Guys, This patch solved the problem I described below. I installed the patch 3 days ago, and havent had the problem since.
To reiterate for the loyal cyrus bug hunters: My system is using cyrus 2.1.5, sasl 2.1.7 on a RH7.3 box (ive tried this config against 4 different versions of openldap, on two completely different servers) and I compiled with: SASL: ./configure --enable-plain --disable-krb4 --with-saslauthd=/var/run/saslauthd --with-ldap=/usr/local/lib IMAP: ./configure --with-sasl=/usr/local/lib --with-perl --with-auth=unix --with-ssl --with-dbdir=/usr/local/BerkeleyDB.4.0 --with-ucdsnmp=no Sincerely, Lee -----Original Message----- From: Mohan Khurana [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 26, 2002 7:56 PM To: Lee Hoffman Cc: [EMAIL PROTECTED]; Igor Brezac Subject: Re: Serious Bug in Cyrus/SASL: Intermittent Ldap AUTHFAIL Lee, Below, I've included a patch, it basically removes persistance from saslauthd. This has fixed the problem for me. I'm not exactly familiar with all the code, so I was unable to free the lak config structure, but this does let you atleast get saslauthd working. I think there's a problem with persistance, I'm not exactly sure what it is though. Any thoughts? mohan *** ../../orig/cyrus-sasl-2.1.7/saslauthd/lak.c Thu Aug 1 15:58:24 2002 --- lak.c Thu Sep 26 19:42:11 2002 *************** *** 816,821 **** --- 816,832 ---- rc = lak_auth_custom(lak, user, realm, password); } + /* free the lak */ + if (lak->ld) { + if (lak->conf->cache_ttl) + ldap_destroy_cache(lak->ld); + ldap_unbind_s(lak->ld); + lak->ld = NULL; + } + //lak_free_config(&(lak->conf)); + free(lak); + persistent_lak = NULL; + return rc; } *************** *** 846,851 **** --- 857,874 ---- attrs[1] = NULL; rc = lak_retrieve(lak, user, realm, (const char **)attrs, &lres); + + /* free the lak */ + if (lak->ld) { + if (lak->conf->cache_ttl) + ldap_destroy_cache(lak->ld); + ldap_unbind_s(lak->ld); + lak->ld = NULL; + } + lak_free_config(&lak->conf); + free(lak); + persistent_lak = NULL; + if (rc != LAK_OK) { return rc; }
