Shell script which reproduces the issue: http://pastebin.ubuntu.com/10712595/
Please run this script only on a disposable instance in the cloud because it creates and adds ultimately trusted certificate to the target machine.
I was able to reproduce the issue on precise (12.04) and trusty (14.04).
I *was not* able to reproduce the issue on utopic (14.10) and vivid (15.04).
This happens because libldap is linked against later version of libgnutls in 14.10 and 15.04.
12.04 and 14.04 use 2.x generation of libgnutls while 14.10 and 15.04 use 3.x generation.
I assume that libgnutls 3.x does proper cleanup and doesn't return semi-initialized context on errors (which was the root cause of the bug).
Please note that this issue doesn't crash ldap server itself but only clients who passes incorrect SSL/TLS-related settings into libldap using ldap_set_option(NULL, LDAP_OPT_X_TLS_CIPHER_SUITE, <NAME>).
Shell script which reproduces the issue: http:// pastebin. ubuntu. com/10712595/
Please run this script only on a disposable instance in the cloud because it creates and adds ultimately trusted certificate to the target machine.
I was able to reproduce the issue on precise (12.04) and trusty (14.04).
I *was not* able to reproduce the issue on utopic (14.10) and vivid (15.04).
This happens because libldap is linked against later version of libgnutls in 14.10 and 15.04.
12.04 and 14.04 use 2.x generation of libgnutls while 14.10 and 15.04 use 3.x generation.
I assume that libgnutls 3.x does proper cleanup and doesn't return semi-initialized context on errors (which was the root cause of the bug).
Please note that this issue doesn't crash ldap server itself but only clients who passes incorrect SSL/TLS-related settings into libldap using ldap_set_ option( NULL, LDAP_OPT_ X_TLS_CIPHER_ SUITE, <NAME>).