Hi list,
I've created a small reproducer, that calls ldap_sasl_interactive_bind_s after it has been called once and failed, which causes a segfault.
I've traced this bug with gdb: $ gdb ./reproducer
GNU gdb (GDB) Fedora (7.3.50.20110722-10.fc16) Copyright (C) 2011 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu". For bug reporting instructions, please see: http://www.gnu.org/software/gdb/bugs/... Reading symbols from /home/jsynacek/work/bz784989-openldap-rebinding/reproducer...done. (gdb) r Starting program: /home/jsynacek/work/bz784989-openldap-rebinding/reproducer [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". ldap_sasl_interactive_bind: user selected: GSSAPI ldap_int_sasl_bind: GSSAPI ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP localhost:636 ldap_new_socket: 7 ldap_prepare_socket: 7 ldap_connect_to_host: Trying ::1 636 ldap_pvt_connect: fd: 7 tm: -1 async: 0 TLS: error: tlsm_PR_Recv returned 0 - error 21:Is a directory TLS: error: connect - force handshake failure: errno 21 - moznss error -5938 TLS: can't connect: TLS error -5938:Encountered end of file. ldap_msgfree ldap_err2string bind failed: Can't contact LDAP server, retrying for fun and profit! ldap_sasl_interactive_bind: user selected: GSSAPI ldap_int_sasl_bind: GSSAPI
Program received signal SIGSEGV, Segmentation fault. ldap_int_sasl_bind (ld=0x603130, dn=0x0, mechs=0x401a30 "GSSAPI", sctrls=0x0, cctrls=0x0, flags=1, interact=0x401660 <lutil_sasl_interact>, defaults=0x60cae0, result=0x0, rmech=0x7fffffffd878, msgid=0x7fffffffd88c) at ../../../libraries/libldap/cyrus.c:444 444 oldctx = ld->ld_defconn->lconn_sasl_authctx; (gdb) p ld->ldc->ldc_defconn $1 = (LDAPConn *) 0x0
If you set slapd to use TLS certs (uncomment the 'TLS*' lines in the config), there is no segfault.
Reproducer and cn=config.ldif attached. Original bugreport: https://bugzilla.redhat.com/show_bug.cgi?id=784989
Regards,
--On Tuesday, March 13, 2012 2:25 PM +0100 Jan Synacek jsynacek@redhat.com wrote:
Hi list,
I've created a small reproducer, that calls ldap_sasl_interactive_bind_s after it has been called once and failed, which causes a segfault.
Hi Jan,
The correct location to report bugs is http://www.openldap.org/its
Not the openldap-technical list.
Thanks, Quanah
--
Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
openldap-technical@openldap.org