[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: (ITS#6828) TLS fails to start when LDAP_OPT_CONNECT_ASYNC is used

To: openldap-its@OpenLDAP.org
Subject: RE: (ITS#6828) TLS fails to start when LDAP_OPT_CONNECT_ASYNC is used
From: ipuleston@SonicWALL.com
Date: Tue, 28 Jun 2011 01:03:49 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

There is something missing from the fix. I just had a problem where an asynchronous connect was failing and the result was continuous looping with repeated calls to ldap_sasl_bind.

The problem is that if the connect fails, ldap_int_poll called from ldap_int_check_async_open gets an error and returns -1, and then -1 is returned up the stack ldap_int_check_async_open -> ldap_send_initial_request -> ldap_sasl_bind. But when ldap_sasl_bind gets that -1 return from ldap_send_initial_request it returns ld->ld_errno, and nowhere have we set that. In fact, ld->ld_errno still contains LDAP_X_CONNECTING from when the initial connect was issued, and so ldap_sasl_bind returns LDAP_X_CONNECTING, and that is what leads to the infinite looping that I see.

What is missing is that in ldap_int_check_async_open this:

        default:
                return -1;

Should be changed to:

        default:
                ld->ld_errno = LDAP_CONNECT_ERROR;
                return -1;

Ian

Prev by Date: "database monitor" documentation
Next by Date: Re: (ITS#6828) TLS fails to start when LDAP_OPT_CONNECT_ASYNC is used
Index(es):
- Chronological
- Thread