** Changed in: openvpn-auth-ldap (Debian)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1602813
Title:
openvpn-auth-ldap causing segfault on network timeout
To ma
This bug was fixed in the package openvpn-auth-ldap -
2.0.3-6.1ubuntu0.16.04.1
---
openvpn-auth-ldap (2.0.3-6.1ubuntu0.16.04.1) xenial; urgency=medium
* debian/patches/openvpn_ldap_timeout_fix-lp1602813.patch: Properly
check ldap_result() return code. Thanks to Aaron Peschel
This bug was fixed in the package openvpn-auth-ldap - 2.0.3-5.1ubuntu0.1
---
openvpn-auth-ldap (2.0.3-5.1ubuntu0.1) trusty; urgency=medium
* debian/patches/openvpn_ldap_timeout_fix-lp1602813.patch: Properly
check ldap_result() return code. Thanks to Aaron Peschel
. Closes
This bug was fixed in the package openvpn-auth-ldap -
2.0.3-6.1ubuntu0.17.04.1
---
openvpn-auth-ldap (2.0.3-6.1ubuntu0.17.04.1) zesty; urgency=medium
* debian/patches/openvpn_ldap_timeout_fix-lp1602813.patch: Properly
check ldap_result() return code. Thanks to Aaron Peschel
Crash reproduced on trusty:
ubuntu@trusty-openvpn-server-1602813:/etc/openvpn$ sudo openvpn --config
server.conf
Mon Jul 24 17:03:30 2017 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)]
[LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Jun 22 2017
Mon Jul 24 17:03:30 2017 TUN/TAP device tu
Confirmed the crash on xenial:
ubuntu@xenial-openvpn-server-1602813:/etc/openvpn$ sudo openvpn --config
server.conf
Mon Jul 24 16:49:50 2017 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)]
[LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017
Mon Jul 24 16:49:50 2017 library versions: OpenSS
Confirmed the crash on zesty with openvpn-auth-ldap 2.0.3-6.1:
ubuntu@zesty-openvpn-server-1602813:/etc/openvpn$ sudo openvpn --config
server.conf
Mon Jul 24 15:05:38 2017 OpenVPN 2.4.0 x86_64-pc-linux-gnu [SSL (OpenSSL)]
[LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jun 22 2017
Mon
Hello Foxpass, or anyone else affected,
Accepted openvpn-auth-ldap into zesty-proposed. The package will build
now and be available at https://launchpad.net/ubuntu/+source/openvpn-
auth-ldap/2.0.3-6.1ubuntu0.17.04.1 in a few hours, and then in the
-proposed repository.
Please help us by testing t
Sponsored all 4 uploads.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1602813
Title:
openvpn-auth-ldap causing segfault on network timeout
To manage notifications about this bug go to:
https://bug
** Merge proposal linked:
https://code.launchpad.net/~ahasenack/ubuntu/+source/openvpn-auth-ldap/+git/openvpn-auth-ldap/+merge/326032
** Merge proposal linked:
https://code.launchpad.net/~ahasenack/ubuntu/+source/openvpn-auth-ldap/+git/openvpn-auth-ldap/+merge/326033
** Merge proposal lin
** Description changed:
[Impact]
There is a timeout bug in the openvpn-auth-ldap package that causes
OpenVPN to crash when the network timeout is exceeded.
The openvpn-auth-ldap plugin is not correctly checking the error codes
from ldap_result. As a result, it is not catching timeouts
Configuration files for the client openvpn server. To be expanded inside
/etc.
Contents:
drwxr-xr-x root/root 0 2017-06-20 11:29 openvpn/
-rw--- root/root 1708 2017-04-19 18:07 openvpn/client.key
-rw-r--r-- root/root 1797 2017-04-19 18:07 openvpn/ca.crt
drwxr-xr-x root/root
Configuration files for the server test case. To be expanded inside /etc.
Contents:
drwxr-xr-x root/root 0 2017-06-20 11:10 openvpn/
-rw-r--r-- root/root 1797 2017-04-19 18:03 openvpn/ca.crt
-rw--- root/root 1704 2017-04-19 18:03 openvpn/server.key
-rwxr-xr-x root/root 1
** Description changed:
- [Impact]
+ [Impact]
There is a timeout bug in the openvpn-auth-ldap package that causes
OpenVPN to crash when the network timeout is exceeded.
The openvpn-auth-ldap plugin is not correctly checking the error codes
from ldap_result. As a result, it is not catch
** Description changed:
- Description:Ubuntu 14.04.4 LTS
- Release:14.04
-
- openvpn-auth-ldap=2.0.3-5.1
-
+ [Impact]
There is a timeout bug in the openvpn-auth-ldap package that causes
OpenVPN to crash when the network timeout is exceeded.
