Bug#560084: Fwd: [rt.cpan.org #84887] Process crashing when trying to issue more then one query over an gssapi/ldap connection

Xavier x.guimard at free.fr
Sun May 19 10:30:06 UTC 2013 

-------- Original message --------
Subjcet: [rt.cpan.org #84887] Process crashing when trying to issue more
then one query over an gssapi/ldap connection
Date : Sun, 19 May 2013 06:17:40 -0400
>From : Peter Marschall via RT <bug-perl-ldap at rt.cpan.org>
Reply to : bug-perl-ldap at rt.cpan.org
To : x.guimard at free.fr
Copy to : philipp at ppc.in-berlin.de

<URL: https://rt.cpan.org/Ticket/Display.html?id=84887 >

Hi,

On Sat Apr 27 00:50:31 2013, GUIMARD wrote:
> I have an adduser-script for ldap and kerberos, which works fine with
> libnet-ldap-perl 1:0.34-1, but not with any newer version.
> The script uses SASL/GSSAPI authentication to bind to the ldap server.
> 
> After some debugging, I found out that the process crshes with SIGPIPE
> when i issue more then one ldap query over the same connection.

After having installed kerberos [for another GSSAPI-related bug report],
I checked using the script below
------- BEGIN EXAMPLE -------
#!/usr/bin/perl -w
use Net::LDAP;
use Authen::SASL qw(Cyrus);                     # CHECK 1: switch
between Perl & Cyrus

my $ldap = Net::LDAP->new('ldaps://SERVER.DOMAIN') or die($@);
my $sh = Authen::SASL->new(mechanism => 'GSSAPI') or die "Can't get SASL
handle\n";
$sh = $sh->client_new('ldap', 'SERVER.DOMAIN');         # CHECK 2:
(un)comment this line
my $mesg = $ldap->bind('cn=MANAGER,dc=ADPM,dc=DE', sasl => $sh);
die "LDAP bind failed: ".$mesg->error.' ('.$mesg->code.')'  if $mesg->code;

$mesg = $ldap->search(base => 'dc=ADPM,dc=DE', filter => '(cn=*TEST-USER
1*)');
die "1st search failed: ".$mesg->error.' ('.$mesg->code.')'  if $mesg->code;
$mesg = $ldap->search(base => 'dc=ADPM,dc=DE', filter => '(cn=*TEST-USER
2*)');
die "2nd search failed: ".$mesg->error.' ('.$mesg->code.')'  if $mesg->code;
print "Sorry, SIGPIPE cannot be reproduced\n";
------- END EXAMPLE ------

I tried all 4 cases of CHECK A & CHECK B, but was not able to reproduce
a SIGPIPE in any case.

The only case when the script did not terminate successfully
was when 'qw(Cyrus)' was used for CHECK A and the client_new() was not
called in the script for CHECK B.
In this case, the script died with the message
  "LDAP bind failed: generic failure (82) at ./crashit.pl line 9 ..."

In all other cases the script ran successfully to the end.
There never was a SIGPIPE.

Can you please try to run the script with the 4 individual cases of
CHECK A & B, and report back the individual results.

Best
Peter

More information about the pkg-perl-maintainers mailing list