Apache segfaults when it is trying to authenticate against ldap in the following setup. <Location /svn> DAV svn SVNParentPath /var/svn </Location> <Location /svn/main> AuthLDAPURL ldap://127.0.0.1/ou=people,dc=some,dc=domain?uid?one require valid-user </Location> The segfault occurs when accessing the server with 'svn co https://svn.some.domain/svn/main' after entering the password. It does not do so, when using a htpasswd file. Changing to a unix socket instead of tcp/ip results in the same segfault. The problem occured with apache-2.0.58-r2 as well as apache-2.0.59 and openldap-2.3.24-r1. I emerged apache with FEATURES=nostrip and CFLAGS='-O0 -g' and was able to get core dumps from an apache compiled with mpm-worker and threads. However when loading core dumps into gdb and running bt full, it tells me that there are no symbol tables. (Sadly I am currently a gdb novice.) I tried to isolate the problem, with a fresh apache and openldap install without ssl and svn, but was not able to get core dumps. It seems that apache simply does not want to be debugged. I also tried to set MaxClients 1 to run apache directly in debugger, however it then gets automatically set to 25 as that is the ThreadsPerChild value which seems impossible to be changed. Portage 2.1.1-r1 (hardened/amd64, gcc-3.4.6, glibc-2.3.6-r4, 2.6.14-hardened-r3 x86_64) ================================================================= System uname: 2.6.14-hardened-r3 x86_64 AMD Athlon(tm) 64 Processor 3200+ Gentoo Base System version 1.6.15 Last Sync: Tue, 03 Oct 2006 17:20:01 +0000 ccache version 2.3 [enabled] app-admin/eselect-compiler: [Not Present] dev-java/java-config: [Not Present] dev-lang/python: 2.3.5-r2, 2.4.3-r1 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: 2.3 dev-util/confcache: [Not Present] sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.59-r7 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2 sys-devel/binutils: 2.16.1-r3 sys-devel/gcc-config: 1.3.13-r3 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.11-r2 ACCEPT_KEYWORDS="amd64" AUTOCLEAN="yes" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=k8 -O0 -g -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc" CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf /etc/revdep-rebuild /etc/terminfo" CXXFLAGS="-march=k8 -O0 -g -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig ccache collision-protect distlocks metadata-transfer sandbox sfperms strict userpriv usersandbox" GENTOO_MIRRORS="http://pandemonium.tiscali.de/pub/gentoo/ http://gentoo.intergenia.de http://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/ http://mirrors.sec.informatik.tu-darmstadt.de/gentoo/ http://gentoo.mirror.solnet.ch" LINGUAS="en" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude='/distfiles' --exclude='/local' --exclude='/packages'" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage" USE="amd64 apache2 bash-completion berkdb bzip2 cairo caps crypt cscope dlloader doc elibc_glibc exiscan-acl hardened input_devices_keyboard input_devices_mouse ithreads justify kernel_linux ldap linguas_en lmtp mailwrapper mpm-worker nls no-htdocs nptl nptlonly pam pam_chroot perl pic png python readline skey ssl syslog tcpd threads unicode userland_GNU userlocales vhosts vim-pager xorg zlib" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, MAKEOPTS, PORTAGE_RSYNC_EXTRA_OPTS
I have the same exact behavior with SVN. Apache segfaults with trying to authenticate. As far as I can tell, it doesn't even get to authenticate, it crashes before this happens. [ebuild R ] net-www/apache-2.0.58-r2 USE="apache2 -debug doc ldap -mpm-itk -mpm-leader -mpm-peruser -mpm-prefork -mpm-threadpool -mpm-worker (-selinux) ssl -static-modules -threads" 4,651 kB [ebuild R ] net-nds/openldap-2.3.27-r2 USE="berkdb crypt -debug gdbm -ipv6 -kerberos -minimal -odbc -overlays perl readline samba sasl (-selinux) -slp -smbkrb5passwd ssl tcpd" 0 kB Portage 2.1.1-r2 (hardened/amd64/multilib, gcc-3.4.6, glibc-2.3.6-r4, 2.6.17-hardened-r1 x86_64) ================================================================= System uname: 2.6.17-hardened-r1 x86_64 Intel(R) Xeon(R) CPU 5130 @ 2.00GHz Gentoo Base System version 1.12.6 Last Sync: Wed, 22 Nov 2006 08:50:01 +0000 distcc 2.18.3 x86_64-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] ccache version 2.3 [enabled] app-admin/eselect-compiler: [Not Present] dev-java/java-config: 1.3.7, 2.0.30 dev-lang/python: 2.4.3-r4 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: 2.3 dev-util/confcache: [Not Present] sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.60 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.16.1-r3 sys-devel/gcc-config: 1.3.13-r4 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.11-r2 ACCEPT_KEYWORDS="amd64" AUTOCLEAN="yes" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -pipe -march=nocona -fomit-frame-pointer" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config /var/bind" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/java-config/vms/ /etc/revdep-rebuild /etc/splash /etc/terminfo /etc/texmf/web2c" CXXFLAGS="-O2 -pipe -march=nocona -fomit-frame-pointer" DISTDIR="/var/tmp/distfiles" EMERGE_DEFAULT_OPTS="--alphabetical" FEATURES="autoconfig ccache digest distlocks metadata-transfer parallel-fetch sandbox sfperms strict" GENTOO_MIRRORS="http://gentoo.osuosl.org/ http://mirrors.acm.cs.rpi.edu/gentoo/ http://csociety-ftp.ecn.purdue.edu/pub/gentoo/ ftp://ftp.ussg.iu.edu/pub/linux/gentoo http://gentoo.ccccom.com/" MAKEOPTS="-j5" PKGDIR="/var/tmp/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude='/distfiles' --exclude='/local' --exclude='/packages'" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.us.gentoo.org/gentoo-portage" USE="amd64 X acl acpi apache apache2 apm bash-completion berkdb bzip2 caps crypt curl dga dio directfb dlloader doc elibc_glibc gcj gdbm gif gmp gnome gpm gtk hardened hardenedphp imlib input_devices_keyboard input_devices_mouse java javascript jpeg justify kde kdeenablefinal kernel_linux ldap multilib ncurses nls nptl nsplugin opengl pam perl pic png ppds python readline skey snmp spell sse sse2 ssl tcpd tiff truetype userland_GNU vhosts video_cards_radeon xml xmlrpc xorg xv zlib" Unset: CTARGET, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTAGE_RSYNC_EXTRA_OPTS
You need to say that it's basic type authentication, otherwise yes, this will happen. AuthType Basic AuthName "My Realm" AuthLDAPURL ldap://blah Require valid-user It's basically bad configs. Marking invalid.
I realize you are responding to the original poster but I have this setup properly and it doesn't work. I tried it again this morning, made sure I had the relevant information listed and it still crashes.
Created attachment 113253 [details] 47_mod_dav_svn.conf
Created attachment 113254 [details] Apache error_log
I was having: AuthType Basic AuthName "some.name" AuthLDAPURL ldap://127.0.0.1/ou=people,dc=some,dc=domain?uid?one Sorry for not posting my full config before.
(In reply to comment #6) > I was having: > AuthType Basic > AuthName "some.name" > AuthLDAPURL ldap://127.0.0.1/ou=people,dc=some,dc=domain?uid?one > > Sorry for not posting my full config before. Florian, have you tried reproducing this with apache-2.2.4-r6 ?
I just wanted to note that upgrading to apache 2.2.4-r7 fixed the issue for me.
