[Date Prev][Date Next] [Chronological] [Thread] [Top]
slapd assertion failure in ber_get_next() (ITS#2246)

To: openldap-its@OpenLDAP.org
Subject: slapd assertion failure in ber_get_next() (ITS#2246)
From: h.b.furuseth@usit.uio.no
Date: Thu, 19 Dec 2002 13:51:32 GMT
Full_Name: Hallvard B. Furuseth
Version: HEAD
OS: Solaris
URL: 
Submission from: (NULL) (129.240.186.42)


Start slapd with ldaps: with a server certificate:
  libexec/slapd -d 0 -h ldaps://bombur.uio.no:6360/
Run this openssl command:
  openssl s_client -connect bombur.uio.no:6360
and hit RETURN 9-10 times.  Slapd says:
  Assertion failed: 0, file io.c, line 665

The same happens with OpenLDAP 2.1.4 on Linux.


Here is slapd.conf:

include		/bombur/tmp/ldap/etc/openldap/schema/core.schema

pidfile		/bombur/tmp/ldap/var/slapd.pid
argsfile	/bombur/tmp/ldap/var/slapd.args

#rootDSE		/bombur/tmp/ldap/data/rootDSE.ldif

TLSCipherSuite		HIGH:MEDIUM:+SSLv2
TLSCertificateFile	/bombur/tmp/ldap/etc/openldap/cert/bombur.uio.no.crt
TLSCertificateKeyFile	/bombur/tmp/ldap/etc/openldap/cert/bombur.uio.no.key
TLSCACertificateFile	/bombur/tmp/ldap/etc/openldap/cert/w3_cacert.pem

database	ldbm
suffix		"o=mysil"
rootdn		"cn=Manager,o=mysil"
rootpw		secret
directory	/bombur/tmp/ldap/var/openldap-data
index		objectClass	eq


Here is the openssl session:

