Thanks for the report; I have a quick fix, I'm testing it and will
commit shortly.
p.
On 09/10/2013 09:14 PM, ck(a)cksoft.de wrote:
> This message is in MIME format. The first part should be readable text,
> while the remaining parts are likely unreadable without MIME-aware tools.
>
> --4178219828-1091139785-1378839346=:6609
> Content-Type: TEXT/PLAIN; CHARSET=UTF-8; FORMAT=flowed
> Content-Transfer-Encoding: 8BIT
> Content-ID: <alpine.BSF.2.00.1309102056121.6609(a)pohjola.cksoft.de>
>
> Hi,
>
> On Tue, 10 Sep 2013, Michael Ströder wrote:
>
>> ck(a)cksoft.de wrote:
>>> we have a java application using JNDI that uses the password modify extended
>>> operation to change user passwords.
>>> [..]
>>> When running slapd with heavy logging we save the only difference to ldappasswd
>>> which works fine against our masters is that JNDI sets the ManageDsaIT by
>>> default.
>>
>> Of course slapd should never crash.
>
> yes of course not. This opens an attack vector for shooting down the slapd to at least anyone who has bind access which is concerning me.
>
> Apart from that the customers problem is solved. We just stopped sending the control. A bit like Dr. Dr. it hurts when I Do this. Then why don't you stop doing it.
>
>> But strictly speaking the semantics of using ManageDsaIT control along with
>> password modify ext.op. is not specified - at least not in RFC 3062.
>
> yes. jndi sets the control by default.
>
>>From looking at the assert
>
> slapd: chain.c:199: chaining_control_remove: Assertion `op->o_ctrls != ((void *)0)' failed.
>
> the comment in chain.c seems to hint at an overly simple assumption. But in understand too little of slapd internals and code flow:
>
> 188 static int
> 189 chaining_control_remove(
> 190 Operation *op,
> 191 LDAPControl ***oldctrlsp )
> 192 {
> 193 LDAPControl **oldctrls = *oldctrlsp;
> 194
> 195 /* we assume that the first control is the chaining control
> 196 * added by the chain overlay, so it's the only one we explicitly
> 197 * free */
> 198 if ( op->o_ctrls != oldctrls ) {
> 199 assert( op->o_ctrls != NULL );
> 200 assert( op->o_ctrls[ 0 ] != NULL );
> 201
> 202 free( op->o_ctrls );
> 203
> 204 op->o_chaining = 0;
> 205 op->o_ctrls = oldctrls;
> 206 }
> 207
> 208 *oldctrlsp = NULL;
> 209
> 210 return 0;
> 211 }
>
>
> Could it be as simple as walking the linked list and just removing the chaining control.
>
> Of course another strategy might be to filter anything but the chaining control up front.
>
> Greetings
> Christian
>
>>
>> Ciao, Michael.
>>
>>
>
--
Pierangelo Masarati
Associate Professor
Dipartimento di Scienze e Tecnologie Aerospaziali
Politecnico di Milano