https://bugs.openldap.org/show_bug.cgi?id=10101
Issue ID: 10101
Summary: Fix double file close when first TLS connection fails
Product: OpenLDAP
Version: 2.6.2
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: libraries
Assignee: b...@openldap.org
Reporter: florin.cri...@axigen.com
Target Milestone: ---
Created attachment 981
--> https://bugs.openldap.org/attachment.cgi?id=981&action=edit
Proof of concept
1. ldap_initialize a connection with multiple URLs, the first one being
LDAPS. (For example: "ldaps://server,ldap://server";).
The LDAPS connection needs to successfully open the TCP connection,
but fail during TLS negotiation.
2. When TLS negotiation fails, ldap_int_open_connection calls
ber_int_sb_close (which closes the connections attached to the sockbuf)
but fails to call ber_int_sb_destroy, so the TCP layers are still attached
to the sockbuf structure.
3. When the second connection is opened, a new TCP layer is added to the
sockbuf structure, but the existing one is still there. Both now point to
the updated sockbuf structure, with the new file descriptor.
4. When the connection is closed, the layers attached to the sockbuf close
the new file descriptor twice.
This may be the same problem as
https://lists.openldap.org/hyperkitty/list/openldap-de...@openldap.org/thread/55EIK6CBY7JAUVX4QABVKOZHYJVY5AE7/
--
You are receiving this mail because:
You are on the CC list for the issue.
