[Rt-devel] BUG in Net::LDAP v0.35 - Do NOT upgrade!

Mike Peachey mike.peachey at jennic.com
Fri Apr 11 10:52:55 EDT 2008


I have discovered a critical bug in Net::LDAP 0.35 and submitted the 
following ticket to the developer:
http://rt.cpan.org/Ticket/Display.html?id=34878

In 0.35, the Net::Ldap::Util::ldap_error_name subroutine is broken which 
means that all functions such as Net::LDAP->code() that return a message 
as a constant are broken.

Instead of returning the correct message, Password Policy (PP) constants 
are being returned instead.

The most crucial example is that a successful bind or search is 
returning LDAP_PP_PASSWORD_EXPIRED (0) instead of LDAP_SUCCESS (0). You 
can code around this failure by using resultCode() instead to get the 
integer form of the result code, however all current perl modules that 
determine results by using the constant names will function unexpectedly.

I am currently trying to decide which way to code around the bug in 
RT::Authen::ExternalAuth so that those who've already upgraded to 
Net::LDAP 0.35 can continue to use the extension, however v0.06 which 
will work around the bug may not be released until Monday or Tuesday of 
next week.
-- 
Kind Regards,

__________________________________________________

Mike Peachey, IT
Tel: +44 114 281 2655
Fax: +44 114 281 2951
Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK
Comp Reg No: 3191371 - Registered In England
http://www.jennic.com
__________________________________________________


More information about the Rt-devel mailing list