pgiesin@gmail.com wrote:
Full_Name: Peter Giesin Version: 2.4.13 OS: Red Hat 5.2 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (24.187.213.234)
Enabled both accesslog and ppolicy overlays (configurations included below). All attempts to bind with an invalid password causes the server to crash and database to be corrupted. If you disable either of the overlays or just the "logold" setting of the accesslog the behavior is no longer noticed.
Interesting, for me only the first attempt crashed; after restarting the same attempt just failed normally. Anyway, thanks for the report, this is now fixed in HEAD.
overlay ppolicy ppolicy_default cn=Standard,ou=Policies,dc=amwater,dc=com ppolicy_use_lockout TRUE ppolicy_hash_cleartext TRUE
overlay accesslog logdb cn=log logops all logold (objectclass=*) logpurge 5+00:00 1+00:00 logsuccess TRUE
dn: cn=Standard,ou=Policies,dc=amwater,dc=com cn: Standard description: Standard password policy. pwdAttribute: 2.5.4.35 pwdMinAge: 60 # 30 days: 60 sec * 60 min * 24 hr * 30 days pwdMaxAge: 2592000 pwdCheckQuality: 1 pwdMinLength: 7 # Warn three days in advance pwdExpireWarning: 259200 pwdGraceAuthNLimit: 3 pwdLockout: TRUE pwdLockoutDuration: 1200 pwdMaxFailure: 3 pwdFailureCountInterval: 1200 pwdMustChange: TRUE pwdAllowUserChange: TRUE pwdSafeModify: TRUE objectclass: device objectclass: pwdPolicy