[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Failed assertion in sockbuf.c

To: "Clint Adams" <clint@gcfm.net>
Subject: RE: Failed assertion in sockbuf.c
From: "Howard Chu" <hyc@highlandsun.com>
Date: Fri, 11 Jan 2002 16:56:21 -0800
Cc: "Mark de Jong" <dejongm@secdog.com>, <OpenLDAP-software@OpenLDAP.org>
Importance: Normal
In-reply-to: <20020112002143.GA11483@dman.com>

After studying the trace and the pam_ldap source code it is apparent that
this is a bug in pam_ldap.c:_open_session; it is trying to use the
ldap_start_tls_s function on an LDAP handle but there is no LDAP session
established yet. You should pursue this further on a pam_ldap mailing list.

Some observations to help you along the way - pam_ldap.c is littered with
#ifdef's to try to use whatever mechanisms are available to establish SSL
on the LDAP handle. The OpenLDAP library supports at least two of those
mechanisms, and the current pam_ldap.c is structured such that both of those
mechanisms will be used (at the same time). This is probably a bad thing.
And of course, if ldap_start_tls_s() is really meant to be used, it cannot
be used until some other actual LDAP request has already been made, to
force the connection to be established first.

If you need more help, we at Symas are always ready to take on customer
support contracts. But in this case, I'm sure you can get all the help you need
from www.PADL.com .

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support

> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Clint Adams
> Sent: Friday, January 11, 2002 4:22 PM
> To: Howard Chu
> Cc: Clint Adams; Mark de Jong; OpenLDAP-software@OpenLDAP.org
> Subject: Re: Failed assertion in sockbuf.c
>
>
> > As long as you build the OpenLDAP libraries with debugging info,
> and you have
> > root privilege, you can execute the passwd command using the
> debugger and when
> > it hits the assertion you can get a stack trace.
>
> Well, gdb seems to be useless, but dbx reveals this:
>
> Reading passwd
> dbx: warning: setuid program exec()ed. Reattaching
> Reading ld.so.1
> Reading libcrypt_i.so.1
> Reading libbsm.so.1
> Reading libdl.so.1
> Reading libpam.so.1
> Reading libnsl.so.1
> Reading libsldap.so.1
> Reading libsocket.so.1
> Reading libmp.so.2
> Reading libc.so.1
> Reading libgen.so.1
> Reading libldap.so.4
> Reading libdoor.so.1
> Reading libresolv.so.2
> Reading libc_psr.so.1
> (/opt/SUNWspro/bin/../WS6U1/bin/sparcv9/dbx) set args clint
> (/opt/SUNWspro/bin/../WS6U1/bin/sparcv9/dbx) run
> Running: passwd
> dbx: warning: setuid program exec()ed. Reattaching
> (process id 1723)
> passwd:  Changing password for clint
> Reading pam_openldap.so.1
> Reading libldap.so.2
> Reading liblber.so.2
> Reading libsasl.so.7
> Reading libssl.so.0.9.6
> dbx: warning: cannot demangle '__10bad_typeid'
> dbx: warning: cannot demangle
> '__17__class_type_infoPCcPCQ217__class_type_info9base_infoUi'
> dbx: warning: cannot demangle
> '__14__si_type_infoPCcRC16__user_type_info'
> dbx: warning: cannot demangle '__13bad_exception'
> dbx: warning: cannot demangle '__16__user_type_infoPCc'
> Reading libcrypto.so.0.9.6
> dbx: warning: cannot demangle
> '__14__si_type_infoPCcRC16__user_type_info'
> dbx: warning: cannot demangle
> '__17__class_type_infoPCcPCQ217__class_type_info9base_infoUi'
> dbx: warning: cannot demangle '__10bad_typeid'
> dbx: warning: cannot demangle '__13bad_exception'
> dbx: warning: cannot demangle '__16__user_type_infoPCc'
> Reading libdb-3.3.so
> Reading pam_unix.so.1
> Reading libcmd.so.1
> sockbuf.c:75: failed assertion `sb != NULL'
> signal ABRT (Abort) in _kill at 0xff11bed4
> 0xff11bed4: _kill+0x0008:       bgeu    _kill+0x30
>
> and the trace, as you requested
>
> =>[1] _kill(0x0, 0x6, 0x0, 0xffffffff, 0x34cf0, 0xff0b56d8), at
> 0xff11bed4
>   [2] abort(0xff13801c, 0xff13fa9c, 0x0, 0x0, 0xfef88bc8, 0x0), at
> 0xff0b57bc
>   [3] __eprintf(0xfef88b98, 0xfef88bb8, 0x4b, 0xfef88bc8, 0x128, 0x0),
> at 0xfef1f9dc
>   [4] ber_sockbuf_ctrl(0x0, 0x3, 0xfefe9ae4, 0x0, 0x0, 0x0), at
> 0xfef86eb0
>   [5] ldap_pvt_tls_inplace(0x0, 0x0, 0x0, 0x0, 0x0, 0x0), at 0xfefd1ab0
>   [6] ldap_start_tls_s(0x37218, 0x0, 0x0, 0xff194000, 0x11, 0xffbeed80),
> at 0xfefd288c
>   [7] _open_session(0x35980, 0x35198, 0x0, 0xffffffff, 0xfffffff8,
> 0xffbef620), at 0xfeff3428
>   [8] _connect_anonymously(0x35980, 0xfeff7890, 0x35980, 0xfeff20ec,
> 0x0, 0x3598d), at 0xfeff3604
>   [9] _get_user_info(0x35980, 0x34d40, 0x1, 0xffbef740, 0x35f20,
> 0xffbef748), at 0xfeff41d8
>   [10] pam_sm_chauthtok(0x0, 0x234, 0x0, 0x34da0, 0x0, 0x0), at
> 0xfeff5460
>   [11] pam_chauthtok(0x0, 0xff3165c8, 0xff316000, 0x1, 0x1, 0x0), at
> 0xff3030b4
>   [12] main(0x34800, 0x35950, 0x34800, 0x34800, 0x0, 0x3225c), at
> 0x1304c
>

Follow-Ups:
- RE: Failed assertion in sockbuf.c
  - From: "Howard Chu" <hyc@highlandsun.com>

References:
- Re: Failed assertion in sockbuf.c
  - From: Clint Adams <clint@gcfm.net>

Prev by Date: Re: Failed assertion in sockbuf.c
Next by Date: RE: Failed assertion in sockbuf.c
Index(es):
- Chronological
- Thread