[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP + solaris8 + pam_ldap + passwd = segmentation fault

The problem appears to be in post TLS handshaking setup of SASL.
Please test HEAD or OPENLDAP_REL_ENG_2 to see if the changes which
have been made resolve the problem.

At 02:22 AM 2001-09-13, Hans Frimmel wrote:

>I don't know if this is a bug due to openldap, pam_ldap or others. Maybe
>it is even through some misconfiguration of me. In short:
>I run OpenLDAP v. 2.0.11 on a solaris 8 box. Every test works fine, I can
>add/look up/... entries without problem. In the database,
>passwd-information is included. I use this with pam_ldap v. 122 (on
>another solaris8 box, I have also tried v. 124 with same result).
>I have checked the run-time libraries, and as far as I understand, they
>are the correct ones (ldd gives at hand that libldap.so.2 and liblber.so.2
>are the ones from the openldap distribution).
>I can use the pam_ldap-module for logging in using start_tls/ssl.
>For example, the line in /etc/pam.conf just works as expected:
>  rlogin  auth required /usr/lib/security/pam_ldap.so.1
>will look up the user in OpenLDAP (I trace slapd with -d 9)
>If I do, however, add
>  other   password required       /usr/lib/security/pam_ldap.so.1
>and try to use the passwd command, it will result in a exception fault.
>(the use of ldappasswd works just as expected, and change the passwd
>A closer look (snoop, truss, debug messages, ...) gives at hand that the 
>exception is within a call to the ldap_initialize() function. The same
>call works fine when rlogin is calling pam_ldap. The contents of 
>the parameters  (named session->conf->uri, &session->ld) are the same for
>repeated calls via rlogin. The same is true for repeated passwd-tries, but
>ld has a different value. The uri is the same, and expected value. For
>example passwd: uri=ldap://ldap.it.uu.se/ ld=219520
>        rlogin: uri=ldap://ldap.it.uu.se/ ld=176880
>Any ideas? Is this a openldap-related bug or pam_ldap or have I just
>misconfigured everything?
>rgds / Hans F (frimmel@tdb.uu.se)