[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#3396) slapd crash during SASL Canonicalize

To: openldap-its@OpenLDAP.org
Subject: (ITS#3396) slapd crash during SASL Canonicalize
From: digant@uta.edu
Date: Mon, 15 Nov 2004 23:35:47 GMT

Full_Name: Digant C Kasundra
Version: openldap-stable-20040923
OS: Red Hat Enterprise Linux AS 3.0
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (129.107.38.190)


I have compiled the following items from scratch (in order):

1- openssl-0.9.7e
2- heimdal-0.6.3
3- cyrus-sasl-2.1.20
4- db-4.2.52
5- openldap-stable-20040923

I configured slapd.conf with the following:

sasl-secprops none
sasl-realm "CEDAR.UTA.EDU"
sasl-host husky.cedar.uta.edu
sasl-regexp uid=service/nss/(.*),cn=CEDAR.UTA.EDU,cn=gssapi,cn=auth
ldaps:///cn=$1,cn=nss,cn=services,dc=uta,dc=edu
sasl-regexp uid=service/(.*),cn=CEDAR.UTA.EDU,cn=gssapi,cn=auth
ldaps:///cn=$1,cn=services,dc=uta,dc=edu
sasl-regexp uid=(.*),cn=CEDAR.UTA.EDU,cn=gssapi,cn=auth
ldaps:///uid=$1,cn=accounts,dc=uta,dc=edu

The /etc/sysconfig/krb5.keytab (same location as it is on my working servers
running 2.2.11) has the ldap/husky.cedar.uta.edu key.  The keytab and all
authentication is done against MIT Kerberos 1.3.2 server.

On my workstation (running RHEL WS 3.0 which runs a very old 2.0.27, which is
what Red Hat supports), when I get a ticket (digant@CEDAR.UTA.EDU) and try to
bind to the LDAP server, slapd crashes.  Here is its last breath (loglevel -1):

Nov 15 17:18:51 husky slapd[24357]: SASL Canonicalize [conn=0]:
authcid="digant"
Nov 15 17:18:51 husky slapd[24357]: slap_sasl_getdn: id=digant [len=6]
Nov 15 17:18:51 husky slapd[24357]: slap_sasl_getdn: u:id converted to
uid=digant,cn=CEDAR.UTA.EDU,cn=GSSAPI,cn=auth
Nov 15 17:18:51 husky slapd[24357]: >>> dnNormalize:
<uid=digant,cn=CEDAR.UTA.EDU,cn=GSSAPI,cn=auth>
Nov 15 17:18:51 husky slapd[24357]: <<< dnNormalize:
<uid=digant,cn=cedar.uta.edu,cn=gssapi,cn=auth>
Nov 15 17:18:51 husky slapd[24357]: ==>slap_sasl2dn: converting SASL name
uid=digant,cn=cedar.uta.edu,cn=gssapi,cn=auth to a DN
Nov 15 17:18:51 husky slapd[24357]: slap_sasl_regexp: converting SASL name
uid=digant,cn=cedar.uta.edu,cn=gssapi,cn=auth
Nov 15 17:18:51 husky slapd[24357]: slap_sasl_regexp: converted SASL name to
ldaps:///uid=digant,cn=accounts,dc=uta,dc=edu
Nov 15 17:18:51 husky slapd[24357]: slap_parseURI: parsing
ldaps:///uid=digant,cn=accounts,dc=uta,dc=edu
Nov 15 17:18:51 husky slapd[24357]: >>> dnNormalize:
<uid=digant,cn=accounts,dc=uta,dc=edu>
Nov 15 17:18:51 husky slapd[24357]: <<< dnNormalize:
<uid=digant,cn=accounts,dc=uta,dc=edu>
Nov 15 17:18:51 husky slapd[24357]: slap_sasl2dn: performing internal search
(base=uid=digant,cn=accounts,dc=uta,dc=edu, scope=0)                            
                                                                                
                   
Nov 15 17:18:51 husky slapd[24357]: => bdb_search
Nov 15 17:18:51 husky slapd[24357]:
bdb_dn2entry("uid=digant,cn=accounts,dc=uta,dc=edu")
Nov 15 17:18:51 husky slapd[24357]: => bdb_dn2id( "dc=uta,dc=edu" )
Nov 15 17:18:51 husky slapd[24357]: <= bdb_dn2id: got id=0x00000001
Nov 15 17:18:51 husky slapd[24357]: => bdb_dn2id( "cn=accounts,dc=uta,dc=edu" )
Nov 15 17:18:51 husky slapd[24357]: <= bdb_dn2id: got id=0x00000003
Nov 15 17:18:51 husky slapd[24357]: => bdb_dn2id(
"uid=digant,cn=accounts,dc=uta,dc=edu" )
Nov 15 17:18:51 husky slapd[24357]: <= bdb_dn2id: got id=0x00018210
Nov 15 17:18:51 husky slapd[24357]: entry_decode:
"uid=digant,cn=accounts,dc=uta,dc=edu"
Nov 15 17:18:51 husky slapd[24357]: <=
entry_decode(uid=digant,cn=accounts,dc=uta,dc=edu)
Nov 15 17:18:51 husky slapd[24357]: base_candidates: base:
"uid=digant,cn=accounts,dc=uta,dc=edu" (0x00018210)
Nov 15 17:18:51 husky slapd[24357]: => test_filter

Prev by Date: Re: (ITS#3395) rw-overlay is not rewriting
Next by Date: Re: (ITS#3396) slapd crash during SASL Canonicalize
Index(es):
- Chronological
- Thread