Full_Name: Piotr Stolc Version: 2.3.34 OS: Gentoo, NetBSD URL: http://lysergic.soclab.eu.org/dynlist-bug.ldif Submission from: (NULL) (195.8.99.234)
I found this bug while trying to run OpenLDAP with dynlist overlay and my own schema. The functionality of dynlist overlay works ok, but when browsing LDAP tree with PHPLDAPAdmin the server dies. I spent a few hours debugging the problem (accesslog overlay is cool :)) and created simple sample entries using default schemas. Here is what I have found:
OpenLDAP server dies on this query:
$ ldapsearch -D cn=Manager,dc=test,dc=pl -W -x -h 10.1.1.15 -b dc=test,dc=pl -s one dn Enter LDAP Password: # extended LDIF # # LDAPv3 # base <dc=test,dc=pl> with scope oneLevel # filter: (objectclass=*) # requesting: dn #
# Manager, test.pl dn: cn=Manager,dc=test,dc=pl
# testGroup, test.pl dn: ou=testGroup,dc=test,dc=pl ldap_result: Can't contact LDAP server (-1)
It has also problem with another query - one of the slapd processes locks up with nearly 100% CPU usage: $ ldapsearch -D cn=Manager,dc=test,dc=pl -W -x -h 10.1.1.15 -b cn=testList,dc=test,dc=pl -s one mail
The following query works fine and shows that dynlist overlay is working: $ ldapsearch -D cn=Manager,dc=test,dc=pl -W -x -h 10.1.1.15 -b cn=testList,dc=test,dc=pl mail
The problem shows up with the latest stable version of OpenLDAP 2.3.34 on Gentoo Linux and with OpenLDAP 2.3.32 on NetBSD.
I've pasted into URL field link to the LDIF with the sample dc=test,dc=pl structure that shows the error. Here is the config for "dc=test,dc=pl" I've used:
database bdb suffix "dc=test,dc=pl" rootdn "cn=Manager,dc=test,dc=pl" rootpw secret directory /var/lib/openldap-data-test
index cn eq
overlay dynlist dynlist-attrset groupOfURLs memberURL