[Date Prev][Date Next] [Chronological] [Thread] [Top]

Changing cert paths may cause openldap to stop



Hi,

On 2.4.39 (CentOS 5.10 x86_64), I found that if I attempt to change certificate values but there is an error in a path, openldap stops.

I would expect this should be avoided. Openldap should reject the modification and not stop.

Running the modification below, it hungs; we press Ctrl-C (and we print a full backtrace), then we find slapd is stopped.

Please check the output below.

Best regards,
Nick

Example:

-------------------------------------------------------------------------------
Modification file: /root/work/certmod2:
-------------------------------------------------------------------------------
dn: cn=config
changetype: modify
replace: olcTLSCACertificateFile
olcTLSCACertificateFile: /usr/local/openldap/etc/openldap/certs/chain-2241.pem
-
replace: olcTLSCertificateFile
olcTLSCertificateFile: /usr/local/openldap/etc/openldap/certs/cert-2241.pem
-
replace: olcTLSCertificateKeyFile
olcTLSCertificateKeyFile: /usr/local/openldap/etc/openldap/certs/priv-2241.pem
-------------------------------------------------------------------------------
In this case priv-2241.pem does not exist (the correct value would be: key-2241.pem).

-------------------------------------------------------------------------------
Modification attempt:
-------------------------------------------------------------------------------
# /usr/local/openldap/bin/ldapmodify -h localhost -x -v -W -D "cn=admin,cn=config" -f /root/work/certmod2
ldap_initialize( ldap://localhost )
Enter LDAP Password:
replace olcTLSCACertificateFile:
/usr/local/openldap/etc/openldap/certs/chain-2241.pem
replace olcTLSCertificateFile:
/usr/local/openldap/etc/openldap/certs/cert-2241.pem
replace olcTLSCertificateKeyFile:
/usr/local/openldap/etc/openldap/certs/priv-2241.pem
modifying entry "cn=config"

