ITS#10247 libldap: reject unrecognized critical URL extensions

2025-02-23 14:09:39 +08:00 · 2024-08-06 16:18:36 +01:00 · 2024-08-06 16:18:36 +01:00 · 4fc6a3c064
commit 4fc6a3c064
parent c0bd83df69
1 changed files with 16 additions and 6 deletions
--- a/libraries/libldap/request.c
+++ b/libraries/libldap/request.c
@ -528,9 +528,10 @@ ldap_new_connection( LDAP *ld, LDAPURLDesc **srvlist, int use_ldsb,
 	ld->ld_conns = lc;

 	if ( connect ) {
-#ifdef HAVE_TLS
 		if ( lc->lconn_server->lud_exts ) {
-			int rc, ext = find_tls_ext( lc->lconn_server );
+			int rc, ext, crit = 0;
+#ifdef HAVE_TLS
+			ext = find_tls_ext( lc->lconn_server );
 			if ( ext ) {
 				LDAPConn	*savedefconn;

@ -547,14 +548,23 @@ ldap_new_connection( LDAP *ld, LDAPURLDesc **srvlist, int use_ldsb,
 				LDAP_REQ_LOCK_IF(m_req);
 				ld->ld_defconn = savedefconn;
 				--lc->lconn_refcnt;
+				if ( ext == 2 ) {
+					crit++;

-				if ( rc != LDAP_SUCCESS && ext == 2 ) {
-					ldap_free_connection( ld, lc, 1, 0 );
-					return NULL;
+					if ( rc != LDAP_SUCCESS ) {
+						ldap_free_connection( ld, lc, 1, 0 );
+						return NULL;
+					}
 				}
 			}
-		}
 #endif
+			if ( crit != lc->lconn_server->lud_crit_exts ) {
+				/* there were unrecognized critical extensions */
+				ldap_free_connection( ld, lc, 1, 0 );
+				ld->ld_errno = LDAP_NOT_SUPPORTED;
+				return NULL;
+			}
+		}
 	}

 	if ( bind != NULL ) {