Menu
▾
▴
Connections established using SASL die after search
|
From: Mark R. <mr...@ok...> - 2004-12-11 00:24:50
|
Hello, all. I've been trying to figure out the cause of a strange bug and have traced it down to a small example. It seems that searching with wildcards or using the ! operator cause the ldap connection to die, but only when using gssapi (possibly other sasl mechanisms, that's the only one I've tried). Here is the code that causes the problem, you should be able to cut n' paste into an interactive interpreter. Thanks for any suggestions. Mark Roach #---------------------------- import ldap import ldap.sasl URI = 'ldap://cujo.okmaybe.com' BASEDN = 'dc=okmaybe,dc=com' BINDDN = 'cn=admin,dc=okmaybe,dc=com' PASS = 'mypassword' def printTree(conn, dn, out, indent=0, run_extra_search=False): "recursively prints ou objects to a list" # This is the extra bit of searching that kills the ldap connection if (run_extra_search): resid = conn.search(dn, ldap.SCOPE_ONELEVEL, \ '(objectClass=*)') rescode, res = conn.result(resid, timeout=10) # Search for organizationalUnits recursively resid = conn.search(dn, ldap.SCOPE_ONELEVEL, \ '(objectClass=organizationalUnit)', ['ou']) rescode, res = conn.result(resid, timeout=10) out.append( " " * indent + dn) for c in res: if c[1].has_key('ou'): printTree(conn, c[0], out, indent + 1, run_extra_search) ### Try a connection with simple bind (This works fine) l = ldap.initialize(URI) l.bind_s(BINDDN, PASS) for i in xrange(50): out = [] printTree(l, BASEDN, out) for i in xrange(50): out = [] printTree(l, BASEDN, out, run_extra_search = True) ### Now try a gssapi connection g = ldap.sasl.gssapi() l = ldap.initialize(URI) l.sasl_interactive_bind_s('', g) # This one works for i in xrange(50): out = [] try: printTree(l, BASEDN, out) except: print "Died on iteration %d" % (i) print out break # Maybe dies, maybe succeeds (mostly dies) for i in xrange(50): out = [] try: printTree(l, BASEDN, out, run_extra_search = True) except: print "Died on iteration %d" % (i) print out break |
