[Pkg-openldap-devel] Bug#278471: patch
Michael Tautschnig
tautschn at model.in.tum.de
Sat Mar 22 21:36:42 UTC 2008
tags 278471 + patch
tags 278471 - unreproducible
thanks
Ok, here we go: The attached patch fixes the SASL issue. It has been verified to
work on my system, that is, the version currently in etch consistently results
in the failed assertion. With the patch, the assertion does not fail any more.
Actually, this also helped me identifying a problem with my SSL certificates,
which had caused the TLS negotiation to fail.
HTH,
Michael
PS.: If there is any further point release for etch, I guess this should go in
there as failing LDAP connections likely cause serious problems. However, I
don't see any security issue being involved here.
-------------- next part --------------
diff -urN openldap2-2.1.30.orig/libraries/libldap/open.c openldap2-2.1.30/libraries/libldap/open.c
--- openldap2-2.1.30.orig/libraries/libldap/open.c 2008-03-22 22:36:16.000000000 +0100
+++ openldap2-2.1.30/libraries/libldap/open.c 2008-03-22 22:38:31.000000000 +0100
@@ -387,6 +387,10 @@
--conn->lconn_refcnt;
if (rc != LDAP_SUCCESS) {
+#ifdef HAVE_CYRUS_SASL
+ /* cleanup SASL context in case it had been established */
+ ldap_int_sasl_close( ld, conn );
+#endif
return -1;
}
}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/attachments/20080322/d0a4fc09/attachment.pgp
More information about the Pkg-openldap-devel
mailing list