Hello community,
here is the log from the commit of package autofs for openSUSE:Factory
checked in at Fri Oct 7 17:06:48 CEST 2011.
--------
--- openSUSE:Factory/autofs/autofs.changes 2011-09-23 01:52:12.000000000 +0200
+++ /mounts/work_src_done/STABLE/autofs/autofs.changes 2011-09-19 14:27:03.000000000 +0200
@@ -2 +2,14 @@
-Mon Jul 4 11:35:36 UTC 2011 - lchiquitto@novell.com
+Sat Sep 17 13:43:52 UTC 2011 - jengelh@medozas.de
+
+- rpm spec: remove redundant tags/sections
+- rpm spec: use %_smp_mflags for parallel build
+
+-------------------------------------------------------------------
+Wed Sep 14 18:51:32 UTC 2011 - lchiquitto@suse.com
+
+- fix LDAP result leaks on error paths
+- fix result null check in read_one_map() (bnc#707715)
+- fix paged query more results check
+
+-------------------------------------------------------------------
+Mon Jul 4 11:35:36 UTC 2011 - lchiquitto@suse.com
@@ -9 +22 @@
-Fri Jul 1 13:40:05 UTC 2011 - lchiquitto@novell.com
+Fri Jul 1 13:40:05 UTC 2011 - lchiquitto@suse.com
@@ -14 +27 @@
-Tue Jun 28 23:42:30 UTC 2011 - lchiquitto@novell.com
+Tue Jun 28 23:42:30 UTC 2011 - lchiquitto@suse.com
@@ -26 +39 @@
-Tue Jun 14 17:21:19 UTC 2011 - lchiquitto@novell.com
+Tue Jun 14 17:21:19 UTC 2011 - lchiquitto@suse.com
@@ -34 +47 @@
-Tue Jun 14 12:01:17 UTC 2011 - lchiquitto@novell.com
+Tue Jun 14 12:01:17 UTC 2011 - lchiquitto@suse.com
@@ -39 +52 @@
-Tue Jun 14 11:54:02 UTC 2011 - lchiquitto@novell.com
+Tue Jun 14 11:54:02 UTC 2011 - lchiquitto@suse.com
@@ -55 +68 @@
-Fri May 27 20:53:03 UTC 2011 - lchiquitto@novell.com
+Fri May 27 20:53:03 UTC 2011 - lchiquitto@suse.com
@@ -61 +74 @@
-Fri May 27 20:13:52 UTC 2011 - lchiquitto@novell.com
+Fri May 27 20:13:52 UTC 2011 - lchiquitto@suse.com
@@ -69 +82 @@
-Mon May 23 17:44:54 UTC 2011 - lchiquitto@novell.com
+Mon May 23 17:44:54 UTC 2011 - lchiquitto@suse.com
@@ -79 +92 @@
-Mon May 9 16:46:48 UTC 2011 - lchiquitto@novell.com
+Mon May 9 16:46:48 UTC 2011 - lchiquitto@suse.com
@@ -97 +110 @@
-Mon Apr 4 21:04:35 UTC 2011 - lchiquitto@novell.com
+Mon Apr 4 21:04:35 UTC 2011 - lchiquitto@suse.com
@@ -103 +116 @@
-Mon Apr 4 20:49:38 UTC 2011 - lchiquitto@novell.com
+Mon Apr 4 20:49:38 UTC 2011 - lchiquitto@suse.com
@@ -108 +121 @@
-Mon Apr 4 20:40:04 UTC 2011 - lchiquitto@novell.com
+Mon Apr 4 20:40:04 UTC 2011 - lchiquitto@suse.com
@@ -115 +128 @@
-Tue Mar 29 17:47:28 UTC 2011 - lchiquitto@novell.com
+Tue Mar 29 17:47:28 UTC 2011 - lchiquitto@suse.com
@@ -121 +134 @@
-Tue Mar 29 14:54:08 UTC 2011 - lchiquitto@novell.com
+Tue Mar 29 14:54:08 UTC 2011 - lchiquitto@suse.com
@@ -127 +140 @@
-Thu Mar 24 21:04:16 UTC 2011 - lchiquitto@novell.com
+Thu Mar 24 21:04:16 UTC 2011 - lchiquitto@suse.com
@@ -133 +146 @@
-Thu Mar 3 14:11:32 UTC 2011 - lchiquitto@novell.com
+Thu Mar 3 14:11:32 UTC 2011 - lchiquitto@suse.com
@@ -144 +157 @@
-Tue Feb 22 13:51:47 UTC 2011 - lchiquitto@novell.com
+Tue Feb 22 13:51:47 UTC 2011 - lchiquitto@suse.com
@@ -150 +163 @@
-Mon Feb 21 15:01:21 UTC 2011 - lchiquitto@novell.com
