You may hinting in the right direction, thanks. $ ldd /opt/ldap/lib/libldap.so linux-vdso.so.1 (0x00007fffc04e6000) liblber.so.2 => /opt/ldap/lib/liblber.so.2 (0x000074c880976000) libsasl2.so.2 => /usr/lib/x86_64-linux-gnu/libsasl2.so.2 (0x000074c88095c000) libssl.so.1.1 => /opt/cssl/lib/libssl.so.1.1 (0x000074c8808c1000) libcrypto.so.1.1 => /opt/cssl/lib/libcrypto.so.1.1 (0x000074c8805c5000) libc.so.6 => /usr/lib/x86_64-linux-gnu/libc.so.6 (0x000074c8803b3000) libcrypto.so.3 => /usr/lib/x86_64-linux-gnu/libcrypto.so.3 (0x000074c87fe9e000) /lib64/ld-linux-x86-64.so.2 (0x000074c880a05000)
So libcrypto and libssl it is linking to ours. However I see that it is also linking to libcrypto.so.3 and that is because of libsasl2.so.2 that is from the platform. Do you think having libsasl2.so.2 also built with our customer SSL would help here? On Sat, Jun 28, 2025 at 7:13 PM Jeffrey Walton <noloa...@gmail.com> wrote: > > On Sat, Jun 28, 2025 at 3:53 PM radiatejava <radiatej...@gmail.com> wrote: > > > > Hello experts > > We are using OpenLDAP lib ver 2.6.7 on Ubuntu 24.04. When doing LDAP > > search using > > ldap_search_ext_s() we are getting assert failure. Any idea what could > > be going wrong? Appreciate your reply. Here is the stacktrace: > > > > #0 0x000071e8baceeb2c in pthread_kill () from > > /usr/lib/x86_64-linux-gnu/libc.so.6 > > #1 0x000071e8bac9527e in raise () from /usr/lib/x86_64-linux-gnu/libc.so.6 > > #2 0x000071e8bac788ff in abort () from /usr/lib/x86_64-linux-gnu/libc.so.6 > > #3 0x000071e8bac7881b in ?? () from /usr/lib/x86_64-linux-gnu/libc.so.6 > > #4 0x000071e8bac8b517 in __assert_fail () from > > /usr/lib/x86_64-linux-gnu/libc.so.6 > > #5 0x000071e8b9684409 in ldap_do_free_request () from > > /opt/ldap/lib/libldap.so.2 > > #6 0x000071e8b96b4bf9 in ldap_tavl_free () from /opt/ldap/lib/libldap.so.2 > > #7 0x000071e8b968359a in ldap_free_connection () from > > /opt/ldap/lib/libldap.so.2 > > #8 0x000071e8b9683e9c in ldap_new_connection () from > > /opt/ldap/lib/libldap.so.2 > > #9 0x000071e8b9682aa7 in ldap_send_server_request () from > > /opt/ldap/lib/libldap.so.2 > > #10 0x000071e8b9685619 in ldap_chase_v3referrals () from > > /opt/ldap/lib/libldap.so.2 > > #11 0x000071e8b9667640 in try_read1msg () from /opt/ldap/lib/libldap.so.2 > > #12 0x000071e8b9666515 in wait4msg () from /opt/ldap/lib/libldap.so.2 > > #13 0x000071e8b9665f09 in ldap_result () from /opt/ldap/lib/libldap.so.2 > > #14 0x000071e8b9672a95 in ldap_sasl_bind_s () from > > /opt/ldap/lib/libldap.so.2 > > #15 0x000071e8b96740b2 in ldap_simple_bind_s () from > > /opt/ldap/lib/libldap.so.2 > > #16 0x000071e8bb737e2a in myapp::getRebindCredentials(ldap*, char > > const*, unsigned long, int, void*) () from > > /mgmt/usr/lib/x86_64-linux-gnu/libsvc_myapp.so > > #17 0x000071e8b9683e0b in ldap_new_connection () from > > /opt/ldap/lib/libldap.so.2 > > #18 0x000071e8b9682aa7 in ldap_send_server_request () from > > /opt/ldap/lib/libldap.so.2 > > #19 0x000071e8b9685619 in ldap_chase_v3referrals () from > > /opt/ldap/lib/libldap.so.2 > > #20 0x000071e8b9667640 in try_read1msg () from /opt/ldap/lib/libldap.so.2 > > #21 0x000071e8b9666515 in wait4msg () from /opt/ldap/lib/libldap.so.2 > > #22 0x000071e8b9665f09 in ldap_result () from /opt/ldap/lib/libldap.so.2 > > #23 0x000071e8b966acf7 in ldap_pvt_search_s () from > > /opt/ldap/lib/libldap.so.2 > > #24 0x000071e8b966ac25 in ldap_search_ext_s () from > > /opt/ldap/lib/libldap.so.2 > > #25 0x000071e8bb732c15 in > > myapp::LdapAuthenticationBroker::doLdapAuthenticate() () from > > /mgmt/usr/lib/x86_64-linux-gnu/libsvc_myapp.so > > #26 0x000071e8bb732484 in > > myapp::LdapAuthenticationBroker::start(bool&, void > > (*)(myapp::ExternalAuthenticationBroker*)) () > > from /mgmt/usr/lib/x86_64-linux-gnu/libsvc_myapp.so > > My uneducated guess is, the problem lies around fram #8, where the > connection is established. It looks like the connection fails, and > things go to pot when freeing the connection. I assume the connection > happens using TLS, but I don't see libcrypto or libssl called out in > the stack trace. > > What does `ldd /opt/ldap/lib/libldap.so.2` tell you? Are you getting > your custom libcrypto and libssl? or are you getting the system one? > > Or maybe, is the connection object uninitialized when calling free due > to the failure? Should you even call free when the connection fails in > frame #8? > > Jeff
