After activating LDAP authentication on OpenVAS, OpenVAS Manager
(openvasmd) was crashing after every successful authentication.
Backtrace (gdb):
#0 0x000002aaac9f787a in ?? () from /lib/libc.so.6
#1 0x000002aaadad98a1 in ldap_auth_query_rules (ldap=0x65e8e60,
auth_info=0x65fe220, dn=<value optimized out>,
username=<value optimized out>) at
openvas-libraries-5.0.1/misc/ldap_auth.c:504
(gdb) p ((struct ldap_auth_info *) 0x65fe220)->ruletype_attribute
$1 = (gchar *) 0x0
"auth_info->ruletype_attribute" is NULL when the "ruletype-attribute"
key is not set in ".auth.conf" file and it's value is not checked
before calling "strcmp" at "ldap_auth.c:504" thus producing a NULL
pointer dereference. Maybe this could be solved by calling
"openvas_auth_write_config" in "openvas_auth.c" before
"ldap_auth_info_from_key_file" in order to set the default values.
As a "workaround", one should simply keep the "ruletype-attribute" key
set in the ".auth.conf" as it is in "example.auth.conf" :).
_______________________________________________
Openvas-discuss mailing list
[email protected]
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
