[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#7336) Ldapmodify crashes slapd when updating olcTLSVerifyClient attribute via TLS authentication
- To: openldap-its@OpenLDAP.org
- Subject: Re: (ITS#7336) Ldapmodify crashes slapd when updating olcTLSVerifyClient attribute via TLS authentication
- From: ck@cksoft.de
- Date: Fri, 22 Jun 2018 10:48:54 +0000
- Auto-submitted: auto-generated (OpenLDAP-ITS)
This message is in MIME format. The first part should be readable text,
while the remaining parts are likely unreadable without MIME-aware tools.
--214647081-852979057-1529664529=:67666
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8BIT
Hi,
On Fri, 22 Jun 2018, OndÅ?ej KuznÃk wrote:
> On Sun, Mar 23, 2014 at 09:32:22AM +0000, ck@cksoft.de wrote:
>> Hi,
>>
>> I can confirm that openldap-2.4.39 still has in issue with this.
>>
>> When connecting via TLS I tried to modify olcTLSVerifyClient from never
>> to try with following ldif:
>>
>> dn: cn=config
>> changetype: modify
>> replace: olcTLSVerifyClient
>> olcTLSVerifyClient: try
>>
>> this caused slapd to hang indefinetely.
>>
>> I was able to successfully modify above when connecting without TLS.
>>
>> I need to complete my current task but will set up a small proof of
>> concept later on in my lab.
>
> Hi Christian,
> have you been able to set up a test configuration that reproduces it
> with latest OpenLDAP? A cursory test here doesn't seem to do anything of
> the sort.
this is 4 years old and I had totally forgetten about it.
But I just happen to have a developement cluster running with both the affected 2.4.39 and new 2.4.46 nodes.
I will try to test over the weekend and will give you feedback.
Greetings
Christian
--
Christian Kratzer CK Software GmbH
Email: ck@cksoft.de Wildberger Weg 24/2
Phone: +49 7032 893 997 - 0 D-71126 Gaeufelden
Fax: +49 7032 893 997 - 9 HRB 245288, Amtsgericht Stuttgart
Mobile: +49 171 1947 843 Geschaeftsfuehrer: Christian Kratzer
Web: http://www.cksoft.de/
--214647081-852979057-1529664529=:67666--