[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#8005) crash when multiple olcDbURI are defined for chaining

To: openldap-its@OpenLDAP.org
Subject: (ITS#8005) crash when multiple olcDbURI are defined for chaining
From: khosrow.ebrahimpour@ssc-spc.gc.ca
Date: Mon, 15 Dec 2014 16:58:37 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

Full_Name: K. Ebrahimpour
Version: RE24 (commit dbc6741750de79b852ec9f728abb8b1425b6f03f)
OS: Ubuntu 14.04.1
URL: https://gist.github.com/khosrow/cc6640cad9275a2cd041
Submission from: (NULL) (205.211.133.128)



While trying to setup referral chaining in a multi-master setup, I can setup
chaining to one of the masters without any problems. And I can perform a MOD
operation that is then referral chased and performed on the master.

However, when I define both masters the replica crashes when I do a MOD
operation.

Snippet of cn=config from the working example:

dn: olcDatabase={1}ldap,olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config
objectClass: olcLDAPConfig
objectClass: olcChainDatabase
olcDatabase: {1}ldap
olcDbStartTLS: start  starttls=yes
olcDbIDAssertAuthzFrom: {0}*
olcDbRebindAsUser: FALSE
olcDbChaseReferrals: TRUE
olcDbTFSupport: no
olcDbProxyWhoAmI: FALSE
olcDbProtocolVersion: 3
olcDbSingleConn: FALSE
olcDbCancel: abandon
olcDbUseTemporaryConn: FALSE
olcDbConnectionPoolMax: 16
olcDbNoRefs: FALSE
olcDbNoUndefFilter: FALSE
olcDbURI: ldap://ldap-m1.example.com
olcDbIDAssertBind: mode=self flags=prescriptive,proxauauthz-non-critical
bindmethod=simple timeout=0 network-timeout=0
binddn="cn=admin,dc=example,dc=com" credentials="secret" keepalive=0:0:0
starttls=yes tls_reqcert=allow

If I change olcDbURI to either of the entries below, the replica server crashes
* olcDbURI: "ldap://ldap-m1.example.com,ldap://ldap-m2.example.com";
* olcDbURI: "ldap://ldap-m1.example.com ldap://ldap-m2.example.com";

According to slapd-ldap(5), the URI list can be comma or space separated.

I've turned on "args" and "trace" debugging to troubleshoot, but never get any
errors in the logs. I only see an attempt to chase the referral followed by an
immediate crash (see log snippet at the end of email).

Finally, I'm running OpenLDAP 2.4.31 on Ubuntu Trusty, but was also able to
replicate this same error on OpenLDAP 2.4.28 on Ubuntu Precise.

Prev by Date: Re: (ITS#8003) segault with jpegPhoto > ~27KB and audit overlay
Next by Date: Re: (ITS#8005) crash when multiple olcDbURI are defined for chaining
Index(es):
- Chronological
- Thread