[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapmodify is crashing the slapd process



Le mardi 07 fÃvrier 2012 Ã 16:09 -0500, Daniel Savard a Ãcrit :
(...)
> add: olcTLSCipherSuite
> olcTLSCipherSuite: AES256
(...)

Seems the cipher list is the offending value which cause the crash. I
did start the slapd process with the debug flag and got the following
message (I did try with HIGH instead of AES256 with same result below):

...
oc_check_allowed type "modifyTimestamp"
TLS: could not set cipher list HIGH.
*** glibc detected *** /usr/lib/openldap/slapd: double free or
corruption (!prev): 0x08269cd8 ***
======= Backtrace: =========
/lib/libc.so.6(+0x6e7b1)[0xb74217b1]
/lib/libc.so.6(+0x700e3)[0xb74230e3]
/lib/libc.so.6(cfree+0x6d)[0xb742626d]
/usr/lib/libgnutls.so.26(gnutls_priority_deinit+0x20)[0xb731f500]
/usr/lib/libldap_r-2.4.so.2(+0x3a9d3)[0xb77c09d3]
/usr/lib/libldap_r-2.4.so.2(ldap_pvt_tls_ctx_free+0x25)[0xb77bd5c5]
/usr/lib/libldap_r-2.4.so.2(+0x37697)[0xb77bd697]
/usr/lib/openldap/slapd[0x8061642]
/usr/lib/openldap/slapd[0x806669f]
/usr/lib/openldap/slapd(fe_op_modify+0x1b5)[0x8094215]
/usr/lib/openldap/slapd(do_modify+0x7c7)[0x80962e7]
/usr/lib/openldap/slapd[0x807c2df]
/usr/lib/openldap/slapd[0x807cc4a]
/usr/lib/libldap_r-2.4.so.2(+0xeb6c)[0xb7794b6c]
/lib/libpthread.so.0(+0x6e32)[0xb75f9e32]
/lib/libc.so.6(clone+0x5e)[0xb748530e]
======= Memory map: =======
...

Accordingly to the documentation, HIGH is an acceptable value.

How should I proceed to implement TLS? The documentation is still
referring to the old slapd.conf file.

-- 
Daniel Savard