Issue 8637 - OpenLDAP crashing when defining multiple olcDbURI for chaining
Summary: OpenLDAP crashing when defining multiple olcDbURI for chaining
Status: VERIFIED FIXED
Alias: None
Product: OpenLDAP
Classification: Unclassified
Component: slapd (show other issues)
Version: 2.4.44
Hardware: All All
: --- normal
Target Milestone: ---
Assignee: OpenLDAP project
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-04-13 12:06 UTC by apgriffiths79@gmail.com
Modified: 2019-07-24 18:59 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.
Description apgriffiths79@gmail.com 2017-04-13 12:06:27 UTC 
Full_Name: Alan Griffiths
Version: 2.4.44
OS: Centos 7.3
URL: https://pastebin.com/CaVGpfKj
Submission from: (NULL) (86.22.17.96)


Adding multiple entries to olcDbURI causes slapd to crash when the ref is first
followed with: -

8ef6698 conn=1002 op=1 ldap_chain_op:
ref="ldap://aws-mldap-01.aws/uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com" ->
"ldap://aws-mldap-01.aws"
slapd: chain.c:227: ldap_chain_uri_cmp: Assertion `((&li2->li_bvuri[ 1
])->bv_val == ((void *)0))' failed.
Aborted

This appears to be the same issue as reported here 

http://www.openldap.org/lists/openldap-technical/201409/msg00056.html

but in a more recent version. I can re-create in 2.4.40 and 2.4.44.

Link to full debug output is provided.
Comment 1 Quanah Gibson-Mount 2017-04-13 15:01:36 UTC 
--On Thursday, April 13, 2017 1:06 PM +0000 apgriffiths79@gmail.com wrote:

> Full_Name: Alan Griffiths
> Version: 2.4.44
> OS: Centos 7.3
> URL: https://pastebin.com/CaVGpfKj
> Submission from: (NULL) (86.22.17.96)

Pastebin's expire.  Next time, please provide the information directly in 
the ITS.

I'd also suggest providing the slapd configuration etc that generated the 
error.

