[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: misconfigured read-only replica causes master slapd to crash

To: Michael Ströder <michael@stroeder.com>
Subject: Re: misconfigured read-only replica causes master slapd to crash
From: "Paul B. Henson" <henson@acm.org>
Date: Thu, 5 Jan 2012 14:39:20 -0800
Cc: openldap-technical <openldap-technical@openldap.org>, Kevan Carstensen <kacarstensen@csupomona.edu>
Content-disposition: inline
In-reply-to: <4F0520D1.20607@stroeder.com>
References: <1325720680-sup-8419@apparition> <4F0520D1.20607@stroeder.com>
User-agent: Mutt/1.5.21 (2010-09-15)

On Wed, Jan 04, 2012 at 08:02:25PM -0800, Michael Ströder wrote:

> Seems to be the same like ITS#6928:
> 
> http://www.openldap.org/its/index.cgi/Incoming?id=6928

Yes, that's the identical server failure and a similar cause, a
malfunctioning client.

It seems at least possible whatever connections/queries/operations that
are occuring during these replica failure issues that accidentally kill
the server could be intentionally performed by a malicious client, which
would be a DoS security issue in OpenLDAP.

We have a test environment in which we can reproduce this server crash
at will, and would be happy to provide whatever additional data or
assistance is required to diagnose and resolve the underlying issue.

-- 
Paul B. Henson  |  (909) 979-6361  |  http://www.csupomona.edu/~henson/
Operating Systems and Network Analyst  |  henson@csupomona.edu
California State Polytechnic University  |  Pomona CA 91768

References:
- misconfigured read-only replica causes master slapd to crash
  - From: Kevan Carstensen <kacarstensen@csupomona.edu>
- Re: misconfigured read-only replica causes master slapd to crash
  - From: Michael StrÃder <michael@stroeder.com>

Prev by Date: Re: Pass-though Authentication with Saslauthd and Kerberos
Next by Date: Implementing password policy
Index(es):
- Chronological
- Thread