+Mon Feb 21 15:01:21 UTC 2011 - lchiquitto@suse.com
@@ -156 +169 @@
-Fri Oct 29 13:08:52 UTC 2010 - lchiquitto@novell.com
+Fri Oct 29 13:08:52 UTC 2010 - lchiquitto@suse.com
@@ -168 +181 @@
-Thu Aug 19 12:15:44 UTC 2010 - lchiquitto@novell.com
+Thu Aug 19 12:15:44 UTC 2010 - lchiquitto@suse.com
@@ -173 +186 @@
-Thu Aug 12 13:31:29 UTC 2010 - lchiquitto@novell.com
+Thu Aug 12 13:31:29 UTC 2010 - lchiquitto@suse.com
@@ -187 +200 @@
-Mon May 24 13:02:40 UTC 2010 - lchiquitto@novell.com
+Mon May 24 13:02:40 UTC 2010 - lchiquitto@suse.com
@@ -207 +220 @@
-Mon May 10 23:26:47 UTC 2010 - lchiquitto@novell.com
+Mon May 10 23:26:47 UTC 2010 - lchiquitto@suse.com
@@ -213 +226 @@
-Wed Mar 31 18:02:13 UTC 2010 - lchiquitto@novell.com
+Wed Mar 31 18:02:13 UTC 2010 - lchiquitto@suse.com
@@ -230 +243 @@
-Wed Feb 10 10:37:15 UTC 2010 - lchiquitto@novell.com
+Wed Feb 10 10:37:15 UTC 2010 - lchiquitto@suse.com
@@ -237 +250 @@
-Thu Feb 4 22:48:22 UTC 2010 - lchiquitto@novell.com
+Thu Feb 4 22:48:22 UTC 2010 - lchiquitto@suse.com
@@ -251 +264 @@
-Wed Dec 23 11:56:57 UTC 2009 - lchiquitto@novell.com
+Wed Dec 23 11:56:57 UTC 2009 - lchiquitto@suse.com
@@ -256 +269 @@
-Wed Dec 16 14:03:27 UTC 2009 - lchiquitto@novell.com
+Wed Dec 16 14:03:27 UTC 2009 - lchiquitto@suse.com
@@ -267 +280 @@
-Fri Nov 27 11:59:44 UTC 2009 - lchiquitto@novell.com
+Fri Nov 27 11:59:44 UTC 2009 - lchiquitto@suse.com
calling whatdependson for head-i586
Old:
----
README.SuSE
README.SuSE.ldap
New:
----
README.SUSE
README.SUSE.ldap
autofs-5.0.5-fix-ldap-result-leaks.patch
autofs-5.0.5-fix-paged-query-more-results-check.patch
autofs-5.0.5-fix-result-null-check-in-read_one_map.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ autofs.spec ++++++
--- /var/tmp/diff_new_pack.XMyuwd/_old 2011-10-07 17:06:44.000000000 +0200
+++ /var/tmp/diff_new_pack.XMyuwd/_new 2011-10-07 17:06:44.000000000 +0200
@@ -15,7 +15,6 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
-# norootforbuild
Name: autofs
@@ -24,7 +23,6 @@
BuildRequires: krb5-devel libtirpc-devel libxml2-devel openldap2-devel
License: GPLv2+
Group: System/Daemons
-AutoReqProv: on
Version: 5.0.6
Release: 2
Summary: A Kernel-Based Automounter
@@ -33,13 +31,16 @@
Source1: sysconfig.autofs
Source2: autofs.init
Source3: autofs.schema
-Source4: README.SuSE.ldap
-Source5: README.SuSE
+Source4: README.SUSE.ldap
+Source5: README.SUSE
Source7: NetworkManager-autofs
Source8: get-upstream-patches
%define patchdate 20110703
Patch0: autofs-%{version}-upstream-patches-%{patchdate}.bz2
Patch1: autofs-5.0.6-invalid-ghost-dirs.patch
+Patch2: autofs-5.0.5-fix-paged-query-more-results-check.patch
+Patch3: autofs-5.0.5-fix-result-null-check-in-read_one_map.patch
+Patch4: autofs-5.0.5-fix-ldap-result-leaks.patch
Patch10: autofs-suse-auto_master_default.patch
Patch11: autofs-suse-build.patch
PreReq: %fillup_prereq %insserv_prereq aaa_base
@@ -51,13 +52,6 @@
you are not using them. This can include network filesystems, CD-ROMs,
floppies, and so forth.
