httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Orton <>
Subject Re: [PATCH] fix util_ldap with older OpenLDAPs
Date Wed, 03 Aug 2005 10:48:46 GMT
On Wed, Jul 27, 2005 at 09:59:18PM +0100, Joe Orton wrote:
> Since 2.0.54, it seems mod_auth_ldap just segfaults on any request if 
> built against older versions of OpenLDAP, 2.2.20 and earlier (pre-2005).  

I worked this out a little better.  It triggers only the *second* time 
the LDAP connection is opened for a given process.  I think I must have 
started testing the 2.0.x code with slapd stopped and saw this being 
triggered by the retry-10-times logic for every request.

Brad, can you explain why the ldap_set_option() call is used to change 
the *process-global* connection timeout setting in the 2.0.x code, 
rather than the connection-specific setting like the trunk code does?  
Doing that seems generally undesirable as well as triggering the 
OpenLDAP bug.  Is it because some SDKs don't handle per-connection 
settings, perhaps?

If so, this would be a a simpler, better fix for the issue:

Index: modules/experimental/util_ldap.c
--- modules/experimental/util_ldap.c	(revision 227189)
+++ modules/experimental/util_ldap.c	(working copy)
@@ -325,7 +325,11 @@
         if (st->connectionTimeout >= 0) {
+            rc = ldap_set_option(ldc->ldap, LDAP_OPT_NETWORK_TIMEOUT, (void *)&timeOut);
             rc = ldap_set_option(NULL, LDAP_OPT_NETWORK_TIMEOUT, (void *)&timeOut);
             if (APR_SUCCESS != rc) {
                 ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
                                  "LDAP: Could not set the connection timeout" );

View raw message