Hello all,
I think I've just run into ITS 5941 (http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5941). I'm trying to set up a proxy using the "translucent" overlay in front of an Active Directory server; I'd like to rewrite some attributes (e.g., sAMAccountName -> uid) as part of this process. The config looks like this:
moduleload translucent moduleload rwm
database ldif suffix "dc=dept,dc=example,dc=com" directory "/var/lib/ldap/ad-proxy" rootdn "cn=admin,dc=dept,dc=example,dc=com" rootpw "password"
overlay translucent uri ldap://127.0.0.1/ acl-bind bindmethod=simple binddn=cn=binduser,ou=people,cn=admin,dc=dept,dc=example,dc=com credentials=password
overlay rwm rwm-map attribute uid sAMAccountName
With this configuration in place, I can complete one search, after which slapd dies with:
Segmentation fault
If I explicitly request the rewritten attribute:
$ ldapsearch ... cn=lars uid
Slapd dies with a backtrace:
*** glibc detected *** slapd: double free or corruption (!prev): 0xb6602320 *** ======= Backtrace: ========= /lib/libc.so.6(+0x1b7751)[0x858751] slapd(ber_memfree_x+0x50)[0x610c40] slapd(slap_sl_free+0x70)[0x527240] slapd(do_search+0x17f)[0x4c819f] slapd(+0x3c15e)[0x4c515e] slapd(+0x15921c)[0x5e221c] /lib/libpthread.so.0(+0x2f8ab5)[0x334ab5] /lib/libc.so.6(clone+0x5e)[0x8c4dce]
Does this look like the same problem? Is there a fix available? If not, is there a workaround that doesn't involve running a second instance of slapd as a rewriting proxy?