Mailinglist Archive: opensuse-commit (1426 mails)

< Previous Next >
commit nss_ldap
  • From: root@xxxxxxxxxxxxxxx (h_root)
  • Date: Mon, 05 Mar 2007 15:27:25 +0100
  • Message-id: <20070305142725.8E67F678183@xxxxxxxxxxxxxxx>

Hello community,

here is the log from the commit of package nss_ldap
checked in at Mon Mar 5 15:27:25 CET 2007.

--------
--- nss_ldap/nss_ldap.changes 2007-03-01 15:03:16.000000000 +0100
+++ /mounts/work_src_done/STABLE/nss_ldap/nss_ldap.changes 2007-03-05 12:39:12.000000000 +0100
@@ -1,0 +2,8 @@
+Mon Mar 5 12:17:41 CET 2007 - rhafer@xxxxxxx
+
+- Update to nss_ldap-255
+ * fix for PADL-Bug#304: fd leak in do_close_no_unbind
+ * patch from Adrian Bridgett <adrian@xxxxxxxxxx>
+ for Debian BUG#375533: Assertion failure in libnss-ldap
+
+-------------------------------------------------------------------

Old:
----
nss_ldap-254.tar.bz2
nss_ldap-empty-host-assert.dif
nss_ldap-parse_ldap_port.dif

New:
----
nss_ldap-255.tar.bz2

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ nss_ldap.spec ++++++
--- /var/tmp/diff_new_pack.p20704/_old 2007-03-05 15:27:07.000000000 +0100
+++ /var/tmp/diff_new_pack.p20704/_new 2007-03-05 15:27:07.000000000 +0100
@@ -1,5 +1,5 @@
#
-# spec file for package nss_ldap (Version 254)
+# spec file for package nss_ldap (Version 255)
#
# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine
@@ -16,8 +16,8 @@
Group: Productivity/Networking/LDAP/Clients
PreReq: /usr/bin/grep /usr/bin/sed /bin/mktemp
Autoreqprov: on
-Version: 254
-Release: 6
+Version: 255
+Release: 1
Summary: NSS LDAP Module
URL: http://www.padl.com/OSS/nss_ldap.html
Source: nss_ldap-%{version}.tar.bz2
@@ -25,8 +25,6 @@
Patch: nss_ldap.dif
Patch1: sigset.dif
Patch2: group-utf8.dif
-Patch3: nss_ldap-parse_ldap_port.dif
-Patch4: nss_ldap-empty-host-assert.dif
BuildRoot: %{_tmppath}/%{name}-%{version}-build

%description
@@ -46,8 +44,6 @@
%patch -p1
%patch1
%patch2 -p1
-%patch3
-%patch4
cp -v %{S:1} .

%build
@@ -106,6 +102,11 @@
%doc %{_mandir}/man5/nss_ldap.5*

%changelog
+* Mon Mar 05 2007 - rhafer@xxxxxxx
+- Update to nss_ldap-255
+ * fix for PADL-Bug#304: fd leak in do_close_no_unbind
+ * patch from Adrian Bridgett <adrian@xxxxxxxxxx>
+ for Debian BUG#375533: Assertion failure in libnss-ldap
* Thu Mar 01 2007 - rhafer@xxxxxxx
- nss_ldap could crash when no host or uri is configured in
/etc/ldap.conf or DNS (Bug #248594)

++++++ nss_ldap-254.tar.bz2 -> nss_ldap-255.tar.bz2 ++++++
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/nss_ldap-254/ChangeLog new/nss_ldap-255/ChangeLog
--- old/nss_ldap-254/ChangeLog 2006-12-18 09:12:56.000000000 +0100
+++ new/nss_ldap-255/ChangeLog 2007-03-03 08:12:37.000000000 +0100
@@ -1,6 +1,17 @@
-$Id: ChangeLog,v 2.380 2006/12/18 08:12:48 lukeh Exp $
+$Id: ChangeLog,v 2.384 2007/03/03 07:05:50 lukeh Exp $
===============================================================

+255 Luke Howard <lukeh@xxxxxxxx>
+
+ * fix for BUG#303: SSL port behavior change since
+ version 241
+ * fix for BUG#304: fd leak in do_close_no_unbind
+ * fix for BUG#313: assertion in do_init() when no
+ host/uri is configured
+ * patch from Adrian Bridgett <adrian@xxxxxxxxxx>
+ for Debian BUG#375533: Assertion failure in
+ libnss-ldap
+
254 Luke Howard <lukeh@xxxxxxxx>

