Hi,
On Sat Apr 27 00:50:31 2013, GUIMARD wrote:
Show quoted text> I have an adduser-script for ldap and kerberos, which works fine with
> libnet-ldap-perl 1:0.34-1, but not with any newer version.
> The script uses SASL/GSSAPI authentication to bind to the ldap server.
>
> After some debugging, I found out that the process crshes with SIGPIPE
> when i issue more then one ldap query over the same connection.
After having installed kerberos [for another GSSAPI-related bug report], I checked using the script below
Show quoted text------- BEGIN EXAMPLE -------
#!/usr/bin/perl -w
use Net::LDAP;
use Authen::SASL qw(Cyrus); # CHECK 1: switch between Perl & Cyrus
my $ldap = Net::LDAP->new('ldaps://SERVER.DOMAIN') or die($@);
my $sh = Authen::SASL->new(mechanism => 'GSSAPI') or die "Can't get SASL handle\n";
$sh = $sh->client_new('ldap', 'SERVER.DOMAIN'); # CHECK 2: (un)comment this line
my $mesg = $ldap->bind('cn=MANAGER,dc=ADPM,dc=DE', sasl => $sh);
die "LDAP bind failed: ".$mesg->error.' ('.$mesg->code.')' if $mesg->code;
$mesg = $ldap->search(base => 'dc=ADPM,dc=DE', filter => '(cn=*TEST-USER 1*)');
die "1st search failed: ".$mesg->error.' ('.$mesg->code.')' if $mesg->code;
$mesg = $ldap->search(base => 'dc=ADPM,dc=DE', filter => '(cn=*TEST-USER 2*)');
die "2nd search failed: ".$mesg->error.' ('.$mesg->code.')' if $mesg->code;
print "Sorry, SIGPIPE cannot be reproduced\n";
------- END EXAMPLE ------
I tried all 4 cases of CHECK A & CHECK B, but was not able to reproduce a SIGPIPE in any case.
The only case when the script did not terminate successfully
was when 'qw(Cyrus)' was used for CHECK A and the client_new() was not called in the script for CHECK B.
In this case, the script died with the message
"LDAP bind failed: generic failure (82) at ./crashit.pl line 9 ..."
In all other cases the script ran successfully to the end.
There never was a SIGPIPE.
Can you please try to run the script with the 4 individual cases of CHECK A & B, and report back the individual results.
Best
Peter
