Bug #2502 for perl-ldap: [Fwd] Net::LDAP.pm bugs and patches

----- Forwarded message from Peter Marschall <peter@adpm.de> ----- Date: Mon, 5 May 2003 17:56:15 +0200 To: perl-ldap@perl.org From: Peter Marschall <peter@adpm.de> Subject: Net::LDAP.pm bugs and patches Hi, (especially to Graham barr and Chris Ridd) I am quite sure I 've stumbled over a bug in Net::LDAP that affects SASL binds when calling Net::LDAP->new() with an array ref of hosts to connect. In 0.2701 the objects variable 'net_ldap_host' is set to the name the host to connect to but a few lines later it is overwritten by the first argumetn to new (which may be an array ref). Later in bind() this object variable 'net_ldap_host' is used. The following short patch fixes the bug: # fix for Net::LDAP to allow SASL to connect to the correct host ;-) --- lib/Net/LDAP.pm +++ lib/Net/LDAP.pm Mon May 5 16:43:26 2003 @@ -105,7 +105,6 @@ return undef unless $obj->{net_ldap_socket}; - $obj->{net_ldap_host} = $host; $obj->{net_ldap_resp} = {}; $obj->{net_ldap_version} = $arg->{version} || $LDAP_VERSION; $obj->{net_ldap_async} = $arg->{async} ? 1 : 0; Here are some others that have been posted by others on the perl-ldap (the former perl-ldap-dev) mailing list but did not get included into CVS. # patch to correct some typos / omissions in Net::LDAP.pod # published on the perl-ldap-dev mailing list in 2003 by Damon Brodie --- lib/Net/LDAP.pod +++ lib/Net/LDAP.pod Sat Mar 8 19:27:05 2003 @@ -31,7 +31,7 @@ $result = $ldap->add ( 'cn = Barbara Jensen, o=University of Michigan, c=us', attr => [ 'cn' => ['Barbara Jensen', 'Barbs Jensen'], - 'sn => 'Jensen', + 'sn' => 'Jensen', 'mail' => 'b.jensen@umich.edu', 'objectclass' => ['top', 'person', 'organizationalPerson', @@ -40,6 +40,7 @@ ); $result->code && warn "failed to add entry: ", $result->error ; + $ldap->unbind; # take down session =head1 DESCRIPTION # fix proposed on the perl-ldap mailing list # return an empty list when there were no changes --- lib/Net/LDAP/Entry.pm +++ lib/Net/LDAP/Entry.pm Sun Mar 16 21:29:03 2003 @@ -287,7 +287,8 @@ } sub changes { - @{shift->{'changes'}} + my $ref = shift->{'changes'}; + $ref ? @$ref : (); } 1; # patch to inhibit an endless loop in Net::LDAP.pm with SASL/GSSAPI # published on the perl-ldap-dev mailing list in Mar 2003 by Maurice Massar # # the problem is that $sasl_conn->client_start or client_step just # return undef resulting in an endless loop. Hmm.. maybe it would # be advisable to check for defined() on $resp in # ldap/lib/Net/LDAP/Bind.pm too... # Maurice --- lib/Net/LDAP.pm +++ lib/Net/LDAP.pm Sat Mar 8 18:49:27 2003 @@ -254,6 +254,8 @@ my $initial = $sasl_conn->client_start; + _error($ldap, $mesg, LDAP_LOCAL_ERROR, "$@") unless defined($initial); + $passwd = { mechanism => $sasl_conn->mechanism, credentials => $initial # patch to an insecure dependecy in Net::LDAP::Message.pm with perl 5.6.0 # published on the perl-ldap-dev mailing list in Jan 2003 by Ziya Suzen # # fixes the following test case: # #/usr/bin/perl -T # use Net::LDAP; # $ld = new Net::LDAP('ldap.itd.umich.edu'); # $msg = $ld->bind(); # $msg->error(); # print $msg->code(),"\n"; # --- lib/Net/LDAP/Message.pm Fri Aug 24 21:24:09 2001 +++ lib/Net/LDAP/Message.pm Sat Jan 4 03:29:47 2003 @@ -83,9 +83,14 @@ sub error { my $self = shift; - $self->server_error - or require Net::LDAP::Util - and Net::LDAP::Util::ldap_error_desc( $self->code ); + my $return; + + unless ($return = $self->server_error) { + require Net::LDAP::Util and + $return = Net::LDAP::Util::ldap_error_desc( $self->code ); + } + + $return; } sub set_error { # patch to use perl-ldap locally over UNIX domain sockets # published on the perl-ldap-dev mailing list in Dec 2002 by Derrick Pates # # As it's something I'm interested in using, and I'd seen it mentioned # that other people would like to see it as well, I went ahead and hacked # a copy of Net/LDAPS.pm to create LDAPI.pm. It works perfectly, just # replacing IO::Socket::INET with IO::Socket::UNIX. # Derrick --- lib/Net/LDAPI.pm +++ lib/Net/LDAPI.pm Sat Dec 7 23:46:57 2002 @@ -0,0 +1,84 @@ +# Copyright (c) 2000-2002 Chris Ridd <chris.ridd@messagingdirect.com> and +# Graham Barr <gbarr@pobox.com>. All rights reserved. This program is +# free software; you can redistribute it and/or modify it under the +# same terms as Perl itself. + +package Net::LDAPI; +@Net::LDAPI::ISA = ( 'Net::LDAP' ); +$Net::LDAPI::VERSION = "0.01"; + +use strict; +use Net::LDAP; +use IO::Socket::UNIX; + +# Different OpenSSL verify modes. +my %verify = qw(none 0 optional 1 require 3); + +sub _connect { + my ($ldap, $sockpath) = @_; + + $sockpath = "/var/lib/ldapi" unless defined($sockpath); + + $ldap->{'net_ldap_socket'} = IO::Socket::UNIX->new( + Type => &SOCK_STREAM, + Peer => $sockpath + ); +} + +1; + +__END__ + +=head1 NAME + +Net::LDAPI - use LDAP over a UNIX domain socket + +=head1 SYNOPSIS + + use Net::LDAPI; + + $ldaps = new Net::LDAPI('/var/lib/ldapi'); + +=head1 DESCRIPTION + +Communicate using the LDAP protocol to a directory server using a +UNIX domain socket. + +This class is a subclass of Net::LDAP so all the normal Net::LDAP +methods can be used with a Net::LDAPI object; see the documentation +for Net::LDAP to find out how to query a directory server using the +LDAP protocol. + +=head1 CONSTRUCTOR + +=over 4 + +=item new ( [SOCKPATH] ) + +Create a new connection. SOCKPATH can optionally be specified, to specify +the location of the UNIX domain socket to connect to. By default, the +domain socket path is '/var/lib/ldapi'. This may be OpenLDAP-specific. + +=back + +=head1 SEE ALSO + +L<Net::LDAP>, +L<IO::Socket::UNIX> + +=head1 BUGS + +None yet. + +=head1 AUTHOR + +Derrik Pates <dpates@dsdk12.net> + +=head1 COPYRIGHT + +Original code Copyright (c) 2000-2002, Chris Ridd and Graham Barr. All +rights reserved. This library is free software; you can redistribute it +and/or modify it under the same terms as Perl itself. + +=cut + With the expection of the very first one, that I found today, all these patches and the changes applied to the CVS up to today (dependenciesfor DSML, VLV response fix, keydecrypt documentation, Entry clone, ...) are in use in our company without any problems from the time they have been published. Will you be considering to include these patches into CVS and maybe release a minor update (0.2702 ;-) to perl-ldap ? Peter -- Peter Marschall eMail: peter@adpm.de Show quoted text