Bug 482909 - server seg fault if doing SSLCLIENTAUTH without being an ssl server
Summary: server seg fault if doing SSLCLIENTAUTH without being an ssl server
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Directory Server
Classification: Red Hat
Component: Security - SSL
Version: 8.1
Hardware: All
OS: Linux
low
medium
Target Milestone: ---
: ---
Assignee: Rich Megginson
QA Contact: Chandrasekar Kannan
URL:
Whiteboard:
Depends On:
Blocks: 249650 FDS1.2.0
TreeView+ depends on / blocked
 
Reported: 2009-01-28 19:16 UTC by Michael Gregg
Modified: 2015-01-04 23:36 UTC (History)
2 users (show)

Fixed In Version: 8.1
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2009-04-29 23:09:54 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)
diffs (8.13 KB, patch)
2009-01-28 20:40 UTC, Rich Megginson
no flags Details | Diff
cvs commit log (160 bytes, text/plain)
2009-01-28 22:00 UTC, Rich Megginson
no flags Details
report from reliab15 run on DS 8.1 (117.92 KB, text/html)
2009-04-13 21:47 UTC, Michael Gregg
no flags Details

Description Michael Gregg 2009-01-28 19:16:41 UTC
Description of problem:
During the replication setup section of reliab15, the master servers crash

How reproducible:
always

Steps to Reproduce:
1. run reliab15
2. 1 min into step 3, servers start crashing
3.
  
gdb bt from the first master at crash time. This doesn't look very helpful. I can supply a machine with this problem for testing if needed.

Additional info:
(gdb) c
Continuing.
[New Thread -1671869536 (LWP 28066)]
[New Thread -1682359392 (LWP 28067)]
[New Thread -1692849248 (LWP 28068)]
[New Thread -1703339104 (LWP 28069)]
[New Thread -1713828960 (LWP 28070)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1713828960 (LWP 28070)]
0x00abe204 in SVRCORE_StdPinGetPin () from /usr/lib/libsvrcore.so.0
(gdb) bt
#0  0x00abe204 in SVRCORE_StdPinGetPin () from /usr/lib/libsvrcore.so.0
#1  0x00c42665 in slapd_SSL_client_auth (ld=0xb4507500) at ldap/servers/slapd/ssl.c:1164
#2  0x00c4db33 in slapi_ldap_bind (ld=0xb4507500, bindid=0xb450a170 "", creds=0xb47f7b58 "", mech=Variable "mech" is not available.
) at ldap/servers/slapd/util.c:1150
#3  0x008a1539 in conn_connect (conn=0x9422130) at ldap/servers/plugins/replication/repl5_connection.c:1564
#4  0x008a99bf in acquire_replica (prp=0x93ff8c0, prot_oid=Variable "prot_oid" is not available.
) at ldap/servers/plugins/replication/repl5_protocol_util.c:168
#5  0x008a424b in repl5_inc_run (prp=0x93ff8c0) at ldap/servers/plugins/replication/repl5_inc_protocol.c:800
#6  0x008a9315 in prot_thread_main (arg=0x950eea8) at ldap/servers/plugins/replication/repl5_protocol.c:313
#7  0x0014b21d in PR_Select () from /usr/lib/libnspr4.so
#8  0x00aad3cc in start_thread () from /lib/tls/libpthread.so.0
#9  0x00a1796e in clone () from /lib/tls/libc.so.6
(gdb)

Comment 1 Rich Megginson 2009-01-28 20:40:50 UTC
Created attachment 330282 [details]
diffs

Comment 2 Rich Megginson 2009-01-28 22:00:13 UTC
Created attachment 330290 [details]
cvs commit log

Reviewed by: nkinder (Thanks!)
Fix Description: When I changed the code to allow the DS to be an SSL client without having to be an SSL server, I missed the svrcore setup for EXTERNAL (ssl client auth).  The fix is to check to see if svrcore has been set up, and initialize it if not, before attempting to use it.
Platforms tested: RHEL5
Flag Day: no
Doc impact: no

Comment 3 Michael Gregg 2009-04-13 21:47:50 UTC
Created attachment 339384 [details]
report from reliab15 run on DS 8.1

Comment 4 Michael Gregg 2009-04-13 21:49:04 UTC
reliab15 ran properly.

Report from:
https://wiki.idm.lab.bos.redhat.com/dirsec/archives-mp1/archives/ds/81/reliability/reliab15/

verified against 8.1.0-0.6.el5dsrv

Comment 5 Chandrasekar Kannan 2009-04-29 23:09:54 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHEA-2009-0455.html


Note You need to log in before you can comment on or make changes to this bug.