Red Hat Bugzilla – Bug 157684
ldap searches hang at ldap_int_select
Last modified: 2015-01-07 19:09:56 EST
+++ This bug was initially created as a clone of Bug #135188 +++
Description of problem:
When using openldap tools on RHEL4, lookups hang at ldap_int_select.
This was reported against Active Directory, but it also happens against
Novell eDirectory (in my case) and possibly others.
The issue has been described, addressed and fixed in OpenLDAP 2.2.16:
Version-Release number of selected component (if applicable):
Steps to Reproduce:
Run an ldapsearch against an LDAP database
Hangs after displaying results, before displaying summary.
Patch against openldap 2.2.15 -> 2.2.16 attached.
Created attachment 114349 [details]
Patch against openldap 2.2.16 that fixes the problem.
This has been 'NEW' for almost six months. Can it please be addressed?
I have checked that this problem still has not been corrected in the newest
openldap packages (2.2.13-4).
Over eight months old now. Can someone please address this?? I don't think I
could have made it any easier.
The patch for this bug will be included in the upcoming RHEL-4U4 release,
barring suprises during QA.
I've experienced a similar problem.
Mine exhibits against Novell eDirectory/LDAP server but only when secured
connection is used. Non-encrypted connections don't have this problem. Secured
connections fail both via SSL (`ldaps://...' URL) as well as when using STARTTLS
(`-Z' or `-ZZ' options). I have no such problem when connecting against
OpenLDAP's slapd (though it's a version different from that of client and runs
on a different machine).
To prevent any potential confusion: The failure strikes at a moment, when almost
all the output of `ldapsearch' has been printed. The only part which doesn't get
# search result
result: 0 Success
# numResponses: 2
# numEntries: 1
Using a newer version has fixed the problem as expected. I tested this sometimes
in 1Q/2006 or by the beginning of 2Q/2006 with a rebuilt SRPM from Fedora Core
(don't remember which one -- whether 4, 5 or devel). Surely the version number
was newer than that of available package.
Do you think I might be experiencing the same bug? If this is not the case, I'd
better file a barnd new bug then...
Well, I started to doubt about the answer to my question. However running the
beast (with debug on: `-d 99' -- don't know what range `-d' really accepts)
again, it seems to have hanged right at `ldap_int_select'. The string
`ldap_int_select' appears three times in the output.
I also found this issue #3304 in OpenLDAP ITS:
Isn't it related, too? It is said to be fixed in ver. 2.2.18 and I remember the
version from Fedora (the above mentioned one that worked fine) I used was
slightly newer than this.
Well, I should surely try to apply the patch, it's a few lines so could be
applied by hand if patching fails. I think I'll do this sometimes during the
following week. Should I forget, please bug me by mail. (It might be better to
use my business address as I'm in a usual huge delay with my personal one; it is
`travnicj at feec.vutbr.cz' then.)
Created attachment 132156 [details]
`ldapsearch' output up to a hang
This is the output of hanging `ldapsearch'. It starts with a prompt (including
the executed command) and ends with another one. The program had to be
terminated, of course, to get tge final prompt.
It should be possible to rerun the command to repeat the test if needed, unless
we have some access restriction set on the NetWare servers. (It's not
impossible to arrange some exceptions, though, if they are needed.)
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release. Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products. This request is not yet committed for inclusion in an Update
QE ack for 4.5.
According to the changelog, this has been fixed since 2.2.13-5.4E