[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapmodify is crashing the slapd process

--On Tuesday, February 07, 2012 5:05 PM -0500 Daniel Savard <dsavard@cids.ca> wrote:

Le mardi 07 fÃvrier 2012 Ã 16:09 -0500, Daniel Savard a Ãcrit :
add: olcTLSCipherSuite
olcTLSCipherSuite: AES256

Seems the cipher list is the offending value which cause the crash. I
did start the slapd process with the debug flag and got the following
message (I did try with HIGH instead of AES256 with same result below):

oc_check_allowed type "modifyTimestamp"
TLS: could not set cipher list HIGH.
*** glibc detected *** /usr/lib/openldap/slapd: double free or
corruption (!prev): 0x08269cd8 ***
======= Backtrace: =========
======= Memory map: =======

Accordingly to the documentation, HIGH is an acceptable value.

How should I proceed to implement TLS? The documentation is still
referring to the old slapd.conf file.

I would first upgrade to a more recent release. I would also generally advise using something more secure than GnuTLS, such as OpenSSL, to link OpenLDAP to.



Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
Zimbra ::  the leader in open source messaging and collaboration