Bug 3492

Summary: ldapadd crashes remote slapd (2.1.25)
Product: Sisyphus Reporter: Michael Shigorin <mike>
Component: openldap-serversAssignee: Serge A. Volkov <vserge>
Status: CLOSED FIXED QA Contact: qa-sisyphus
Severity: major    
Priority: P2 CC: boyarsh, imz, klark, ldv, shaba, slev, vitty, viy
Version: unstable   
Hardware: all   
OS: Linux   
Bug Depends on: 3527    
Bug Blocks:    
Attachments:
Description Flags
sample ldif none

Description Michael Shigorin 2004-01-14 20:46:17 MSK
trickster is workstation, alpha is (ldap) server

trickster:~> ldapadd -f test.ldif -h alpha
SASL/DIGEST-MD5 authentication started
Please enter your password: 
ldap_sasl_interactive_bind_s: Can't contact LDAP server (81)
trickster:~> ssh alpha /sbin/service slapd status
slapd is dead, but stale PID file exists

this is simply remote DoS requiring no additional resources but access to the
port slapd listens to :-(

before I hit <Enter> for the password request (don't know it), slapd is alive;
just then it dies.

manipulating LDAP data with gq or phpldapadmin just goes fine.

openldap-servers-2.1.25-alt1
Comment 1 Michael Shigorin 2004-01-14 20:51:20 MSK
Created attachment 331 [details]
sample ldif
Comment 2 Michael Shigorin 2004-01-15 00:42:32 MSK
will try to change from bdb to ldbm tomorrow and see.....

Comment 3 Michael Shigorin 2004-01-20 15:29:41 MSK
похоже, проблема в том, что libsasl2 собрана с libdb4.0, а openldap -- с 4.1.
Comment 4 Serge A. Volkov 2004-02-24 10:13:51 MSK
Fixed in 2.1.26-alt1
Comment 5 Igor Muratov 2004-02-27 18:41:04 MSK
openldap-2.1.26-alt3

Проблема повторяется.
Comment 6 Serge A. Volkov 2004-03-15 13:44:36 MSK
Fixed in 2.1.27

I load to Sisyphus this package soon.
Comment 7 Michael Shigorin 2004-03-25 19:48:30 MSK
apparently works
Comment 8 Michael Shigorin 2005-08-30 02:21:47 MSD
closing
Comment 9 Michael Shigorin 2005-08-30 02:31:58 MSD
closing