Re: crash: cyrus-imapd -> sasl -> pam -> pam_ldap -> libldap-2.x -> sasl

[GOMBAS Gabor <gombasg@inf.elte.hu>]

On Tue, Nov 28, 2000 at 11:09:03AM +0100, Julio Sanchez Fernandez wrote:

> Now, the questions are: Why do we call sasl_set_alloc?  Do we need it?
> Always? On some platforms? Is it safe doing it when we were called by
> libsasl itself? If not, how do we manage memory allocation when we are
> running under libsasl?

Not calling sasl_set_alloc might solve the current crashes but it only hides
the problem. The real problem is that the SASL library is not reentrant.
The two SASL library instances should be independent from each other but they
are using global variables and the their data section is physically the same.

I see two possible solutions:

1. The short term one: link the SASL libraries statically with cyrus-imapd.
   This way the shared library loaded by pam_ldap/libldap will have a
   private data section.
2. The long term one: eliminate every global variables inside the SASL
   library. It would require some API changes so it should be consulted with
   the Cyrus guys.

Anyway, the crashes you describe are not the fault of OpenLDAP.

Gabor

P.S. If you were using AIX I'd suggest linking the SASL libraries with the
"-bM:S1L" flags but Linux does not have a similar feature.

-- 
Gabor Gombas                                       Eotvos Lorand University
E-mail: gombasg@inf.elte.hu                        Hungary