By localhost, I simply meant running the LDAP client I am developing on
the same host as slapd. To test the same code on different client
hosts, the coded test URIs always specified the server's FQDN.
The same tests over the same client code running on a different host
than slapd never got SEGFAULTs -- which I find curious given the nature
of that little bug. There must be some difference in OS memory
allocation logic applied in the two cases.
I recognize EXTERNAL may not be heavily used, although it's quite useful
in the environment I'm supporting. I was simply doing exhaustive testing
of my client code under all combinations of transport and
authentication. With this bug plugged and using Cyrus SASL 2.1.26 at
both ends (2.1.25 has a memory leak for my client), EXTERNAL runs fine
in all cases: client local or remote; URI ldapi:// (auth on gid/uid),
ldaps:// (auth on cert subject user DN), or ldap:// w/ startTLS (idem).