Re: rewritting binds and attempting to cache search for attr=1.1 - segmentation fault
Hello, thank you for reading this post!
Is it possible to configure openldap to cache the search operation
necessary to perform mapped bind rewrites? The slapo-pcache man page has
given me hope but I'm stuck making it happen.
I'm able to map and rewrite a bind, cache binds, and cache search
results. But I'm stuck trying to cache the search operation that
openldap completes for looking up a mapped attribute. For example I can
bind with a string like:
mail=pfoo(a)somedomain.com,ou=Students,dc=domain,dc=com
slapd.conf maps that through overlay rwm like:
rwm-rewriteMap ldap source2dn
"ldap:///ou=Students,dc=TEST_HOST,dc=TEST_COM?dn?sub"
rwm-rewriteContext bindDN
rwm-rewriteRule "(.+,)?dc=TEST_HOST,dc=TEST_COM"
"$1dc=TEST_HOST,dc=TEST_COM" ":"
to an actual DN of:
cn=Foo\, Peter (pfoo),ou=Students,dc=domain,dc=com
and some pcache definitions will cache binds and certain searches - this
works great.
In reviewing the openldap log and network packets to confirm caching, I
noticed search requests to attr=1.1. So I tried to define a
pcachetemplate for those requests like this:
pcacheAttrset 0 1.1
pcacheTemplate (mail=) 0 1800
When I search for attribute 1.1 and bind using a dn that doesn't need to
be rewritten, I get search results and they are cached. However, when I
search for 1.1 and bind using a dn that needs to be rewritten, the
server complains of a segmentation fault.
conn=1000 fd=12 ACCEPT from IP=127.0.0.1:54533 (IP=0.0.0.0:389)
conn=1000 op=0 BIND
dn="mail=pfoo(a)somedomain.com,ou=Students,dc=TEST_HOST,dc=TEST_COM"
method=128
conn=1001 fd=14 ACCEPT from IP=127.0.0.1:54534 (IP=0.0.0.0:389)
conn=1001 op=0 SRCH base="ou=Students,dc=TEST_HOST,dc=TEST_COM" scope=2
deref=0 filter="(mail=pfoo(a)somedomain.com)"
conn=1001 op=0 SRCH attr=1.1
query template of incoming query = (mail=)
Entering QC, querystr = (mail=pfoo(a)somedomain.com)
Lock QC index = 0xa2d8798
Not answerable: Unlock QC index=0xa2d8798
QUERY NOT ANSWERABLE
QUERY CACHEABLE
Segmentation fault
Since you get a SIGSEGV I suggest you:
1) file an ITS <http:/www.openldap.org/its>
2) provide further information according to
<http://www.openldap.org/faq/data/cache/56.html>
3) provide a simple configuration (slapd.conf, minimal ldif data for the
database, and exact operation that produces the problem, possibly using
command-line tools from OpenLDAP) that produces the issue.
p.