The openvpn-auth-ldap plugin is n
** Changed in: openvpn-auth-ldap (Ubuntu Trusty)
Assignee: (unassigned) => Andreas Hasenack (ahasenack)
** Changed in: openvpn-auth-ldap (Ubuntu Xenial)
Assignee: (unassigned) => Andreas Hasenack (ahasenack)
** Changed in: openvpn-auth-ldap (Ubuntu Yakkety)
Assignee: (unassigned) =
** Also affects: openvpn-auth-ldap (Ubuntu Trusty)
Importance: Undecided
Status: New
** Also affects: openvpn-auth-ldap (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: openvpn-auth-ldap (Ubuntu Yakkety)
Importance: Undecided
Status: New
** Also af
This bug was fixed in the package openvpn-auth-ldap - 2.0.3-6.1ubuntu1
---
openvpn-auth-ldap (2.0.3-6.1ubuntu1) artful; urgency=medium
* Add patch from Aaron Peschel (~foxpass-dev) to fix a network timeout
crash. (LP: #1602813)
-- Andreas Hasenack Thu, 20 Apr 2017 13:39:42
+
The code was just checking for a -1 return value, which means "something
bad", and missed the timeout case. Since we missed the timeout return
value, the followupcheck for the LDAP_TIMEOUT err was never reached:
- if (ldap_result(ldapConn, msgid, 1, &timeout, &res) == -1) {
+ if (ldap_
@Andreas - did the docu on ldap_result change in newer releases?
That is from Xenial:
"ERRORS
ldap_result() returns -1 if something bad happens, and zero if the
timeout specified was
exceeded."
Or is the misleading bit here that the code is using not libldap's
ldap_result but a di
Reviewed and discussed - changes are good.
Andreas will add the steps to reproduce he already added to the Debian bug.
I'll test on my own and then likely sponsor the upload if nothing breaks
on that.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscri
** Bug watch removed: Debian Bug tracker #680166
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680166
** Changed in: openvpn-auth-ldap (Ubuntu)
Importance: High => Medium
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https:
** Changed in: openvpn-auth-ldap (Debian)
Status: Unknown => New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1602813
Title:
openvpn-auth-ldap causing segfault on network timeout
To manage
debdiff for artful
** Patch added: "lp1602813.debdiff"
https://bugs.launchpad.net/debian/+source/openvpn-auth-ldap/+bug/1602813/+attachment/4867421/+files/lp1602813.debdiff
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://b
** Bug watch added: Debian Bug tracker #861107
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861107
** Also affects: openvpn-auth-ldap (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861107
Importance: Unknown
Status: Unknown
--
You received this bug notification
Removing the debian bug task, the linked bug is similar but it requires
an additional fix on top the one provided here.
** No longer affects: openvpn-auth-ldap (Debian)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.laun
** Changed in: openvpn-auth-ldap (Debian)
Status: Unknown => New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1602813
Title:
openvpn-auth-ldap causing segfault on network timeout
To manage
** Bug watch added: Debian Bug tracker #680166
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680166
** Also affects: openvpn-auth-ldap (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680166
Importance: Unknown
Status: Unknown
** No longer affects: openvpn (Ubuntu)
** Changed in: openvpn-auth-ldap (Ubuntu)
Assignee: (unassigned) => Andreas Hasenack (ahasenack)
** Changed in: openvpn-auth-ldap (Ubuntu)
Status: Triaged => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
http
** Tags removed: server-next
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1602813
Title:
openvpn-auth-ldap causing segfault on network timeout
To manage notifications about this bug go to:
https:/
@Foxpass Dev - for the coming activity it would be really helpful if you could
write up a minimal setup&test procedure how to get from a new install to an
environment showing the bug.
That would help testing and verification to get this bug fixed in the packaging
(for Debian as well as for Ubunt
Here a little triaging summary:
The project itself seems rather abandoned, at least not with a high update
frequency.
I checked the patch a bit in Detail and found two related upstream commits:
of 2012 to fix the first
https://github.com/threerings/openvpn-auth-ldap/commit/2d1568c384eee51e907d93e
Hi,
thank you for the report and identifying the associated patch.
I added the patch tag and triaged the bug accordingly.
** Tags added: patch
** Changed in: openvpn-auth-ldap (Ubuntu)
Status: New => Triaged
** Changed in: openvpn-auth-ldap (Ubuntu)
Importance: Undecided => High
--
Y
We have created this PPA to host a version of the package with the above
patch added:
https://launchpad.net/~foxpass/+archive/ubuntu/openvpn-auth-ldap
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/160
34 matches
Mail list logo
