Bug 340

Summary: Putenv error on sudo 1.7.1b0 on AIX 6.1
Product: Sudo Reporter: Mark Janssen <maniac-sudo>
Component: SudoAssignee: Todd C. Miller <Todd.Miller>
Status: RESOLVED FIXED    
Severity: normal    
Priority: low    
Version: 1.7.0   
Hardware: IBM   
OS: AIX   

Description Mark Janssen 2009-03-02 03:30:43 MST 
gcc -c -I. -I.  -I/opt/IBM/ldap/V6.1/include -O2 -D_XOPEN_EXTENDED_SOURCE -D_ALL_SOURCE -D_PATH_SUDOERS=\"/etc/sudoers\" -DSUDOERS_UID=0 -DSUDOERS_GID=0 -DSUDOERS_MODE=0440  ./env.c
./env.c:328: error: conflicting types for 'putenv'
/opt/freeware/lib/gcc/powerpc-ibm-aix6.1.0.0/4.2.4/include/stdlib.h:440: error: previous declaration of 'putenv' was here
Comment 1 Mark Janssen 2009-03-02 03:32:31 MST 
Commenting PUTENV_CONST in config.h fixes this
Comment 2 Mark Janssen 2009-03-02 03:52:14 MST 
ldapssl_err2strings seems to be called ldap_err2string on AIX

grep -i err2string /opt/IBM/ldap/V6.1/include/*
ldap.h:   char *ldap_err2string LDAP_P(( int err ));
ldap.h:   char *ldap_pwdpolicy_err2string(int err);
ldapssl.h:const char * ssl_err2string( int ssl_error );

Editing ldap.c to use ldap_err2string lets the code compile and link

And then SSL does work
ssl              start_tls
===================
sudo: ldap_init(host1 host2, 389)
sudo: ldap_set_option: ldap_version -> 3
sudo: ldap_start_tls_s_np() ok
sudo: ldap_sasl_bind_s() ok
sudo: found:cn=defaults,ou=SUDOers,dc=domain,dc=tld


STARTTLS
RESULT oid= err=0 text=
TLS established tls_ssf=256 ssf=256
BIND dn="cn=sudoagent,ou=profile,dc=domain,dc=tld" method=128
BIND dn="cn=sudoagent,ou=profile,dc=domain,dc=tld" mech=SIMPLE ssf=0
Comment 3 Todd C. Miller 2009-03-02 08:09:05 MST 
I've fixed the configure test in ftp://ftp.sudo.ws/pub/millert/sudo/sudo-1.7.1b1.tar.gz
Comment 4 Mark Janssen 2009-03-09 04:46:55 MDT 
I can confirm that 1.7.1b2 works out of the box with IBM LDAP/Tivoli-TLS on AIX6.1

Configured with: ./configure --with-ldap=/opt/IBM/ldap/V6.1/ --with-ldap-conf-file=/etc/sudo.ldap --with-nsswitch=/etc/sudo.ldap

TLS enabled and OK