[Date Prev][Date Next]
Re: (ITS#6334) hang during ldapmodify
--On Wednesday, October 21, 2009 11:51 AM -0400 Mark Dieterich
>> What was the last OpenLDAP version this worked on, server side?
> After you sent me the pointer to the other ITS, I started trying various
> combinations of ldapmodify and openldap backends to see if I could
> successfully perform this update. Unfortunately, I have yet to make it
> work. We first noticed this problem about a five weeks ago. At the
> time, we were running openldap on a debian etch server (openldap
> 2.3.30). It looks like the package we were running was from late Oct.
> 2008, so I suspect this operation never would have worked in our
> environment and we just finally hit some threshold.
So Stanford also uses SASL/GSSAPI, and is hitting a similar issue, except
on read instead of modify. When I take SASL/GSSAPI out of the picture, the
search works fine. Are you able to test doing a simple bind with the
modify to the server and seeing if that works?
I was hoping it was some change on the 2.4 server side that caused the
issue. I'm able to reproduce Stanford's issue 100% on Linux systems as
clients, going back to Heimdal 0.7.2 or MIT krb5 1.5.something, cyrus-sasl
2.1.18->2.1.23, OpenLDAP 2.2.13->2.4.19, openssl 0.9.8a->0.9.8k, and gcc
However, if I use a Solaris Sparc system with SASL/GSSAPI, I never see the
problem, regardless of Kerberos, cyrus-sasl, openssl, gcc, or openldap
Principal Software Engineer
Zimbra :: the leader in open source messaging and collaboration