[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapsearch - Segmentation Fault



> I use:
> libldap2 version 2.1.30-3

^^^ this software is historical; you should consider upgrading to 2.2.24.

> LDAP-Server ist eDirectory (no idea of the version)
> my platform is Debian-Linux kernel 2.4.24-1
> openssl 0.9.6c-2.woody.7
>
>
> The hardware should not be the problem because it works when I try
> without SSL.
>
>> > ldapsearch -D "cn=myuser,ou=myou,o=myo" -H ldaps://mydomain:636 cn=*
>> -W
>> > => Segmentation Fault
>> > ldapsearch -D "cn=myuser,ou=myou,o=myo" -H ldaps://mydomain:636 cn=*
>> > => Segmentation Fault
>> > ldapsearch -D "cn=myuser,ou=myou,o=myo" -H ldap://mydomain:389 cn=* -x
>> > => works well
>>
>> I note that you didn't exaust the possible combinations of parameters,
>> and
>> most of those you tried are inconsistend and/or of little use; did you
>> try
>> at least
>>
>> ldapsearch -D "cn=myuser,ou=myou,o=myo" -H ldaps://mydomain -x -W cn=*
>
> ldapsearch -D "cn=myuser,ou=myou,o=myo" -H ldaps://mydomain:636 cn=* -W
> -x

I suggest you leave the options in the order I gave you, because the way
you use them is not portable (i.e. cn=* goes last); see ldapsearch(1) for
usage.

> Enter LDAP Password:
> =>Segmentation fault
>
> If I don't give the port, it gives the same error.

You don't need to give the port if you use the default.

>
> gdb gives this:

which is nearly useless because binaries are stripped...

>
> Starting program: /usr/bin/ldapsearch -D "cn=mycn,ou=myou,o=myo" -H
> ldaps://mydomain:636 cn=* -W
> (no debugging symbols found)...(no debugging symbols found)...(no
> debugging symbols found)...(no debugging symbols found)...(no debugging
> symbols found)...
> (no debugging symbols found)...(no debugging symbols found)...(no
> debugging symbols found)...(no debugging symbols found)...(no debugging
> symbols found)...
> (no debugging symbols found)...(no debugging symbols found)...(no
> debugging symbols found)...(no debugging symbols found)...(no debugging
> symbols found)...
> Enter LDAP Password:
> (no debugging symbols found)...(no debugging symbols found)...(no
> debugging symbols found)...
> Program received signal SIGSEGV, Segmentation fault.
> 0x4023d36f in readdir64 () from /lib/libc.so.6
> (gdb) bt full
> #0  0x4023d36f in readdir64 () from /lib/libc.so.6
> No symbol table info available.
> #1  0x40048e18 in ldap_pvt_tls_init_def_ctx ()
> from /usr/lib/libldap.so.2

... but this ^^^ tells us that likely your ldap.conf/ldaprc files are
providing erroneous information on the location of the TLS-related items
of the client configuration, and this is making libc fail for some reason.
 Check the contents of ldap.conf (see ldap.conf(5)) and post it; if you're
providing any client's certificate in ldaprc, post it as well (the file,
not the certificate).  Again, see ldap.conf(5) for details on ldaprc
configuration and usage.

p.

-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it


    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497