[Auth_ldap] Auth_ldap 1.6.1 Released

Ace Suares ace at suares.nl
Sun Jan 15 13:22:15 PST 2006 

Hi Dave, and all,

On Monday 09 January 2006 15:33, Dave Carrigan wrote:
> I have released version 1.6.1 of auth_ldap. This release corrects a
> security issue where an attacker could potentially crash Apache or run
> other processes under the apache uid.

Thanks, Dave, for releasing a security fix! And from the changelog I see 
that you also included several other patches that came along. Thanks for 
mentioning my name in the ChangeLog, but Stig Venaas actually wrote the 
patch. Which is still at http://www.suares.com/auth_ldap

Today I tried to install 1.6.1
I used ./configure without any options.
I 'maked', the module compiled, I moved it to the apache library 
directory, restarted apache, so far so good.
Then I tried to login on one of my websites. I used a wrong password (and 
in later attempts, wrong usernames too). Instead of coming up with 
'Authorization failed, retry ?' it just showed the page that says 
'Authorization denied'. 

In the apache error log, I see:

Could not connect to LDAP server: No such file or directory

What could be the problem ? I only replaced the old auth_ldap.so with the 
new auth_ldap.so...

Thanks,
ace




>
> Other long-standing bugs have also been fixed.
>
> You can get the latest version at http://www.rudedog.org/auth_ldap/
>
> Cheers,

-- 
Babe I'm gonna see that you be back home in thirty days
You don't give me no consolation
I'm gonna take it to the United Nations
I'm gonna see that you be back home in Thirty Days! 
	- Chuck Berry

Ace Suares' Internet Consultancy
mail: PObox 2599, 4800 CN Breda, The Netherlands
phone: +31 6 244 33 608 (Jan Veuger, support Netherlands)
emergency: +599 786 23 73
voicemail & fax: +31 848 707 705
web: http://www.suares.nl email: support at suares.nl
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.rudedog.org/pipermail/auth_ldap/attachments/20060115/34695c45/attachment.pgp

More information about the Auth_ldap mailing list