<it hungs and we press Ctrl-C>

ldap_result: Can't contact LDAP server (-1)
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
(gdb) backtrace full
#0  0x00000033bf830265 in raise () from /lib64/libc.so.6
No symbol table info available.
#1  0x00000033bf831d10 in abort () from /lib64/libc.so.6
No symbol table info available.
#2  0x00000033bf829706 in __assert_fail () from /lib64/libc.so.6
No symbol table info available.
#3 0x000000000044f66d in slap_send_ldap_result (op=0xcd75580, rs=0x2ba278651c20) at result.c:813
        tmp = <value optimized out>
        otext = 0x2ba278650664 ""
        oref = 0x0
        __PRETTY_FUNCTION__ = "slap_send_ldap_result"
#4 0x000000000042ca7f in config_back_modify (op=0xcd75580, rs=0x2ba278651c20) at bconfig.c:5926
        cfb = 0x8787a0
        ce = 0xffffffff
        last = 0x600000000
        ml = 0x6
ca = {argc = 2, argv = 0xce77200, argv_size = 513, line = 0xce75c00 "/usr/local/openldap/etc/openldap/certs/priv-2241.pem", tline = 0xc81a880 "\220d\224\f", fname = 0x5c7c99 "slapd", lineno = 0, log = "olcTLSCertificateKeyFile: value #0", '\000' <repeats 4089 times>, reply = {err = 0, msg = '\000' <repeats 255 times>}, depth = 0, valx = -1, values = {v_int = 209823808, v_uint = 209823808, v_long = 209823808, v_ulong = 209823808, v_ber_t = 209823808, v_string = 0xc81a840 "/usr/local/openldap/etc/openldap/certs/priv-2241.pem", v_bv = {bv_len = 209823808, bv_val = 0x0}, v_dn = {vdn_dn = {bv_len = 209823808, bv_val = 0x0}, vdn_ndn = {bv_len = 0, bv_val = 0x0}}, v_ad = 0xc81a840}, rvalue_vals = 0x0, rvalue_nvals = 0x0, op = 0, type = 8, ca_op = 0xcd75580, be = 0x87a520, bi = 0x0, ca_entry = 0xc81ab48, ca_private = 0xc81a280,
          cleanup = 0x427850 <config_tls_cleanup>, table = Cft_Global}
        rdn = {bv_len = 2, bv_val = 0xc81a7e0 "cn=config"}
        rad = 0xc7c4e90
        do_pause = 1
#5 0x0000000000455ff7 in fe_op_modify (op=0xcd75580, rs=0x2ba278651c20) at modify.c:303
        repl_user = <value optimized out>
        bd = 0x87a520
textbuf = "\005\000\000\000\000\000\000\000xZ\327\f\000\000\000\000h[\327\f\000\000\000\000\003\000\000\000\000\000\000\000\b\000\000\000\000\000\000\000\270Z\327\f\000\000\000\000P\271}\f\000\000\000\000\000\\\347\f\000\000\000\000\320[\347\f\000\000\000\000:\213E", '\000' <repeats 21 times>, "4\000\000\000\000\000\000\000\000\\\347\f\000\000\000\000\270U\327\f", '\000' <repeats 12 times>, "@\\\347\f", '\000' <repeats 12 times>"\340, \272}\f\000\000\000\000\020", '\000' <repeats 15 times>"\304, XE\000\000\000\000\000\340:\306\f\000\000\000\000\000\001\000\000\000\000\000\000\320\032ex\242+\000\000@\034ex\242+\000\000\200U\327\f\000\000\000\000\001\000\000\000\000\000\000\000\270U\327\f\000\000\000\000\250U\327\f\000\000\000\000\340:\306\f\000\000\000\000\251\063"... #6 0x0000000000456762 in do_modify (op=0xcd75580, rs=0x2ba278651c20) at modify.c:177
        dn = {bv_len = 9, bv_val = 0xcd75459 "cn=config"}
textbuf = "\000\b\000\000\000\000\000\000\000\001\000\000\000\000\000\000 \000\000\000\000\000\000\000\004", '\000' <repeats 15 times>"\377, \017\000\000\000\000\000\000\260\005\002", '\000' <repeats 14 times>"\360, \377\377\377\377\377\377\000\000\000\000~", '\000' <repeats 27 times>"\271, \312\065\062\"", '\000' <repeats 11 times>"\340, I\265\277\063\000\000\000\000\000\020\000\000\000\000\000\000\000\020\000\000\000\000\000\001\000\000\000\000\000\000\000\340:\306\f\000\000\000\000\000\000\020\000\000\000\000\000\236@\207\277\063", '\000' <repeats 13 times>, "\020\000\000\000\000\000p\035ex\242+\000\000Mc[\000\000\000\000\000\000\000\020\000\000\000\000\000\373\210E\000\000\000\000\000\001\000\000\000\000\000\000\000\330\002I\000\000\000\000\000\200U\327\f\000\000\000\000]\226F\---Type <return> to continue, or q <return> to quit---
000\000\000\000"
        tmp = 0x0
#7 0x000000000043f0d5 in connection_operation (ctx=0x2ba278651d70, arg_v=<value optimized out>) at connection.c:1155
        rc = <value optimized out>
        cancel = <value optimized out>
        op = 0xcd75580
rs = {sr_type = REP_RESULT, sr_tag = 0, sr_msgid = 0, sr_err = -1, sr_matched = 0x0, sr_text = 0x2ba278650664 "", sr_ref = 0x0, sr_ctrls = 0x0, sr_un = {sru_search = {r_entry = 0x0, r_attr_flags = 0, r_operational_attrs = 0x0, r_attrs = 0x0, r_nentries = 0, r_v2ref = 0x0}, sru_sasl = { r_sasldata = 0x0}, sru_extended = {r_rspoid = 0x0, r_rspdata = 0x0}}, sr_flags = 0}
        tag = 102
        opidx = SLAP_OP_MODIFY
        conn = 0xc9c2d20
        memctx = 0xcc63ae0
        memctx_null = 0x0
        __PRETTY_FUNCTION__ = "connection_operation"
#8 0x000000000043f6af in connection_read_thread (ctx=0x2ba278651d70, argv=<value optimized out>) at connection.c:1291
        s = 12
#9 0x000000000058d92c in ldap_int_thread_pool_wrapper (xpool=0xc7c8430) at tpool.c:688
        task = 0xcd752f0
        work_list = <value optimized out>
ctx = {ltu_id = 47976804591936, ltu_key = {{ltk_key = 0x43e040, ltk_data = 0xcd75950, ltk_free = 0x43e110 <conn_counter_destroy>}, { ltk_key = 0x48ff50, ltk_data = 0xcc63ae0, ltk_free = 0x48ff70 <slap_sl_mem_destroy>}, {ltk_key = 0x0, ltk_data = 0x0,
              ltk_free = 0} <repeats 30 times>}}
        kctx = <value optimized out>
        keyslot = 435
        hash = <value optimized out>
        __PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper"
#10 0x00002ba23235583d in start_thread () from /lib64/libpthread.so.0
No symbol table info available.
#11 0x00000033bf8d526d in clone () from /lib64/libc.so.6
No symbol table info available.
-------------------------------------------------------------------------------