-
-
-Authors:
---------
- H. Peter Anvin
- Ian Kent
-
%prep
%setup
cp %{SOURCE3} .
@@ -66,6 +60,9 @@
#
%patch0 -p1
%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
%patch10 -p1
%patch11 -p1
@@ -81,7 +78,8 @@
--with-libtirpc \
--with-hesiod=no \
--with-sasl
-make all DONTSTRIP=1 LOCAL_CFLAGS="$RPM_OPT_FLAGS %(getconf LFS_CFLAGS)"
+make all DONTSTRIP=1 LOCAL_CFLAGS="$RPM_OPT_FLAGS %(getconf LFS_CFLAGS)" \
+ %{?_smp_mflags}
%install
make install INSTALLROOT=$RPM_BUILD_ROOT
@@ -95,9 +93,6 @@
# will be installed by fillup scripts
rm -f $RPM_BUILD_ROOT/etc/sysconfig/autofs
-%clean
-rm -rf %{buildroot}
-
%post
if /sbin/chkconfig -c autofs 3; then
%{insserv_force_if_yast autofs}
@@ -125,7 +120,7 @@
/etc/NetworkManager/dispatcher.d/autofs
%doc COPYRIGHT README README.changer README.ncpfs README.replicated-server
%doc README.smbfs README.v5.release autofs.schema README.active-restart
-%doc README.SuSE README.SuSE.ldap
+%doc README.SUSE README.SUSE.ldap
%dir %{_libdir}/autofs/
%{_libdir}/autofs/
%{_mandir}/man5/*
++++++ README.SUSE ++++++
autofs5 is a major update with lots of code changes and new features.
Most of the changes enhance the functionality to be more compliant
with current industry standards.
Here is a list of the most important changes:
Differences v4 vs. v5
---------------------
- Master map is now read and parsed by the `automount' daemon
- The master map default is "auto.master" and nsswitch is used to
locate it. The line "+auto.master" has been added to the default
installed "/etc/auto.master" to ensure that those using NIS will
still find their master map. This is in line with other industry
automount implementations.
- The `automount' daemon is now a multi-threaded application
- `autofs' filesystem mounts only appear in /proc/mounts and not
/etc/mtab.
- `autofs' version 5.0.0 will refuse to run if it cannot find an
autofs4 kernel module that supports protocol version 5.00 or above.
- mount options present in the master map are now overridden by mount
options in map entries instead of being accumulated. This behaviour
is in line with other industry automount implementations.
New features in v5
------------------
- improved direct mount map support
- `+' map inclusion
- added nsswitch map source support
- rewrote multi-mount map code
- added LDAP encryption and authentication support
- improved shutdown and restart
- a "hosts" map module has been added
Update hints
============
Since autofs now uses nsswitch to locate the master map, the
sysconfig variable NISMASTERMAP is obsolete.
Also the UNDERSCORETODOT parameter is not support anymore.
Some new sysconfig parameters are available, please take
a look to /etc/sysconfig/autofs.
Note also, that the old Suse config syntax style is not
supported anymore. If you had a configuration like
/mnt yp auto.home [options]
you'll have to change this to
/mnt yp:auto.home [options]
++++++ README.SUSE.ldap ++++++
Autofs with ldap
----------------
You can configure autofs via LDAP using the nis.schema or rfc2307bis.schema.
You can find this schema at /etc/openldap/schema/nis.schema and
/etc/openldap/schema/rfc2307bis.schema resp.
