View Issue Details

IDProjectCategoryView StatusLast Update
0005131SOGoBackend Generalpublic2020-09-29 15:16
Reporterdas_j Assigned To 
PrioritynormalSeveritycrashReproducibilitysometimes
Status newResolutionopen 
Product Version5.0.0 
Summary0005131: [5.0.0 Regression] LDAP auth breaks after some time
Description

We're using a LDAP daemon on localhost. After some time (currently 1 day 12 hours), DAVx5 syncs fail with "Authentication failed" errors.

The server log:
<0x0x576dc4278d48[LDAPSource]> Could not bind to the LDAP server ldap://127.0.0.1 (389) using the bind DN: uid=sogo,
<0x0x576dc4278d48[LDAPSource]> <NSException: 0x576dc613fa28> NAME:LDAPException REASON:operation bind failed: Can't contact LDAP server (0xFFFFFFFF) INFO:{"error_code" = "-1"; login = "uid=sogo,
"; }
<0x0x576dc476d308[SOGoDAVAuthenticator]> tried wrong password for user 'user@example.com'!
Aug 22 13:00:37 sogod [85675]: 127.0.0.1 "PROPFIND /SOGo/dav/user@example.com/Calendar/2B82-5D8B7D80-2-ADCB4050/ HTTP/1.0" 401 12/265 0.044 - - -
<0x0x576dc4278d48[LDAPSource]> Could not bind to the LDAP server ldap://127.0.0.1 (389) using the bind DN: uid=sogo,
<0x0x576dc4278d48[LDAPSource]> <NSException: 0x576dc59aef18> NAME:LDAPException REASON:operation bind failed: Can't contact LDAP server (0xFFFFFFFF) INFO:{"error_code" = "-1"; login = "uid=sogo,
"; }
<0x0x576dc476d308[SOGoDAVAuthenticator]> tried wrong password for user 'user@example.com'!
Aug 22 13:00:37 sogod [85675]: 127.0.0.1 "PROPFIND /SOGo/dav/user@example.com/Calendar/personal/ HTTP/1.0" 401 12/265 0.020 - - -

The weird part is that tcpdump does not show any packets on port 389 so it looks like SOGo doesn't even try.

Steps To Reproduce

Use localhost LDAP (I don't know if the localhost part matters) and let SOGo running for two days or so.

Additional Information

SOGo and SOPE are built directly from the 5.0.0 tag

The server is running AppArmor but AppArmor does not deny anything.

Tagsldap

Activities

ludovic

ludovic

2020-08-22 07:14

administrator   ~0014713

Which SOGo version were you running before having that problem? Also, when upgrading to v5, did you also change the OS?

das_j

das_j

2020-08-22 07:29

reporter   ~0014714

Previous (working) version was 4.3.2, the server is the exact same (apart from the new SOGo).

ludovic

ludovic

2020-08-25 13:56

administrator   ~0014725

Do you have EAS clients?

abma

abma

2020-08-26 12:27

reporter   ~0014728

we have upgraded to sogo 5.0 and using ldap, too but don't have this problem.

do you run out of file descriptors maybe? is the ldap server running / showing errors?

abma

abma

2020-08-26 14:08

reporter   ~0014729

i had 0004812 in mind

ntsch

ntsch

2020-08-31 05:52

reporter   ~0014733

We had a similar issue, wich ran out of file descriptors.
We did not yet upgrade to 5.0.0 but, with 4.3.2 nigthly builds, the issue is solved since build version 20200806
If something crashed, check the file descriptors for each sogo child Process

francis

francis

2020-09-29 14:01

administrator   ~0014869

Please try the latest nightly build. Make sure to update all your SOPE packages.

das_j

das_j

2020-09-29 15:16

reporter   ~0014870

Thanks, I worked around that by increasing the limit, but I'll pick the commit fixing the fd leak and drop the limit increase tomorrow

Issue History

Date Modified Username Field Change
2020-08-22 07:06 das_j New Issue
2020-08-22 07:06 das_j Tag Attached: ldap
2020-08-22 07:14 ludovic Note Added: 0014713
2020-08-22 07:29 das_j Note Added: 0014714
2020-08-25 13:56 ludovic Note Added: 0014725
2020-08-26 12:27 abma Note Added: 0014728
2020-08-26 14:08 abma Note Added: 0014729
2020-08-31 05:52 ntsch Note Added: 0014733
2020-09-29 14:01 francis Note Added: 0014869
2020-09-29 15:16 das_j Note Added: 0014870