--Quanah

58ef6698 connection_get(16): got connid=1000
58ef6698 connection_read(16): checking for input on id=1000
ber_get_next
ber_get_next: tag 0x30 len 588 contents:
58ef6698 op tag 0x63, time 1492084376
ber_get_next
58ef6698 conn=1000 op=7 do_search
ber_scanf fmt ({miiiib) ber:
58ef6698 >>> dnPrettyNormal: <dc=abu,dc=inmarsat,dc=com>
58ef6698 <<< dnPrettyNormal: <dc=abu,dc=inmarsat,dc=com>, 
<dc=abu,dc=inmarsat,dc=com>
ber_scanf fmt ({mm}) ber:
ber_scanf fmt ({mm}) ber:
ber_scanf fmt (m) ber:
ber_scanf fmt ({mm}) ber:
ber_scanf fmt ({M}}) ber:
58ef6698 ==> limits_get: conn=1000 op=7 self="[anonymous]" 
this="dc=abu,dc=inmarsat,dc=com"
58ef6698 => mdb_search
58ef6698 mdb_dn2entry("dc=abu,dc=inmarsat,dc=com")
58ef6698 => mdb_dn2id("dc=abu,dc=inmarsat,dc=com")
58ef6698 <= mdb_dn2id: got id=0x1
58ef6698 => mdb_entry_decode:
58ef6698 <= mdb_entry_decode
58ef6698 search_candidates: base="dc=abu,dc=inmarsat,dc=com" (0x00000001) 
scope=2
58ef6698 => mdb_equality_candidates (objectClass)
58ef6698 => key_read
58ef6698 <= mdb_index_read: failed (-30798)
58ef6698 <= mdb_equality_candidates: id=0, first=0, last=0
58ef6698 => mdb_equality_candidates (uid)
58ef6698 => key_read
58ef6698 <= mdb_index_read 1 candidates
58ef6698 <= mdb_equality_candidates: id=1, first=17, last=17
58ef6698 => mdb_equality_candidates (objectClass)
58ef6698 => key_read
58ef6698 <= mdb_index_read 1 candidates
58ef6698 <= mdb_equality_candidates: id=1, first=17, last=17
58ef6698 => mdb_presence_candidates (uidNumber)
58ef6698 <= mdb_presence_candidates: (uidNumber) not indexed
58ef6698 mdb_search_candidates: id=1 first=17 last=17
58ef6698 => mdb_entry_decode:
58ef6698 <= mdb_entry_decode
58ef6698 => send_search_entry: conn 1000 
dn="uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com"
ber_flush2: 374 bytes to sd 16
58ef6698 <= send_search_entry: conn 1000 exit.
58ef6698 send_ldap_result: conn=1000 op=7 p=3
58ef6698 send_ldap_response: msgid=8 tag=101 err=0
ber_flush2: 14 bytes to sd 16
58ef6698 connection_get(16): got connid=1000
58ef6698 connection_read(16): checking for input on id=1000
ber_get_next
ber_get_next: tag 0x30 len 254 contents:
58ef6698 op tag 0x63, time 1492084376
ber_get_next
58ef6698 conn=1000 op=8 do_search
ber_scanf fmt ({miiiib) ber:
58ef6698 >>> dnPrettyNormal: <dc=abu,dc=inmarsat,dc=com>
58ef6698 <<< dnPrettyNormal: <dc=abu,dc=inmarsat,dc=com>, 
<dc=abu,dc=inmarsat,dc=com>
ber_scanf fmt ({mm}) ber:
58ef6698 >>> dnPretty: <uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com>
58ef6698 <<< dnPretty: <uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com>
58ef6698 >>> dnNormalize: <uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com>
58ef6698 <<< dnNormalize: <uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com>
ber_scanf fmt ({mm}) ber:
ber_scanf fmt (m) ber:
ber_scanf fmt ({M}}) ber:
58ef6698 => get_ctrls
ber_scanf fmt ({m) ber:
ber_scanf fmt (m) ber:
58ef6698 => get_ctrls: oid="1.2.840.113556.1.4.319" (noncritical)
ber_scanf fmt ({im}) ber:
58ef6698 <= get_ctrls: n=1 rc=0 err=""
58ef6698 ==> limits_get: conn=1000 op=8 self="[anonymous]" 
this="dc=abu,dc=inmarsat,dc=com"
58ef6698 => mdb_search
58ef6698 mdb_dn2entry("dc=abu,dc=inmarsat,dc=com")
58ef6698 => mdb_dn2id("dc=abu,dc=inmarsat,dc=com")
58ef6698 <= mdb_dn2id: got id=0x1
58ef6698 => mdb_entry_decode:
58ef6698 <= mdb_entry_decode
58ef6698 search_candidates: base="dc=abu,dc=inmarsat,dc=com" (0x00000001) 
scope=2
58ef6698 => mdb_equality_candidates (objectClass)
58ef6698 => key_read
58ef6698 <= mdb_index_read: failed (-30798)
58ef6698 <= mdb_equality_candidates: id=0, first=0, last=0
58ef6698 => mdb_equality_candidates (member)
58ef6698 <= mdb_equality_candidates: (member) not indexed
58ef6698 => mdb_equality_candidates (objectClass)
58ef6698 => key_read
58ef6698 <= mdb_index_read 1 candidates
58ef6698 <= mdb_equality_candidates: id=1, first=16, last=16
58ef6698 => mdb_presence_candidates (cn)
58ef6698 => key_read
58ef6698 <= mdb_index_read 12 candidates
