(ITS#4891) OpenLDAP with dynlist crash

[socrtp-ldap@soclab.eu.org]

Full_Name: Piotr Stolc
Version: 2.3.34
OS: Gentoo, NetBSD
URL: http://lysergic.soclab.eu.org/dynlist-bug.ldif
Submission from: (NULL) (195.8.99.234)


I found this bug while trying to run OpenLDAP with dynlist overlay and my own
schema. The functionality of dynlist overlay works ok, but when browsing LDAP
tree with PHPLDAPAdmin the server dies. I spent a few hours debugging the
problem (accesslog overlay is cool :)) and created simple sample entries using
default schemas. Here is what I have found:

OpenLDAP server dies on this query:

$ ldapsearch -D cn=Manager,dc=test,dc=pl -W -x -h 10.1.1.15 -b dc=test,dc=pl -s
one dn
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <dc=test,dc=pl> with scope oneLevel
# filter: (objectclass=*)
# requesting: dn
#

# Manager, test.pl
dn: cn=Manager,dc=test,dc=pl

# testGroup, test.pl
dn: ou=testGroup,dc=test,dc=pl
ldap_result: Can't contact LDAP server (-1)


It has also problem with another query - one of the slapd processes locks up
with nearly 100% CPU usage:
$ ldapsearch -D cn=Manager,dc=test,dc=pl -W -x -h 10.1.1.15 -b
cn=testList,dc=test,dc=pl -s one mail


The following query works fine and shows that dynlist overlay is working:
$ ldapsearch -D cn=Manager,dc=test,dc=pl -W -x -h 10.1.1.15 -b
cn=testList,dc=test,dc=pl mail


The problem shows up with the latest stable version of OpenLDAP 2.3.34 on Gentoo
Linux and with OpenLDAP 2.3.32 on NetBSD.


I've pasted into URL field link to the LDIF with the sample dc=test,dc=pl
structure that shows the error. Here is the config for "dc=test,dc=pl" I've
used:

database        bdb
suffix          "dc=test,dc=pl"
rootdn          "cn=Manager,dc=test,dc=pl"
rootpw          secret
directory       /var/lib/openldap-data-test

index           cn                      eq

overlay         dynlist
dynlist-attrset         groupOfURLs memberURL