httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Fenlason, Josh" <>
Subject RE: Bug [and proposed patch] for mod_ldap
Date Tue, 23 Jan 2007 18:03:26 GMT
Thanks for the response.  I don't see what the problem would be in
adding a check for LDAP_FILTER_ERROR at the end of
authn_ldap_check_password() in Apache 2.2.x and then potentially
abstracting the LDAP result codes to APR_LDAP codes in Apache 2.4.  I'm
not an Apache developer though.  I would just really like to have this
case not result in a 500.  Thanks again.
> Unfortunately a platform specific #ifdef in util_ldap.c 
> wouldn't be appropriate.  The easiest fix would be to add 
> another result check at the end of 
> authn_ldap_check_password() in mod_authnz_ldap.c.  However, 
> the purpose of the #ifdef's there was to handle the fact that 
> not all platforms supported the macro LDAP_SECURITY_ERROR() 
> that checked a specific set of security related result codes. 
>  Adding a check for LDAP_FILTER_ERROR doesn't seem quite 
> right since that result code isn't really a security code 
> even though it would solve the problem for Win32.  The other 
> solution would be to abstract all of the LDAP result codes 
> into a set of APR_LDAP_xxx codes which is probably too big of 
> a changed for 2.2.x.
> Other thoughts?
> Brad

View raw message