58ef6698 <= mdb_presence_candidates: id=12 first=2 last=20
58ef6698 mdb_search_candidates: id=1 first=16 last=16
58ef6698 => mdb_entry_decode:
58ef6698 <= mdb_entry_decode
58ef6698 mdb_search: 16 does not match filter
58ef6698 send_ldap_result: conn=1000 op=8 p=3
58ef6698 send_ldap_response: msgid=9 tag=101 err=0
ber_flush2: 51 bytes to sd 16
58ef6698 slap_listener_activate(7):
58ef6698 >>> slap_listener(ldap:///)
58ef6698 connection_get(17): got connid=1002
58ef6698 connection_read(17): checking for input on id=1002
ber_get_next
ber_get_next: tag 0x30 len 29 contents:
58ef6698 op tag 0x77, time 1492084376
ber_get_next
58ef6698 conn=1002 op=0 do_extended
ber_scanf fmt ({m) ber:
58ef6698 send_ldap_extended: err=0 oid= len=0
58ef6698 send_ldap_response: msgid=1 tag=120 err=0
ber_flush2: 14 bytes to sd 17
58ef6698 connection_get(17): got connid=1002
58ef6698 connection_read(17): checking for input on id=1002
58ef6698 connection_get(17): got connid=1002
58ef6698 connection_read(17): checking for input on id=1002
TLS certificate verification: subject: no certificate, issuer: no 
certificate, cipher: AES-256, security level: high, secret key bits: 256, 
total key bits: 256, cache hits: 0, cache misses: 3, cache not reusable: 0
58ef6698 connection_read(17): unable to get TLS client DN, error=49 id=1002
58ef6698 connection_get(17): got connid=1002
58ef6698 connection_read(17): checking for input on id=1002
ber_get_next
ber_get_next: tag 0x30 len 93 contents:
58ef6698 op tag 0x60, time 1492084376
ber_get_next
58ef6698 conn=1002 op=1 do_bind
ber_scanf fmt ({imt) ber:
ber_scanf fmt (m}) ber:
58ef6698 => get_ctrls
ber_scanf fmt ({m) ber:
58ef6698 => get_ctrls: oid="1.3.6.1.4.1.42.2.27.8.5.1" (noncritical)
58ef6698 <= get_ctrls: n=1 rc=0 err=""
58ef6698 >>> dnPrettyNormal: <uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com>
58ef6698 <<< dnPrettyNormal: 
<uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com>, 
<uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com>
58ef6698 do_bind: version=3 
dn="uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com" method=128
58ef6698 mdb_dn2entry("uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com")
58ef6698 => mdb_dn2id("uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com")
58ef6698 <= mdb_dn2id: got id=0x11
58ef6698 => mdb_entry_decode:
58ef6698 <= mdb_entry_decode
58ef6698 mdb_entry_get: rc=0
58ef6698 mdb_dn2entry("cn=test,dc=abu,dc=inmarsat,dc=com")
58ef6698 => mdb_dn2id("cn=test,dc=abu,dc=inmarsat,dc=com")
58ef6698 <= mdb_dn2id: got id=0x12
58ef6698 => mdb_entry_decode:
58ef6698 <= mdb_entry_decode
58ef6698 mdb_entry_get: rc=0
58ef6698 mdb_dn2entry("uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com")
58ef6698 => mdb_dn2id("uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com")
58ef6698 <= mdb_dn2id: got id=0x11
58ef6698 => mdb_entry_decode:
58ef6698 <= mdb_entry_decode
58ef6698 send_ldap_result: conn=1002 op=1 p=3
58ef6698 mdb_dn2entry("uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com")
58ef6698 => mdb_dn2id("uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com")
58ef6698 <= mdb_dn2id: got id=0x11
58ef6698 => mdb_entry_decode:
58ef6698 <= mdb_entry_decode
58ef6698 mdb_entry_get: rc=0
ldap_url_parse_ext(ldap://aws-mldap-01.aws/)
ldap_url_parse_ext(ldap://aws-mldap-02.aws/)
58ef6698 send_ldap_result: conn=1002 op=1 p=3
ldap_url_parse_ext(ldap://aws-mldap-01.aws/uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com)
58ef6698 >>> dnPrettyNormal: <uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com>
58ef6698 <<< dnPrettyNormal: 
<uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com>, 
<uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com>
58ef6698 conn=1002 op=1 ldap_chain_op: 
ref="ldap://aws-mldap-01.aws/uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com" 
-> "ldap://aws-mldap-01.aws"
slapd: chain.c:227: ldap_chain_uri_cmp: Assertion `((&li2->li_bvuri[ 1 
])->bv_val == ((void *)0))' failed.
Aborted




