New subject: [Issue 9504] Assertion failure after reconfiguring olcDbIDAssertBind in slapd-ldap

15 Mar 2021


      https://bugs.openldap.org/show_bug.cgi?id=9504
Issue ID: 9504
           Summary: Assertion failure after reconfiguring
                    olcDbIDAssertBind in slapd-ldap
           Product: OpenLDAP
           Version: 2.5
          Hardware: All
                OS: All
            Status: UNCONFIRMED
          Severity: normal
          Priority: ---
         Component: backends
          Assignee: bugs@openldap.org
          Reporter: tero.saarni@est.tech
  Target Milestone: ---
OpenLDAP crashes to following assert error:
slapd: bind.c:2657: ldap_back_proxy_authz_ctrl: Assertion `0' failed.
The crash can be reproduced by executing following sequence:
1. create proxy with OLC configuration
2. execute modify operation that changes olcDbIDAssertBind (replace or
delete&add)
   but do set mode=legacy as the value
3. execute ldapsearch as user that maps into idassert-bind
4. slapd crashes with the above error message
mode=legacy is the default and everything works after initial configuration (1) 
even without adding mode=legacy into the configuration, but when doing 
re-configuration using OLC (2) the default value does not seem to get
initialized 
correctly anymore.  This causes next LDAP operation (3) to fail after changing
the
configuration since the server crashes (4).
The assert in question is here, in the default branch when "mode" variable is
not
set at all:
https://git.openldap.org/openldap/openldap/-/blob/c9ee2ccd1c8aadaef9db907420...
-- 
You are receiving this mail because:
You are on the CC list for the issue.

[Issue 9504] New: Assertion failure after reconfiguring olcDbIDAssertBind in slapd-ldap