[Date Prev][Date Next] [Chronological] [Thread] [Top]

start_tls while chasing referrals

To: openldap-bugs <openldap-bugs@openldap.org>
Subject: start_tls while chasing referrals
From: "Bin Lu" <wenwu.lu@gmail.com>
Date: Tue, 5 Jun 2007 15:11:01 -0700
Content-disposition: inline

Hi,

I noticed the following bug fix in referral chasing

http://bugzilla.padl.com/show_bug.cgi?id=210

This seems only to take care of the usage with pam ldap lib. What if
the ldap connection is not from the pam lib? In that case, when an
ldap operation reaches a referral point, would the new connection be
consistent if the original connection is using TLS(and the referral
url is not using ldaps)? Our test shows it is not. Please advice, if
that is also a security hole?

Regards,
Wenwu

Prev by Date: Re: (ITS#4998) overlays/ppolicy.c: invalid pointer due to free() of unallocated buffer
Next by Date: (ITS#4999) Dead Link
Index(es):
- Chronological
- Thread