Hi All, We are running OL 2.3.20 (+ Berkeley 4.2.52 & patches) on Debian Linux Sarge servers. OL was compiled with Cyrus SASL support but we are not using SASL yet.
When I ran an ldapsearch with SASL bind instead of using simple authentication, I was expecting to get a error message like that: ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80) additional info: SASL(-13): user not found: no secret in database Instead I got a segmentation fault: info-ldap-006:~# ldapsearch -H ldap://localhost SASL/DIGEST-MD5 authentication started Please enter your password: ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1) I compiled cyrus-sasl 2.1.21 with the following options: $ ./configure \ --disable-cram --disable-otp --disable-anon \ --without-pam --without-saslauthd \ --enable-plain --enable-login \ --enable-digest \ --disable-gssapi \ --with-gnu-ld \ --with-plugindir=/usr/local/lib/sasl2 \ --with-devrandom=/dev/random \ --with-openssl=/usr/local/ssl OL 2.3.20 was compiled with the following options: $ export CPPFLAGS="-I/usr/local/BerkeleyDB.4.2/include -I/usr/local/ssl/include" $ export LDFLAGS="-L/usr/local/BerkeleyDB.4.2/lib -L/usr/local/ssl/lib" $ ./configure \ --prefix=/usr/local --sysconfdir=/etc \ --enable-dynamic \ --disable-ipv6 \ --enable-slapd \ --enable-crypt \ --enable-spasswd \ --enable-modules \ --enable-rlookups \ --enable-wrappers \ --enable-bdb=mod \ --enable-hdb=mod \ --enable-monitor=mod \ --disable-relay \ --enable-overlays=mod \ --with-cyrus-sasl \ --with-tls Here is my stack back trace: [EMAIL PROTECTED]:/usr/local/src/openldap-2.3.20/servers/slapd/.libs$ sudo gdb ./slapd GNU gdb 6.3-debian Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-linux"...Using host libthread_db library "/lib/tls/libthread_db.so.1". (gdb) set width 70 (gdb) run -d 0 -f /etc/openldap/slapd.conf Starting program: /usr/local/src/openldap-2.3.20/servers/slapd/.libs/slapd -d 0 -f /etc/openldap/slapd.conf [Thread debugging using libthread_db enabled] [New Thread -1212804992 (LWP 26283)] [New Thread -1284973648 (LWP 26286)] [Thread -1284973648 (LWP 26286) exited] [New Thread -1284973648 (LWP 26287)] [New Thread -1293362256 (LWP 26288)] [New Thread -1301750864 (LWP 26289)] Program received signal SIGSEGV, Segmentation fault. [Switching to Thread -1293362256 (LWP 26288)] 0xb7aa705a in __bam_defpfx () from /usr/lib/libdb3.so.3 (gdb) bt full #0 0xb7aa705a in __bam_defpfx () from /usr/lib/libdb3.so.3 No symbol table info available. #1 0xb7b432e2 in berkeleydb_open (utils=0x81cd8f0, conn=0x81ccbe0, rdwr=0, mbdb=0xb2e8b474) at db_berkeley.c:89 path = 0xb7b44060 "/etc/sasldb2" ret = 0 flags = 0 cntxt = (void *) 0x81ccbe0 getopt = (sasl_getopt_t *) 0xb7e8b030 <_sasl_conn_getopt> #2 0xb7b434d5 in _sasldb_getdata (utils=0x81cd8f0, context=0x81ccbe0, auth_identity=0x81d28b0 "root", realm=0x81d2898 "info-ldap-006", propName=0xb7b54f78 "userPassword", out=0xb2e8b520 "", max_out=8192, out_len=0xb2e8b514) at db_berkeley.c:173 result = 0 key = 0x81d28c0 "root" key_len = 31 dbkey = {data = 0x0, size = 0, ulen = 3001595096, dlen = 3085515871, doff = 136108272, flags = 136128648} data = {data = 0x81d28b0, size = 136128648, ulen = 0, dlen = 136231944, doff = 3001595096, flags = 3085921488} mbdb = (DB *) 0x81d28e8 #3 0xb7b413c3 in sasldb_auxprop_lookup (glob_context=0x0, sparams=0x81cd718, flags=0, user=0x81cd5f1 "root", ulen=136164012) at sasldb.c:113 realname = 0xb7b54f78 "userPassword" userid = 0x81d28b0 "root" realm = 0x81d2898 "info-ldap-006" user_realm = 0x7361732f <Address 0x7361732f out of bounds> ret = 1935766319 to_fetch = (const struct propval *) 0x7361732f cur = (const struct propval *) 0x81db2ac value = '\0' <repeats 468 times>, "ÈÀ··L·è²<+ï·Ô\200¸·O\bÍ·\000 \000\000\000\000\000\000\0006\bÍ· ", '\0' <repeats 15 times>, "\226 \201¸·8/¸·8¤··èéÌ·\017\000\000\000È`··\230d·· \034ð·\\>ê·Î \006Í·ä·è²¿4ï·Î\006Í·y:<\ahÿÌ· ·è²P¡î·\f\000\000\000\230d··\000\000\000 \000\001\000\000\000 ·è²", '\0' <repeats 16 times>, "y:<\a\034¸è²À<ê· \000\000\000\000\000\000\000\000ÈÀ··èéÌ·", '\0' <repeats 44 times>, "\030\001Í·,¸è²<+ï"... ---Type <return> to continue, or q <return> to quit--- value_len = 778595949 user_buf = 0x81d2888 "root" #4 0xb7e863cb in _sasl_auxprop_lookup (sparams=0x81cd718, flags=0, user=0x81cd5f1 "root", ulen=4) at auxprop.c:870 getopt = (sasl_getopt_t *) 0xb7e8b030 <_sasl_conn_getopt> ret = 1935766319 found = 1 context = (void *) 0x81ccbe0 plist = 0x0 ptr = (auxprop_plug_list_t *) 0x813f770 #5 0xb7e86b5b in _sasl_canon_user (conn=0x81ccbe0, user=0x81cd5f1 "root", ulen=4, flags=1, oparams=0x81cd440) at canonusr.c:190 ptr = (canonuser_plug_list_t *) 0x0 sconn = (sasl_server_conn_t *) 0x81ccbe0 cconn = (sasl_client_conn_t *) 0x0 cuser_cb = ( sasl_canon_user_t *) 0x80ab950 <slap_sasl_canonicalize> getopt = (sasl_getopt_t *) 0xb7e8b030 <_sasl_conn_getopt> context = (void *) 0x81ccbe0 result = 1935766319 plugin_name = 0xb7e93fbf "INTERNAL" user_buf = 0x81cd5f1 "root" lenp = (unsigned int *) 0x81cd450 #6 0xb7b4f6fe in digestmd5_server_mech_step2 (stext=0x81cd9f0, sparams=0x81cd718, clientin=0x0, clientinlen=3001603824, serverout=0x7361732f, serveroutlen=0x7361732f, oparams=0x81cd440) at digestmd5.c:2281 name = 0x81d27cb "response" value = 0x81d27d4 "b4cbec304a43db0b244e5ec38454301c" sec = (sasl_secret_t *) 0x0 result = 0 serverresponse = 0x0 username = 0x81d2800 "root" authorization_id = 0x0 realm = 0x81d2810 "info-ldap-006" nonce = ( unsigned char *) 0x81ec610 "higdckAr1KQoAwz+USgrgBdJISri6awiQ +LcfMW7wNw=" ---Type <return> to continue, or q <return> to quit--- cnonce = ( unsigned char *) 0x81ec4a0 "XyQhQZ0Ek6Z7qTknAoEYC55pW/V8uba2M6zuvlExTNU=" noncecount = 1 qop = 0x81d2828 "auth-conf" digesturi = 0x81d2848 "ldap/info-ldap-006" response = 0x81d2860 "b4cbec304a43db0b244e5ec38454301c" client_maxbuf = 65536 maxbuf_count = 1 charset = 0x0 cipher = 0x81d2838 "rc4" n = 0 Secret = "\000\000\000\000\000 î·P×è²£jï·\234" password_request = {0xb7b54f77 "*userPassword", 0xb7b54f85 "*cmusaslsecretDIGEST-MD5", 0x0} auxprop_values = {{name = 0x0, values = 0x0, nvalues = 237566880, valsize = 3085869056}, { name = 0x804fa08 "sasl_server_step", values = 0x643fb4b, nvalues = 3085869056, valsize = 3082093430}} in_start = 0x81d26e8 "username" in = 0x81d27f4 "" #7 0xb7e90a94 in sasl_server_step (conn=0x81ccbe0, clientin=0x81d25d0 "username=\"root\",realm=\"info-ldap-006\",nonce= \"higdckAr1KQoAwz+USgrgBdJISri6awiQ+LcfMW7wNw=\",cnonce= \"XyQhQZ0Ek6Z7qTknAoEYC55pW/V8uba2M6zuvlExTNU= \",nc=00000001,qop=auth-conf,cipher=rc4,maxbuf=65536,diges"..., clientinlen=268, serverout=0xb2e8d794, serveroutlen=0x1b0) at server.c:1411 ret = 136127952 #8 0x080acfba in slap_sasl_bind (op=0x81d22f0, rs=0xb2e8d8b0) at sasl.c:1399 ctx = (sasl_conn_t *) 0x81ccbe0 response = {bv_len = 0, bv_val = 0x0} reslen = 0 sc = 1 #9 0x08083eff in fe_op_bind (op=0x81d22f0, rs=0xb2e8d8b0) at bind.c:275 mech = {bv_len = 10, bv_val = 0x81d25c2 "DIGEST-MD5"} bd = (BackendDB *) 0x8127160 #10 0x080832cf in do_bind (op=0x81d22f0, rs=0xb2e8d8b0) at bind.c:200 ---Type <return> to continue, or q <return> to quit--- ber = (BerElement *) 0x80df767 version = 3 method = 163 mech = {bv_len = 10, bv_val = 0x81d25c2 "DIGEST-MD5"} dn = {bv_len = 0, bv_val = 0x81d25bc ""} tag = 1935766319 be = (Backend *) 0x0 #11 0x08068a7f in connection_operation (ctx=0xb2e8d940, arg_v=0x81d22f0) at connection.c:1307 rc = 30 rs = {sr_type = REP_RESULT, sr_tag = 0, sr_msgid = 0, sr_err = 0, sr_matched = 0x0, sr_text = 0x0, sr_ref = 0x0, sr_ctrls = 0x0, sr_un = {sru_sasl = {r_sasldata = 0x0}, sru_extended = {r_rspoid = 0x0, r_rspdata = 0x0}, sru_search = { r_entry = 0x0, r_attr_flags = 0, r_operational_attrs = 0x0, r_attrs = 0x0, r_nentries = 0, r_v2ref = 0x0}}, sr_flags = 0} tag = 96 opidx = 0 conn = (Connection *) 0xb3733878 memctx = (void *) 0x81cb8a8 memctx_null = (void *) 0x0 #12 0xb7eafae8 in ldap_int_thread_pool_wrapper (xpool=0x813c360) at tpool.c:480 ctx = (ldap_int_thread_ctx_t *) 0x81cbf98 ltc_key = {{ltk_key = 0x80af490, ltk_data = 0x81cb8a8, ltk_free = 0x80af360 <slap_sl_mem_destroy>}, { ltk_key = 0x81ca430, ltk_data = 0xd, ltk_free = 0xb7a7d5b0 <bdb_locker_id_free>}, {ltk_key = 0x0, ltk_data = 0x0, ltk_free = 0} <repeats 30 times>} tid = 3001605040 i = 136101784 keyslot = 805 hash = 432 #13 0xb7cb0b63 in start_thread () from /lib/tls/libpthread.so.0 No symbol table info available. #14 0xb7c4f18a in clone () from /lib/tls/libc.so.6 No symbol table info available. Any ideas? Thanks in advance. Sam
