[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP clients dump core in SSL mode (ITS#889)

Kurt@OpenLDAP.org wrote:
> However, I have no objection to fixing this such that SASL/EXTERNAL
> can be used with ldaps://.  Likely here the fix is to establish
> the SASL context prior to starting TLS.

Here's a patch that sets ld->ld_defconn temporarily in
ldap_int_open_connection() (taken from the rebind section in
ldap_new_connection() ). Thus there is a valid  sasl context in

I first though of adding a sasl_conn_t parameter to ldap_pvt_tls_start()
but there seems to be some effort, not to include sasl.h in ldap_pvt.h


Norbert Klasen
DFN Directory Services                           tel: +49 7071 29 70335
ZDV, Universität Tübingen                        fax: +49 7071 29 5912
Wächterstr. 76, 72074 Tübingen              http://www.directory.dfn.de
Germany                             norbert.klasen@zdv.uni-tuebingen.de