Hi List, this is my fifth attempt to make the LDAP-Code more robust. I didn't release my fourth-version,because it contained some bugs. Note, this is not an incremental patch. It includes all my previous patches.
This is a major update to the LDAP-code. It contains serveral new helper functions.Of course I know vldap.c is not the place to add general functions, but I did this to avoid huge patches overall the vpopmail-code from which I do not know wether they are accepted. These functions are security related to extremely avoid buffer-overflows by design. - safe_malloc - safe_free - safe_strdup I am very interested in you opinion !! My patches are all tested and are used in a production environment. You are welcome to give them a chance. Download: http://www.tiski.de/linux/patches/vpopmail/patch-ldap-5.gz Copy it to you vpopmail-dir, gunzip and apply it: patch -p0 < patch-ldap-5 This patch is against vpopmail-5.3.8 but it should apply cleanly against vpopmail-5.3.9. I do not quite know who is the LDAP-maintainer at inter7. So I hope this is the right address to post my patches. Changelog: - Works with OpenLDAP-2.1.x - Add sort-patch - Major code clean up - Support for LDAP-error messages in all LDAP-related functions - do not just quit silent - Avoid buffer-overflows by design - Code is much more readable - Fixed several compiler-warning concering pointer-reference and type casting Cheers Jens
