[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
ldap with sasl and odbc
Why my slapd crash when I have login with SASL
i am confiure line for slapd is:
./configure --with-cyrus-sasl --enable-sql --enable-hdb=no --enable-bdb=no
CPPFLAGS="-I/usr/local/include -I/usr/local/unixODBC/include"
LDFLAGS="-L/usr/local/lib -L/usr/local/unixODBC/lib"
slapd work normal if I have loggin to it - if I write bad password - slapd
normal working but if i write good login to slapd (correct login and pass)
slapd is crash (always if I write correct my login and password (
ldapsearch -I ),
please help me - how configure slapd with sasl....... but my slapd (last
version) dont work with sasl :/
slapd -d 1:
........
>> slap_listener(ldap:///)connection_get(8): got connid=0
connection_read(8): checking for input on id=0
ber_get_next
ber_get_next: tag 0x30 len 62 contents:
ber_get_next
ber_get_next on fd 8 failed errno=35 (Resource temporarily unavailable)
do_search
ber_scanf fmt ({miiiib) ber:
>>> dnPrettyNormal: <>
<<< dnPrettyNormal: <>, <>
ber_scanf fmt (m) ber:
ber_scanf fmt ({M}}) ber:
==>select_backend: START
==>select_backend: dn:
=> send_search_entry: conn 0 dn=""
ber_flush: 62 bytes to sd 8
<= send_search_entry: conn 0 exit.
send_ldap_result: conn=0 op=0 p=3
send_ldap_response: msgid=1 tag=101 err=0
ber_flush: 14 bytes to sd 8
connection_get(8): got connid=0
connection_read(8): checking for input on id=0
ber_get_next
ber_get_next: tag 0x30 len 24 contents:
ber_get_next
ber_get_next on fd 8 failed errno=35 (Resource temporarily unavailable)
do_bind
ber_scanf fmt ({imt) ber:
ber_scanf fmt ({m) ber:
ber_scanf fmt (}}) ber:
>>> dnPrettyNormal: <>
<<< dnPrettyNormal: <>, <>
do_sasl_bind: dn () mech DIGEST-MD5
SASL [conn=0] Debug: DIGEST-MD5 server step 1
send_ldap_sasl: err=14 len=184
send_ldap_response: msgid=2 tag=97 err=14
ber_flush: 203 bytes to sd 8
<== slap_sasl_bind: rc=14
connection_get(8): got connid=0
connection_read(8): checking for input on id=0
ber_get_next
ber_get_next: tag 0x30 len 323 contents:
ber_get_next
ber_get_next on fd 8 failed errno=35 (Resource temporarily unavailable)
do_bind
ber_scanf fmt ({imt) ber:
ber_scanf fmt ({m) ber:
ber_scanf fmt (m) ber:
ber_scanf fmt (}}) ber:
>>> dnPrettyNormal: <>
<<< dnPrettyNormal: <>, <>
do_sasl_bind: dn () mech DIGEST-MD5
SASL [conn=0] Debug: DIGEST-MD5 server step 2
slap_sasl_getdn: u:id converted to
uid=test,cn=example.com,cn=DIGEST-MD5,cn=auth
>>> dnNormalize: <uid=test,cn=example.com,cn=DIGEST-MD5,cn=auth>
<<< dnNormalize: <uid=test,cn=example.com,cn=digest-md5,cn=auth>
==>slap_sasl2dn: converting SASL name
uid=test,cn=example.com,cn=digest-md5,cn=auth to a DN
slap_authz_regexp: converting SASL name
uid=test,cn=example.com,cn=digest-md5,cn=auth
<==slap_sasl2dn: Converted SASL name to <nothing>
slapd in free(): error: chunk is already free
Abort (core dumped)
....
slad.conf file
cat slapd.conf
# $OpenLDAP: pkg/ldap/servers/slapd/back-sql/rdbms_depend/mysql/slapd.conf,v
1.5.2.1 2005/01/20 18:04:03 kurt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
# Define global ACLs to disable default read access.
access to *
by * write
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org
pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args
loglevel -1
authz-police all
sasl-host example.com
sasl-realm example.com
#require SASL
authz-regexp
uid=([^,]*),dc=example,dc=com
uid=test,dc=example,dc=com
#sasl-secprops none
#authzTo: uid=[^,]*,dc=example,dc=com
#######################################################################
# sql database definitions
#######################################################################
database sql
suffix "dc=example,dc=com"
#rootdn "cn=test,dc=example,dc=com"
#rootpw secret
dbname ldap
dbuser ldap
dbpasswd ldap123zxc
subtree_cond "ldap_entries.dn LIKE CONCAT('%',?)"
insentry_stmt "INSERT INTO ldap_entries (dn,oc_map_id,parent,keyval)
VALUES (?,?,?,?)"
has_ldapinfo_dn_ru no
#access to attrs=userPassword
# by * auth
#access to * by * none