Hi,
we had big trouble running a Qmail-LDAP against a Novell NDS LDAP
server. We use ldaplocaldelivery set to 1 to have ezmlm lists
defined locally (no dash-trick applied). Every time a ezmlm address
was checked against LDAP the LDAP server crashed, taking away the
whole machine.
Some investigation showed that it is not a simple buffer overflow
with long addresses, the error only triggers with VERPs (addresses
including a '=' sign).
Attached is a patch that checks the address for the presence of '='
and avoids LDAP lookups in this case.
The patch is against 20010802-i.
Regards, Frank
--- qmail-lspawn.c Wed Sep 19 09:22:22 2001
+++ ../qmail-1.03_nds_ldap_20010802i/qmail-lspawn.c Wed Sep 19 08:57:24 2001
@@ -752,7 +752,11 @@
if (chdir(auto_qmail) == -1) _exit(QLX_USAGE);
/* do the address lookup */
- rv = qldap_get(&ra, s, fdmess);
+ if (ra.len > byte_chr(ra.s,ra.len,'=')) /* '=' in address? ezmlm! */
+ rv = 1; /* force local lookup */
+ else
+ rv = qldap_get(&ra, s, fdmess);
+
switch( rv ) {
case 0:
log(16, "LDAP lookup succeeded\n");
