fix: slapd segfaults when PEM certificate is used and key is not set
Resolves: #772890
This commit is contained in:
parent
f47de25361
commit
65b981d99e
22
openldap-nss-segfault-key-not-set.patch
Normal file
22
openldap-nss-segfault-key-not-set.patch
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
MozNSS + PEM: fix segfault when TLS certificate key is not set
|
||||||
|
|
||||||
|
Upstream ITS: #7135
|
||||||
|
Upstream commit: 1107103dd7e767db9c080b3276cb6e742fcf36a1
|
||||||
|
Resolves: #772890
|
||||||
|
Author: Jan Vcelak <jvcelak@redhat.com>
|
||||||
|
|
||||||
|
diff --git a/libraries/libldap/tls_m.c b/libraries/libldap/tls_m.c
|
||||||
|
index 09348b7..da230c5 100644
|
||||||
|
--- a/libraries/libldap/tls_m.c
|
||||||
|
+++ b/libraries/libldap/tls_m.c
|
||||||
|
@@ -2267,8 +2267,8 @@ tlsm_deferred_ctx_init( void *arg )
|
||||||
|
}
|
||||||
|
} else { /* set up secure server */
|
||||||
|
SSLKEAType certKEA;
|
||||||
|
- CERTCertificate *serverCert;
|
||||||
|
- SECKEYPrivateKey *serverKey;
|
||||||
|
+ CERTCertificate *serverCert = NULL;
|
||||||
|
+ SECKEYPrivateKey *serverKey = NULL;
|
||||||
|
SECStatus status;
|
||||||
|
|
||||||
|
/* must have a certificate for the server to use */
|
@ -34,6 +34,7 @@ Patch6: openldap-userconfig-setgid.patch
|
|||||||
Patch7: openldap-dns-priority.patch
|
Patch7: openldap-dns-priority.patch
|
||||||
Patch8: openldap-syncrepl-unset-tls-options.patch
|
Patch8: openldap-syncrepl-unset-tls-options.patch
|
||||||
Patch9: openldap-nss-deferred-init-copy-params.patch
|
Patch9: openldap-nss-deferred-init-copy-params.patch
|
||||||
|
Patch10: openldap-nss-segfault-key-not-set.patch
|
||||||
|
|
||||||
# Fedora specific patches
|
# Fedora specific patches
|
||||||
Patch100: openldap-fedora-systemd.patch
|
Patch100: openldap-fedora-systemd.patch
|
||||||
@ -136,6 +137,7 @@ pushd openldap-%{version}
|
|||||||
%patch7 -p1
|
%patch7 -p1
|
||||||
%patch8 -p1
|
%patch8 -p1
|
||||||
%patch9 -p1
|
%patch9 -p1
|
||||||
|
%patch10 -p1
|
||||||
|
|
||||||
%patch100 -p1
|
%patch100 -p1
|
||||||
|
|
||||||
@ -653,6 +655,7 @@ exit 0
|
|||||||
%changelog
|
%changelog
|
||||||
* Tue Jan 31 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.28-3
|
* Tue Jan 31 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.28-3
|
||||||
- fix: replication (syncrepl) with TLS causes segfault (#783431)
|
- fix: replication (syncrepl) with TLS causes segfault (#783431)
|
||||||
|
- fix: slapd segfaults when PEM certificate is used and key is not set (#772890)
|
||||||
|
|
||||||
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.28-2
|
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.28-2
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
||||||
|
Loading…
Reference in New Issue
Block a user