[Date Prev][Date Next] [Chronological] [Thread] [Top]

Slapd Segfault with -d-1 when TLSCertificateFile is wrong



Hi,

I have found an out-of-the-way bug that might still be worth fixing.  As
per the instructions about "issues" I am mentioning it on a mailing list
rather than immediately filing a bug.

	I  had a typo in my slapd config file:
	     line 58 (TLSCACertificateFile
	/usr/local/etc/open/ldap/server.pem)


(the error is the / between open and ldap)

This caused slapd segfaults shortly after starting  with the -d-1 option.

I tracked this as far as a to a function in libldap:
     int ldap_log_printf( LDAP *ld, int loglvl, const char *fmt, ... )

I'm assuming that this logging operation crashes because it is getting
null pointers passed to it. Fixing the slapd.conf fixes the problem but for a user it's a wierd problem to have and hard to find.


Being unable to find a certificate file at startup should probably terminate slapd immediately.

If necessary I could go futher and attempt a patch but I'm not sure what
the right approach is. Should this issue be fixed alone or is there some wider problem that can be solved e.g. by somehow never allowing string pointers to be initialised to NULL?


Regards,

Tim