--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>
Comment 2 Quanah Gibson-Mount 2017-04-13 15:01:53 UTC 
moved from Incoming to Software Bugs
Comment 3 apgriffiths79@gmail.com 2017-04-13 16:15:55 UTC 
Apologies, I'll avoid pastebin in future.

Configuration is as follows: -

dn: cn=module,cn=config
changetype: add
objectClass: olcModuleList
cn: module
olcModulePath: /usr/lib64/openldap
olcModuleLoad: back_ldap.la


dn: olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config
changetype: add
objectClass: olcOverlayConfig
objectClass: olcChainConfig
olcOverlay: {0}chain


dn: olcDatabase=ldap,olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config
changetype: add
objectClass: olcLDAPConfig
objectClass: olcChainDatabase
olcDBURI: "ldap://aws-mldap-01.aws/,ldap://aws-mldap-02.aws/"
olcDbIDAssertBind: bindmethod=simple
  binddn="cn=proxy,dc=abu,dc=inmarsat,dc=com"
  credentials=XXXXX
  mode=self


dn: olcDatabase={2}mdb,cn=config
changetype: modify
replace: olcUpdateRef
olcUpdateRef: ldap://aws-mldap-01.aws/
olcUpdateRef: ldap://aws-mldap-02.aws/

On 13 April 2017 at 16:01, Quanah Gibson-Mount <quanah@symas.com> wrote:

