Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Curl 7.76.1 Segfault with openldap while using ldaps with self signed certificate #6934

Closed
extrimexxx opened this issue Apr 22, 2021 · 2 comments
Closed

Curl 7.76.1 Segfault with openldap while using ldaps with self signed certificate #6934

extrimexxx opened this issue Apr 22, 2021 · 2 comments
Assignees
@bagder
Labels
crash LDAP

Comments

@extrimexxx
Copy link

extrimexxx commented Apr 22, 2021
edited

Bug or not? Segfault in curl 7.76.1 with openldap while using ldaps with ldap server with self signed certificate

I did this

without -k argument:
curl ldaps://www.zflexldap.com/ > Segmentation fault (core dumped)

with -k argument:
curl -k ldaps://www.zflexldap.com/ > work good but authentication failed

with -k argument:
curl -k "ldaps://www.zflexldap.com/dc=zflexsoftware,dc=com?cn" -u "uid=guest1,ou=users,ou=guests,dc=zflexsoftware,dc=com:guest1password" > work good, say's DN: DC=ZFLEXSOFTWARE,DC=COM

without -k argument:
curl "ldaps://www.zflexldap.com/dc=zflexsoftware,dc=com?cn" -u "uid=guest1,ou=users,ou=guests,dc=zflexsoftware,dc=com:guest1password" > Segmentation fault (core dumped)

I expected the following

on another server with normal certificate work good:

with -k argument:
curl -k ldaps://db.debian.org/ > say's DN: objectClass: top objectClass: OpenLDAProotDSE

without -k argument:
curl ldaps://db.debian.org/ > say's DN: objectClass: top objectClass: OpenLDAProotDSE

curl/libcurl version

curl 7.76.1 (x86_64-pc-linux-gnu) libcurl/7.76.1 OpenSSL/1.1.1 zlib/1.2.11 brotli/1.0.4 zstd/1.3.3 c-ares/1.17.1 libidn2/2.0.4 libpsl/0.19.1 (+libidn2/2.0.4) libssh2/1.8.0 librtmp/2.3 libgsasl/1.8.0
Release-Date: 2021-04-14
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli Debug gsasl GSS-API HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP TrackMemory UnixSockets zstd

operating system

Ubuntu 18.04.5 LTS (GNU/Linux 4.15.0-142-generic x86_64)
Linux ubuntu 4.15.0-142-generic #146-Ubuntu SMP Tue Apr 13 01:11:19 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
@bagder
Copy link
Member

bagder commented Apr 22, 2021

I can reproduce.

@extrimexxx extrimexxx changed the title Curl 7.76.1 Segfault whith openldap while using ldaps whith self signed certificate Curl 7.76.1 Segfault with openldap while using ldaps with self signed certificate Apr 22, 2021
@bagder bagder self-assigned this Apr 22, 2021
bagder added a commit that referenced this issue Apr 22, 2021
@bagder
openldap: fix crash in ldaps disconnect
8ceac6c 
Reported-by: Illarion Taev
Fixes #6934
@bagder bagder mentioned this issue Apr 22, 2021
Closed
@extrimexxx
Copy link
Author

i tested it #6935, now works, thanks!

monnerat added a commit to monnerat/curl that referenced this issue Apr 22, 2021
@monnerat
vtls: reset ssl use flag upon negotiation failure
b1e8eda 
Reported-by: Illarion Taev
Fixes curl#6934
monnerat added a commit to monnerat/curl that referenced this issue Apr 23, 2021
@monnerat
vtls: reset ssl use flag upon negotiation failure
a1889fc 
Reported-by: Illarion Taev
Fixes curl#6934
@bagder bagder linked a pull request Apr 23, 2021 that will close this issue
vtls: reset ssl use flag upon negotiation failure #6937
Closed
@bagder bagder closed this as completed in a4554b2 Apr 23, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bagder bagder

Labels
crash LDAP
Projects
None yet
Milestone
No milestone
2 participants
@bagder @extrimexxx