Hello Vincent,
I've uploaded a fixed package in my PPA:
https://launchpad.net/~utkarsh/+archive/ubuntu/experimental-dump. Could
you please test this if it work alright for you before I push this to
the official archive?
Thanks!
** Changed in: openldap (Ubuntu Focal)
Assignee: (unassigned) => Utkarsh Gupta (utkarsh)
** Changed in: openldap (Ubuntu Focal)
Status: Triaged => In Progress
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1921562
Title:
Intermittent hangs during ldap_search_ext when TLS enabled
Status in openldap:
Fix Released
Status in openldap package in Ubuntu:
Fix Released
Status in openldap source package in Focal:
In Progress
Bug description:
When connecting to an LDAP server with TLS, ldap_search_ext can hang
if during the initial TLS handshake a signal is received by the
process. The cause of this bug is the same as
https://bugs.openldap.org/show_bug.cgi?id=8650 which was fixed in
https://git.openldap.org/openldap/openldap/-/commit/735e1ab and was
released as part of version 2.4.50. This bug effects Ubuntu 20.04 LTS
and potentially earlier Ubuntu releases. Later Ubuntu releases use an
openldap version that is at least 2.4.50 and are therefore not
affected.
In our case this bug cause failures in the SSSD LDAP backend at least
once per day, resulting in authentication errors followed by a sssd_be
restart after a timeout has been hit:
Mar 19 19:05:31 mail auth[867454]: pam_sss(dovecot:auth): received for user
redacted: 4 (System error)
Mar 19 19:05:32 mail sssd_be[867455]: Starting up
A reduced version of the patch linked above can be found attached to
this bug report. This patch has been applied to version 2.4.49+dfsg-
2ubuntu1.7 and has been running in production for approximately a week
and the issue has no longer occurred. No other issues have appeared
during this period.
As this bug affects all systems using LDAP with TLS, I suggest that
the fix for this bug is ported to Ubuntu 20.04 LTS and potentially
earlier versions.
To manage notifications about this bug go to:
https://bugs.launchpad.net/openldap/+bug/1921562/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
