[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: API use in Shared objects?

On Mon, 2 Aug 2004, Jason Gerfen wrote:

I guess no one answers API questions on this list... Could someone please direct me to the list where I can get OpenLDAP API questions answered?

Jason Gerfen wrote:

I am not sure if I am posting my questions to the correct list.

I am attempting to create a shared objecs (.so) for use on a linux platform which utilizes OpenLDAP API calls, everything works fine until I attempt to make a second connection on an unsuccessful search...

I connect for the first time and search for a bit of information on the LDAP server, it results nothing for the user input, I connect again looking for a different piece of information and it crashes. This result happens everytime for any ldap() API calls within' the shared object.

If i use the same API calls within a binary or executable application it works fine, it tells me there is nothing for that input and allows me to try a second search.

In the shared object which I am compiling with the following bit of code:
LDFLAGS=-x --shared
LIBS=-lnsl -lpam -lldap -lc


install: all

       $(LD) $(LDFLAGS) -o $@ $? $(LIBS)

$(OBJS): $(SRCS)
       $(CC) $(CFLAGS) -o $@ -c $*.c

and the function I have created to do the simple search is here...
static int _ldap_search(udataptr myUser)
   LDAP            *ld;
   LDAPMessage     *res, *e, **result;
   LDAPMessage     *entry;
   LDAPMessage     *msg;
   int             i, y;
   char            *x, *dn;
   char            *attr;
   char            **vals;
   char            buffer[80];
   char            errors[256];
   BerElement      **berptr;
   BerElement      * ber;

   struct timeval myTime;
   struct timeval *timeout = &myTime;

   berptr = &ber;

   sprintf(buffer, "\"(cn=%s,%s)\"", myUser->usrname, dflts[10]);

   /* initialize a connection */
   if((ld = ldap_init(dflts[7], *dflts[8])) == NULL) {
       _pam_log(LOG_ERR, "Connection failed for %s", dflts[7]);
       return 0;
   _pam_log(LOG_ERR, "Connection succeeded for %s", dflts[7]);

   if(!ldap_simple_bind(ld, dflts[9], dflts[12])) {
       _pam_log(LOG_ERR, "Couldn't bind to %s", dflts[9]);
       return 0;
   _pam_log(LOG_ERR, "Bind to %s successful", dflts[9]);
   if(!ldap_search_s(ld, dflts[10], LDAP_SCOPE_SUBTREE,
                     buffer, NULL, 0, &res)) {
       _pam_log(LOG_ERR, "LDAP Search failed for: %s", buffer);
       return 0;
   _pam_log(LOG_ERR, "LDAP Search succeeded for: %s", buffer);

for(e = ldap_first_entry(ld, res); e == NULL; e = ldap_next_entry(ld, res)) {
_pam_log(LOG_ERR, "No results for %s", buffer);
return 0;
_pam_log(LOG_ERR, "Results for %s were found", buffer);

vals = ldap_get_values(ld, e, x);
x needs be an attribute.  (you have it undefined)

   _pam_log(LOG_ERR, "Assigned ldap_get_values() to vals[]");
   for(i = 0; vals[i] != NULL; i++) {
       _pam_log(LOG_ERR, "Value: %s", vals[i]);
       return 0;

   return 0;

As you can see I am at this point only trying to log everything to syslog, and you can also see that the appropriate calls to ldap_msgfree() & ldap_unbind() are being made.

I have been scouring the online documentation and so far it looks as if what I am doing is correct, but like I said, it works up until the point of making a second request of the ldap api then crashes. Do I need to do some memory allocation for the ldap api calls when compiled as a shared object?

I'd start with man pages. You can also read actual source code ($openldap_src/clients/tools).