[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#4231) failed SASL bind can't fall back to simple



> Full_Name: Aaron Richton
> Version: 2.3.12
> OS: Solaris 9
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (128.6.31.135)
>
>
> connection.c checkin 1.296.2.11, and therefore 2.3.12, has:
>
> @@ -2055,6 +2055,8 @@
>  	ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
>
>  	ch_free( cb );
> +	op->o_callback = NULL;
> +
>  	return SLAP_CB_CONTINUE;
>  }
>
> Apple's OS X "DSLDAPv3" client has some interesting behavior where it
> tries a
> SASL bind and then, if that fails, tries a Simple bind. In 2.3.11, the
> Simple
> bind would succeed even when the SASL bind fails. In 2.3.12, this is no
> longer
> the case. Removing that callback=NULL reverts this behavior. What is the
> harm of
> reverting this patch?

Basically, if op->o_callback is not reset, the callback chain for that
operation will include a dangling pointer to a just freed slap_callback
structure.  Sort of suicide, isn't it?

p.

-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it



Ing. Pierangelo Masarati
Responsabile Open Solution

SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office:   +39.02.23998309          
Mobile:   +39.333.4963172
Email:    pierangelo.masarati@sys-net.it
------------------------------------------