$ openssl s_client -connect bombur.uio.no:6360
CONNECTED(00000003)
depth=1 /C=NO/L=Oslo/O=University of Oslo/OU=Center for Information Technology
Services (USIT)/CN=USIT CA/emailAddress=webmaster@usit.uio.no
verify error:num=19:self signed certificate in certificate chain
verify return:0
---
Certificate chain
 0 s:/C=NO/O=University of Oslo/OU=Center for Information Technology Services
(USIT)/CN=bombur.uio.no/emailAddress=webmaster@usit.uio.no
   i:/C=NO/L=Oslo/O=University of Oslo/OU=Center for Information Technology
Services (USIT)/CN=USIT CA/emailAddress=webmaster@usit.uio.no
 1 s:/C=NO/L=Oslo/O=University of Oslo/OU=Center for Information Technology
Services (USIT)/CN=USIT CA/emailAddress=webmaster@usit.uio.no
   i:/C=NO/L=Oslo/O=University of Oslo/OU=Center for Information Technology
Services (USIT)/CN=USIT CA/emailAddress=webmaster@usit.uio.no
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIBFTANBgkqhkiG9w0BAQQFADCBrTELMAkGA1UEBhMCTk8x
DTALBgNVBAcTBE9zbG8xGzAZBgNVBAoTElVuaXZlcnNpdHkgb2YgT3NsbzE6MDgG
A1UECxMxQ2VudGVyIGZvciBJbmZvcm1hdGlvbiBUZWNobm9sb2d5IFNlcnZpY2Vz
IChVU0lUKTEQMA4GA1UEAxMHVVNJVCBDQTEkMCIGCSqGSIb3DQEJARYVd2VibWFz
dGVyQHVzaXQudWlvLm5vMB4XDTAyMTIxODIyMjAzOVoXDTAzMTIxODIyMjAzOVow
gaQxCzAJBgNVBAYTAk5PMRswGQYDVQQKExJVbml2ZXJzaXR5IG9mIE9zbG8xOjA4
BgNVBAsTMUNlbnRlciBmb3IgSW5mb3JtYXRpb24gVGVjaG5vbG9neSBTZXJ2aWNl
cyAoVVNJVCkxFjAUBgNVBAMTDWJvbWJ1ci51aW8ubm8xJDAiBgkqhkiG9w0BCQEW
FXdlYm1hc3RlckB1c2l0LnVpby5ubzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAOSsF3Dgt2GgcgKDm1HKuzzxqe9yVynTXUAoMcM6zt0DWYbfPZubt78c
XCaeDMNdVGJmDVrlzzZa50y7iTsixbv42GQZi3amstCwMsTKWB3/oWQIDNUBWScA
MwGi+Z7GeRzESeqy81dJGrz7iltAjViftnKeOAU2AD7I2vZDeOOo81HsRdhVTCBg
fBbF6YIJKViGvo7FjvvCZfso4pFlJJBWdXzRPWsTxaP4QeUjrHKrstOizQfImprW
sUVxJb0eea02kKxhzCpR7LPpxQa3/AzfftOw4QpxRh4mJ+q2nt8yfK+OFWSolfaO
pul5ah2AEkNiK8X6USzQQk8QoXCfDVsCAwEAAaOCATkwggE1MAkGA1UdEwQCMAAw
LAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0G
A1UdDgQWBBTORGDQ0l9eF5WqdUDHysWJOA7YSjCB2gYDVR0jBIHSMIHPgBQvUjhk
JlXqclR0W+ZyPM/xsI3mB6GBs6SBsDCBrTELMAkGA1UEBhMCTk8xDTALBgNVBAcT
BE9zbG8xGzAZBgNVBAoTElVuaXZlcnNpdHkgb2YgT3NsbzE6MDgGA1UECxMxQ2Vu
dGVyIGZvciBJbmZvcm1hdGlvbiBUZWNobm9sb2d5IFNlcnZpY2VzIChVU0lUKTEQ
MA4GA1UEAxMHVVNJVCBDQTEkMCIGCSqGSIb3DQEJARYVd2VibWFzdGVyQHVzaXQu
dWlvLm5vggEAMA0GCSqGSIb3DQEBBAUAA4IBAQBLx39Bm9w/+DjdqmXa/lncHOXk
lFA8f3Z+Sf55NuaIlxJdD/XNnkTllXOVlLnUGF+3q2qi5E66in16ejkQaOaGTSS1
S3TtuFWDhBGc/lkrocY0B3giWBKyTvQzfpu1cRP0J4pY6UU1317/QiA7fxJJ2Bg1
l45krpfZDBfxeOvKWq8gSK7XH3VHfXiquLPg5gI4Ume38XPfM2mamR/Rc+qNawHt
PXAFRwHHPnTfJZN14sXs7DcNSE7oQNeKHLOZuIywfoUkaFcftJ6UdZ47iMRL57TW
bl5nUbF59+JASITk74Q1cXypSksSmC9KVXuS4VzzNd0bxlB/sxFnCrQJ3UAN
-----END CERTIFICATE-----
subject=/C=NO/O=University of Oslo/OU=Center for Information Technology Services
(USIT)/CN=bombur.uio.no/emailAddress=webmaster@usit.uio.no
issuer=/C=NO/L=Oslo/O=University of Oslo/OU=Center for Information Technology
Services (USIT)/CN=USIT CA/emailAddress=webmaster@usit.uio.no
---
No client certificate CA names sent
---
SSL handshake has read 2717 bytes and written 474 bytes
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 2048 bit
SSL-Session:
    Protocol  : TLSv1
    Cipher    : AES256-SHA
    Session-ID: 02B04D3F6E1D9244173E3CB147ADC7A7CA8C4C7FF6CD559A31EBC3C2E24EE9FD
    Session-ID-ctx: 
    Master-Key: E6585A81F8E223A473CB2CF33E26DF413F4654897430669534C59B25289D408C7A1E912936236A18F151A7F1F588B7E4
    Key-Arg   : None
    Start Time: 1040305600
    Timeout   : 300 (sec)
    Verify return code: 19 (self signed certificate in certificate chain)
---









read:errno=0
Prev by Date: Invalid Add operations allowed (ITS#2243)
Next by Date: Re: Duplicate Entry Control Patch (ITS#2113)
Index(es):
- Chronological
- Thread