Bug#1071480: libldap: sends some IPv6 addresses as server name

Elliott Mitchell ehem+debian at m5p.com
Mon May 20 22:45:32 BST 2024 

On Mon, May 20, 2024 at 12:46:34PM -0700, Ryan Tandy wrote:
> However, I tested your patch, and I'm not sure it's correct.
> 
> If the IPv6 address contains a letter a-f before the first colon, I 
> think the code you changed is never reached. On seeing the first 
> non-digit, we break the loop with numeric=0, and never reach the colon.
> 
> Have I missed something?
> 
> I would appreciate if you would pursue this issue upstream. If the fix 
> needs further review or discussion with the upstream developers, I'd 
> really rather not be a middleman in that conversation.

No, you haven't missed something.  %-)  Turns out I goofed when reading
the loop.  Indeed the `if(!isdigit(*c)) {` needs to have the `break;`
removed too, then it will work.

The person writing the loop was thinking of the most commonly used block
of IPv6 addresses which start with "2001:".  Yet IPv6 is hexadecimal and
"fd00:/8" is part of a validly used block.



On Mon, May 20, 2024 at 01:13:11PM -0700, Quanah Gibson-Mount wrote:
> 
> --On Monday, May 20, 2024 1:46 PM -0700 Ryan Tandy <ryan at nardis.ca> wrote:
> 
> > Control: tag -1 upstream moreinfo
> >
> > Hi Elliott, thank you for investigating this issue and contributing a
> > patch.
> 
> [snip]
> 
> > I would appreciate if you would pursue this issue upstream. If the fix
> > needs further review or discussion with the upstream developers, I'd
> > really rather not be a middleman in that conversation.
> 
> Upstream generally does not accept 3rd party patch contributions, so asking 
> debian to contribute it wil likely result in it not being accepted.  So 
> it's better to work directly with the OpenLDAP project.  I'd start by 
> filing an issue in the issue tracker if one doesn't already exist:
> 
> https://bugs.openldap.org
> 
> and then apply for a gitlab account with the OpenLDAP project:
> 
> https://git.openldap.org
> 
> After the account is approved, you can open a PR to have your patch 
> evaluated.

Debian policy for maintainers is they're required to take care of pushing
issues upstream.  I didn't want to deal with the OpenLDAP bug tracker and
those steps, so pushing to the Debian project seemed handiest.


-- 
(\___(\___(\______          --=> 8-) EHM <=--          ______/)___/)___/)
 \BS (    |         ehem+sigmsg at m5p.com  PGP 87145445         |    )   /
  \_CS\   |  _____  -O #include <stddisclaimer.h> O-   _____  |   /  _/
8A19\___\_|_/58D2 7E3D DDF4 7BA6 <-PGP-> 41D1 B375 37D0 8714\_|_/___/5445

More information about the Pkg-openldap-devel mailing list