Bug 134979

Summary: cyrus-sasl causes crashes with ldap
Product: Red Hat Enterprise Linux 3 Reporter: Benjamin Gordon <ben>
Component: cyrus-saslAssignee: Nalin Dahyabhai <nalin>
Status: CLOSED ERRATA QA Contact:
Severity: high Docs Contact:
Priority: medium    
Version: 3.0CC: bernd.bartmann, jbs, joshkel, lwhatley, menthos, minfrin, parsley, rhbugzillamarcw
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-10-07 22:03:25 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Benjamin Gordon 2004-10-07 17:16:14 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; rv:1.7.3) Gecko/20040914
Firefox/0.10

Description of problem:
The cyrus-sasl-2.1.15-9 update from today causes crashes in all
authentication processes such as ssh, su, sudo, etc when pam is
configured to look up user accounts and passwords in ldap.  Replacing
2.1.15-9 with 2.1.15-8 fixes the problem.  All accounts on the
machines are affected, not just accounts stored in ldap.



Version-Release number of selected component (if applicable):
cyrus-sasl-2.1.15-9

How reproducible:
Always

Steps to Reproduce:
1. Upgrade to cyrus-sasl-2.1.15-9
2. Run /bin/su
    

Actual Results:  su crashes with a segmentation fault

Additional info:

We have our ldap set to use tls to talk to the server.  Removing the
ldap lines from /etc/pam.d/system-auth definitely stops the crashes. 
I have not tested if just removing the tls part fixes it.

The top 6 stack frames from a core dump of su are:
#0  0x002b61e1 in _sasl_getcallback () from /usr/lib/libsasl.so.7
#1  0x002baf46 in _sasl_get_mech_list () from /usr/lib/libsasl.so.7
#2  0x002b976d in sasl_client_new () from /usr/lib/libsasl.so.7
#3  0x00e18891 in ldap_int_sasl_init () from /usr/lib/libldap.so.2
#4  0x00e28b1c in ldap_int_initialize () from /usr/lib/libldap.so.2
#5  0x00e29150 in ldap_set_option () from /usr/lib/libldap.so.2
#6  0x0011b79d in ?? () from /lib/security/pam_ldap.so

Following that are about 550 lines similar to #6.  I can post the full
backtrace if needed.
Comment 2 Marc Wallman 2004-10-07 18:43:07 UTC 
It breaks /usr/bin/ldapsearch too. Anonymous lookups segfault before
returning any results.
Comment 3 Mark J. Cox 2004-10-07 19:31:12 UTC 
Update in progress
Comment 4 Dan Stromberg 2004-10-07 19:35:05 UTC 
We had much the same problem, but we aren't using LDAP for anything.

Sendmail, upon being killed and restarted, would segfault until we
downgraded to -8 of the cyrus-sasl package.
Comment 5 Lee Whatley 2004-10-07 19:39:46 UTC 
Yeah we are not using ldap here and sendmail crapped on itself after
the cyrus-sasl upgrade.  The queue runner would start, but the actual
daemon would not.  It would just segfault like the previoud poster
said.  We also had to downgrade to -8 for sendmail to work again.  It
hasn't affected anything else but sendmail as far as I can tell...
Comment 7 Mark J. Cox 2004-10-07 20:37:09 UTC 
Revised packages are currently undergoing QA
Comment 8 Mark J. Cox 2004-10-07 20:47:20 UTC 
(Note this flaw only affects the RHEL 3 cyrus-sasl packages, the RHEL
2.1 packages contained a correct patch)
Comment 9 Josh Bressers 2004-10-07 22:03:25 UTC 
An errata has been issued which should help the problem 
described in this bug report. This report is therefore being 
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, 
please follow the link below. You may reopen this bug report 
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2004-546.html
Comment 10 Suzanne Hillman 2004-10-12 19:33:59 UTC 
*** Bug 135056 has been marked as a duplicate of this bug. ***