saslauthd hangs on FreeBSD/amd64 with fghack

Attila Nagy bra at fsn.hu
Thu Aug 25 12:19:46 EDT 2005


Hello,

I am running saslauthd from daemontools with fghack, because it does not 
have a "stay in foreground" mode.

When I try to access the server, it hangs and starts to eat the CPU.

The command line, I use:
/usr/local/bin/fghack /usr/local/sbin/saslauthd -c -s 16384 -t 604800 -r 
-a ldap

but the problem persist with a simple -a ldap too. If I specify -a 
getpwent or start without fghack and with -d, the problem disappears, so 
it's LDAP specific. The problem also goes away, if I use the attached 
patch and start saslauthd with -f. (could this be applied to the source? 
It would be a nice addition.)

It seems that saslauthd gets into the loop after openldap tries to 
connect to the server. The interesting thing is that the same setup 
works on FreeBSD/i386, with the same version of openldap libraries.

Should I contact the openldap developers instead? :-O

ktrace output:
  51204 saslauthd NAMI  "/root/.ldaprc"
  51204 saslauthd RET   open -1 errno 2 No such file or directory
  51204 saslauthd CALL  open(0x800a6f817,0,0x1b6)
  51204 saslauthd NAMI  "ldaprc"
  51204 saslauthd RET   open -1 errno 2 No such file or directory
  51204 saslauthd CALL  socket(0x2,0x1,0)
  51204 saslauthd RET   socket 40/0x28
  51204 saslauthd CALL  setsockopt(0x28,0x6,0x1,0x7fffffffddf4,0x4)
  51204 saslauthd RET   setsockopt 0
  51204 saslauthd CALL  fcntl(0x28,0x3,0x800a6f01e)
  51204 saslauthd RET   fcntl 2
  51204 saslauthd CALL  fcntl(0x28,0x4,0x6)
  51204 saslauthd RET   fcntl 0
  51204 saslauthd CALL  connect(0x28,0x513230,0x10)
  51204 saslauthd RET   connect -1 errno 36 Operation now in progress
  51204 saslauthd CALL  select(0x400,0,0x7fffffffde80,0,0x7fffffffdf00)
  51204 saslauthd RET   select 1
  51204 saslauthd CALL  getpeername(0x28,0x7fffffffde00,0x7fffffffddf0)
  51204 saslauthd RET   getpeername 0
  51204 saslauthd CALL  fcntl(0x28,0x3,0x800a6efba)
  51204 saslauthd RET   fcntl 6
  51204 saslauthd CALL  fcntl(0x28,0x4,0x2)
  51204 saslauthd RET   fcntl 0
  51204 saslauthd CALL  gettimeofday(0x7fffffffdfe0,0)
  51204 saslauthd RET   gettimeofday 0
  51204 saslauthd CALL  write(0x28,0x51d000,0x47)
  51204 saslauthd GIO   fd 40 wrote 71 bytes
[LDAP bind credentials]

  51204 saslauthd RET   write 71/0x47
  51204 saslauthd CALL  select(0x400,0x51b500,0x51b580,0,0)
  51204 saslauthd RET   select 1
[endless loop]
  51204 saslauthd CALL  select(0x400,0x51b500,0x51b580,0,0)
  51204 saslauthd RET   select 1

Thanks,

-- 
Attila Nagy                                   e-mail: Attila.Nagy at fsn.hu
Adopt a directory on our free software   phone @work: +361 371 3536
server! http://www.fsn.hu/?f=brick             cell.: +3630 306 6758
-------------- next part --------------
--- /usr/ports/security/cyrus-sasl2-saslauthd/work/cyrus-sasl-2.1.21/saslauthd/saslauthd-main.c	Wed Jun  2 17:40:51 2004
+++ /tmp/saslauthd-main.c	Thu Aug 25 18:16:53 2005
@@ -167,7 +167,7 @@
 	flags |= LOG_USE_STDERR;
 	flags |= AM_MASTER;
 
-	while ((option = getopt(argc, argv, "a:cdhO:lm:n:rs:t:vV")) != -1) {
+	while ((option = getopt(argc, argv, "a:cdfhO:lm:n:rs:t:vV")) != -1) {
 		switch(option) {
 			case 'a':
 			        /* Only one at a time, please! */
@@ -193,6 +193,10 @@
 				flags &= ~DETACH_TTY;
 				break;
 
+			case 'f':
+				flags &= ~DETACH_TTY;
+				break;
+
 			case 'h':
 				show_usage();
 				break;
@@ -974,6 +978,7 @@
     fprintf(stderr, "  -a <authmech>  Selects the authentication mechanism to use.\n");
     fprintf(stderr, "  -c             Enable credential caching.\n");
     fprintf(stderr, "  -d             Debugging (don't detach from tty, implies -V)\n");
+    fprintf(stderr, "  -f             Don't detach from tty, stay in foreground\n");
     fprintf(stderr, "  -r             Combine the realm with the login before passing to authentication mechanism\n");
     fprintf(stderr, "                 Ex. login: \"foo\" realm: \"bar\" will get passed as login: \"foo at bar\"\n");
     fprintf(stderr, "                 The realm name is passed untouched.\n");


More information about the Cyrus-sasl mailing list