1. Change the "automount:" entry in /etc/nsswitch.conf to
automount: files ldap
2. Configure your /etc/openldap/ldap.conf
include /etc/openldap/schema/rfc2307bis.schema
or
include /etc/openldap/schema/nis.schema
3. Create the neccessary entry in LDAP
Here is an example ldif to mount the whole /home per autofs:
--------------------- begin ------------------------------------------------
dn: ou=AUTOFS,dc=example,dc=org
objectClass: organizationalUnit
ou: AUTOFS
dn: nisMapName=auto.master,ou=AUTOFS,dc=example,dc=org
objectClass: nisMap
nisMapName: auto.master
dn: cn=/mounts,nisMapName=auto.master,ou=AUTOFS,dc=example,dc=org
objectClass: nisObject
nisMapName: auto.master
cn: /mounts
nisMapEntry: ldap ldapserver.example.org:nisMapName=auto.mounts,ou=AUTOFS,dc=example,dc=org
dn: nisMapName=auto.mounts,ou=AUTOFS,dc=example,dc=org
objectClass: nisMap
nisMapName: auto.mounts
dn: cn=home,nisMapName=auto.mounts,ou=AUTOFS,dc=example,dc=org
objectClass: nisObject
nisMapName: auto.mounts
cn: home
nisMapEntry: -fstype=nfs,hard,intr,nodev,nosuid nfsserver.example.org:/home
--------------------- end --------------------------------------------------
++++++ autofs-5.0.5-fix-ldap-result-leaks.patch ++++++
Fix LDAP result leaks on error paths
According to ldap_search_s(3), the result structure must be freed
with ldap_msgfree() even when the search function returned failure.
---
modules/lookup_ldap.c | 6 ++++++
CHANGELOG | 1 +
2 files changed, 7 insertions(+)
Index: autofs/modules/lookup_ldap.c
===================================================================
--- autofs.orig/modules/lookup_ldap.c
+++ autofs/modules/lookup_ldap.c
@@ -347,6 +347,8 @@ static int get_query_dn(unsigned logopt,
error(logopt,
MODPREFIX "query failed for %s: %s",
query, ldap_err2string(rv));
+ if (result)
+ ldap_msgfree(result);
free(query);
return 0;
}
@@ -1573,6 +1575,8 @@ int lookup_read_master(struct master *ma
error(logopt, MODPREFIX "query failed for %s: %s",
query, ldap_err2string(rv));
unbind_ldap_connection(logging, ldap, ctxt);
+ if (result)
+ ldap_msgfree(result);
free(query);
return NSS_STATUS_NOTFOUND;
}
@@ -2586,6 +2590,8 @@ static int lookup_one(struct autofs_poin
if ((rv != LDAP_SUCCESS) || !result) {
crit(ap->logopt, MODPREFIX "query failed for %s", query);
unbind_ldap_connection(ap->logopt, ldap, ctxt);
+ if (result)
+ ldap_msgfree(result);
free(query);
return CHE_FAIL;
}
Index: autofs/CHANGELOG
===================================================================
--- autofs.orig/CHANGELOG
+++ autofs/CHANGELOG
@@ -2,6 +2,7 @@
=======================
- fix ipv6 name for lookup fix.
- fix paged query more results check.
+- fix LDAP result leaks on error paths.
28/06/2011 autofs-5.0.6
-----------------------
++++++ autofs-5.0.5-fix-paged-query-more-results-check.patch ++++++
autofs-5.0.6 - fix paged query more results check
From: Ian Kent
When getting paged results from an LDAP server the server returns an
opaque cookie (of type berval) that is used to retrieve the next page.
The criteria for deciding if there are more pages is that the berval
value is non-null and has a non-zero length.
To determine if the berval value has non-zero length autofs checks the
strlen() of the value but on ppc64 and s390x this can return 0 even if
the value has non-zero length causing a premature termination of the
query.
Fix this by also checking the berval length field.
Also make sure we free the opaque cookie when the query is finished.
