h.b.furuseth@usit.uio.no wrote:
Full_Name: Hallvard B Furuseth Version: HEAD OS: Linux x86_64 URL: Submission from: (NULL) (129.240.6.233) Submitted by: hallvard
slapd spins when current HEAD's ./run -b null test028-idassert gets to: "Testing ldapwhoami as bjorn, dn:uid=bjorn,ou=People,o=Example,c=US..."
Here is slapd.conf for reduced case which hangs with: ldapwhoami -xH localhost:9011 \ -D uid=foo,cn=users -w secret -e !authzid=dn:uid=foo,cn=id Possibly I've created a loop somewhere but I don't know where:
Obviously you've created a loop.
Your server is running on localhost:9011 and you've defined a back-ldap pointing to localhost:9011. You run a query that causes a lookup on the back-ldap cn=id database, and in the absence of any rewrite rules to alter that lookup, it will simply loop back on itself trying to search cn=id.
This is an invalid config, this ITS is invalid and will be closed.
include schema/core.schema authz-policy from
database null suffix "cn=users" bind on
database null suffix "cn=admin" bind on
database ldap suffix "cn=id" uri "ldap://localhost:9011/" idassert-bind binddn="cn=admin" credentials="xyzzy" mode=self
slapd creates a bunch of connections to itself (according to loglevel 256) and then loops, with the log repeating this paragraph:
** ld 0x3ad3930 Outstanding Requests:
- msgid 1, origid 1, status InProgress outstanding referrals 0, parent count 0
ld 0x3ad3930 request count 1 (abandoned 0) ** ld 0x3ad3930 Response Queue: Empty ld 0x3ad3930 response count 0 ldap_chkResponseList ld 0x3ad3930 msgid 1 all 1 ldap_chkResponseList returns ld 0x3ad3930 NULL ldap_int_select ldap_result ld 0x3ad3930 msgid 1 wait4msg ld 0x3ad3930 msgid 1 (timeout 100000 usec) wait4msg continue ld 0x3ad3930 msgid 1 all 1 ** ld 0x3ad3930 Connections:
- host: localhost port: 9011 (default) refcnt: 2 status: Connected last used: Fri Dec 4 19:48:32 2009