https://bugs.openldap.org/show_bug.cgi?id=9504
Issue ID: 9504 Summary: Assertion failure after reconfiguring olcDbIDAssertBind in slapd-ldap Product: OpenLDAP Version: 2.5 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: backends Assignee: bugs@openldap.org Reporter: tero.saarni@est.tech Target Milestone: ---
OpenLDAP crashes to following assert error:
slapd: bind.c:2657: ldap_back_proxy_authz_ctrl: Assertion `0' failed.
The crash can be reproduced by executing following sequence:
1. create proxy with OLC configuration 2. execute modify operation that changes olcDbIDAssertBind (replace or delete&add) but do set mode=legacy as the value 3. execute ldapsearch as user that maps into idassert-bind 4. slapd crashes with the above error message
mode=legacy is the default and everything works after initial configuration (1) even without adding mode=legacy into the configuration, but when doing re-configuration using OLC (2) the default value does not seem to get initialized correctly anymore. This causes next LDAP operation (3) to fail after changing the configuration since the server crashes (4).
The assert in question is here, in the default branch when "mode" variable is not set at all:
https://git.openldap.org/openldap/openldap/-/blob/c9ee2ccd1c8aadaef9db907420...