[Date Prev][Date Next] [Chronological] [Thread] [Top]


Ian Puleston wrote:
Hi Howard,

-----Original Message-----
From: Howard Chu [mailto:hyc@symas.com]

Ian Puleston wrote:
I'm working on a fix now, and I think what is needed is:

1. A call to ldap_int_poll in ldap_int_tls_start if async. Then it
should abort without calling ldap_int_tls_connect if not ready
(probably return LDAP_X_CONNECTING).

2. In ldap_send_initial_request don't call ldap_send_server_request
if lconn_status is LDAP_CONNST_CONNECTING and using TLS (since TLS
needs to be started first). Instead return LDAP_X_CONNECTING.

3. Probably something similar to #1 for the case where
ldap_start_tls_s is called from ldap_new_connection.

If this all works I'll put in a bug report with a patch.

Sounds to me like you should just file the bug report first. The patch
can come later.

I need to get this fixed in the port I am using so I will do that and
attach the patch to the bug report. The relevant openldap developers can
then choose whether to use that patch as-is or work out something
different, and if the latter I can replace the fix in my port with it when
it gets released.

You seem to be making the bizarre assumption that only you and other OpenLDAP developers will care. Filing the bug report even before you have the patch allows other people in the community to be alerted and get involved. That is the purpose of an open source community, and the purpose of a public bug tracker.

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/