From: Ken Murchison (no email)
Date: Mon Aug 06 2001 - 09:32:33 EDT
Lawrence Greenfield wrote:
>
> Date: Sun, 05 Aug 2001 21:20:55 -0700
> From: David Wright <>
>
> [...]
> Now when _do_authentication is run against a correct password, it
> returns success and pam_ldap returns success, but imapd dies. If I
> comment out the call to _do_authentication and just return success,
> imapd does not die. So it would seem the problem lies with
> _do_authentication.
>
> But here is the wierd part -- as far as I can tell, _do_authentication
> does not interact with imapd or the SASL library at all; it contains
> only LDAP library calls to interact with the LDAP server! And remember,
> this interaction doesn't generate any errors, but rather runs flawlessly
> and returns success. It seems, though, that a side-effect of this
> interaction is to screw up the imapd so badly that it dies with a
> "signaled to death by 11".
>
> OpenLDAP's API contains calls to the SASL library to do it's own SASL
> negotiation with the LDAP server, thus the problem.
>
> These sort of hard-to-track-down interactions is why version 2 of the
> SASL library will force use of a seperate process (a la pwcheck) for
> PAM, LDAP, or other sorts of authentication.
Could this be a simple problem of OpenLDAP and Cyrus-imapd being linked
against different version SASL libraries, or worse yet different
databases libraries?
Ken
-- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
|
|
|