On Fri Feb 28, 2003 at 11:16:07AM +0200, Buchan Milne wrote: > > i know that this list isn't support list, but i have strange problem > > with combination in $subj under mdk cooker. i don't fill bugreport, > > because i don't know, if this is mandrake bug (i think that no, but..) > > or bug in some component. > > > > i have properly configured openldap server at server side, and nss_ldap > > client with openssh at client side. if i use plaintext for data transfer > > and authentication to ldap server, everything works fine, authorization > > for all services, getent etc. > > > > but if i turned on ssl communication in nss_ldap module, there is problem > > and openssh segfault during userauth-request. i must say, that all > > others services and getent still works fine, but openssh no.. > > > > there is information which i get if i run sshd under gdb: > > > > Program received signal SIGSEGV, Segmentation fault. > > 0x40444c6c in _init () from /usr/lib/libssl.so.0 > > > > (gdb) bt > > #0 0x40444c6c in _init () from /usr/lib/libssl.so.0 > > Cannot access memory at address 0x30f > > > > i run full cooker box at client side, and almost cooker at server side > > (but all relevant components are up-to-date). > > > > please, can anybody confirm this problem? and if this is a serious > > problem, can anybody (vincent?) report this to relevant developers (i > > think that this is openssl problem, but this is only imho) please? > > Yes, someone needs to file a bug report for this so everyone running > nss_ldap can vote for this ;-). Since my cooker box happens to be an > ldap slave, I am not too worried about no-ssl atm (since all ldap > queries go over loopback), but this is an issue.
I've forwarded this to the openssh-dev list so we'll see what they have to say. I don't have time right now to investigate this myself, so we'll see if this is a known issue with the openssh folks or not. -- MandrakeSoft Security; http://www.mandrakesecure.net/ Online Security Resource Book; http://linsec.ca/ "lynx -source http://linsec.ca/vdanen.asc | gpg --import" {FE6F2AFD : 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD}
pgp00000.pgp
Description: PGP signature
