Which version of OpenLDAP is this? Did you build it yourself, or is it from packages supplied by your operating system vendor? Which TLS library is it linked against? Can you provide a gdb backtrace including debug symbols?
If you can reproduce this with the current OpenLDAP version (2.4.43), built from source and linked with OpenSSL, please file a report in the ITS <http://openldap.org/ITS>.

Hi Ryan,

I'm using version 2.4.31. And I installed it through the ubuntu package manger (apt-get).

[root@ldap1:~] #slapd -V
@(#) $OpenLDAP: slapd  (Ubuntu) (Sep 15 2015 18:19:13) $
        buildd@lgw01-53:/build/openldap-2QUgtL/openldap-2.4.31/debian/build/servers/slapd 

This is the version of OpenSSL I have installed:

[root@ldap1:~] #apt-cache policy openssl
openssl:
  Installed: 1.0.1f-1ubuntu2.15
  Candidate: 1.0.1f-1ubuntu2.16
  Version table:
     1.0.1f-1ubuntu2.16 0
        500 http://us-east-1.ec2.archive.ubuntu.com/ubuntu/ trusty-updates/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu/ trusty-security/main amd64 Packages
 *** 1.0.1f-1ubuntu2.15 0
        100 /var/lib/dpkg/status
     1.0.1f-1ubuntu2 0
        500 http://us-east-1.ec2.archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages


Sorry but I'm having some trouble providing a backtrace due to the complexity of the ldap command. This is all I get:

[root@ldap1:~] #gdb ldapmodify -H ldapi:// -Y EXTERNAL -f addcerts.ldif 2>&1 |tee ~/gdb-ldapmodify.txt
gdb: unrecognized option '-H'
Use `gdb --help' for a complete list of options.

Or

[root@ldap1:~] #gdb 'ldapmodify -H ldapi:// -Y EXTERNAL -f' addcerts.ldif 2>&1 |tee ~/gdb-ldapmodify.txt
GNU gdb (Ubuntu 7.7.1-0ubuntu5~14.04.2) 7.7.1
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
ldapmodify -H ldapi:// -Y EXTERNAL -f: No such file or directory.
"/root/addcerts.ldif" is not a core dump: File format not recognized
(gdb)

Wish I could be of more help answering the question! 





On Wed, Dec 23, 2015 at 5:49 PM, Ryan Tandy <ryan@nardis.ca> wrote:
Hi Tim,

On Wed, Dec 23, 2015 at 05:43:56PM -0500, Tim Dunphy wrote:
[root@ldap1:~] #ldapmodify -H ldapi:// -Y EXTERNAL -f addcerts.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
Segmentation fault (core dumped)

 Which version of OpenLDAP is this? Did you build it yourself, or is it from packages supplied by your operating system vendor? Which TLS library is it linked against? Can you provide a gdb backtrace including debug symbols?

If you can reproduce this with the current OpenLDAP version (2.4.43), built from source and linked with OpenSSL, please file a report in the ITS <http://openldap.org/ITS>.



--
GPG me!!

gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B