Re: commit: ldap/libraries/libldap init.c

[Mark Valence <kurash@sassafras.com>]

Kurt D. Zeilenga wrote:
> At 01:57 AM 9/25/99 GMT, you wrote:
> >Update of /repo/OpenLDAP/pkg/ldap/libraries/libldap
> >
> >Modified Files:
> >	init.c  1.37 -> 1.38
> >
> >Log Message:
> >Fixed "typos" in TLS code.  TLS is ATTR_TLS, not ATTR_BOOL...
>          ^
> Any clue as to what's cause that?

In the first case, it looks like the line above was copy-pasted to 
make the TLS entry, but the attribute type was not changed.  This 
would cause gopts.ldo_booleans to get tromped if SSL/TLS was built 
into libldap and TLS appeared in ldap.conf.

The second case was just an oversight, but points to a more serious 
problem.  Prototypes for ldap_pvt_tls_config() and other 
ldap_pvt_tls_* routines are not #included in the files that use them, 
so most compilers will do one of two things:

1) silently ignore the omission, and assume that the undefined 
routine returns int and takes whatever parameters are given in its 
use, or

2) issue a warning that the routine is assumed to return int, etc. 
(and those warnings are just so easy to ignore ;-)

In neither case does the compiler realize that the first parameter is 
missing, so the compile will succeed even if SSL/TLS support is built 
in.  Of course, if any of the TLS values are present in ldap.conf, 
there will be a segment fault or similar.

The rare compiler will require prototypes for all routines, and issue 
an error in this case.  Most compilers don't have strict prototypes 
turned on by default, if they support it at all.

So, I'll be working on getting those prototypes included in the 
source files that use the ldap_pvt_tls_* routines.  I don't think 
this is many files, if I remember correctly from the last time I did 
a full rebuild.

Mark.