new upstream release (2.4.40)

Resolves: #1147877
This commit is contained in:
Jan Synacek 2014-09-30 13:17:10 +02:00
parent 3363e7a6da
commit 2c331b7581
5 changed files with 7 additions and 226 deletions

1
.gitignore vendored
View File

@ -11,3 +11,4 @@
/openldap-2.4.37.tgz
/openldap-2.4.38.tgz
/openldap-2.4.39.tgz
/openldap-2.4.40.tgz

View File

@ -1,192 +0,0 @@
Implement priority/weight for DNS SRV records
From RFC 2782:
A client MUST attempt to contact the target host with the
lowest-numbered priority it can reach.
This patch sorts the DNS SRV records by their priority, and
additionally gives records with a larger weight a higher probability
of appearing earlier. This way, the DNS SRV records are tried in the
order of their priority.
Author: James M Leddy <james.leddy@redhat.com>
Upstream ITS: #7027
Resolves: #733078
---
libraries/libldap/dnssrv.c | 106 ++++++++++++++++++++++++++++++++++----------
1 files changed, 83 insertions(+), 23 deletions(-)
diff --git a/libraries/libldap/dnssrv.c b/libraries/libldap/dnssrv.c
index 16b1544..40f93b4 100644
--- a/libraries/libldap/dnssrv.c
+++ b/libraries/libldap/dnssrv.c
@@ -174,6 +174,46 @@ int ldap_domain2dn(
return LDAP_SUCCESS;
}
+#ifdef HAVE_RES_QUERY
+#define DNSBUFSIZ (64*1024)
+typedef struct srv_record {
+ u_short priority;
+ u_short weight;
+ u_short port;
+ char hostname[DNSBUFSIZ];
+} srv_record;
+
+
+static int srv_cmp(const void *aa, const void *bb){
+ srv_record *a=(srv_record *)aa;
+ srv_record *b=(srv_record *)bb;
+ u_long total;
+
+ if(a->priority < b->priority) {
+ return -1;
+ }
+ if(a->priority > b->priority) {
+ return 1;
+ }
+ if(a->priority == b->priority){
+ /* targets with same priority are in psudeo random order */
+ if (a->weight == 0 && b->weight == 0) {
+ if (rand() % 2) {
+ return -1;
+ } else {
+ return 1;
+ }
+ }
+ total = a->weight + b->weight;
+ if (rand() % total < a->weight) {
+ return -1;
+ } else {
+ return 1;
+ }
+ }
+}
+#endif /* HAVE_RES_QUERY */
+
/*
* Lookup and return LDAP servers for domain (using the DNS
* SRV record _ldap._tcp.domain).
@@ -183,15 +223,16 @@ int ldap_domain2hostlist(
char **list )
{
#ifdef HAVE_RES_QUERY
-#define DNSBUFSIZ (64*1024)
- char *request;
- char *hostlist = NULL;
+ char *request;
+ char *hostlist = NULL;
+ srv_record *hostent_head=NULL;
+ int i;
int rc, len, cur = 0;
unsigned char reply[DNSBUFSIZ];
+ int hostent_count=0;
assert( domain != NULL );
assert( list != NULL );
-
if( *domain == '\0' ) {
return LDAP_PARAM_ERROR;
}
@@ -223,8 +264,7 @@ int ldap_domain2hostlist(
unsigned char *p;
char host[DNSBUFSIZ];
int status;
- u_short port;
- /* int priority, weight; */
+ u_short port, priority, weight;
/* Parse out query */
p = reply;
@@ -263,40 +303,56 @@ int ldap_domain2hostlist(
size = (p[0] << 8) | p[1];
p += 2;
if (type == T_SRV) {
- int buflen;
status = dn_expand(reply, reply + len, p + 6, host, sizeof(host));
if (status < 0) {
goto out;
}
- /* ignore priority and weight for now */
- /* priority = (p[0] << 8) | p[1]; */
- /* weight = (p[2] << 8) | p[3]; */
+
+ /* Get priority weight and port */
+ priority = (p[0] << 8) | p[1];
+ weight = (p[2] << 8) | p[3];
port = (p[4] << 8) | p[5];
if ( port == 0 || host[ 0 ] == '\0' ) {
goto add_size;
}
- buflen = strlen(host) + STRLENOF(":65355 ");
- hostlist = (char *) LDAP_REALLOC(hostlist, cur + buflen + 1);
- if (hostlist == NULL) {
- rc = LDAP_NO_MEMORY;
- goto out;
+ hostent_head = (srv_record *) LDAP_REALLOC(hostent_head, (hostent_count+1)*(sizeof(srv_record)));
+ if(hostent_head==NULL){
+ rc=LDAP_NO_MEMORY;
+ goto out;
+
}
- if (cur > 0) {
- /* not first time around */
- hostlist[cur++] = ' ';
- }
- cur += sprintf(&hostlist[cur], "%s:%hu", host, port);
+ hostent_head[hostent_count].priority=priority;
+ hostent_head[hostent_count].weight=weight;
+ hostent_head[hostent_count].port=port;
+ strncpy(hostent_head[hostent_count].hostname, host,255);
+ hostent_count=hostent_count+1;
}
add_size:;
p += size;
}
}
+ qsort(hostent_head, hostent_count, sizeof(srv_record), srv_cmp);
+
+ for(i=0; i<hostent_count; i++){
+ int buflen;
+ buflen = strlen(hostent_head[i].hostname) + STRLENOF(":65355" );
+ hostlist = (char *) LDAP_REALLOC(hostlist, cur+buflen+1);
+ if (hostlist == NULL) {
+ rc = LDAP_NO_MEMORY;
+ goto out;
+ }
+ if(cur>0){
+ hostlist[cur++]=' ';
+ }
+ cur += sprintf(&hostlist[cur], "%s:%hd", hostent_head[i].hostname, hostent_head[i].port);
+ }
+
if (hostlist == NULL) {
- /* No LDAP servers found in DNS. */
- rc = LDAP_UNAVAILABLE;
- goto out;
+ /* No LDAP servers found in DNS. */
+ rc = LDAP_UNAVAILABLE;
+ goto out;
}
rc = LDAP_SUCCESS;
@@ -308,8 +364,12 @@ add_size:;
if (request != NULL) {
LDAP_FREE(request);
}
+ if (hostent_head != NULL) {
+ LDAP_FREE(hostent_head);
+ }
if (rc != LDAP_SUCCESS && hostlist != NULL) {
LDAP_FREE(hostlist);
+
}
return rc;
#else
--
1.7.6

View File

@ -1,26 +0,0 @@
Author: Jan Synáček <jsynacek@redhat.com>
Resolves: #1060851
Upstream ITS: #7723
Correctly count references in rwm overlay.
--- a/libraries/librewrite/session.c 2010-04-13 22:23:09.000000000 +0200
+++ b/libraries/librewrite/session.c 2013-11-08 08:47:26.000000000 +0100
@@ -161,6 +161,7 @@
#ifdef USE_REWRITE_LDAP_PVT_THREADS
if ( session ) {
ldap_pvt_thread_mutex_lock( &session->ls_mutex );
+ session->ls_count++;
}
ldap_pvt_thread_rdwr_runlock( &info->li_cookies_mutex );
#endif /* USE_REWRITE_LDAP_PVT_THREADS */
@@ -178,6 +179,7 @@
)
{
assert( session != NULL );
+ session->ls_count--;
ldap_pvt_thread_mutex_unlock( &session->ls_mutex );
}

View File

@ -4,8 +4,8 @@
%global check_password_version 1.1
Name: openldap
Version: 2.4.39
Release: 12%{?dist}
Version: 2.4.40
Release: 1%{?dist}
Summary: LDAP support libraries
Group: System Environment/Daemons
License: OpenLDAP
@ -30,7 +30,6 @@ Patch3: openldap-reentrant-gethostby.patch
Patch4: openldap-smbk5pwd-overlay.patch
Patch5: openldap-ldaprc-currentdir.patch
Patch6: openldap-userconfig-setgid.patch
Patch7: openldap-dns-priority.patch
Patch8: openldap-syncrepl-unset-tls-options.patch
Patch9: openldap-man-sasl-nocanon.patch
Patch10: openldap-ai-addrconfig.patch
@ -47,8 +46,6 @@ Patch16: openldap-nss-pk11-freeslot.patch
Patch19: openldap-switch-to-lt_dlopenadvise-to-get-RTLD_GLOBAL-set.patch
# ldapi sasl fix pending upstream inclusion
Patch20: openldap-ldapi-sasl.patch
# rwm reference counting fix, pending upstream inclusion
Patch21: openldap-rwm-reference-counting.patch
# Fedora specific patches
Patch100: openldap-autoconf-pkgconfig-nss.patch
@ -153,7 +150,6 @@ AUTOMAKE=%{_bindir}/true autoreconf -fi
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
@ -165,7 +161,6 @@ AUTOMAKE=%{_bindir}/true autoreconf -fi
%patch16 -p1
%patch19 -p1
%patch20 -p1
%patch21 -p1
%patch102 -p1
@ -578,6 +573,9 @@ exit 0
%{_mandir}/man3/*
%changelog
* Tue Sep 30 2014 Jan Synáček <jsynacek@redhat.com> - 2.4.40-1
- new upstream release (#1147877)
* Wed Aug 27 2014 Jitka Plesnikova <jplesnik@redhat.com> - 2.4.39-12
- Perl 5.20 rebuild

View File

@ -1,2 +1,2 @@
b0d5ee4b252c841dec6b332d679cf943 openldap-2.4.39.tgz
423c1f23d2a0cb96b3e9baf7e9d7dda7 openldap-2.4.40.tgz
3535b7cd46dcf41c9a9480efa9e64618 ltb-project-openldap-ppolicy-check-password-1.1.tar.gz