-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The initial verification of the old password was returning an error because we were not explicitly setting dp_err to DP_ERR_SUCCESS and it was initialized earlier in the function to DP_ERR_FATAL.
Pushing this to master and sssd-1-2 under the one-liner rule.
- -- Stephen Gallagher RHCE 804006346421761
Delivering value year after year. Red Hat ranks #1 in value among software vendors. http://www.redhat.com/promo/vendor/
On Wed, Aug 4, 2010 at 11:37 AM, Stephen Gallagher sgallagh@redhat.com wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The initial verification of the old password was returning an error because we were not explicitly setting dp_err to DP_ERR_SUCCESS and it was initialized earlier in the function to DP_ERR_FATAL.
Pushing this to master and sssd-1-2 under the one-liner rule.
Tested-by: Jeff Schroeder jeffschroeder@computer.org
On Wed, Aug 4, 2010 at 11:53 AM, Jeff Schroeder jeffschroeder@computer.org wrote:
On Wed, Aug 4, 2010 at 11:37 AM, Stephen Gallagher sgallagh@redhat.com wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The initial verification of the old password was returning an error because we were not explicitly setting dp_err to DP_ERR_SUCCESS and it was initialized earlier in the function to DP_ERR_FATAL.
Pushing this to master and sssd-1-2 under the one-liner rule.
Tested-by: Jeff Schroeder jeffschroeder@computer.org
Ok scratch that, I was in the wrong git branch. It seems that things go south around "talloc_strdup failed.".
601 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_pam_chpass_handler] (2): starting password change request for user [jschroeder]. 602 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [fo_resolve_service_send] (4): Trying to resolve service 'LDAP' 603 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [get_server_status] (7): Status of server 'ldap.site1.int' is 'working' 604 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [get_port_status] (7): Port status of port 389 for server 'ldap.site1.int' is 'working' 605 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [get_server_status] (7): Status of server 'ldap.site1.int' is 'working' 606 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [be_resolve_server_done] (4): Found address for server ldap.site1.int: [10.121.200.10] 607 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [setup_ldap_connection_callbacks] (9): LDAP connection callbacks are not supported. 608 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_connect_send] (4): Executing START TLS 609 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_install_ldap_callbacks] (8): Trace: sh[0x108b7b0], connected[1], ops[(nil)], fde[0x108af90], ldap[0x108a d20] 610 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: sh[0x108b7b0], connected[1], ops[0x108b040], ldap[0x108ad20] 611 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_connect_done] (3): START TLS result: Success(0), (null) 612 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [fo_set_port_status] (4): Marking port 389 of server 'ldap.site1.int' as 'working' 613 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [set_server_common_status] (4): Marking server 'ldap.site1.int' as 'working' 614 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: sh[0x108b7b0], connected[1], ops[(nil)], ldap[0x108ad20] 615 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: ldap_result found nothing! 616 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [find_password_expiration_attributes] (9): No password policy requested. 617 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [simple_bind_send] (4): Executing simple bind as: uid=jschroeder,ou=People,o=int 618 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [simple_bind_send] (8): ldap simple bind sent, msgid = 2 619 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: sh[0x108b7b0], connected[1], ops[0x108b6b0], ldap[0x108ad20] 620 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [simple_bind_done] (5): Server returned no controls. 621 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [simple_bind_done] (3): Bind result: Success(0), (null) 622 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_auth4chpass_done] (7): user [uid=jschroeder,ou=People,o=int] successfully authenticated. 623 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_exop_modify_passwd_send] (4): Executing extended operation 624 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_exop_modify_passwd_send] (8): ldap_extended_operation sent, msgid = 3 625 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: sh[0x108b7b0], connected[1], ops[0x108b040], ldap[0x108ad20] 626 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: ldap_result found nothing! 627 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: sh[0x108b7b0], connected[1], ops[0x108b040], ldap[0x108ad20] 628 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_exop_modify_passwd_done] (5): Server returned no controls. 629 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_exop_modify_passwd_done] (1): talloc_strdup failed. 630 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_exop_modify_passwd_done] (3): ldap_extended_operation result: Referral(10), (null) 631 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [be_pam_handler_callback] (4): Backend returned: (3, 20, <NULL>) [Internal Error (Not a directory)] 632 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [be_pam_handler_callback] (4): Sending result [20][LDAP] 633 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [be_pam_handler_callback] (4): Sent result [20][LDAP] 634 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_handle_release] (8): Trace: sh[0x108b7b0], connected[1], ops[(nil)], ldap[0x108ad20], destructor_lock[0] , release_memory[0] 635 (Thu Aug 5 06:13:40 2010) [sssd[pam]] [sbus_remove_timeout] (8): 0x86ed80 636 (Thu Aug 5 06:13:40 2010) [sssd[pam]] [sbus_dispatch] (9): dbus conn: 86FDF0 637 (Thu Aug 5 06:13:40 2010) [sssd[pam]] [sbus_dispatch] (9): Dispatching. 638 (Thu Aug 5 06:13:40 2010) [sssd[pam]] [pam_dp_process_reply] (4): received: [20][LDAP] 639 (Thu Aug 5 06:13:40 2010) [sssd[pam]] [pam_reply] (4): pam_reply get called. 640 (Thu Aug 5 06:13:40 2010) [sssd[pam]] [pam_reply] (4): blen: 21
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 08/04/2010 10:18 PM, Jeff Schroeder wrote:
Ok scratch that, I was in the wrong git branch. It seems that things go south around "talloc_strdup failed.".
