[Bug 1547927] Re: LDAP_OPT_X_TLS_REQUIRE_CERT handling differences between ldaps:// and STARTTLS
Maciej Puzio
1547927 at bugs.launchpad.net
Thu Mar 17 20:59:29 UTC 2016
A bug has been found in libldap code that interferes with the value of
"require cert" option. It affects libldap built with GnuTLS, as is done
in packages supplied by Ubuntu and Debian. The bug causes the value to
be read from previously freed memory, often resulting in incorrect or
random value being used. This bug has been fixed upstream by the
OpenLDAP team, but the fix has not yet been backported to Ubuntu.
Bug 1557248
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557248
The problem you describe may be caused by this bug, or by an unrelated
problem. However, in any case Ubuntu libldap packages currently in wily
and xenial do not handle "require cert" option correctly. With this in
mind, may I ask that you vote for bug 1557248 in order for it to get
noticed by Ubuntu maintainers.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1547927
Title:
LDAP_OPT_X_TLS_REQUIRE_CERT handling differences between ldaps:// and
STARTTLS
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1547927/+subscriptions
More information about the Ubuntu-server-bugs
mailing list