[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: commit: ldap/libraries/libldap init.c

Kurt D. Zeilenga wrote:
At 01:57 AM 9/25/99 GMT, you wrote:
>Update of /repo/OpenLDAP/pkg/ldap/libraries/libldap
>Modified Files:
>	init.c  1.37 -> 1.38
>Log Message:
>Fixed "typos" in TLS code.  TLS is ATTR_TLS, not ATTR_BOOL...
Any clue as to what's cause that?

In the first case, it looks like the line above was copy-pasted to make the TLS entry, but the attribute type was not changed. This would cause gopts.ldo_booleans to get tromped if SSL/TLS was built into libldap and TLS appeared in ldap.conf.

The second case was just an oversight, but points to a more serious problem. Prototypes for ldap_pvt_tls_config() and other ldap_pvt_tls_* routines are not #included in the files that use them, so most compilers will do one of two things:

1) silently ignore the omission, and assume that the undefined routine returns int and takes whatever parameters are given in its use, or

2) issue a warning that the routine is assumed to return int, etc. (and those warnings are just so easy to ignore ;-)

In neither case does the compiler realize that the first parameter is missing, so the compile will succeed even if SSL/TLS support is built in. Of course, if any of the TLS values are present in ldap.conf, there will be a segment fault or similar.

The rare compiler will require prototypes for all routines, and issue an error in this case. Most compilers don't have strict prototypes turned on by default, if they support it at all.

So, I'll be working on getting those prototypes included in the source files that use the ldap_pvt_tls_* routines. I don't think this is many files, if I remember correctly from the last time I did a full rebuild.