** Also affects: openvpn-auth-ldap (Ubuntu Trusty)
Importance: Undecided
Status: New
** Also affects: openvpn-auth-ldap (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: openvpn-auth-ldap (Ubuntu Yakkety)
Importance: Undecided
Status: New
** Also affects: openvpn-auth-ldap (Ubuntu Zesty)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1602813
Title:
openvpn-auth-ldap causing segfault on network timeout
Status in openvpn-auth-ldap package in Ubuntu:
Fix Released
Status in openvpn-auth-ldap source package in Trusty:
In Progress
Status in openvpn-auth-ldap source package in Xenial:
In Progress
Status in openvpn-auth-ldap source package in Yakkety:
In Progress
Status in openvpn-auth-ldap source package in Zesty:
In Progress
Status in openvpn-auth-ldap package in Debian:
New
Bug description:
Description: Ubuntu 14.04.4 LTS
Release: 14.04
openvpn-auth-ldap=2.0.3-5.1
There is a timeout bug in the openvpn-auth-ldap package that causes
OpenVPN to crash when the network timeout is exceeded.
The openvpn-auth-ldap plugin is not correctly checking the error codes
from ldap_result. As a result, it is not catching timeouts, and
proceeds as if ldap_result was successful. This results in a segfault
when access to the result (which is set to Null) is attempted.
You can see this bug referenced here:
https://github.com/threerings/openvpn-auth-ldap/issues/11
And a fix mentioned here:
https://github.com/threerings/openvpn-auth-ldap/pull/53
The above patch is not compatible with the source provided with 14.04,
so I have updated the patch to work with the 14.04 source. I have
provided it below.
I would appreciate if a package with the fix could be released.
-Aaron Peschel
Index: openvpn-auth-ldap/src/LFLDAPConnection.m
===================================================================
--- openvpn-auth-ldap.orig/src/LFLDAPConnection.m 2016-07-12
23:24:14.710216000 +0000
+++ openvpn-auth-ldap/src/LFLDAPConnection.m 2016-07-12
23:24:48.394216000 +0000
@@ -175,7 +175,7 @@
/* Wait for the result */
timeout.tv_sec = _timeout;
timeout.tv_usec = 0;
- if (ldap_result(ldapConn, msgid, 1, &timeout, &res) == -1) {
+ if (ldap_result(ldapConn, msgid, 1, &timeout, &res) <= 0) {
err = ldap_get_errno(ldapConn);
if (err == LDAP_TIMEOUT)
ldap_abandon_ext(ldapConn, msgid, NULL, NULL);
@@ -383,7 +383,7 @@
}
/* Wait for the result */
- if (ldap_result(ldapConn, msgid, 1, &timeout, &res) == -1) {
+ if (ldap_result(ldapConn, msgid, 1, &timeout, &res) <= 0) {
err = ldap_get_errno(ldapConn);
if (err == LDAP_TIMEOUT)
ldap_abandon_ext(ldapConn, msgid, NULL, NULL);
ProblemType: Crash
DistroRelease: Ubuntu 14.04
Package: openvpn 2.3.2-7ubuntu3.1
ProcVersionSignature: Ubuntu 3.13.0-74.118-generic 3.13.11-ckt30
Uname: Linux 3.13.0-74-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.21
Architecture: amd64
AssertionMessage: openvpn: sasl.c:257: ldap_parse_sasl_bind_result: Assertion
`res != ((void *)0)' failed.
Date: Tue Jul 12 21:35:10 2016
Ec2AMI: ami-9abea4fb
Ec2AMIManifest: (unknown)
Ec2AvailabilityZone: us-west-2c
Ec2InstanceType: t2.small
Ec2Kernel: unavailable
Ec2Ramdisk: unavailable
ExecutablePath: /usr/sbin/openvpn
ProcCmdline: /usr/sbin/openvpn --writepid /run/openvpn/foxpass.pid --daemon
ovpn-foxpass --cd /etc/openvpn --config /etc/openvpn/foxpass.conf
--script-security 2
ProcEnviron:
TERM=screen-256color
PATH=(custom, no user)
LANG=en_US.UTF-8
Signal: 6
SourcePackage: openvpn
StacktraceTop:
__assert_fail_base (fmt=0x7f3cd7f203b8 "%s%s%s:%u: %s%sAssertion `%s'
failed.\n%n", assertion=assertion@entry=0x7f3cd796d9bd "res != ((void *)0)",
file=file@entry=0x7f3cd796e100 "sasl.c", line=line@entry=257,
function=function@entry=0x7f3cd796e3e0 "ldap_parse_sasl_bind_result") at
assert.c:92
__GI___assert_fail (assertion=0x7f3cd796d9bd "res != ((void *)0)",
file=0x7f3cd796e100 "sasl.c", line=257, function=0x7f3cd796e3e0
"ldap_parse_sasl_bind_result") at assert.c:101
ldap_parse_sasl_bind_result () from
/usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2
?? () from /usr/lib/openvpn/openvpn-auth-ldap.so
connect_ldap () from /usr/lib/openvpn/openvpn-auth-ldap.so
Title: openvpn assert failure: openvpn: sasl.c:257:
ldap_parse_sasl_bind_result: Assertion `res != ((void *)0)' failed.
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups:
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openvpn-auth-ldap/+bug/1602813/+subscriptions
_______________________________________________
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : [email protected]
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help : https://help.launchpad.net/ListHelp
