Module makes nginx 1.23.* crash if enabled

[freultwah]

nginx 1.23 has apparently seen massive API changes, and while nginx-auth-ldap still builds, it does make nginx 1.23.* exit with signal 10 and signal 11 if enabled. Disabling the module makes nginx great again.

Any plans on addressing it?

[episodeiv]

For anyone finding this: @freultwah was nice enough to provide pull request #250 which works in my environment but hasn't been merged yet...
Thanks, @freultwah :-)

[landryb]

i have to admit that i'm puzzled, since im running this module on 1.24 and 1.26 without issues using this config:

ldap_server ldap1_main {
        url ldap://db2/ou=users,dc=foo,dc=bar?uid?sub?(objectClass=*);
        group_attribute member;
        group_attribute_is_dn on;
        satisfy all;
        require group "cn=SOME_GROUP,ou=roles,dc=foo,dc=bar";
        require valid_user;
}
ldap_server ldap1_extern_other {
        url ldap://db2/ou=other,ou=wxs,dc=foo,dc=bar?uid?sub?(objectClass=*);
        require valid_user;
}

i've never seen crashes and many users are authenticating against the service... looking at the fix in #250 and #253 and 221529c, it seems to be because i don't ask for any ldap attributes ?

[freultwah]

Perhaps you're running an already patched version. My config is even slightly simpler than yours, no (objectClass=*) and also no attributes requested.

[landryb]

well that's what surprises me because i run the master branch of that repo without patches, built as a debian package and dlopen'ed module at runtime by nginx upstream debian packages...