* fix for BUG#292: array bounds check in ldap-network.c
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/nss_ldap-254/configure new/nss_ldap-255/configure
--- old/nss_ldap-254/configure 2006-12-18 09:12:56.000000000 +0100
+++ new/nss_ldap-255/configure 2007-03-03 08:12:37.000000000 +0100
@@ -816,7 +816,7 @@

PACKAGE=nss_ldap

-VERSION=254
+VERSION=255

if test "`cd $srcdir && pwd`" != "`pwd`" && test -f $srcdir/config.status; then
{ echo "configure: error: source directory already configured; run "make distclean" there first" 1>&2; exit 1; }
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/nss_ldap-254/configure.in new/nss_ldap-255/configure.in
--- old/nss_ldap-254/configure.in 2006-12-18 09:12:56.000000000 +0100
+++ new/nss_ldap-255/configure.in 2007-03-03 08:12:37.000000000 +0100
@@ -2,7 +2,7 @@
AC_CANONICAL_SYSTEM
AC_PREFIX_DEFAULT()

-AM_INIT_AUTOMAKE(nss_ldap, 254)
+AM_INIT_AUTOMAKE(nss_ldap, 255)
AM_CONFIG_HEADER(config.h)

AC_PROG_CC
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/nss_ldap-254/CVSVersionInfo.txt new/nss_ldap-255/CVSVersionInfo.txt
--- old/nss_ldap-254/CVSVersionInfo.txt 2006-12-18 09:12:56.000000000 +0100
+++ new/nss_ldap-255/CVSVersionInfo.txt 2007-03-03 08:12:37.000000000 +0100
@@ -1,8 +1,8 @@
# Created and modified by checkpoint; do not edit
-# $Id: CVSVersionInfo.txt,v 2.296 2006/12/18 08:12:53 lukeh Exp $
-# $Name: nss_ldap-254 $
+# $Id: CVSVersionInfo.txt,v 2.297 2007/03/03 07:12:34 lukeh Exp $
+# $Name: nss_ldap-255 $
ProjectName: nss_ldap
-ProjectVersion: 254
+ProjectVersion: 255
ProjectMaintainer: lukeh
#
# run this before building in RC. @@@PLATFORM@@@ is
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/nss_ldap-254/ldap-nss.c new/nss_ldap-255/ldap-nss.c
--- old/nss_ldap-254/ldap-nss.c 2006-12-18 09:12:56.000000000 +0100
+++ new/nss_ldap-255/ldap-nss.c 2007-03-03 08:12:37.000000000 +0100
@@ -19,7 +19,7 @@
*/

static char rcsId[] =
- "$Id: ldap-nss.c,v 2.282 2006/05/15 08:13:44 lukeh Exp $";
+ "$Id: ldap-nss.c,v 2.285 2007/03/03 07:05:50 lukeh Exp $";

#include "config.h"

@@ -793,23 +793,31 @@
NSS_LDAP_SOCKLEN_T peernamelen = sizeof (peername);

if (getsockname (*sd, (struct sockaddr *) &sockname, &socknamelen) != 0 ||
- getpeername (*sd, (struct sockaddr *) &peername, &peernamelen) != 0)
+ !do_sockaddr_isequal (&__session.ls_sockname,
+ socknamelen,
+ &sockname,
+ socknamelen))
+ {
+ isOurSocket = 0;
+ }
+ /*
+ * XXX: We don't pay any attention to return codes in places such as
+ * do_search_s so we never observe when the other end has disconnected
+ * our socket. In that case we'll get an ENOTCONN error here... and
+ * it's best we ignore the error -- otherwise we'll leak a filedescriptor.
+ * The correct fix would be to test error codes in many places.
+ */
+ else if (getpeername (*sd, (struct sockaddr *) &peername, &peernamelen) != 0)
{
- isOurSocket = 0;
+ if (errno != ENOTCONN)
+ isOurSocket = 0;
}
else
{
- isOurSocket = do_sockaddr_isequal (&__session.ls_sockname,
- socknamelen,
- &sockname,
- socknamelen);
- if (isOurSocket)
- {
- isOurSocket = do_sockaddr_isequal (&__session.ls_peername,
- peernamelen,
- &peername,
- peernamelen);
- }
+ isOurSocket = do_sockaddr_isequal (&__session.ls_peername,
+ peernamelen,
+ &peername,
+ peernamelen);
}
}
#endif /* HAVE_LDAPSSL_CLIENT_INIT */
@@ -876,13 +884,16 @@
dummyfd = socket (AF_INET, SOCK_STREAM, 0);
if (dummyfd > -1 && dummyfd != sd)
{
- do_closefd (sd);
+ /* we must let dup2 close sd for us to avoid race conditions
+ * in multithreaded code.
+ */
do_dupfd (dummyfd, sd);
do_closefd (dummyfd);
}

