Bug 156582

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux ppc; en-US; rv:1.7.7) Gecko/20050416 Epiphany/1.6.1

Description of problem:
The getent program segfaults when /etc/ldap.conf contains "ssl start_tls."

Version-Release number of selected component (if applicable):
glibc-common-2.3.5-4

How reproducible:
Always

Steps to Reproduce:
I have an LDAP server running Fedora Core 3.  My client is running Raw Hide.  When  the client is NOT configured to use SSL, getent will properly query the LDAP server.  However, is the client is configured to use SSL, then "getent passwd" will segfault.

Here is the client's /etc/ldap.conf that causes "getent passwd" to segfault:

host golem.flyn.org
base dc=flyn,dc=org
timelimit 5
bind_timelimit 5
ssl start_tls
  
Here is my client's /etc/openldap/ldap.conf:

HOST golem.flyn.org
BASE dc=flyn,dc=org
TLS_REQCERT     never
TLS             hard

Actual Results:  Here are the results of running getent in gdb:

[root@imp Downloads]# gdb getent
GNU gdb Red Hat Linux (6.3.0.0-1.15rh)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "ppc-redhat-linux-gnu"...(no debugging symbols found)
Using host libthread_db library "/lib/libthread_db.so.1".

(gdb) run passwd
Starting program: /usr/bin/getent passwd
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)

Program received signal SIGSEGV, Segmentation fault.
0x0fc0a0d0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
(gdb) ba
#0  0x0fc0a0d0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#1  0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#2  0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#3  0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#4  0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#5  0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#6  0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#7  0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#8  0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#9  0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#10 0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#11 0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#12 0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#13 0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#14 0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#15 0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#16 0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#17 0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
Previous frame inner to this frame (corrupt stack?)
(gdb)

Expected Results:  The data that is on my LDAP server should be included in the output from "getent passwd."

Additional info: