[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#4429) (back-ldap?) slapd deadlock



Agh. Sorry for the quick self-response. It turns out that immediately
before the err=53 (which is the sign we're already dead), there's an
err=52, which seems to be the true beginning of the end. (It also explains
nicely why this isn't in tests.) But I finally have an answer to your
original followup!


conn=172 op=2 ldap_back_retry: retrying URI="ldap://ldap.nbcs.rutgers.edu"; DN=""
ldap_free_connection 1 1
ldap_send_unbind
ber_flush: 7 bytes to sd 12
ldap_free_connection: actually freed
TLS trace: SSL3 alert write:warning:close notify
ldap_create
ldap_url_parse_ext(ldap://ldap.nbcs.rutgers.edu)
ldap_extended_operation
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP ldap.nbcs.rutgers.edu:389
ldap_new_socket: 12
ldap_prepare_socket: 12
ldap_connect_to_host: Trying 128.6.72.241:389
ldap_connect_timeout: fd: 12 tm: -1 async: 0
ldap_open_defconn: successful
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_scanf fmt ({) ber:
ber_flush: 31 bytes to sd 12
ldap_result ld 5d97f8 msgid 1
ldap_chkResponseList ld 5d97f8 msgid 1 all 1
ldap_chkResponseList returns ld 5d97f8 NULL
wait4msg ld 5d97f8 msgid 1 (timeout 100000 usec)
wait4msg continue ld 5d97f8 msgid 1 all 1
** ld 5d97f8 Connections:
* host: ldap.nbcs.rutgers.edu  port: 389  (default)
  refcnt: 2  status: Connected
  last used: Tue Mar 28 13:12:01 2006

** ld 5d97f8 Outstanding Requests:
 * msgid 1,  origid 1, status InProgress
   outstanding referrals 0, parent count 0
** ld 5d97f8 Response Queue:
   Empty
ldap_chkResponseList ld 5d97f8 msgid 1 all 1
ldap_chkResponseList returns ld 5d97f8 NULL
ldap_int_select
ldap_free_request (origid 1, msgid 1)
ldap_free_connection 1 1
ldap_send_unbind
ber_flush: 7 bytes to sd 12
ldap_free_connection: actually freed
send_ldap_result: conn=172 op=2 p=3
send_ldap_result: err=52 matched="" text="could not start TLS"
send_ldap_result: conn=172 op=2 p=3
send_ldap_result: err=52 matched="" text=""
send_ldap_response: msgid=3 tag=101 err=52
ber_flush: 14 bytes to sd 30
conn=172 op=2 SEARCH RESULT tag=101 err=52 nentries=0 text=


And there's your reason why the connection is failing. Now, what's making
it fail StartTLS when it started TLS so nicely so many other times?

Hmm. Well, I _am_ running OpenSSL 0.9.7g, and I know what we like to say
about old versions. But I just restarted with OpenSSL 0.9.7i before
sending this (shared objects are your friend) so we'll see how that goes.