#ifdef HAVE_LDAP_LD_FREE
#if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)
+ /* XXX: when using openssl this will *ALWAYS* close the fd */
(void) ldap_ld_free (__session.ls_conn, 0, NULL, NULL);
#else
(void) ldap_ld_free (__session.ls_conn, 0);
@@ -892,13 +903,18 @@
#endif /* HAVE_LDAP_LD_FREE */

/* Do we want our original sd back? */
- do_closefd (sd);
if (savedfd > -1)
{
if (closeSd == 0)
do_dupfd (savedfd, sd);
+ else
+ do_closefd (sd);
do_closefd (savedfd);
- }
+ }
+ else
+ {
+ do_closefd (sd);
+ }
}
#else /* No sd available */
{
@@ -1016,7 +1032,7 @@
/* we should be looking for the second instance to find the port number */
if (p != NULL)
{
- p = strchr (p, ':');
+ p = strchr (++p, ':');
}

#ifdef HAVE_LDAP_INITIALIZE
@@ -1247,11 +1263,16 @@
{
/* Config was read but no host information specified; try DNS */
stat = _nss_ldap_mergeconfigfromdns (__config, &configbufp, &configbuflen);
+ if (stat != NSS_SUCCESS)
+ {
+ syslog (LOG_ERR, "nss_ldap: could not determine LDAP server from ldap.conf or DNS");
+ }
}

if (stat != NSS_SUCCESS)
{
debug ("<== do_init (failed to read config)");
+ __config = NULL;
return NSS_UNAVAIL;
}
}
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/nss_ldap-254/nss_ldap.spec new/nss_ldap-255/nss_ldap.spec
--- old/nss_ldap-254/nss_ldap.spec 2006-12-18 09:12:56.000000000 +0100
+++ new/nss_ldap-255/nss_ldap.spec 2007-03-03 08:12:37.000000000 +0100
@@ -1,6 +1,6 @@
Summary: NSS library for LDAP.
Name: nss_ldap
-Version: 254
+Version: 255
Release: 1
Source0: ftp://ftp.padl.com/pub/%{name}-%{version}.tar.gz
Source1: ldap.conf
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/nss_ldap-254/util.c new/nss_ldap-255/util.c
--- old/nss_ldap-254/util.c 2006-12-18 09:12:56.000000000 +0100
+++ new/nss_ldap-255/util.c 2007-03-03 08:12:37.000000000 +0100
@@ -58,7 +58,7 @@
#include "ldap-nss.h"
#include "util.h"

-static char rcsId[] = "$Id: util.c,v 2.132 2006/01/25 20:30:27 lukeh Exp $";
+static char rcsId[] = "$Id: util.c,v 2.133 2007/01/17 23:06:33 lukeh Exp $";

static NSS_STATUS do_getrdnvalue (const char *dn,
const char *rdntype,
@@ -776,6 +776,12 @@
ldap_config_t *result;
struct stat statbuf;

+ fp = fopen (NSS_LDAP_PATH_CONF, "r");
+ if (fp == NULL)
+ {
+ return NSS_UNAVAIL;
+ }
+
if (bytesleft (*buffer, *buflen, ldap_config_t *) < sizeof (ldap_config_t))
{
return NSS_TRYAGAIN;
@@ -791,12 +797,6 @@
return NSS_SUCCESS;
}

- fp = fopen (NSS_LDAP_PATH_CONF, "r");
- if (fp == NULL)
- {
- return NSS_UNAVAIL;
- }
-
if (fstat (fileno (fp), &statbuf) == 0)
result->ldc_mtime = statbuf.st_mtime;
else



++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



Remember to have fun...

---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-commit+help@xxxxxxxxxxxx

< Previous Next >
This Thread