[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#7694) cldap fails with IPv6 due to wrong size sockaddr

stefw@redhat.com wrote:
> Full_Name: Stef Walter
> Version: 2.4.35
> OS: Fedora 19
> URL: ftp://ftp.openldap.org/incoming/stef-walter-130912.patch
> Submission from: (NULL) (
> Connectionless LDAP (ie: cldap enabled with -DLDAP_CONNECTIONLESS) is broken for
> IPv6 for current versions of openldap. Tested with version 2.4.35
> It's not clear if this ever worked properly.

No, clearly not, the code was written and deprecated before IPv6 existed. 
Nobody should be using this code today.

Even if it were to be used, the patch would break slapd; your getnameinfo 
patch changes the format of the peername string. The format of this string is 
not arbitrary, it's used in ACLs and the format is documented in slapd.access(5).

In the future, write patches that fix one single issue. Don't make gratuitous 
changes, particularly if you haven't researched what you're changing.

> Connections immediately fail with:
> ldap_search_ext: Can't contact LDAP server (-1)
> The reason for this is that the LDAP_CONNECTIONLESS buffers include a prefix
> containing an address in a "struct sockaddr". However, struct sockaddr, is not a
> concrete type. In particular struct sockaddr_in6 is longer than struct
> sockaddr.
> Noted here: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=blob;f=libraries/liblber/sockbuf.c;h=d997e92910954b943e5b3fe7139ff4caaeaf49bf;hb=HEAD#l886
> So this leads to failures when using IPv6 as the code assumes that the address
> length is equal to sizeof (struct sockaddr). Seen here:
> http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=blob;f=libraries/liblber/sockbuf.c;h=d997e92910954b943e5b3fe7139ff4caaeaf49bf;hb=HEAD#l940
> Example command:
> $ ldapsearch -d -1 -LL -H 'cldap://[2620:52:0:2223::1:1]' -b '' -s base
> '(&(DnsDomain=ad.baseos.qe)(NtVer=\06\00\00\00))' NetLogon
> Output will contain this:
> ldap_write: want=96 error=Invalid argument
> Which is the EINVAL resulting from bad value passed to sendto().

   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/