[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#6416) back-null + back-ldap + idassert spins or hangs
- To: openldap-its@OpenLDAP.org
- Subject: Re: (ITS#6416) back-null + back-ldap + idassert spins or hangs
- From: hyc@symas.com
- Date: Sat, 5 Dec 2009 20:14:38 GMT
- Auto-submitted: auto-generated (OpenLDAP-ITS)
h.b.furuseth@usit.uio.no wrote:
> Full_Name: Hallvard B Furuseth
> Version: HEAD
> OS: Linux x86_64
> URL:
> Submission from: (NULL) (129.240.6.233)
> Submitted by: hallvard
>
>
> slapd spins when current HEAD's ./run -b null test028-idassert gets to:
> "Testing ldapwhoami as bjorn, dn:uid=bjorn,ou=People,o=Example,c=US..."
>
> Here is slapd.conf for reduced case which hangs with:
> ldapwhoami -xH localhost:9011 \
> -D uid=foo,cn=users -w secret -e \!authzid=dn:uid=foo,cn=id
> Possibly I've created a loop somewhere but I don't know where:
Obviously you've created a loop.
Your server is running on localhost:9011 and you've defined a back-ldap
pointing to localhost:9011. You run a query that causes a lookup on the
back-ldap cn=id database, and in the absence of any rewrite rules to alter
that lookup, it will simply loop back on itself trying to search cn=id.
This is an invalid config, this ITS is invalid and will be closed.
> include schema/core.schema
> authz-policy from
>
> database null
> suffix "cn=users"
> bind on
>
> database null
> suffix "cn=admin"
> bind on
>
> database ldap
> suffix "cn=id"
> uri "ldap://localhost:9011/"
> idassert-bind binddn="cn=admin" credentials="xyzzy" mode=self
>
>
> slapd creates a bunch of connections to itself (according to loglevel 256)
> and then loops, with the log repeating this paragraph:
>
> ** ld 0x3ad3930 Outstanding Requests:
> * msgid 1, origid 1, status InProgress
> outstanding referrals 0, parent count 0
> ld 0x3ad3930 request count 1 (abandoned 0)
> ** ld 0x3ad3930 Response Queue:
> Empty
> ld 0x3ad3930 response count 0
> ldap_chkResponseList ld 0x3ad3930 msgid 1 all 1
> ldap_chkResponseList returns ld 0x3ad3930 NULL
> ldap_int_select
> ldap_result ld 0x3ad3930 msgid 1
> wait4msg ld 0x3ad3930 msgid 1 (timeout 100000 usec)
> wait4msg continue ld 0x3ad3930 msgid 1 all 1
> ** ld 0x3ad3930 Connections:
> * host: localhost port: 9011 (default)
> refcnt: 2 status: Connected
> last used: Fri Dec 4 19:48:32 2009
>
>
>
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/