> --On Thursday, April 13, 2017 1:06 PM +0000 apgriffiths79@gmail.com wrote:
>
> Full_Name: Alan Griffiths
>> Version: 2.4.44
>> OS: Centos 7.3
>> URL: https://pastebin.com/CaVGpfKj
>> Submission from: (NULL) (86.22.17.96)
>>
>
> Pastebin's expire.  Next time, please provide the information directly in
> the ITS.
>
> I'd also suggest providing the slapd configuration etc that generated the
> error.
>
> --Quanah
>
> 58ef6698 connection_get(16): got connid=1000
> 58ef6698 connection_read(16): checking for input on id=1000
> ber_get_next
> ber_get_next: tag 0x30 len 588 contents:
> 58ef6698 op tag 0x63, time 1492084376
> ber_get_next
> 58ef6698 conn=1000 op=7 do_search
> ber_scanf fmt ({miiiib) ber:
> 58ef6698 >>> dnPrettyNormal: <dc=abu,dc=inmarsat,dc=com>
> 58ef6698 <<< dnPrettyNormal: <dc=abu,dc=inmarsat,dc=com>,
> <dc=abu,dc=inmarsat,dc=com>
> ber_scanf fmt ({mm}) ber:
> ber_scanf fmt ({mm}) ber:
> ber_scanf fmt (m) ber:
> ber_scanf fmt ({mm}) ber:
> ber_scanf fmt ({M}}) ber:
> 58ef6698 ==> limits_get: conn=1000 op=7 self="[anonymous]"
> this="dc=abu,dc=inmarsat,dc=com"
> 58ef6698 => mdb_search
> 58ef6698 mdb_dn2entry("dc=abu,dc=inmarsat,dc=com")
> 58ef6698 => mdb_dn2id("dc=abu,dc=inmarsat,dc=com")
> 58ef6698 <= mdb_dn2id: got id=0x1
> 58ef6698 => mdb_entry_decode:
> 58ef6698 <= mdb_entry_decode
> 58ef6698 search_candidates: base="dc=abu,dc=inmarsat,dc=com" (0x00000001)
> scope=2
> 58ef6698 => mdb_equality_candidates (objectClass)
> 58ef6698 => key_read
> 58ef6698 <= mdb_index_read: failed (-30798)
> 58ef6698 <= mdb_equality_candidates: id=0, first=0, last=0
> 58ef6698 => mdb_equality_candidates (uid)
> 58ef6698 => key_read
> 58ef6698 <= mdb_index_read 1 candidates
> 58ef6698 <= mdb_equality_candidates: id=1, first=17, last=17
> 58ef6698 => mdb_equality_candidates (objectClass)
> 58ef6698 => key_read
> 58ef6698 <= mdb_index_read 1 candidates
> 58ef6698 <= mdb_equality_candidates: id=1, first=17, last=17
> 58ef6698 => mdb_presence_candidates (uidNumber)
> 58ef6698 <= mdb_presence_candidates: (uidNumber) not indexed
> 58ef6698 mdb_search_candidates: id=1 first=17 last=17
> 58ef6698 => mdb_entry_decode:
> 58ef6698 <= mdb_entry_decode
> 58ef6698 => send_search_entry: conn 1000 dn="uid=test1,ou=people,dc=abu
> ,dc=inmarsat,dc=com"
> ber_flush2: 374 bytes to sd 16
> 58ef6698 <= send_search_entry: conn 1000 exit.
> 58ef6698 send_ldap_result: conn=1000 op=7 p=3
> 58ef6698 send_ldap_response: msgid=8 tag=101 err=0
> ber_flush2: 14 bytes to sd 16
> 58ef6698 connection_get(16): got connid=1000
> 58ef6698 connection_read(16): checking for input on id=1000
> ber_get_next
> ber_get_next: tag 0x30 len 254 contents:
> 58ef6698 op tag 0x63, time 1492084376
> ber_get_next
> 58ef6698 conn=1000 op=8 do_search
> ber_scanf fmt ({miiiib) ber:
> 58ef6698 >>> dnPrettyNormal: <dc=abu,dc=inmarsat,dc=com>
> 58ef6698 <<< dnPrettyNormal: <dc=abu,dc=inmarsat,dc=com>,
> <dc=abu,dc=inmarsat,dc=com>
> ber_scanf fmt ({mm}) ber:
> 58ef6698 >>> dnPretty: <uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com>
> 58ef6698 <<< dnPretty: <uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com>
> 58ef6698 >>> dnNormalize: <uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com>
> 58ef6698 <<< dnNormalize: <uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com>
> ber_scanf fmt ({mm}) ber:
