Hi,

I committed a small fix for given issue. However, it will not allow you to 
leave the ruletype-attribute empty, as it is needed for this kind of 
authentication. It makes the parameter obligatory and will fail to load the 
configuration if its not given.

So my changes only makes it fail more gracefully. Also, no default value will 
be taken if not specified. For these kind of tasks (configure external 
authentification!) the user should know what happens behind the curtains, 
i.e. be able to find out which attributes are queried.

I hope it helps still a bit,
Felix

Am Donnerstag 31 Mai 2012 18:17:37 schrieb rm4dillo D:
> After activating LDAP authentication on OpenVAS, OpenVAS Manager
> (openvasmd) was crashing after every successful authentication.
>
> Backtrace (gdb):
>
>       #0  0x000002aaac9f787a in ?? () from /lib/libc.so.6
>       #1  0x000002aaadad98a1 in ldap_auth_query_rules (ldap=0x65e8e60,
> auth_info=0x65fe220, dn=<value optimized out>,
>           username=<value optimized out>) at
> openvas-libraries-5.0.1/misc/ldap_auth.c:504
>
>       (gdb) p ((struct ldap_auth_info *) 0x65fe220)->ruletype_attribute
>       $1 = (gchar *) 0x0
>
>
> "auth_info->ruletype_attribute" is NULL when the "ruletype-attribute"
> key is not set in ".auth.conf" file and it's value is not checked
> before calling "strcmp" at "ldap_auth.c:504" thus producing a NULL
> pointer dereference. Maybe this could be solved by calling
> "openvas_auth_write_config" in "openvas_auth.c" before
> "ldap_auth_info_from_key_file" in order to set the default values.
>
> As a "workaround", one should simply keep the "ruletype-attribute" key
> set in the ".auth.conf" as it is in "example.auth.conf" :).
> _______________________________________________
> Openvas-discuss mailing list
> [email protected]
> http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

_______________________________________________
Openvas-discuss mailing list
[email protected]
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Reply via email to