On Wed, Jul 27, 2005 at 09:59:18PM +0100, Joe Orton wrote:
> Since 2.0.54, it seems mod_auth_ldap just segfaults on any request if
> built against older versions of OpenLDAP, 2.2.20 and earlier (pre-2005).
I worked this out a little better. It triggers only the *second* time
the LDAP connection is opened for a given process. I think I must have
started testing the 2.0.x code with slapd stopped and saw this being
triggered by the retry-10-times logic for every request.
Brad, can you explain why the ldap_set_option() call is used to change
the *process-global* connection timeout setting in the 2.0.x code,
rather than the connection-specific setting like the trunk code does?
Doing that seems generally undesirable as well as triggering the
OpenLDAP bug. Is it because some SDKs don't handle per-connection
settings, perhaps?
If so, this would be a a simpler, better fix for the issue:
Index: modules/experimental/util_ldap.c
===================================================================
--- modules/experimental/util_ldap.c (revision 227189)
+++ modules/experimental/util_ldap.c (working copy)
@@ -325,7 +325,11 @@
}
if (st->connectionTimeout >= 0) {
+#if APR_HAS_OPENLDAP_LDAPSDK
+ rc = ldap_set_option(ldc->ldap, LDAP_OPT_NETWORK_TIMEOUT, (void
*)&timeOut);
+#else
rc = ldap_set_option(NULL, LDAP_OPT_NETWORK_TIMEOUT, (void
*)&timeOut);
+#endif
if (APR_SUCCESS != rc) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
"LDAP: Could not set the connection timeout"
);
