[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#4740) SASL bind assert
At 08:06 PM 11/27/2006, hyc@symas.com wrote:
>Kurt@OpenLDAP.org wrote:
>> At 07:51 PM 11/27/2006, Kurt D. Zeilenga wrote:
>>> Spoke too soon.
>>> You code appears to be sending the same requests as
>>> Nessus, at least as described here:
>>> http://www.nessus.org/plugins/index.php?view=viewsrc&id=23625
>>>
>>> Suspect a mismatch between what you and Brian are
>>> testing...
>>
>> Howard, is the normalized authcDN in your testing correct?
>
>It has a single escaped space.
And that's correct (I was wrong before). A directory string of
N spaces normalizes to a single space, which must be escaped in
the DN.
So it does seem like you and Brian are simply not running the
same code.
-- Kurt
>Here's the log with 256 characters
>instead of 1024:
>
> >>> slap_listener(ldap://:9011)connection_get(12)
>connection_get(12): got connid=2
>connection_read(12): checking for input on id=2
>ber_get_next
>ldap_read: want=8, got=8
> 0000: 30 17 02 02 04 e7 60 11 0.....`.
>ldap_read: want=17, got=17
> 0000: 02 01 03 04 00 a3 0a 04 08 43 52 41 4d 2d 4d 44
>.........CRAM-MD
> 0010: 35 5
>ber_get_next: tag 0x30 len 23 contents:
>ber_get_next
>ldap_read: want=8 error=Resource temporarily unavailable
>ber_get_next on fd 12 failed errno=11 (Resource temporarily unavailable)
>do_bind
>ber_scanf fmt ({imt) ber:
>ber_scanf fmt ({m) ber:
>ber_scanf fmt (}}) ber:
> >>> dnPrettyNormal: <>
><<< dnPrettyNormal: <>, <>
>do_sasl_bind: dn () mech CRAM-MD5
>==> sasl_bind: dn="" mech=CRAM-MD5 datalen=0
>send_ldap_sasl: err=14 len=38
>send_ldap_response: msgid=1255 tag=97 err=14
>ber_flush: 55 bytes to sd 12
> 0000: 30 35 02 02 04 e7 61 2f 0a 01 0e 04 00 04 00 87
>05....a/........
> 0010: 26 3c 39 34 32 38 34 39 37 31 39 2e 37 30 35 38
>&<942849719.7058
> 0020: 36 35 39 40 6d 61 6e 64 6f 6c 69 6e 2e 73 79 6d
>659@mandolin.sym
> 0030: 61 73 2e 63 6f 6d 3e as.com>
>ldap_write: want=55, written=55
> 0000: 30 35 02 02 04 e7 61 2f 0a 01 0e 04 00 04 00 87
>05....a/........
> 0010: 26 3c 39 34 32 38 34 39 37 31 39 2e 37 30 35 38
>&<942849719.7058
> 0020: 36 35 39 40 6d 61 6e 64 6f 6c 69 6e 2e 73 79 6d
>659@mandolin.sym
> 0030: 61 73 2e 63 6f 6d 3e as.com>
><== slap_sasl_bind: rc=14
>connection_get(12)
>connection_get(12): got connid=2
>connection_read(12): checking for input on id=2
>ber_get_next
>ldap_read: want=8, got=8
> 0000: 30 82 01 1f 02 02 04 e6 0.......
>ldap_read: want=283, got=283
> 0000: 60 82 01 17 02 01 03 04 00 a3 82 01 0e 04 08 43
>`..............C
> 0010: 52 41 4d 2d 4d 44 35 04 82 01 00 20 20 20 20 20 RAM-MD5....
> 0020: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
> 0030: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
> 0040: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
> 0050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
> 0060: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
> 0070: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
> 0080: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
> 0090: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
> 00a0: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
> 00b0: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
> 00c0: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
> 00d0: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
> 00e0: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
> 00f0: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
> 0100: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
> 0110: 20 20 20 20 20 20 20 20 20 20 20
>ber_get_next: tag 0x30 len 287 contents:
>ber_get_next
>ldap_read: want=8 error=Resource temporarily unavailable
>ber_get_next on fd 12 failed errno=11 (Resource temporarily unavailable)
>connection_get(12)
>connection_get(12): got connid=2
>connection_read(12): checking for input on id=2
>ber_get_next
>ldap_read: want=8, got=0
>
>ber_get_next on fd 12 failed errno=0 (Success)
>connection_closing: readying conn=2 sd=12 for close
>connection_close: deferring conn=2 sd=12
>do_bind
>ber_scanf fmt ({imt) ber:
>ber_scanf fmt ({m) ber:
>ber_scanf fmt (m) ber:
>ber_scanf fmt (}}) ber:
> >>> dnPrettyNormal: <>
><<< dnPrettyNormal: <>, <>
>do_sasl_bind: dn () mech CRAM-MD5
>==> sasl_bind: dn="" mech=<continuing> datalen=256
>SASL Canonicalize [conn=2]: authcid="
>
>
>
> "
>slap_sasl_getdn: conn 2 id=
>
>
>
>[len=255]
>=> ldap_dn2bv(16)
><= ldap_dn2bv(uid=\20
>
>
>
>\20,cn=CRAM-MD5,cn=auth)=0
>slap_sasl_getdn: u:id converted to uid=\20
>
>
>
> \20,cn=CRAM-MD5,cn=auth
> >>> dnNormalize: <uid=\20
>
>
>
>\20,cn=CRAM-MD5,cn=auth>
>=> ldap_bv2dn(uid=\20
>
>
>
>\20,cn=CRAM-MD5,cn=auth,0)
><= ldap_bv2dn(uid=\20
>
>
>
>\20,cn=CRAM-MD5,cn=auth)=0
>=> ldap_dn2bv(272)
><= ldap_dn2bv(uid=\20,cn=cram-md5,cn=auth)=0
><<< dnNormalize: <uid=\20,cn=cram-md5,cn=auth>
>==>slap_sasl2dn: converting SASL name uid=\20,cn=cram-md5,cn=auth to a DN
>slap_authz_regexp: converting SASL name uid=\20,cn=cram-md5,cn=auth
><==slap_sasl2dn: Converted SASL name to <nothing>
>SASL Canonicalize [conn=2]: slapAuthcDN="uid=\20,cn=cram-md5,cn=auth"
>SASL [conn=2] Failure: no secret in database
>send_ldap_result: conn=2 op=1 p=3
>send_ldap_result: err=49 matched="" text="SASL(-13): user not found: no
>secret in database"
>send_ldap_response: msgid=1254 tag=97 err=49
><== slap_sasl_bind: rc=49
>connection_resched: attempting closing conn=2 sd=12
>connection_close: conn=2 sd=12
>
>
>
>--
> -- Howard Chu
> Chief Architect, Symas Corp. http://www.symas.com
> Director, Highland Sun http://highlandsun.com/hyc
> OpenLDAP Core Team http://www.openldap.org/project/