Bug 1018688 - Connectionless LDAP is broken for IPv6
Connectionless LDAP is broken for IPv6
Product: Fedora
Classification: Fedora
Component: openldap (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Jan Synacek
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2013-10-14 03:54 EDT by Jan Synacek
Modified: 2013-11-10 01:13 EST (History)
5 users (show)

See Also:
Fixed In Version: openldap-2.4.36-4.fc20
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2013-11-07 23:37:49 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
OpenLDAP ITS 7694 None None None Never

  None (edit)
Description Jan Synacek 2013-10-14 03:54:13 EDT
Description of problem:
Connectionless LDAP (ie: cldap enabled with -DLDAP_CONNECTIONLESS) is broken for IPv6 for current versions of openldap. Tested with version 2.4.35

It's not clear if this ever worked properly.

Connections immediately fail with:

ldap_search_ext: Can't contact LDAP server (-1)

The reason for this is that the LDAP_CONNECTIONLESS buffers include a prefix containing an address in a "struct sockaddr". However, struct sockaddr, is not a concrete type. In particular struct sockaddr_in6 is longer than struct sockaddr.

Noted here: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=blob;f=libraries/liblber/sockbuf.c;h=d997e92910954b943e5b3fe7139ff4caaeaf49bf;hb=HEAD#l886

So this leads to failures when using IPv6 as the code assumes that the address length is equal to sizeof (struct sockaddr). Seen here:


Version-Release number of selected component (if applicable):

Additional info:
See #1007421.
Comment 1 Jan Synacek 2013-10-14 04:07:33 EDT
Oops, sorry, correct version of the package is openldap-2.4.36-1.fc20.x86_64.
Comment 3 Fedora Update System 2013-10-14 04:59:11 EDT
openldap-2.4.36-2.fc20 has been submitted as an update for Fedora 20.
Comment 4 Fedora Update System 2013-10-14 05:12:40 EDT
openldap-2.4.36-2.fc19 has been submitted as an update for Fedora 19.
Comment 5 Fedora Update System 2013-10-14 15:21:55 EDT
Package openldap-2.4.36-2.fc20:
* should fix your issue,
* was pushed to the Fedora 20 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing openldap-2.4.36-2.fc20'
as soon as you are able to.
Please go to the following url:
then log in and leave karma (feedback).
Comment 6 Fedora Update System 2013-10-15 10:06:32 EDT
openldap-2.4.36-3.fc20 has been submitted as an update for Fedora 20.
Comment 7 Fedora Update System 2013-10-23 02:14:31 EDT
openldap-2.4.36-4.fc20 has been submitted as an update for Fedora 20.
Comment 8 Fedora Update System 2013-10-23 02:46:29 EDT
openldap-2.4.36-4.fc19 has been submitted as an update for Fedora 19.
Comment 9 Fedora Update System 2013-11-07 23:37:49 EST
openldap-2.4.36-4.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 10 Fedora Update System 2013-11-10 01:13:29 EST
openldap-2.4.36-4.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.