> ber_scanf fmt (m) ber:
> ber_scanf fmt ({M}}) ber:
> 58ef6698 => get_ctrls
> ber_scanf fmt ({m) ber:
> ber_scanf fmt (m) ber:
> 58ef6698 => get_ctrls: oid="1.2.840.113556.1.4.319" (noncritical)
> ber_scanf fmt ({im}) ber:
> 58ef6698 <= get_ctrls: n=1 rc=0 err=""
> 58ef6698 ==> limits_get: conn=1000 op=8 self="[anonymous]"
> this="dc=abu,dc=inmarsat,dc=com"
> 58ef6698 => mdb_search
> 58ef6698 mdb_dn2entry("dc=abu,dc=inmarsat,dc=com")
> 58ef6698 => mdb_dn2id("dc=abu,dc=inmarsat,dc=com")
> 58ef6698 <= mdb_dn2id: got id=0x1
> 58ef6698 => mdb_entry_decode:
> 58ef6698 <= mdb_entry_decode
> 58ef6698 search_candidates: base="dc=abu,dc=inmarsat,dc=com" (0x00000001)
> scope=2
> 58ef6698 => mdb_equality_candidates (objectClass)
> 58ef6698 => key_read
> 58ef6698 <= mdb_index_read: failed (-30798)
> 58ef6698 <= mdb_equality_candidates: id=0, first=0, last=0
> 58ef6698 => mdb_equality_candidates (member)
> 58ef6698 <= mdb_equality_candidates: (member) not indexed
> 58ef6698 => mdb_equality_candidates (objectClass)
> 58ef6698 => key_read
> 58ef6698 <= mdb_index_read 1 candidates
> 58ef6698 <= mdb_equality_candidates: id=1, first=16, last=16
> 58ef6698 => mdb_presence_candidates (cn)
> 58ef6698 => key_read
> 58ef6698 <= mdb_index_read 12 candidates
> 58ef6698 <= mdb_presence_candidates: id=12 first=2 last=20
> 58ef6698 mdb_search_candidates: id=1 first=16 last=16
> 58ef6698 => mdb_entry_decode:
> 58ef6698 <= mdb_entry_decode
> 58ef6698 mdb_search: 16 does not match filter
> 58ef6698 send_ldap_result: conn=1000 op=8 p=3
> 58ef6698 send_ldap_response: msgid=9 tag=101 err=0
> ber_flush2: 51 bytes to sd 16
> 58ef6698 slap_listener_activate(7):
> 58ef6698 >>> slap_listener(ldap:///)
> 58ef6698 connection_get(17): got connid=1002
> 58ef6698 connection_read(17): checking for input on id=1002
> ber_get_next
> ber_get_next: tag 0x30 len 29 contents:
> 58ef6698 op tag 0x77, time 1492084376
> ber_get_next
> 58ef6698 conn=1002 op=0 do_extended
> ber_scanf fmt ({m) ber:
> 58ef6698 send_ldap_extended: err=0 oid= len=0
> 58ef6698 send_ldap_response: msgid=1 tag=120 err=0
> ber_flush2: 14 bytes to sd 17
> 58ef6698 connection_get(17): got connid=1002
> 58ef6698 connection_read(17): checking for input on id=1002
> 58ef6698 connection_get(17): got connid=1002
> 58ef6698 connection_read(17): checking for input on id=1002
> TLS certificate verification: subject: no certificate, issuer: no
> certificate, cipher: AES-256, security level: high, secret key bits: 256,
> total key bits: 256, cache hits: 0, cache misses: 3, cache not reusable: 0
> 58ef6698 connection_read(17): unable to get TLS client DN, error=49 id=1002
> 58ef6698 connection_get(17): got connid=1002
> 58ef6698 connection_read(17): checking for input on id=1002
> ber_get_next
> ber_get_next: tag 0x30 len 93 contents:
> 58ef6698 op tag 0x60, time 1492084376
> ber_get_next
> 58ef6698 conn=1002 op=1 do_bind
> ber_scanf fmt ({imt) ber:
> ber_scanf fmt (m}) ber:
> 58ef6698 => get_ctrls
> ber_scanf fmt ({m) ber:
> 58ef6698 => get_ctrls: oid="1.3.6.1.4.1.42.2.27.8.5.1" (noncritical)
> 58ef6698 <= get_ctrls: n=1 rc=0 err=""
> 58ef6698 >>> dnPrettyNormal: <uid=test1,ou=people,dc=abu,dc
> =inmarsat,dc=com>
> 58ef6698 <<< dnPrettyNormal: <uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com>,
> <uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com>
