Proper Deinit? ldap_unbind_ext: Assertion `( (ld)->ld_options.ldo_valid == 0x2 )' failed
Hey,
What is the proper method for deinitializing an LDAP * context if the binding fails?
Consider the following code:
ret = ldap_initialize(&ld, buf); if (ret) { ERR("ldap_initialize: %s: %s", buf, ldap_err2string(ret)); } ret = ldap_set_option(ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF); if (ret) { ERR("ldap_set_option: %s", ldap_err2string(ret)); } else { ret = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &v3); if (ret) { ERR("ldap_set_option: %s", ldap_err2string(ret)); } else { if (my_ldap_bind_gssapi(ld, flags) == 0) { return 0; } } }
ldap_unbind_ext(lx->ld, NULL, NULL);
If the bind fails, the ldap_unbind_ext function asserts:
unbind.c:49: ldap_unbind_ext: Assertion `( (ld)->ld_options.ldo_valid == 0x2 )' failed. Aborted
What am I doing wrong?
Thanks, Mike
Michael B Allen wrote:
Hey,
What is the proper method for deinitializing an LDAP * context if the binding fails?
Consider the following code:
ret = ldap_initialize(&ld, buf); if (ret) { ERR("ldap_initialize: %s: %s", buf, ldap_err2string(ret)); } ret = ldap_set_option(ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF); if (ret) { ERR("ldap_set_option: %s", ldap_err2string(ret)); } else { ret = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &v3); if (ret) { ERR("ldap_set_option: %s", ldap_err2string(ret)); } else { if (my_ldap_bind_gssapi(ld, flags) == 0) { return 0; } } }
ldap_unbind_ext(lx->ld, NULL, NULL);
If the bind fails, the ldap_unbind_ext function asserts:
unbind.c:49: ldap_unbind_ext: Assertion `( (ld)->ld_options.ldo_valid == 0x2 )' failed. Aborted
What am I doing wrong?
You're confusing your variables, for one thing. You set up ld and then try to unbind lx->ld which is obviously something different.
Also you should not progress any further if ldap_initialize fails. Your sample there just prints an error message and then keeps on going, using an ld variable that is certainly unmodified by ldap_initialize, most likely completely uninitialized by you. You should be returning after printing that error message...
Writing code requires the utmost attention to detail, in any language, in any API. Your problems are basic mistakes caused by not paying attention, nothing particular to the LDAP API.
On Tue, 17 Oct 2006 00:38:46 -0700 Howard Chu hyc@symas.com wrote:
If the bind fails, the ldap_unbind_ext function asserts:
unbind.c:49: ldap_unbind_ext: Assertion `( (ld)->ld_options.ldo_valid == 0x2 )' failed. Aborted
What am I doing wrong?
You're confusing your variables, for one thing. You set up ld and then try to unbind lx->ld which is obviously something different.
Also you should not progress any further if ldap_initialize fails. Your sample there just prints an error message and then keeps on going, using an ld variable that is certainly unmodified by ldap_initialize, most likely completely uninitialized by you. You should be returning after printing that error message...
That's not it. I introduced those errors when I posted the code.
The code asserts if I do simply:
ret = ldap_initialize(&lx->ld, "ldap://foo.example.com"); if (ret == 0) ldap_unbind_ext(lx->ld, NULL, NULL);
Note that if I hexdump the first 128 bytes of the LDAP pointer I see the ld_options member which I estimate to be at offset 0x54 is a 0x01:
00000: 60 03 05 0a 02 00 00 00 00 00 00 00 00 00 00 00 |`...............| 00010: 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 |................| 00020: 00 00 00 00 b8 03 05 0a 85 01 00 00 00 00 00 00 |................| 00030: 00 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 |................| 00040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00050: 01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 |................| ^ ld_options 00060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
which makes sense because it corresponds to LDAP_INITIALIZED (and from looking at ldap_initizlize this looks like what the value should be):
#define LDAP_INITIALIZED 0x1 #define LDAP_VALID_SESSION 0x2
but the ldap_unbind_ext call checks for 0x2 (LDAP_VALID_SESSION). So that seems like a possible bug.
However, clearly I don't understand everything going on here because it does NOT assert if I simply do:
LDAP *ld; ret = ldap_initialize(&ld, "ldap://foo.example.com"); if (ret == 0) ldap_unbind_ext(ld, NULL, NULL);
Mike
openldap-software@openldap.org
-
Howard Chu -
Michael B Allen