt_t *) 0xb7e8b030 <_sasl_conn_getopt>
context = (void *) 0x81ccbe0
result = 1935766319
plugin_name = 0xb7e93fbf "INTERNAL"
user_buf = 0x81cd5f1 "root"
lenp = (unsigned int *) 0x81cd450
#6 0xb7b4f6fe in digestmd5_server_mech_step2 (stext=0x81cd9f0,
sparams=0x81cd718, clientin=0x0, clientinlen=3001603824,
serverout=0x7361732f, serveroutlen=0x7361732f, oparams=0x81cd440)
at digestmd5.c:2281
name = 0x81d27cb "response"
value = 0x81d27d4 "b4cbec304a43db0b244e5ec38454301c"
sec = (sasl_secret_t *) 0x0
result = 0
serverresponse = 0x0
username = 0x81d2800 "root"
authorization_id = 0x0
realm = 0x81d2810 "info-ldap-006"
nonce = (
unsigned char *) 0x81ec610 "higdckAr1KQoAwz+USgrgBdJISri6awiQ
+LcfMW7wNw="
---Type <return> to continue, or q <return> to quit---
cnonce = (
unsigned char *) 0x81ec4a0
"XyQhQZ0Ek6Z7qTknAoEYC55pW/V8uba2M6zuvlExTNU="
noncecount = 1
qop = 0x81d2828 "auth-conf"
digesturi = 0x81d2848 "ldap/info-ldap-006"
response = 0x81d2860 "b4cbec304a43db0b244e5ec38454301c"
client_maxbuf = 65536
maxbuf_count = 1
charset = 0x0
cipher = 0x81d2838 "rc4"
n = 0
Secret = "\000\000\000\000\000 î·P×è²£jï·\234"
password_request = {0xb7b54f77 "*userPassword",
0xb7b54f85 "*cmusaslsecretDIGEST-MD5", 0x0}
auxprop_values = {{name = 0x0, values = 0x0,
nvalues = 237566880, valsize = 3085869056}, {
name = 0x804fa08 "sasl_server_step", values = 0x643fb4b,
nvalues = 3085869056, valsize = 3082093430}}
in_start = 0x81d26e8 "username"
in = 0x81d27f4 ""
#7 0xb7e90a94 in sasl_server_step (conn=0x81ccbe0,
clientin=0x81d25d0 "username=\"root\",realm=\"info-ldap-006\",nonce=
\"higdckAr1KQoAwz+USgrgBdJISri6awiQ+LcfMW7wNw=\",cnonce=
\"XyQhQZ0Ek6Z7qTknAoEYC55pW/V8uba2M6zuvlExTNU=
\",nc=00000001,qop=auth-conf,cipher=rc4,maxbuf=65536,diges"...,
clientinlen=268, serverout=0xb2e8d794,
serveroutlen=0x1b0) at server.c:1411
ret = 136127952
#8 0x080acfba in slap_sasl_bind (op=0x81d22f0, rs=0xb2e8d8b0)
at sasl.c:1399
ctx = (sasl_conn_t *) 0x81ccbe0
response = {bv_len = 0, bv_val = 0x0}
reslen = 0
sc = 1
#9 0x08083eff in fe_op_bind (op=0x81d22f0, rs=0xb2e8d8b0)
at bind.c:275
mech = {bv_len = 10, bv_val = 0x81d25c2 "DIGEST-MD5"}
bd = (BackendDB *) 0x8127160
#10 0x080832cf in do_bind (op=0x81d22f0, rs=0xb2e8d8b0) at bind.c:200
---Type <return> to continue, or q <return> to quit---
ber = (BerElement *) 0x80df767
version = 3
method = 163
mech = {bv_len = 10, bv_val = 0x81d25c2 "DIGEST-MD5"}
dn = {bv_len = 0, bv_val = 0x81d25bc ""}
tag = 1935766319
be = (Backend *) 0x0
#11 0x08068a7f in connection_operation (ctx=0xb2e8d940,
arg_v=0x81d22f0) at connection.c:1307
rc = 30
rs = {sr_type = REP_RESULT, sr_tag = 0, sr_msgid = 0,
sr_err = 0, sr_matched = 0x0, sr_text = 0x0, sr_ref = 0x0,
sr_ctrls = 0x0, sr_un = {sru_sasl = {r_sasldata = 0x0},
sru_extended = {r_rspoid = 0x0, r_rspdata = 0x0}, sru_search = {
r_entry = 0x0, r_attr_flags = 0, r_operational_attrs = 0x0,
r_attrs = 0x0, r_nentries = 0, r_v2ref = 0x0}}, sr_flags = 0}
tag = 96
opidx = 0
conn = (Connection *) 0xb3733878
memctx = (void *) 0x81cb8a8
memctx_null = (void *) 0x0
#12 0xb7eafae8 in ldap_int_thread_pool_wrapper (xpool=0x813c360)
at tpool.c:480
ctx = (ldap_int_thread_ctx_t *) 0x81cbf98
ltc_key = {{ltk_key = 0x80af490, ltk_data = 0x81cb8a8,
ltk_free = 0x80af360 <slap_sl_mem_destroy>}, {
ltk_key = 0x81ca430, ltk_data = 0xd,
ltk_free = 0xb7a7d5b0 <bdb_locker_id_free>}, {ltk_key = 0x0,
ltk_data = 0x0, ltk_free = 0} <repeats 30 times>}
tid = 3001605040
i = 136101784
keyslot = 805
hash = 432
#13 0xb7cb0b63 in start_thread () from /lib/tls/libpthread.so.0
No symbol table info available.
#14 0xb7c4f18a in clone () from /lib/tls/libc.so.6
No symbol table info available.
Any ideas?
Thanks in advance.
Sam