At 01:57 AM 9/25/99 GMT, you wrote:
>Update of /repo/OpenLDAP/pkg/ldap/libraries/libldap
>
>Modified Files:
> init.c 1.37 -> 1.38
>
>Log Message:
>Fixed "typos" in TLS code. TLS is ATTR_TLS, not ATTR_BOOL...
^
Any clue as to what's cause that?
In the first case, it looks like the line above was copy-pasted to
make the TLS entry, but the attribute type was not changed. This
would cause gopts.ldo_booleans to get tromped if SSL/TLS was built
into libldap and TLS appeared in ldap.conf.
The second case was just an oversight, but points to a more serious
problem. Prototypes for ldap_pvt_tls_config() and other
ldap_pvt_tls_* routines are not #included in the files that use them,
so most compilers will do one of two things:
1) silently ignore the omission, and assume that the undefined
routine returns int and takes whatever parameters are given in its
use, or
2) issue a warning that the routine is assumed to return int, etc.
(and those warnings are just so easy to ignore ;-)
In neither case does the compiler realize that the first parameter is
missing, so the compile will succeed even if SSL/TLS support is built
in. Of course, if any of the TLS values are present in ldap.conf,
there will be a segment fault or similar.
The rare compiler will require prototypes for all routines, and issue
an error in this case. Most compilers don't have strict prototypes
turned on by default, if they support it at all.
So, I'll be working on getting those prototypes included in the
source files that use the ldap_pvt_tls_* routines. I don't think
this is many files, if I remember correctly from the last time I did
a full rebuild.