Looking at the code, the check for NULL seems OK, so probably the allocation really failed and the machine ran out of memory, but I think we should probably break with ENOMEM in that case..see the attached patch.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 08/05/2010 04:51 AM, Jakub Hrozek wrote:
On 08/04/2010 10:18 PM, Jeff Schroeder wrote:
Ok scratch that, I was in the wrong git branch. It seems that things go south around "talloc_strdup failed.".
Looking at the code, the check for NULL seems OK, so probably the allocation really failed and the machine ran out of memory, but I think we should probably break with ENOMEM in that case..see the attached patch.
talloc_strdup() will also return NULL if the source string is NULL. I think we need to investigate whether this is the case.
- -- Stephen Gallagher RHCE 804006346421761
Delivering value year after year. Red Hat ranks #1 in value among software vendors. http://www.redhat.com/promo/vendor/
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 08/04/2010 04:18 PM, Jeff Schroeder wrote:
[sdap_exop_modify_passwd_done] (5): Server returned no controls. 629 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_exop_modify_passwd_done] (1): talloc_strdup failed.
This is fine, it has nothing to do with it, though I've patched the code so it won't print erroneously anymore.
630 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_exop_modify_passwd_done] (3): ldap_extended_operation result: Referral(10), (null)
Ok here's the real problem. I know from past dealings that you're running on a system incapable of processing referrals (using openldap < 2.4.13). The LDAP server is returning a referral when you try to perform a password change exop here. However, we're also not handling this error cleanly, so I've fixed that in the patch as well.
- -- Stephen Gallagher RHCE 804006346421761
Delivering value year after year. Red Hat ranks #1 in value among software vendors. http://www.redhat.com/promo/vendor/
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 08/05/2010 02:57 PM, Stephen Gallagher wrote:
On 08/04/2010 04:18 PM, Jeff Schroeder wrote:
[sdap_exop_modify_passwd_done] (5): Server returned no controls. 629 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_exop_modify_passwd_done] (1): talloc_strdup failed.
This is fine, it has nothing to do with it, though I've patched the code so it won't print erroneously anymore.
630 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_exop_modify_passwd_done] (3): ldap_extended_operation result: Referral(10), (null)
Ok here's the real problem. I know from past dealings that you're running on a system incapable of processing referrals (using openldap < 2.4.13). The LDAP server is returning a referral when you try to perform a password change exop here. However, we're also not handling this error cleanly, so I've fixed that in the patch as well.
Ack
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 09/02/2010 10:25 AM, Jakub Hrozek wrote:
On 08/05/2010 02:57 PM, Stephen Gallagher wrote:
On 08/04/2010 04:18 PM, Jeff Schroeder wrote:
[sdap_exop_modify_passwd_done] (5): Server returned no controls. 629 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_exop_modify_passwd_done] (1): talloc_strdup failed.
This is fine, it has nothing to do with it, though I've patched the code so it won't print erroneously anymore.
630 (Thu Aug 5 06:13:40 2010) [sssd[be[LDAP]]] [sdap_exop_modify_passwd_done] (3): ldap_extended_operation result: Referral(10), (null)
Ok here's the real problem. I know from past dealings that you're running on a system incapable of processing referrals (using openldap < 2.4.13). The LDAP server is returning a referral when you try to perform a password change exop here. However, we're also not handling this error cleanly, so I've fixed that in the patch as well.
Ack
Pushed to master.
- -- Stephen Gallagher RHCE 804006346421761
Delivering value year after year. Red Hat ranks #1 in value among software vendors. http://www.redhat.com/promo/vendor/
sssd-devel@lists.fedorahosted.org