Bug#578843: aolserver4-nsldap does not support LDAPv3

Thu, 22 Apr 2010 19:42:21 -0700 

Package: aolserver4-nsldap
Version: 0.8-2.1
Severity: important
Tags: patch


aolserver4-nsldaps only supports LDAPv2, which was officially retired in 2002

http://tools.ietf.org/html/draft-zeilenga-ldapv2-04


Support for LDAPv3 is available in the AOLserver CVS repo at sourceforge (patch 
attached)


-- System Information:
Debian Release: 5.0.4
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (x86_64)

Kernel: Linux 2.6.26-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages aolserver4-nsldap depends on:
ii  aolserver4             4.5.1-mobigroup.5 AOL Web Server 4 (Program)
ii  libc6                  2.7-18lenny2      GNU C Library: Shared libraries
ii  libgcc1                1:4.3.2-1.1       GCC support library
ii  libldap-2.4-2          2.4.11-1+lenny1   OpenLDAP libraries
ii  tcl8.4                 8.4.19-2          Tcl (the Tool Command Language) v8

aolserver4-nsldap recommends no packages.

aolserver4-nsldap suggests no packages.

-- no debconf information

diff --git a/Makefile b/Makefile
index 0598a91..0549c84 100644
--- a/Makefile
+++ b/Makefile
@@ -38,7 +38,9 @@ MODLIBS  =  -L/usr/local/lib -lldap -llber
 #
 # Compiler flags required by your module (-I for external headers goes here)
 #
-CFLAGS   =  -I/usr/local/include -DUSE_TCL8X
+# Add -DLDAPV3 if your LDAP Libraries support the LDAP Protocol Version 3
+# and you want nsldap to use it.
+CFLAGS   =  -I/usr/local/include -DUSE_TCL8X -DLDAPV3
 
 
 include  $(NSHOME)/Makefile.module
diff --git a/nsldap.c b/nsldap.c
index cfd02ee..4f10ba9 100644
--- a/nsldap.c
+++ b/nsldap.c
@@ -608,6 +608,9 @@ static int
 LDAPConnect(Handle *handlePtr)
 {
     int err;
+#ifdef LDAPV3
+    int version;
+#endif
 
     handlePtr->ldaph = ldap_open(handlePtr->host, handlePtr->port);
     if (handlePtr->ldaph == NULL) {
@@ -617,6 +620,16 @@ LDAPConnect(Handle *handlePtr)
 	handlePtr->stale = NS_FALSE;
 	return NS_ERROR;
     }
+#ifdef LDAPV3
+    version = LDAP_VERSION3;
+    if (ldap_set_option(handlePtr->ldaph, LDAP_OPT_PROTOCOL_VERSION, &version) != LDAP_SUCCESS) {
+        Ns_Log(Error, "nsldap: could not set protocol version to LDAPV3");
+        handlePtr->connected = NS_FALSE;
+        handlePtr->atime = handlePtr->otime = 0;
+        handlePtr->stale = NS_FALSE;
+        return NS_ERROR;
+    }
+#endif
     err = ldap_simple_bind_s(handlePtr->ldaph, handlePtr->user, 
 			     handlePtr->password);
     if (err != LDAP_SUCCESS) {

Reply via email to