[Date Prev][Date Next] [Chronological] [Thread] [Top]

segmenation fault with saslAuthzTo (ITS#2533)

Full_Name: Norbert Klasen
Version: head
OS: SuSE Linux 8.1
Submission from: (NULL) (

While trying to figure out the correct syntax for saslAuthzTo I stumbled accress
the following segault:

<==slap_sasl2dn: Converted SASL name to uid=norbert,ou=people,dc=example,dc=com
getdn: dn:id converted to uid=norbert,ou=people,dc=example,dc=com
==>slap_sasl_authorized: can uid=norbert,ou=people,dc=example,dc=com become
==>slap_sasl_check_authz: does uid=root,ou=people,dc=example,dc=com match
saslAuthzTo rule in uid=norbert,ou=people,dc=example,dc=com?
=> bdb_entry_get: found entry: "uid=norbert,ou=people,dc=example,dc=com"
bdb_entry_get: rc=0
=> access_allowed: auth access to "uid=norbert,ou=People,dc=example,dc=com"
"saslAuthzTo" requested
=> dn: [1]
=> dn: [2] cn=subschema
=> acl_get: [3] check attr saslAuthzTo
<= acl_get: [3] acl uid=norbert,ou=People,dc=example,dc=com attr: saslAuthzTo
access_allowed: no res from state (saslAuthzTo)
=> acl_mask: access to entry "uid=norbert,ou=People,dc=example,dc=com", attr
"saslAuthzTo" requested
=> acl_mask: to all values by "", (=n)
<= check a_dn_pat: self
<= check a_dn_pat: users
<= check a_dn_pat: anonymous
<= acl_mask: [3] applying auth(=x) (stop)
<= acl_mask: [3] mask: auth(=x)
=> access_allowed: auth access granted by auth(=x)
Segmentation fault

And the backtrace:
#0  0x0806083c in be_entry_release_rw (op=0x8205188, e=0x8205188, rw=0) at
717             if ( op->o_bd->be_release ) {
(gdb) bt
#0  0x0806083c in be_entry_release_rw (op=0x8205188, e=0x8205188, rw=0) at
#1  0x08061555 in backend_attribute (op=0x8205188, target=0x0, edn=0xbf5ff6d4,
entry_at=0x81be5a0, vals=0xbf5ff664)
    at backend.c:1279
#2  0x080804c0 in slap_sasl_check_authz (conn=0x405f5f44, searchDN=0x8205188,
assertDN=0xbf5ff6cc, ad=0x81be5a0,
    authc=0xbf5ff6d4) at saslauthz.c:512
#3  0x08080b4b in slap_sasl_authorized (conn=0x405f5f44, authcDN=0xbf5ff6d4,
authzDN=0xbf5ff6cc) at saslauthz.c:683
#4  0x0808452a in slap_sasl_authorize (sconn=0x8204208, context=0x405f5f44,
requested_user=0xbf5ff6cc "$", rlen=39,
"uidnumber=500+gidnumber=100,cn=peercred,cn=external,cn=auth", alen=59,
def_realm=0x0, urlen=0,
    props=0x82040e0) at sasl.c:755
#5  0x4002075f in do_authorization (s_conn=0x8204208) at server.c:1016
#6  0x40020d13 in sasl_server_step (conn=0x8204208, clientin=0x0,
clientinlen=39, serverout=0xbf5ff850,
    serveroutlen=0x8205188) at server.c:1274
#7  0x40020972 in sasl_server_start (conn=0x8204208, mech=0xbf5ff850 "",
    clientin=0x8204160 "dn:uid=root,ou=People,dc=example,dc=com",
clientinlen=39, serverout=0xbf5ff850,
    serveroutlen=0xbf5ff854) at server.c:1185
#8  0x08084ef0 in slap_sasl_bind (op=0x8205188, rs=0xbf5ff90c) at sasl.c:1380
#9  0x0806aed9 in do_bind (op=0x8205188, rs=0xbf5ff90c) at bind.c:295
#10 0x08057501 in connection_operation (ctx=0xbf5ff97c, arg_v=0x8205188) at
#11 0x080b9f21 in ldap_int_thread_pool_wrapper (xpool=0x81af6c8) at tpool.c:463
#12 0x401821b0 in pthread_start_thread () from /lib/libpthread.so.0