https://bugs.openldap.org/show_bug.cgi?id=10048
Issue ID: 10048 Summary: adding a regex entry for overlay variant crashes slapd Product: OpenLDAP Version: 2.6.4 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs@openldap.org Reporter: stefan@kania-online.de Target Milestone: ---
I'm using symas-packages 2.6.4 on a Debian 11 system. Two providers with multi provider replication.
I try to add different entries wit overlay "variant" first without regex. Here my ldif for the configuration: ----------- dn: cn=module{0},cn=config changetype: modify add: olcModuleLoad olcModuleLoad: variant.la ----------- ----------- dn: olcOverlay={2}variant,olcDatabase={2}mdb,cn=config objectClass: olcVariantConfig olcVariantPassReplication: TRUE
dn: name=global-addr,olcOverlay={2}variant,olcDatabase={2}mdb,cn=config objectClass: olcVariantVariant olcVariantEntry: dc=example,dc=net
dn: olcVariantVariantAttribute=postaladdress,name={0}global-addr,olcOverlay={2}variant,olcDatabase={2}mdb,cn=config objectClass: olcVariantAttribute olcVariantVariantAttribute: postaladdress olcVariantAlternativeAttribute: postaladdress olcVariantAlternativeEntry: ou=firma,dc=example,dc=net
dn: name=company-phone,name={0}global-addr,olcOverlay={2}variant,olcDatabase={2}mdb,cn=config objectClass: olcVariantAttribute olcVariantVariantAttribute: telephonenumber olcVariantAlternativeAttribute: mobile olcVariantAlternativeEntry: cn=verw-al,ou=users,ou=verwaltung,ou=firma,dc=example,dc=net ----------- That works as expected.
Then I wrote a ldif-file for variant WITH regex: ----------- dn: name=verw-tel,olcOverlay={2}variant,olcDatabase={2}mdb,cn=config objectClass: olcVariantRegex olcVariantEntryRegex: cn=.+,ou=users,ou=verwaltung,ou=firma,dc=example,dc=net
dn: olcVariantVariantAttribute=telephonNumber,name={1}verw-tel,olcOverlay={2}variant,olcDatabase={2}mdb,cn=config objectClass: olcVariantAttributePattern olcVariantVariantAttribute: telephoneNumber olcVariantAlternativeAttribute: telephoneNumber olcVariantAlternativeEntryPattern: ou=Verwaltung,ou=firma,dc=example,dc=net ----------- When I try to add the ldif with ldapadd slapd crashes with the following messages in the log: --------------- May 06 08:16:28 provider02 slapd[8018]: conn=1001 fd=20 ACCEPT from PATH=/var/symas/run/ldapi (PATH=/var/symas/run/ldapi) May 06 08:16:28 provider02 slapd[8018]: conn=1001 op=0 BIND dn="" method=163 May 06 08:16:28 provider02 slapd[8018]: conn=1001 op=0 BIND authcid="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" authzid="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" May 06 08:16:28 provider02 slapd[8018]: conn=1001 op=0 BIND dn="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" mech=EXTERNAL bind_ssf=0 ssf=71 May 06 08:16:28 provider02 slapd[8018]: conn=1001 op=0 RESULT tag=97 err=0 qtime=0.000009 etime=0.000146 text= May 06 08:16:28 provider02 slapd[8018]: conn=1001 op=1 ADD dn="name=verw-tel,olcOverlay={2}variant,olcDatabase={2}mdb,cn=config" May 06 08:16:28 provider02 slapd[8018]: slap_get_csn: conn=1001 op=1 generated new csn=20230506081628.055320Z#000000#001#000000 manage=1 May 06 08:16:28 provider02 slapd[8018]: slap_queue_csn: queueing 0x7f7c64012890 20230506081628.055320Z#000000#001#000000 May 06 08:16:28 provider02 slapd[8018]: olcVariantEntryRegex: value #0: <olcVariantEntryRegex> handler exited with 19! May 06 08:16:28 provider02 systemd[1]: symas-openldap-server.service: Main process exited, code=killed, status=11/SEGV May 06 08:16:28 provider02 systemd[1]: symas-openldap-server.service: Failed with result 'signal'. --------------- Even if olcVariantEntryRegex is wrong (what I don't know up to now) slapd should not crash.
https://bugs.openldap.org/show_bug.cgi?id=10048
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|--- |2.5.15 Keywords|needs_review | Assignee|bugs@openldap.org |ondra@mistotebe.net
https://bugs.openldap.org/show_bug.cgi?id=10048
Ondřej Kuzník ondra@mistotebe.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |IN_PROGRESS Ever confirmed|0 |1
--- Comment #1 from Ondřej Kuzník ondra@mistotebe.net --- Hi Stefan, I couldn't replicate your failure as provided. I could get similar behaviour happen when misconfiguring the overlay and the closest reason I could find is if another variant is configured with the same regex already.
You can try this patch which also improves logging to have the actual error reported back: https://git.openldap.org/openldap/openldap/-/merge_requests/620
https://bugs.openldap.org/show_bug.cgi?id=10048
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |RESOLVED Resolution|--- |FIXED
--- Comment #2 from Quanah Gibson-Mount quanah@openldap.org --- head:
• f0d3f31d by Ondřej Kuzník at 2023-05-15T16:31:32+00:00 ITS#10048 Improve regex config error handling
RE26:
• 004475c1 by Ondřej Kuzník at 2023-05-15T18:49:30+00:00 ITS#10048 Improve regex config error handling
RE25:
• 2fff2b7f by Ondřej Kuzník at 2023-05-15T19:01:27+00:00 ITS#10048 Improve regex config error handling
https://bugs.openldap.org/show_bug.cgi?id=10048
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED