diff --git a/.gitignore b/.gitignore index fccd49e..bfa573c 100644 --- a/.gitignore +++ b/.gitignore @@ -11,3 +11,4 @@ /openldap-2.4.37.tgz /openldap-2.4.38.tgz /openldap-2.4.39.tgz +/openldap-2.4.40.tgz diff --git a/openldap-dns-priority.patch b/openldap-dns-priority.patch deleted file mode 100644 index 8dc0923..0000000 --- a/openldap-dns-priority.patch +++ /dev/null @@ -1,192 +0,0 @@ -Implement priority/weight for DNS SRV records - -From RFC 2782: - - A client MUST attempt to contact the target host with the - lowest-numbered priority it can reach. - -This patch sorts the DNS SRV records by their priority, and -additionally gives records with a larger weight a higher probability -of appearing earlier. This way, the DNS SRV records are tried in the -order of their priority. - -Author: James M Leddy -Upstream ITS: #7027 -Resolves: #733078 - ---- - libraries/libldap/dnssrv.c | 106 ++++++++++++++++++++++++++++++++++---------- - 1 files changed, 83 insertions(+), 23 deletions(-) - -diff --git a/libraries/libldap/dnssrv.c b/libraries/libldap/dnssrv.c -index 16b1544..40f93b4 100644 ---- a/libraries/libldap/dnssrv.c -+++ b/libraries/libldap/dnssrv.c -@@ -174,6 +174,46 @@ int ldap_domain2dn( - return LDAP_SUCCESS; - } - -+#ifdef HAVE_RES_QUERY -+#define DNSBUFSIZ (64*1024) -+typedef struct srv_record { -+ u_short priority; -+ u_short weight; -+ u_short port; -+ char hostname[DNSBUFSIZ]; -+} srv_record; -+ -+ -+static int srv_cmp(const void *aa, const void *bb){ -+ srv_record *a=(srv_record *)aa; -+ srv_record *b=(srv_record *)bb; -+ u_long total; -+ -+ if(a->priority < b->priority) { -+ return -1; -+ } -+ if(a->priority > b->priority) { -+ return 1; -+ } -+ if(a->priority == b->priority){ -+ /* targets with same priority are in psudeo random order */ -+ if (a->weight == 0 && b->weight == 0) { -+ if (rand() % 2) { -+ return -1; -+ } else { -+ return 1; -+ } -+ } -+ total = a->weight + b->weight; -+ if (rand() % total < a->weight) { -+ return -1; -+ } else { -+ return 1; -+ } -+ } -+} -+#endif /* HAVE_RES_QUERY */ -+ - /* - * Lookup and return LDAP servers for domain (using the DNS - * SRV record _ldap._tcp.domain). -@@ -183,15 +223,16 @@ int ldap_domain2hostlist( - char **list ) - { - #ifdef HAVE_RES_QUERY --#define DNSBUFSIZ (64*1024) -- char *request; -- char *hostlist = NULL; -+ char *request; -+ char *hostlist = NULL; -+ srv_record *hostent_head=NULL; -+ int i; - int rc, len, cur = 0; - unsigned char reply[DNSBUFSIZ]; -+ int hostent_count=0; - - assert( domain != NULL ); - assert( list != NULL ); -- - if( *domain == '\0' ) { - return LDAP_PARAM_ERROR; - } -@@ -223,8 +264,7 @@ int ldap_domain2hostlist( - unsigned char *p; - char host[DNSBUFSIZ]; - int status; -- u_short port; -- /* int priority, weight; */ -+ u_short port, priority, weight; - - /* Parse out query */ - p = reply; -@@ -263,40 +303,56 @@ int ldap_domain2hostlist( - size = (p[0] << 8) | p[1]; - p += 2; - if (type == T_SRV) { -- int buflen; - status = dn_expand(reply, reply + len, p + 6, host, sizeof(host)); - if (status < 0) { - goto out; - } -- /* ignore priority and weight for now */ -- /* priority = (p[0] << 8) | p[1]; */ -- /* weight = (p[2] << 8) | p[3]; */ -+ -+ /* Get priority weight and port */ -+ priority = (p[0] << 8) | p[1]; -+ weight = (p[2] << 8) | p[3]; - port = (p[4] << 8) | p[5]; - - if ( port == 0 || host[ 0 ] == '\0' ) { - goto add_size; - } - -- buflen = strlen(host) + STRLENOF(":65355 "); -- hostlist = (char *) LDAP_REALLOC(hostlist, cur + buflen + 1); -- if (hostlist == NULL) { -- rc = LDAP_NO_MEMORY; -- goto out; -+ hostent_head = (srv_record *) LDAP_REALLOC(hostent_head, (hostent_count+1)*(sizeof(srv_record))); -+ if(hostent_head==NULL){ -+ rc=LDAP_NO_MEMORY; -+ goto out; -+ - } -- if (cur > 0) { -- /* not first time around */ -- hostlist[cur++] = ' '; -- } -- cur += sprintf(&hostlist[cur], "%s:%hu", host, port); -+ hostent_head[hostent_count].priority=priority; -+ hostent_head[hostent_count].weight=weight; -+ hostent_head[hostent_count].port=port; -+ strncpy(hostent_head[hostent_count].hostname, host,255); -+ hostent_count=hostent_count+1; - } - add_size:; - p += size; - } - } -+ qsort(hostent_head, hostent_count, sizeof(srv_record), srv_cmp); -+ -+ for(i=0; i0){ -+ hostlist[cur++]=' '; -+ } -+ cur += sprintf(&hostlist[cur], "%s:%hd", hostent_head[i].hostname, hostent_head[i].port); -+ } -+ - if (hostlist == NULL) { -- /* No LDAP servers found in DNS. */ -- rc = LDAP_UNAVAILABLE; -- goto out; -+ /* No LDAP servers found in DNS. */ -+ rc = LDAP_UNAVAILABLE; -+ goto out; - } - - rc = LDAP_SUCCESS; -@@ -308,8 +364,12 @@ add_size:; - if (request != NULL) { - LDAP_FREE(request); - } -+ if (hostent_head != NULL) { -+ LDAP_FREE(hostent_head); -+ } - if (rc != LDAP_SUCCESS && hostlist != NULL) { - LDAP_FREE(hostlist); -+ - } - return rc; - #else --- -1.7.6 - diff --git a/openldap-rwm-reference-counting.patch b/openldap-rwm-reference-counting.patch deleted file mode 100644 index dfe50b4..0000000 --- a/openldap-rwm-reference-counting.patch +++ /dev/null @@ -1,26 +0,0 @@ -Author: Jan Synáček -Resolves: #1060851 -Upstream ITS: #7723 - -Correctly count references in rwm overlay. - ---- a/libraries/librewrite/session.c 2010-04-13 22:23:09.000000000 +0200 -+++ b/libraries/librewrite/session.c 2013-11-08 08:47:26.000000000 +0100 -@@ -161,6 +161,7 @@ - #ifdef USE_REWRITE_LDAP_PVT_THREADS - if ( session ) { - ldap_pvt_thread_mutex_lock( &session->ls_mutex ); -+ session->ls_count++; - } - ldap_pvt_thread_rdwr_runlock( &info->li_cookies_mutex ); - #endif /* USE_REWRITE_LDAP_PVT_THREADS */ -@@ -178,6 +179,7 @@ - ) - { - assert( session != NULL ); -+ session->ls_count--; - ldap_pvt_thread_mutex_unlock( &session->ls_mutex ); - } - - - diff --git a/openldap.spec b/openldap.spec index bafabca..51b58c7 100644 --- a/openldap.spec +++ b/openldap.spec @@ -4,8 +4,8 @@ %global check_password_version 1.1 Name: openldap -Version: 2.4.39 -Release: 12%{?dist} +Version: 2.4.40 +Release: 1%{?dist} Summary: LDAP support libraries Group: System Environment/Daemons License: OpenLDAP @@ -30,7 +30,6 @@ Patch3: openldap-reentrant-gethostby.patch Patch4: openldap-smbk5pwd-overlay.patch Patch5: openldap-ldaprc-currentdir.patch Patch6: openldap-userconfig-setgid.patch -Patch7: openldap-dns-priority.patch Patch8: openldap-syncrepl-unset-tls-options.patch Patch9: openldap-man-sasl-nocanon.patch Patch10: openldap-ai-addrconfig.patch @@ -47,8 +46,6 @@ Patch16: openldap-nss-pk11-freeslot.patch Patch19: openldap-switch-to-lt_dlopenadvise-to-get-RTLD_GLOBAL-set.patch # ldapi sasl fix pending upstream inclusion Patch20: openldap-ldapi-sasl.patch -# rwm reference counting fix, pending upstream inclusion -Patch21: openldap-rwm-reference-counting.patch # Fedora specific patches Patch100: openldap-autoconf-pkgconfig-nss.patch @@ -153,7 +150,6 @@ AUTOMAKE=%{_bindir}/true autoreconf -fi %patch4 -p1 %patch5 -p1 %patch6 -p1 -%patch7 -p1 %patch8 -p1 %patch9 -p1 %patch10 -p1 @@ -165,7 +161,6 @@ AUTOMAKE=%{_bindir}/true autoreconf -fi %patch16 -p1 %patch19 -p1 %patch20 -p1 -%patch21 -p1 %patch102 -p1 @@ -578,6 +573,9 @@ exit 0 %{_mandir}/man3/* %changelog +* Tue Sep 30 2014 Jan Synáček - 2.4.40-1 +- new upstream release (#1147877) + * Wed Aug 27 2014 Jitka Plesnikova - 2.4.39-12 - Perl 5.20 rebuild diff --git a/sources b/sources index af3adf2..db9c5ed 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -b0d5ee4b252c841dec6b332d679cf943 openldap-2.4.39.tgz +423c1f23d2a0cb96b3e9baf7e9d7dda7 openldap-2.4.40.tgz 3535b7cd46dcf41c9a9480efa9e64618 ltb-project-openldap-ppolicy-check-password-1.1.tar.gz