reopen 278471 ! thanks
While moving to an entirely new system, I've finally been able to reliable reproduce the said error. gdb helped me getting the following trace: autofs-ldap-auto-master: cyrus.c:468: ldap_int_sasl_open: Assertion `lc->lconn_sasl_ctx == ((void *)0)' failed. Program received signal SIGABRT, Aborted. [Switching to Thread 47804805920096 (LWP 2491)] 0x00002b7a6b90207b in raise () from /lib/libc.so.6 (gdb) where #0 0x00002b7a6b90207b in raise () from /lib/libc.so.6 #1 0x00002b7a6b90384e in abort () from /lib/libc.so.6 #2 0x00002b7a6b8fbaf4 in __assert_fail () from /lib/libc.so.6 #3 0x00002b7a6b69d602 in ldap_int_sasl_open () from /usr/lib/libldap_r.so.2 #4 0x00002b7a6b69855a in ldap_int_open_connection () from /usr/lib/libldap_r.so.2 #5 0x00002b7a6b6a87dc in ldap_new_connection () from /usr/lib/libldap_r.so.2 #6 0x00002b7a6b6983da in ldap_open_defconn () from /usr/lib/libldap_r.so.2 #7 0x00002b7a6b6a8e78 in ldap_send_initial_request () from /usr/lib/libldap_r.so.2 #8 0x00002b7a6b69fa34 in ldap_sasl_bind () from /usr/lib/libldap_r.so.2 #9 0x00002b7a6b69fc80 in ldap_sasl_bind_s () from /usr/lib/libldap_r.so.2 #10 0x00002b7a6b69fdb0 in ldap_simple_bind_s () from /usr/lib/libldap_r.so.2 #11 0x00000000004013db in ?? () #12 0x00002b7a6b8ef4ca in __libc_start_main () from /lib/libc.so.6 #13 0x0000000000400dda in ?? () #14 0x00007fff3f537db8 in ?? () #15 0x0000000000000000 in ?? () Therefrom I was able to trace the error down to the following situation: Multiple hosts are listed in the URI and tls or ssl/ldaps is in effect. Then, if opening a SASL connection works out (ldap_int_sasl_open), but the TLS/SSL connection cannot be established to the respective server (I'm currently debugging why this is the case), the SASL context remains alive (lconn_sasl_ctx), but the next server is tried - and the assertion fails. A proper fix seems to clean up the SASL context in case of failure. I will send a patch fixing this in a few minutes. It would be cool if this could make it into a bugfix release. Note that all this most probably does not apply to openldap 2.4 as the respective SASL code has seen a huge rewrite. Best, Michael
pgpdkrL4EOynq.pgp
Description: PGP signature
