OpenLDAP
Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest

Viewing Archive.Software Bugs/831
Full headers

From: john.birrell@cai.com
Subject: slapd asserts when ADSI connects with invalid auth method
Compose comment
Download message
State:
0 replies:
3 followups: 1 2 3

Major security issue: yes  no

Notes:

Notification:


Date: Fri, 13 Oct 2000 03:17:10 GMT
From: john.birrell@cai.com
To: openldap-its@OpenLDAP.org
Subject: slapd asserts when ADSI connects with invalid auth method
Full_Name: John Birrell
Version: 2.0.3
OS: Solaris
URL: 
Submission from: (NULL) (144.132.46.199)


Line 397 of servers/slapd/result.c (in 2.0.3) asserts if err is in the
LDAP_API_ERROR() range. When a client (in our case ADSI) binds with an unknown
method (ADSI tries 137), the code in do_bind() tries to return LDAP_AUTH_UNKNOWN
which trips up the assertion in send_ldap_result(). 8-(

Followup 1

Download message
Date: Fri, 13 Oct 2000 15:21:19 -0700
To: john.birrell@cai.com
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: Re: slapd asserts when ADSI connects with invalid auth method 
  (ITS#831)
Cc: openldap-its@OpenLDAP.org
Fixed in HEAD and OPENLDAP_REL_ENG_2, thanks!
        Kurt

At 03:17 AM 10/13/00 +0000, john.birrell@cai.com wrote:
>Full_Name: John Birrell
>Version: 2.0.3
>OS: Solaris
>URL: 
>Submission from: (NULL) (144.132.46.199)
>
>
>Line 397 of servers/slapd/result.c (in 2.0.3) asserts if err is in the
>LDAP_API_ERROR() range. When a client (in our case ADSI) binds with an
unknown
>method (ADSI tries 137), the code in do_bind() tries to return
LDAP_AUTH_UNKNOWN
>which trips up the assertion in send_ldap_result(). 8-(



Followup 2

Download message
From: "Jim Hud" <jdhz@btinternet.com>
To: <Kurt@OpenLDAP.org>, <openldap-its@OpenLDAP.org>
Subject: Re: slapd asserts when ADSI connects with invalid auth method (ITS#831)
Date: Wed, 18 Oct 2000 13:16:29 +0100
Sent: Friday, October 13, 2000 11:21 PM
Subject: Re: slapd asserts when ADSI connects with invalid auth method
(ITS#831)


> Fixed in HEAD and OPENLDAP_REL_ENG_2, thanks!
>         Kurt
>

Is it possible to take only this fix or does it have to be the whole of the
CVS tag?




Followup 3

Download message
Date: Wed, 18 Oct 2000 08:08:46 -0700
To: jdhz@btinternet.com
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: Re: slapd asserts when ADSI connects with invalid auth method
  (ITS#831)
Cc: openldap-its@OpenLDAP.org
At 12:19 PM 10/18/00 +0000, jdhz@btinternet.com wrote:
>Sent: Friday, October 13, 2000 11:21 PM
>Subject: Re: slapd asserts when ADSI connects with invalid auth method
>(ITS#831)
>
>
>> Fixed in HEAD and OPENLDAP_REL_ENG_2, thanks!
>>         Kurt
>>
>
>Is it possible to take only this fix or does it have to be the whole of the
>CVS tag?



http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/bind.c.diff?r1=1.38.2.10&r2=1.38.2.11


Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest


The OpenLDAP Issue Tracking System uses a hacked version of JitterBug

______________
© Copyright 2013, OpenLDAP Foundation, info@OpenLDAP.org