httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 54140] New: Possible LDAP authentication regression with 2.2.23 release
Date Mon, 12 Nov 2012 18:11:43 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=54140

          Priority: P2
            Bug ID: 54140
          Assignee: bugs@httpd.apache.org
           Summary: Possible LDAP authentication regression with 2.2.23
                    release
          Severity: normal
    Classification: Unclassified
                OS: Mac OS X 10.4
          Reporter: markphip@gmail.com
          Hardware: PC
            Status: NEW
           Version: 2.2.23
         Component: mod_ldap
           Product: Apache httpd-2

I also added this as a comment in the closed bug: 39095.  I did not want to
simply reopen and old bug, but it looks similar.

I package Subversion Edge which bundles Apache 2.2.23 + SVN 1.7.7.  The version
that includes Apache 2.2.23 was only released on October 26th and we have
already had at least a dozen different users reporting they are now getting a
problem with LDAP authentication on Windows servers.

A user will get an HTTP 500 when making a Subversion request, and then
subsequent requests for that user will be fine again for a while.  When they
get the error, this is what is logged:

[info] [client 204.11.125.146] [1248] auth_ldap authenticate: user XXXXX
authentication failed; URI /svn/reposname [LDAP: ldap_simple_bind_s()
failed][Unavailable]

This is only happening with Windows Apache servers.  I note that the 2.2.23
release includes the following change, which seems innocuous but also seems to
be the only change related to LDAP in the CHANGES

http://svn.apache.org/viewvc?view=revision&revision=1375696

--- httpd/httpd/branches/2.2.x/include/util_ldap.h      2012/08/21
17:48:34        1375695
+++ httpd/httpd/branches/2.2.x/include/util_ldap.h      2012/08/21
17:48:58        1375696
@@ -30,7 +30,7 @@
#include "apr_time.h"
#include "apr_ldap.h"
-#if APR_HAS_MICROSOFT_LDAPSDK
+#ifdef LDAP_UNAVAILABLE
#define AP_LDAP_IS_SERVER_DOWN(s)                ((s) == LDAP_SERVER_DOWN
\
                 ||(s) == LDAP_UNAVAILABLE)
#else

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message