Bug#1071480: libldap: sends some IPv6 addresses as server name
Elliott Mitchell
ehem+debian at m5p.com
Mon May 20 00:31:11 BST 2024
Seems there were two bugs in #1070033. The part for OpenLDAP is pretty
simple. When detecting an IPv6 address (via ':' in the string),
the function `ldap_int_tls_connect()` triggers a `break;`, but this
requires `numeric=1` to still be in effect. Since IPv6 addresses are
hexadecimal, this isn't always true.
Patch attached. Given how small it is, any license acceptable to the
Debian project is acceptable to me. I'll let the maintainer forward it
to the OpenLDAP project.
--
(\___(\___(\______ --=> 8-) EHM <=-- ______/)___/)___/)
\BS ( | ehem+sigmsg at m5p.com PGP 87145445 | ) /
\_CS\ | _____ -O #include <stddisclaimer.h> O- _____ | / _/
8A19\___\_|_/58D2 7E3D DDF4 7BA6 <-PGP-> 41D1 B375 37D0 8714\_|_/___/5445
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-tls-fix-handling-of-numeric-IPv6-addresses-for-SNI.patch
Type: text/x-diff
Size: 1085 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-openldap-devel/attachments/20240519/8793d5b6/attachment.patch>
More information about the Pkg-openldap-devel
mailing list