Which version of OpenLDAP is this? Did you build it yourself, or is it from packages supplied by your operating system vendor? Which TLS library is it linked against? Can you provide a gdb backtrace including debug symbols? If you can reproduce this with the current OpenLDAP version (2.4.43), built from source and linked with OpenSSL, please file a report in the ITS < http://openldap.org/ITS%3E.
Hi Ryan,
I'm using version 2.4.31. And I installed it through the ubuntu package manger (apt-get).
[root@ldap1:~] #slapd -V @(#) $OpenLDAP: slapd (Ubuntu) (Sep 15 2015 18:19:13) $ buildd@lgw01-53 :/build/openldap-2QUgtL/openldap-2.4.31/debian/build/servers/slapd
This is the version of OpenSSL I have installed:
[root@ldap1:~] #apt-cache policy openssl openssl: Installed: 1.0.1f-1ubuntu2.15 Candidate: 1.0.1f-1ubuntu2.16 Version table: 1.0.1f-1ubuntu2.16 0 500 http://us-east-1.ec2.archive.ubuntu.com/ubuntu/ trusty-updates/main amd64 Packages 500 http://security.ubuntu.com/ubuntu/ trusty-security/main amd64 Packages *** 1.0.1f-1ubuntu2.15 0 100 /var/lib/dpkg/status 1.0.1f-1ubuntu2 0 500 http://us-east-1.ec2.archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages
Sorry but I'm having some trouble providing a backtrace due to the complexity of the ldap command. This is all I get:
[root@ldap1:~] #gdb ldapmodify -H ldapi:// -Y EXTERNAL -f addcerts.ldif 2>&1 |tee ~/gdb-ldapmodify.txt gdb: unrecognized option '-H' Use `gdb --help' for a complete list of options.
Or
[root@ldap1:~] #gdb 'ldapmodify -H ldapi:// -Y EXTERNAL -f' addcerts.ldif 2>&1 |tee ~/gdb-ldapmodify.txt GNU gdb (Ubuntu 7.7.1-0ubuntu5~14.04.2) 7.7.1 Copyright (C) 2014 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html
This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-linux-gnu". Type "show configuration" for configuration details. For bug reporting instructions, please see: http://www.gnu.org/software/gdb/bugs/. Find the GDB manual and other documentation resources online at: http://www.gnu.org/software/gdb/documentation/. For help, type "help". Type "apropos word" to search for commands related to "word"... ldapmodify -H ldapi:// -Y EXTERNAL -f: No such file or directory. "/root/addcerts.ldif" is not a core dump: File format not recognized (gdb)
Wish I could be of more help answering the question!
On Wed, Dec 23, 2015 at 5:49 PM, Ryan Tandy ryan@nardis.ca wrote:
Hi Tim,
On Wed, Dec 23, 2015 at 05:43:56PM -0500, Tim Dunphy wrote:
[root@ldap1:~] #ldapmodify -H ldapi:// -Y EXTERNAL -f addcerts.ldif SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 Segmentation fault (core dumped)
Which version of OpenLDAP is this? Did you build it yourself, or is it from packages supplied by your operating system vendor? Which TLS library is it linked against? Can you provide a gdb backtrace including debug symbols?
If you can reproduce this with the current OpenLDAP version (2.4.43), built from source and linked with OpenSSL, please file a report in the ITS < http://openldap.org/ITS%3E.