[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
bugs with ldaps:// URIs
I ran into multiple SEGVs trying to connect to ldaps URIs with the HEAD
code.
Here's a set of diffs I used to keep it from crashing. Does it look OK to
commit?
Note: lc->lconn_server is set "for real" at the bottom of the loop, this is
just a quickie to make ldap_int_tls_start happy.
Index: request.c
===================================================================
RCS file: /repo/OpenLDAP/pkg/ldap/libraries/libldap/request.c,v
retrieving revision 1.73
diff -u -r1.73 request.c
--- request.c 2001/06/25 05:33:42 1.73
+++ request.c 2001/08/20 23:57:45
@@ -255,6 +255,7 @@
if ( connect ) {
for ( srv = srvlist; srv != NULL; srv = srv->lud_next ) {
+ lc->lconn_server = srv;
if ( ldap_int_open_connection( ld, lc, srv, 0 )
!= -1 )
{
break;
}
I removed the check of tls_opt_trace because it should be sufficient to set
it once in the SSL_CTX structure. Also, omitting the second check allows
other
apps to override the info_callback for their own purposes. It's a completely
unrelated change, not relevant to preventing the SEGVs.
Index: tls.c
===================================================================
RCS file: /repo/OpenLDAP/pkg/ldap/libraries/libldap/tls.c,v
retrieving revision 1.47
diff -u -r1.47 tls.c
--- tls.c 2001/08/02 02:20:11 1.47
+++ tls.c 2001/08/20 23:57:46
@@ -261,9 +261,11 @@
return NULL;
}
+#if 0
if ( tls_opt_trace ) {
SSL_set_info_callback( ssl, tls_info_cb );
}
+#endif
return ssl;
}
@@ -557,7 +559,7 @@
ldap_int_tls_connect( LDAP *ld, LDAPConn *conn )
{
Sockbuf *sb = conn->lconn_sb;
- void *ctx = ld->ld_defconn->lconn_tls_ctx;
+ void *ctx =
ld->ld_defconn?ld->ld_defconn->lconn_tls_ctx:tls_def_ctx;
int err;
SSL *ssl;
@@ -574,6 +576,8 @@
#endif
ber_sockbuf_add_io( sb, &ldap_pvt_sockbuf_io_tls,
LBER_SBIOD_LEVEL_TRANSPORT, (void *)ssl );
+ if (!ctx)
+ conn->lconn_tls_ctx = tls_def_ctx;
}
err = SSL_connect( ssl );
@@ -955,7 +959,7 @@
{
Sockbuf *sb = conn->lconn_sb;
char *host = conn->lconn_server->lud_host;
- void *ctx = ld->ld_defconn->lconn_tls_ctx;
+ void *ctx =
ld->ld_defconn?ld->ld_defconn->lconn_tls_ctx:tls_def_ctx;
char *peer_cert_cn;
void *ssl;
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc