Bug 107145 - nss_ldap crasches with SegFault when connecting to ldaps:// URL
Summary: nss_ldap crasches with SegFault when connecting to ldaps:// URL
Status: CLOSED DUPLICATE of bug 85728
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: nss_ldap   
(Show other bugs)
Version: 9
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact: David Lawrence
URL:
Whiteboard:
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2003-10-15 13:45 UTC by Erik Forsberg
Modified: 2007-04-18 16:58 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-02-21 18:59:09 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Erik Forsberg 2003-10-15 13:45:49 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3a) Gecko/20021212

Description of problem:
Trying to connect to a Netware eDirectory server using ldaps, nss_ldap crasches
with a Segmentation Fault. I'm using the following configuration file
(/etc/ldap.conf):

# The distinguished name of the search base.
base o=example

uri ldaps://foo.example.com/
binddn cn=admin,o=example
bindpw foobar
scope sub
pam_password nds
ssl on
tls_checkpeer yes
tls_cacertfile /root/TrustedRootCert.pem

The following configuration file will also produce the error:

uri ldaps://foo.example.com
binddn cn=admin,o=example
bindpw foobar
scope sub
ssl on
pam_password nds

..so the crasch doesn't seem to be related to the checkpeer option nor the
cacertfile option.

I'm able to connect to this host without trouble using either stunnel or
nss_ldap on a RedHat Linux 8.0 box. Also, I've tried downloading the latest
nss_ldap (rel 211) from PADL.com and compiled myself, this also crasches with
SegFault on RH9. Debug info from this release:

nss_ldap: ==> _nss_ldap_ent_context_init
nss_ldap: ==> _nss_ldap_enter
nss_ldap: <== _nss_ldap_enter
nss_ldap: ==> _nss_ldap_leave
nss_ldap: <== _nss_ldap_leave
nss_ldap: <== _nss_ldap_ent_context_init
nss_ldap: ==> _nss_ldap_getent
nss_ldap: ==> _nss_ldap_ent_context_init
nss_ldap: ==> _nss_ldap_enter
nss_ldap: <== _nss_ldap_enter
nss_ldap: ==> _nss_ldap_leave
nss_ldap: <== _nss_ldap_leave
nss_ldap: <== _nss_ldap_ent_context_init
nss_ldap: ==> _nss_ldap_enter
nss_ldap: <== _nss_ldap_enter
nss_ldap: ==> _nss_ldap_search
nss_ldap: ==> do_open
nss_ldap: ==> do_close_no_unbind
nss_ldap: <== do_close_no_unbind (connection was not open)
nss_ldap: ==> ldap_initialize
nss_ldap: <== ldap_initialize
nss_ldap: ==> do_ssl_options
nss_ldap: <== do_ssl_options
nss_ldap: ==> do_bind
Segmentation fault (core dumped)

Since this bug makes it impossible to use transport-layer security, it is a
security risk since it will make people transport their passwords in cleartext
over the net.

Version-Release number of selected component (if applicable):
202-5

How reproducible:
Always

Steps to Reproduce:
Use the configuration file as above in the Descriptions field, and connect to a
ldaps:// URI.

Additional info:

Comment 1 Erik Forsberg 2003-10-16 11:58:16 UTC
After discussion on the nssldap mailing list, I found that this bug is a
duplicate of bug 85728, so please fix that instead :-).

*** This bug has been marked as a duplicate of 85728 ***

Comment 2 Red Hat Bugzilla 2006-02-21 18:59:09 UTC
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.


Note You need to log in before you can comment on or make changes to this bug.