Ubuntu
openldap2.2 package

  1. Bug #6867
  2. Comment #40

Comment 40 for bug 6867

Revision history for this message
In , Roland Bauerschmidt (bauerschmidt) wrote : Re: Bug#244827: libgcrypt7: more info

On Tue, Jul 20, 2004 at 01:44:46PM +0200, Matthias Urlichs wrote:
> => something freed the dh_params vector.
>
> I haven't found the culprit yet.

I think I might've found it (though not verified yet). In gnutls.c
(OpenLDAP code), SSL_do_handshake:

 [...]
        if (!ssl->session) {
   [...]
                        gnutls_error = gnutls_rsa_params_init(&rsa_params);
   [...]
                        gnutls_error = gnutls_dh_params_init(&dh_params);
   [...]
                        ldap_gnutls_need_rsa_params(ssl,&rsa_params);
   [...]
                        ldap_gnutls_need_dh_params(ssl,&dh_params);
   [...]
        }
  [...]
  if (rsa_params)
    gnutls_rsa_params_deinit(rsa_params);

  if (dh_params)
    gnutls_dh_params_deinit(dh_params);

I'm afraid, the _params_deinit functions should only be called when the
session is closed. ldap_gnutls_need_rsa_params uses
gnutls_certificate_set_{dh,rsa}_params to set the given params and
those functions only set a pointer...

Roland