Hi,
The memory over run I am going to describe may or may not be an imap
issue. The debugging points to imap in an indirect manner and hence this
posting.
The culprit chain:
imapd -> sasl -> pam -> pam_ldap -> libldap & liblber
Using Netscape mail client when I try to read mail of imap server
by supplying the userid and password the following happens:
In imapd, in function sasl_checkpass(), the call to _sasl_checkpass()
loads pam_ldap.so which in turn loads libldap & liblber. On coming
out of _sasl_checkpass() into sasl_checkpass() I get successful
verification of the password. Look at the following code snippet from
sasl (lib/server.c lines 1243-1250):
result = _sasl_checkpass(conn, mech, conn->service, user, pass,
errstr);
if (result == SASL_OK) {
result = _sasl_strdup(user, &(conn->oparams.authid), NULL);
if (result != SASL_OK) return result;
_sasl_transition(conn, pass, passlen);
}
_sasl_strdup uses imap's own memory allocation functions from
lib/xmalloc.c. What is interesting is if I enable ldap option via
pam.d/imap
file then instead of accessing xmalloc functions of imapd, _sasl_strdup
gets into ber_memalloc and I get segmentation fault, debugger shows line
190 of memory.c file of openldap distribution. This is consistent across
both redhat 6.2 & 7.0. However if I input wrong password, _sasl_strdup
doesn't get accessed and hence imapd does not break, but my Netscape
client freezes on me.
However imapd works thru' the above code if I disable ldap option
in pam.d/imap and access the shadow password system
Interestingly the following chain works fine for the same user id and
password:
wu-ftpd -> pam -> pam_ldap -> libldap & liblber
My guess is some where some pointers are over run. It has been very
difficult to get a handle on this in the debugger. Every thing looks to
work
fine until I get to "_sasl_strdup" and from there it is straight into
"ber_malloc" of openldap and segmentation fault with no meaningful
stack trace.
Or does this behavior has anything to do with the fact that ldap 2.0
also
uses sasl and there may have been name mangling issues!
This is behavior is present in 2.0.7 and the code in cvs.
Has anybody successfully implemented the latest imapd on redhat with
pam_ldap and openldap 2.x.x?
Any pointers or help is appreciated.
Thanks
__
Seva