> 58ef6698 do_bind: version=3 dn="uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com"
> method=128
> 58ef6698 mdb_dn2entry("uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com")
> 58ef6698 => mdb_dn2id("uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com")
> 58ef6698 <= mdb_dn2id: got id=0x11
> 58ef6698 => mdb_entry_decode:
> 58ef6698 <= mdb_entry_decode
> 58ef6698 mdb_entry_get: rc=0
> 58ef6698 mdb_dn2entry("cn=test,dc=abu,dc=inmarsat,dc=com")
> 58ef6698 => mdb_dn2id("cn=test,dc=abu,dc=inmarsat,dc=com")
> 58ef6698 <= mdb_dn2id: got id=0x12
> 58ef6698 => mdb_entry_decode:
> 58ef6698 <= mdb_entry_decode
> 58ef6698 mdb_entry_get: rc=0
> 58ef6698 mdb_dn2entry("uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com")
> 58ef6698 => mdb_dn2id("uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com")
> 58ef6698 <= mdb_dn2id: got id=0x11
> 58ef6698 => mdb_entry_decode:
> 58ef6698 <= mdb_entry_decode
> 58ef6698 send_ldap_result: conn=1002 op=1 p=3
> 58ef6698 mdb_dn2entry("uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com")
> 58ef6698 => mdb_dn2id("uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com")
> 58ef6698 <= mdb_dn2id: got id=0x11
> 58ef6698 => mdb_entry_decode:
> 58ef6698 <= mdb_entry_decode
> 58ef6698 mdb_entry_get: rc=0
> ldap_url_parse_ext(ldap://aws-mldap-01.aws/)
> ldap_url_parse_ext(ldap://aws-mldap-02.aws/)
> 58ef6698 send_ldap_result: conn=1002 op=1 p=3
> ldap_url_parse_ext(ldap://aws-mldap-01.aws/uid=test1,ou=peop
> le,dc=abu,dc=inmarsat,dc=com)
> 58ef6698 >>> dnPrettyNormal: <uid=test1,ou=people,dc=abu,dc
> =inmarsat,dc=com>
> 58ef6698 <<< dnPrettyNormal: <uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com>,
> <uid=test1,ou=people,dc=abu,dc=inmarsat,dc=com>
> 58ef6698 conn=1002 op=1 ldap_chain_op: ref="ldap://aws-mldap-01.aws/u
> id=test1,ou=people,dc=abu,dc=inmarsat,dc=com" -> "ldap://aws-mldap-01.aws"
> slapd: chain.c:227: ldap_chain_uri_cmp: Assertion `((&li2->li_bvuri[ 1
> ])->bv_val == ((void *)0))' failed.
> Aborted
>
>
>
>
> --
>
> Quanah Gibson-Mount
> Product Architect
> Symas Corporation
> Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
> <http://www.symas.com>
>
>
Comment 4 Quanah Gibson-Mount 2017-04-14 16:51:14 UTC 
changed notes
Comment 5 Ondřej Kuzník 2017-08-25 15:44:48 UTC 
This configuration should have been rejected by back-config just like it
is rejected by slapd.conf. Patch to have this happen is at:
ftp://ftp.openldap.org/incoming/Ondrej-Kuznik-20170825-ITS8637.patch

This doesn't reject online modifications just touching olcDBURI, but I
think back ldap has no idea when it's configured as a slave to the chain
overlay, so it can't do much.

-- 
Ondřej Kuzník
Senior Software Engineer
Symas Corporation                       http://www.symas.com
Packaged, certified, and supported LDAP solutions powered by OpenLDAP
Comment 6 Quanah Gibson-Mount 2017-10-02 14:12:56 UTC 
changed notes
Comment 7 Quanah Gibson-Mount 2019-06-17 16:08:40 UTC 
changed notes
changed state Open to Test
Comment 8 Quanah Gibson-Mount 2019-06-17 16:16:44 UTC 
changed notes
changed state Test to Release
Comment 9 OpenLDAP project 2019-07-24 18:59:53 UTC 
Fixed in master
Fixed in RE24 (2.4.48)
Comment 10 Quanah Gibson-Mount 2019-07-24 18:59:53 UTC 
changed notes
changed state Release to Closed