I found that the problem is within the OpenLDAP library libldap (line 845 in tls.c
method->ext_free(alt);) and is the same as OpenLDAP problem 1924
(http://www.openldap.org/its/index.cgi/Software%20Bugs?id=1924;selectid=1924). This
was reported and fixed back in 2002, but Redhat did not apply it to the OpenLDAP
released with RHEL3 nearly a year and a half later! Anyway, by adapting the patch, I
was able to fix this issue - just in case others have encountered it. In case you are
interested, also see Redhat Bugzilla bugs 128364 and 111492.
Patch for your reference:
--- openldap-2.0.27/libraries/libldap/tls.c 2004-08-18 22:09:10.000000000 +1000
+++ openldap-2.0.27/libraries/libldap/tls.c 2004-08-18 22:11:09.000000000 +1000
@@ -816,7 +816,6 @@
int n, len1, len2;
char *domain;
GENERAL_NAME *gn;
- X509V3_EXT_METHOD *method;
len1 = strlen(name);
n = sk_GENERAL_NAME_num(alt);
@@ -841,8 +840,7 @@
break;
}
}
- method = X509V3_EXT_get(ex);
- method->ext_free(alt);
+ GENERAL_NAMES_free(alt);
if (i < n) /* Found a match */
ret = LDAP_SUCCESS;
}
Regards
Tarun
-----Original Message-----
From: Tarun Bhushan
Sent: Tuesday, 17 August 2004 12:42 PM
To: [EMAIL PROTECTED]
Subject: Seg fault in rlm_ldap on Redhat Enterprise Linux 3
On Redhat Enterprise Linux 3, when I try to use LDAP (Port = 636 and hence with TLS),
FreeRadius seg faults within rlm_ldap. I have been following the various seg faults
for this module discussed recently (including on Fedora Core 2, etc), but this appears
to be a different problem to Bug #73. Without TLS, it works fine, but as soon as the
port is changed to 636 (or even another high port with tls_mode=yes), the seg fault
happens.
<snip>
NOTICE
This e-mail and any attachments are confidential and may contain copyright material of
Macquarie Bank or third parties. If you are not the intended recipient of this email
you should not read, print, re-transmit, store or act in reliance on this e-mail or
any attachments, and should destroy all copies of them. Macquarie Bank does not
guarantee the integrity of any emails or any attached files. The views or opinions
expressed are the author's own and may not reflect the views or opinions of Macquarie
Bank.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