---
CHANGELOG | 1 +
modules/lookup_ldap.c | 13 ++++++++++++-
2 files changed, 13 insertions(+), 1 deletions(-)
Index: autofs/modules/lookup_ldap.c
===================================================================
--- autofs.orig/modules/lookup_ldap.c
+++ autofs/modules/lookup_ldap.c
@@ -2041,7 +2041,8 @@ do_paged:
rv = ldap_parse_page_control(sp->ldap,
returnedControls, &sp->totalCount,
&sp->cookie);
- if (sp->cookie && sp->cookie->bv_val && strlen(sp->cookie->bv_val))
+ if (sp->cookie && sp->cookie->bv_val &&
+ (strlen(sp->cookie->bv_val) || sp->cookie->bv_len))
sp->morePages = TRUE;
else
sp->morePages = FALSE;
@@ -2382,6 +2383,10 @@ static int read_one_map(struct autofs_po
rv == LDAP_SIZELIMIT_EXCEEDED) {
if (sp.result)
ldap_msgfree(sp.result);
+ if (sp.cookie) {
+ ber_bvfree(sp.cookie);
+ sp.cookie = NULL;
+ }
sp.pageSize = sp.pageSize / 2;
if (sp.pageSize < 5) {
debug(ap->logopt, MODPREFIX
@@ -2397,6 +2402,8 @@ static int read_one_map(struct autofs_po
if (rv != LDAP_SUCCESS || !sp.result) {
unbind_ldap_connection(ap->logopt, sp.ldap, ctxt);
*result_ldap = rv;
+ if (sp.cookie)
+ ber_bvfree(sp.cookie);
free(sp.query);
return NSS_STATUS_UNAVAIL;
}
@@ -2406,6 +2413,8 @@ static int read_one_map(struct autofs_po
ldap_msgfree(sp.result);
unbind_ldap_connection(ap->logopt, sp.ldap, ctxt);
*result_ldap = rv;
+ if (sp.cookie)
+ ber_bvfree(sp.cookie);
free(sp.query);
return NSS_STATUS_NOTFOUND;
}
@@ -2417,6 +2426,8 @@ static int read_one_map(struct autofs_po
unbind_ldap_connection(ap->logopt, sp.ldap, ctxt);
source->age = age;
+ if (sp.cookie)
+ ber_bvfree(sp.cookie);
free(sp.query);
return NSS_STATUS_SUCCESS;
Index: autofs/CHANGELOG
===================================================================
--- autofs.orig/CHANGELOG
+++ autofs/CHANGELOG
@@ -1,6 +1,7 @@
??/??/20?? autofs-5.0.7
=======================
- fix ipv6 name for lookup fix.
+- fix paged query more results check.
28/06/2011 autofs-5.0.6
-----------------------
++++++ autofs-5.0.5-fix-result-null-check-in-read_one_map.patch ++++++
autofs-5.0.6 - fix result null check in read_one_map()
From: Ian Kent
---
modules/lookup_ldap.c | 7 ++++++-
1 files changed, 6 insertions(+), 1 deletions(-)
Index: autofs/modules/lookup_ldap.c
===================================================================
--- autofs.orig/modules/lookup_ldap.c
+++ autofs/modules/lookup_ldap.c
@@ -2381,8 +2381,10 @@ static int read_one_map(struct autofs_po
if (rv == LDAP_ADMINLIMIT_EXCEEDED ||
rv == LDAP_SIZELIMIT_EXCEEDED) {
- if (sp.result)
+ if (sp.result) {
ldap_msgfree(sp.result);
+ sp.result = NULL;
+ }
if (sp.cookie) {
ber_bvfree(sp.cookie);
sp.cookie = NULL;
@@ -2402,6 +2404,8 @@ static int read_one_map(struct autofs_po
if (rv != LDAP_SUCCESS || !sp.result) {
unbind_ldap_connection(ap->logopt, sp.ldap, ctxt);
*result_ldap = rv;
+ if (sp.result)
+ ldap_msgfree(sp.result);
if (sp.cookie)
ber_bvfree(sp.cookie);
free(sp.query);
@@ -2419,6 +2423,7 @@ static int read_one_map(struct autofs_po
return NSS_STATUS_NOTFOUND;
}
ldap_msgfree(sp.result);
+ sp.result = NULL;
} while (sp.morePages == TRUE);
debug(ap->logopt, MODPREFIX "done updating map");
continue with "q"...
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org