Dear Ian,
final testing of the patch series let to a core dump on libldap. For
more information and a correction proposal please refer to my reply to
patch 3/4.
With the chnages proposed there, everything works fine.
Kind regards
Thomas
On 25/08/2022 01:08, Thomas Reim wrote:
Dear Ian,
thank you very much for review and correction of the patches. Your
updates are fine for me. Four eyes are always better tan two. :-)
Your updates with regard to ldap_res are fine and should work. For
your convenience I've added the guideline of OpenLDAP with regard of
handling this parameter:
The
message obtained from ldap_result() must be passed in the result
parameter. This parameter must be NULL when initiating a new
Bind. The caller must free the result message after each call
using ldap_msgfree(). The ldap_sasl_interactive_bind() function
returns an LDAP result code. If the code is
LDAP_SASL_BIND_IN_PROGRESS
then the Bind is not complete yet, and this function must be
called
again with the next result from the server.
Our changes follow this principle and should be fine. Calling
ldap_msg_free() after successful bind is somehow redundant, as calling
ldap_parse_result() with last parameter (freeit) set to 1 already
frees memory, but does not harm, either.
I will perform a final testing of all patches on Ubuntu Jammy and come
back to you.
Kind regards
Thomas
On 22/08/2022 04:55, Ian Kent wrote:
I've made a few changes, mostly to the do_bind() interact area.
I'm still a little unclear of what's going on there with ldap_res.
For example, ldap_sasl_interactive_bind() is called with ldap_res
as a parameter but it's passed by value so the caller can't see any
changes to it. Further down the call to ldap_result() is where it
imight get a value. So the question is, is ldap_res used in the call
to ldap_sasl_interactive_bind() on subsequent iterations?
I did some more white space changes, added some initializations, and
added a CHANGELOG entry.
Can you have a look and let me know if the changes I've made are ok
with you and that I haven't made any mistakes.
---
Thomas Reim (4):
autofs-5.1.8 - restore gcc flags after autoconf Kerberos 5 check
autofs-5.1.8 - prepare for OpenLDAP SASL binding
autofs-5.1.8 - let OpenLDAP handle SASL binding
autofs-5.1.8 - configure: LDAP function checks ignore implicit
declarations
CHANGELOG | 4 ++
aclocal.m4 | 52 +++++++++++++++
configure | 55 +++++++++++++++-
configure.in | 5 +-
include/config.h.in | 3 +
include/lookup_ldap.h | 6 ++
modules/cyrus-sasl.c | 150 +++++++++++++++++++++++++++++++++++++++++-
modules/lookup_ldap.c | 137 +++++++++++++++++++++++++++++++++++++-
8 files changed, 408 insertions(+), 4 deletions(-)
--
Ian