[Date Prev][Date Next] [Chronological] [Thread] [Top]

ldap with sasl and odbc

To: <openldap-software@openldap.org>
Subject: ldap with sasl and odbc
From: Rafal Swiderski <sxatster@gmail.com>
Date: Wed, 17 Jan 2007 18:33:32 +0100

Why my slapd  crash when I have login with SASL
i am confiure line for slapd is:
./configure --with-cyrus-sasl --enable-sql --enable-hdb=no --enable-bdb=no
CPPFLAGS="-I/usr/local/include -I/usr/local/unixODBC/include"
LDFLAGS="-L/usr/local/lib -L/usr/local/unixODBC/lib"

slapd work normal if I have loggin to it - if I write bad password - slapd
normal working but if i write good login to slapd (correct login and pass)
slapd is crash (always if I write correct my login and password (
ldapsearch -I ),


please help me - how configure slapd with sasl....... but my slapd (last
version) dont work with sasl :/

slapd -d 1:
........
>> slap_listener(ldap:///)connection_get(8): got connid=0
connection_read(8): checking for input on id=0
ber_get_next
ber_get_next: tag 0x30 len 62 contents:
ber_get_next
ber_get_next on fd 8 failed errno=35 (Resource temporarily unavailable)
do_search
ber_scanf fmt ({miiiib) ber:
>>> dnPrettyNormal: <>
<<< dnPrettyNormal: <>, <>
ber_scanf fmt (m) ber:
ber_scanf fmt ({M}}) ber:
==>select_backend: START
==>select_backend: dn:
=> send_search_entry: conn 0 dn=""
ber_flush: 62 bytes to sd 8
<= send_search_entry: conn 0 exit.
send_ldap_result: conn=0 op=0 p=3
send_ldap_response: msgid=1 tag=101 err=0
ber_flush: 14 bytes to sd 8
connection_get(8): got connid=0
connection_read(8): checking for input on id=0
ber_get_next
ber_get_next: tag 0x30 len 24 contents:
ber_get_next
ber_get_next on fd 8 failed errno=35 (Resource temporarily unavailable)
do_bind
ber_scanf fmt ({imt) ber:
ber_scanf fmt ({m) ber:
ber_scanf fmt (}}) ber:
>>> dnPrettyNormal: <>
<<< dnPrettyNormal: <>, <>
do_sasl_bind: dn () mech DIGEST-MD5
SASL [conn=0] Debug: DIGEST-MD5 server step 1
send_ldap_sasl: err=14 len=184
send_ldap_response: msgid=2 tag=97 err=14
ber_flush: 203 bytes to sd 8
<== slap_sasl_bind: rc=14
connection_get(8): got connid=0
connection_read(8): checking for input on id=0
ber_get_next
ber_get_next: tag 0x30 len 323 contents:
ber_get_next
ber_get_next on fd 8 failed errno=35 (Resource temporarily unavailable)
do_bind
ber_scanf fmt ({imt) ber:
ber_scanf fmt ({m) ber:
ber_scanf fmt (m) ber:
ber_scanf fmt (}}) ber:
>>> dnPrettyNormal: <>
<<< dnPrettyNormal: <>, <>
do_sasl_bind: dn () mech DIGEST-MD5
SASL [conn=0] Debug: DIGEST-MD5 server step 2
slap_sasl_getdn: u:id converted to
uid=test,cn=example.com,cn=DIGEST-MD5,cn=auth
>>> dnNormalize: <uid=test,cn=example.com,cn=DIGEST-MD5,cn=auth>
<<< dnNormalize: <uid=test,cn=example.com,cn=digest-md5,cn=auth>
==>slap_sasl2dn: converting SASL name
uid=test,cn=example.com,cn=digest-md5,cn=auth to a DN
slap_authz_regexp: converting SASL name
uid=test,cn=example.com,cn=digest-md5,cn=auth
<==slap_sasl2dn: Converted SASL name to <nothing>
slapd in free(): error: chunk is already free
Abort (core dumped)
....


slad.conf file
 cat slapd.conf
# $OpenLDAP: pkg/ldap/servers/slapd/back-sql/rdbms_depend/mysql/slapd.conf,v
1.5.2.1 2005/01/20 18:04:03 kurt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include         /usr/local/etc/openldap/schema/core.schema
include         /usr/local/etc/openldap/schema/cosine.schema
include         /usr/local/etc/openldap/schema/inetorgperson.schema

# Define global ACLs to disable default read access.
access to *
     by * write

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral       ldap://root.openldap.org

pidfile         /var/run/slapd/slapd.pid
argsfile        /var/run/slapd/slapd.args
loglevel        -1

authz-police all
sasl-host       example.com
sasl-realm      example.com
#require SASL

authz-regexp
      uid=([^,]*),dc=example,dc=com
      uid=test,dc=example,dc=com

#sasl-secprops none

#authzTo: uid=[^,]*,dc=example,dc=com

#######################################################################
# sql database definitions
#######################################################################
database        sql
suffix          "dc=example,dc=com"

#rootdn         "cn=test,dc=example,dc=com"
#rootpw         secret
dbname          ldap
dbuser          ldap
dbpasswd        ldap123zxc
subtree_cond    "ldap_entries.dn LIKE CONCAT('%',?)"
insentry_stmt   "INSERT INTO ldap_entries (dn,oc_map_id,parent,keyval)
VALUES (?,?,?,?)"
has_ldapinfo_dn_ru      no

#access to attrs=userPassword
#      by * auth


#access to * by * none

Follow-Ups:
- Re: ldap with sasl and odbc
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

Prev by Date: Re: object classes that can contain other objects
Next by Date: problem with sasl
Index(es):
- Chronological
- Thread