Description of problem: I set up windows sync (2008 R2). Initial sync went ok. I added an ntUser to the DS side - when it went to sync it crashed with an assertion abort in ldap_next_entry() in windows_search_entry_ext(). It seems that openldap ldap_next_entry(LDAP *, LDAPMessage *entry) does not like entry == NULL - it asserts and aborts, while mozldap ldap_next_entry will just return NULL in that case.
Created attachment 478135 [details] 0001-Bug-676689-crash-while-adding-a-new-user-to-be-synce.patch
To ssh://git.fedorahosted.org/git/389/ds.git 96bb64a..8a15fd4 389-ds-base-1.2.8 -> 389-ds-base-1.2.8 commit 8a15fd460396e7d04a7907d4948493afba2b8083 Author: Rich Megginson <rmeggins> Date: Thu Feb 10 15:23:20 2011 -0700 Reviewed by: nkinder (Thanks!) Branch: 389-ds-base-1.2.8 Fix Description: The OpenLDAP ldap_next_entry() function will assert and abort if passed a NULL message. Mozldap ldap_next_entry() will just return NULL. Fix the server to not pass NULL to ldap_next_entry(). Platforms tested: RHEL6 x86_64 Flag Day: no Doc impact: no (cherry picked from commit 82b362176a8874ace0fd53e69ca6838d33a4881a) commit 82b362176a8874ace0fd53e69ca6838d33a4881a Author: Rich Megginson <rmeggins> Date: Thu Feb 10 15:23:20 2011 -0700 Branch: master
[root@rheltest etc]# ldapadd -x -D "cn=Directory Manager" -w abc -h localhost -p 389 << EOF > dn: cn=testuser,ou=users,ou=unix,dc=corp,dc=example,dc=com > objectclass: person > objectClass: inetorgperson > objectclass: ntUser > sn: User > givenName: Test > ntUserDomainId: testuser > ntUserCreateNewAccount: TRUE > EOF adding new entry "cn=testuser,ou=users,ou=unix,dc=corp,dc=example,dc=com" - Entry replicated to AD and no crash found. hence verified.