Closed Bug 293199 Opened 17 years ago Closed 17 years ago

ldapsdk CLU with startTLS with specified certdb fails

Categories

(Directory :: LDAP C SDK, defect)

Other
Other
defect
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: ulf, Assigned: richm)

Details

Attachments

(1 file)

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.7) Gecko/20050501 Firefox/1.0.3
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.7) Gecko/20050501 Firefox/1.0.3

This works (with cert8.db and key3.db in the cwd):
ldapsearch -ZZ -s base -b "" "objectclass=*"

This does not work:
ldapsearch -ZZ -P /path/to/my-cert8.db -s base -b "" "objectclass=*"

Reproducible: Always

Steps to Reproduce:
1.ldapsearch -ZZ -P /path/to/my-cert8.db -s base -b "" "objectclass=*"
Actual Results:  
ldap_search: Can't contact LDAP server
    TLS/SSL error -5938 (Encountered end of file.)

Expected Results:  
Shown the results of the search.
It's happening because this seems to be a valid way of running ldapsearch:
ldapsearch -P /path/to/my-cert8.db -p 636 -s base -b "" "objectclass=*"

When -P is specified, -Z (secure=1) is implied!

So with -P and -ZZZ, we end up in the wrong block of this (simplified) block in
common.c:ldaptool_ldap_init():

    if(secure) {
        ldapssl_init();
    } else if (isZZ) {
        prldap_init();
        ldap_start_tls_s();
    }
Assignee: mcs → richm
Comment on attachment 182821 [details]
Diff on common.c for -ZZ and -P happy coexistence

This change looks OK to me.
Attachment #182821 - Flags: review+
Checking in mozilla/directory/c-sdk/ldap/libraries/libprldap/Makefile.in;
/cvsroot/mozilla/directory/c-sdk/ldap/libraries/libprldap/Makefile.in,v  <-- 
Makefile.in
new revision: 5.11; previous revision: 5.10
done
Checking in mozilla/directory/c-sdk/ldap/libraries/libssldap/Makefile.in;
/cvsroot/mozilla/directory/c-sdk/ldap/libraries/libssldap/Makefile.in,v  <-- 
Makefile.in
new revision: 5.9; previous revision: 5.8
done
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
Ignore previous message.  This is the real CVS information.

Checking in mozilla/directory/c-sdk/ldap/clients/tools/common.c;
/cvsroot/mozilla/directory/c-sdk/ldap/clients/tools/common.c,v  <--  common.c
new revision: 5.16; previous revision: 5.15
done

You need to log in before you can comment on or make changes to this bug.