Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: exim: dev

[Bug 230] A number of LDAP-related things

 

 

exim dev RSS feed   Index | Next | Previous | View Threaded


pdp at exim

Mar 22, 2011, 3:32 AM

Post #1 of 4 (673 views)
Permalink
[Bug 230] A number of LDAP-related things

------- You are receiving this mail because: -------
You are the QA contact for the bug.

http://bugs.exim.org/show_bug.cgi?id=230

Phil Pennock <pdp [at] exim> changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |adam [at] NetBSD
Status|RESOLVED |REOPENED
Resolution|FIXED |




--- Comment #11 from Phil Pennock <pdp [at] exim> 2011-03-22 10:32:49 ---
Adam,

When compiling with clang, I got a warning about parameter mismatch for the
call to ldap_set_option() in the LDAP_OPT_X_TLS_REQUIRE_CERT case. It looks
like a legitimate complaint.

ldap_set_option(ld, LDAP_OPT_X_TLS_REQUIRE_CERT, cert_option);

Shouldn't that be &cert_option ?

The code certainly appears to work as-is, but I don't know why: an arbitrary
bit-pattern shouldn't be a dereferenceable pointer. Or is this call correct
and OpenLDAP's documentation just not covering this case?

Thanks,
-Phil


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email

--
## List details at http://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##


pdp at exim

Mar 22, 2011, 3:46 AM

Post #2 of 4 (631 views)
Permalink
[Bug 230] A number of LDAP-related things [In reply to]

------- You are receiving this mail because: -------
You are the QA contact for the bug.

http://bugs.exim.org/show_bug.cgi?id=230

Phil Pennock <pdp [at] exim> changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|REOPENED |RESOLVED
Resolution| |FIXED




--- Comment #12 from Phil Pennock <pdp [at] exim> 2011-03-22 10:46:42 ---
Testing error on my part. That code did *not* work, and in fact induced a
segfault.

Inserting the missing '&' fixed it.


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email

--
## List details at http://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##


adam at NetBSD

Mar 22, 2011, 3:48 AM

Post #3 of 4 (631 views)
Permalink
[Bug 230] A number of LDAP-related things [In reply to]

------- You are receiving this mail because: -------
You are the QA contact for the bug.

http://bugs.exim.org/show_bug.cgi?id=230




--- Comment #13 from Adam <adam [at] NetBSD> 2011-03-22 10:48:46 ---
After doing a little research on the Internet, I guess you're right.
The call should be written as:

ldap_set_option(ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &cert_option);

Cheers :)
Adam


> ------- You are receiving this mail because: -------
> You are on the CC list for the bug.
>
> http://bugs.exim.org/show_bug.cgi?id=230
>
> Phil Pennock <pdp [at] exim> changed:
>
> What |Removed |Added
> ----------------------------------------------------------------------------
> CC| |adam [at] NetBSD
> Status|RESOLVED |REOPENED
> Resolution|FIXED |
>
>
>
>
> --- Comment #11 from Phil Pennock <pdp [at] exim> 2011-03-22 10:32:49 ---
> Adam,
>
> When compiling with clang, I got a warning about parameter mismatch for the
> call to ldap_set_option() in the LDAP_OPT_X_TLS_REQUIRE_CERT case. It looks
> like a legitimate complaint.
>
> ldap_set_option(ld, LDAP_OPT_X_TLS_REQUIRE_CERT, cert_option);
>
> Shouldn't that be &cert_option ?
>
> The code certainly appears to work as-is, but I don't know why: an arbitrary
> bit-pattern shouldn't be a dereferenceable pointer. Or is this call correct
> and OpenLDAP's documentation just not covering this case?
>
> Thanks,
> -Phil
>
>
> --
> Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email

--
## List details at http://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##


git at exim

Mar 22, 2011, 4:17 AM

Post #4 of 4 (641 views)
Permalink
[Bug 230] A number of LDAP-related things [In reply to]

------- You are receiving this mail because: -------
You are the QA contact for the bug.

http://bugs.exim.org/show_bug.cgi?id=230




--- Comment #14 from Git Commit <git [at] exim> 2011-03-22 11:17:05 ---
Git commit:
http://git.exim.org/exim.git/commitdiff/109066729a54f6ba5c4e8bc174133da33242e930

commit 109066729a54f6ba5c4e8bc174133da33242e930
Author: Phil Pennock <pdp [at] exim>
AuthorDate: Tue Mar 22 06:43:34 2011 -0400
Commit: Phil Pennock <pdp [at] exim>
CommitDate: Tue Mar 22 06:43:34 2011 -0400

Make ldap_require_cert work (not segfault).

The clang complaint, which also triggered a gcc complaint, was
legitimate. My first test, which suggested no problem, was flawed.

This:
ldap_start_tls
ldap_require_cert = demand
would cause a segfault on LDAP lookup.

fixes bug 230
---
doc/doc-txt/ChangeLog | 6 ++++++
src/src/lookups/ldap.c | 2 +-
2 files changed, 7 insertions(+), 1 deletions(-)

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 853f3a5..94952af 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -3,6 +3,12 @@ $Cambridge: exim/doc/doc-txt/ChangeLog,v 1.632 2010/06/12
15:21:25 jetmore Exp $
Change log file for Exim from version 4.21
-------------------------------------------

+Exim version 4.76
+-----------------
+
+PP/01 The new ldap_require_cert option would segfault if used. Fixed.
+
+
Exim version 4.75
-----------------

diff --git a/src/src/lookups/ldap.c b/src/src/lookups/ldap.c
index ddf803e..06b7494 100644
--- a/src/src/lookups/ldap.c
+++ b/src/src/lookups/ldap.c
@@ -481,7 +481,7 @@ if (lcp == NULL)
{
cert_option = LDAP_OPT_X_TLS_TRY;
}
- ldap_set_option(ld, LDAP_OPT_X_TLS_REQUIRE_CERT, cert_option);
+ ldap_set_option(ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &cert_option);
}
#endif



--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email

--
## List details at http://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

exim dev RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.