Bug 156582 - Segfault from getent with LDAP+SSL
Segfault from getent with LDAP+SSL
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: nss_ldap (Show other bugs)
rawhide
powerpc Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
:
: 157378 158210 (view as bug list)
Depends On:
Blocks: FC4Target
  Show dependency treegraph
 
Reported: 2005-05-01 22:19 EDT by W. Michael Petullo
Modified: 2007-11-30 17:11 EST (History)
2 users (show)

See Also:
Fixed In Version: 234-3
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-05-20 16:20:40 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description W. Michael Petullo 2005-05-01 22:19:01 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux ppc; en-US; rv:1.7.7) Gecko/20050416 Epiphany/1.6.1

Description of problem:
The getent program segfaults when /etc/ldap.conf contains "ssl start_tls."

Version-Release number of selected component (if applicable):
glibc-common-2.3.5-4

How reproducible:
Always

Steps to Reproduce:
I have an LDAP server running Fedora Core 3.  My client is running Raw Hide.  When  the client is NOT configured to use SSL, getent will properly query the LDAP server.  However, is the client is configured to use SSL, then "getent passwd" will segfault.

Here is the client's /etc/ldap.conf that causes "getent passwd" to segfault:

host golem.flyn.org
base dc=flyn,dc=org
timelimit 5
bind_timelimit 5
ssl start_tls
  
Here is my client's /etc/openldap/ldap.conf:

HOST golem.flyn.org
BASE dc=flyn,dc=org
TLS_REQCERT     never
TLS             hard

Actual Results:  Here are the results of running getent in gdb:

[root@imp Downloads]# gdb getent
GNU gdb Red Hat Linux (6.3.0.0-1.15rh)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "ppc-redhat-linux-gnu"...(no debugging symbols found)
Using host libthread_db library "/lib/libthread_db.so.1".

(gdb) run passwd
Starting program: /usr/bin/getent passwd
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)

Program received signal SIGSEGV, Segmentation fault.
0x0fc0a0d0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
(gdb) ba
#0  0x0fc0a0d0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#1  0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#2  0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#3  0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#4  0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#5  0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#6  0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#7  0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#8  0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#9  0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#10 0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#11 0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#12 0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#13 0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#14 0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#15 0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#16 0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
#17 0x0fc0a0b0 in _nss_ldap_readconfigfromdns () from /lib/libnss_ldap.so.2
Previous frame inner to this frame (corrupt stack?)
(gdb)

Expected Results:  The data that is on my LDAP server should be included in the output from "getent passwd."

Additional info:
Comment 1 Jeremy Katz 2005-05-18 20:57:28 EDT
*** Bug 157378 has been marked as a duplicate of this bug. ***
Comment 2 Nalin Dahyabhai 2005-05-20 16:20:40 EDT
Oops, bug in a local patch for doing start_tls support in a way that can time
out.  Fixing in 234-3.
Comment 3 Jeremy Katz 2005-05-23 18:35:05 EDT
*** Bug 158210 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.