- updated smbk5pwd patch to be linked with libldap (#526500)
- the last buffer overflow patch replaced with the one from upstream - added /etc/openldap/slapd.d and /etc/openldap/slapd.conf.bak to files owned by openldap-servers
This commit is contained in:
Jan Zeleny
parent
9828bb7d06
commit
bc5ba6fb26
|
|
@ -47,7 +47,7 @@ diff -up openldap-2.4.11/servers/slapd/overlays/Makefile.in.patch8 openldap-2.4.
|
|||
$(LTLINK_MOD) -module -o $@ valsort.lo version.lo $(LINK_LIBS)
|
||||
|
||||
+smbk5pwd.la : smbk5pwd.lo
|
||||
+ $(LTLINK_MOD) -module -o $@ smbk5pwd.lo version.lo $(LINK_LIBS)
|
||||
+ $(LTLINK_MOD) -module -o $@ smbk5pwd.lo version.lo -lldap -L../../../libraries/libldap/.libs/ $(LINK_LIBS)
|
||||
+
|
||||
install-local: $(PROGRAMS)
|
||||
@if test -n "$?" ; then \
|
||||
|
|
|
|||
|
|
@ -1,54 +1,17 @@
|
|||
--- openldap-2.4.18/servers/slapd/back-ldif/ldif.c.orig 2009-09-24 09:46:01.000000000 +0200
|
||||
+++ openldap-2.4.18/servers/slapd/back-ldif/ldif.c 2009-09-24 13:40:07.000000000 +0200
|
||||
@@ -593,9 +593,7 @@ typedef struct bvlist {
|
||||
Avoid the struct hack, just malloc two data structures in one chunk:
|
||||
|
||||
--- openldap-2.4.18/servers/slapd/back-ldif/ldif.c.orig 2009-08-18 23:58:27
|
||||
+++ openldap-2.4.18/servers/slapd/back-ldif/ldif.c 2009-09-24 16:08:14
|
||||
@@ -593,9 +593,9 @@ typedef struct bvlist {
|
||||
char *trunc; /* filename was truncated here */
|
||||
int inum; /* num from "attr={num}" in filename, or INT_MIN */
|
||||
char savech; /* original char at *trunc */
|
||||
- char fname; /* variable length array BVL_NAME(bvl) = &fname */
|
||||
-# define BVL_NAME(bvl) ((char *) (bvl) + offsetof(bvlist, fname))
|
||||
-# define BVL_SIZE(namelen) (sizeof(bvlist) + (namelen))
|
||||
+ char *fname; /* variable length array */
|
||||
+ /* BVL_NAME(&bvlist) is the filename, allocated after the struct: */
|
||||
+# define BVL_NAME(bvl) ((char *) ((bvl) + 1))
|
||||
+# define BVL_SIZE(namelen) (sizeof(bvlist) + (namelen) + 1)
|
||||
} bvlist;
|
||||
|
||||
static int
|
||||
@@ -709,17 +707,18 @@ ldif_readdir(
|
||||
if ( *fname_maxlenp < fname_len )
|
||||
*fname_maxlenp = fname_len;
|
||||
|
||||
- bvl = SLAP_MALLOC( BVL_SIZE( fname_len ) );
|
||||
+ bvl = SLAP_MALLOC( sizeof( bvlist ) );
|
||||
+ bvl->fname = SLAP_MALLOC( fname_len+1 );
|
||||
if ( bvl == NULL ) {
|
||||
rc = LDAP_OTHER;
|
||||
save_errno = errno;
|
||||
break;
|
||||
}
|
||||
- strcpy( BVL_NAME( bvl ), dir->d_name );
|
||||
+ strcpy( bvl->fname, dir->d_name );
|
||||
|
||||
/* Make it sortable by ("attr=val" or <preceding {num}, num>) */
|
||||
- trunc = BVL_NAME( bvl ) + fname_len - STRLENOF( LDIF );
|
||||
- if ( (idxp = strchr( BVL_NAME( bvl ) + 2, IX_FSL )) != NULL &&
|
||||
+ trunc = bvl->fname + fname_len - STRLENOF( LDIF );
|
||||
+ if ( (idxp = strchr( bvl->fname + 2, IX_FSL )) != NULL &&
|
||||
(endp = strchr( ++idxp, IX_FSR )) != NULL && endp > idxp &&
|
||||
(eq_unsafe || idxp[-2] == '=' || endp + 1 == trunc) )
|
||||
{
|
||||
@@ -737,7 +736,7 @@ ldif_readdir(
|
||||
*trunc = '\0';
|
||||
|
||||
for ( prev = listp; (ptr = *prev) != NULL; prev = &ptr->next ) {
|
||||
- int cmp = strcmp( BVL_NAME( bvl ), BVL_NAME( ptr ));
|
||||
+ int cmp = strcmp( bvl->fname, ptr->fname );
|
||||
if ( cmp < 0 || (cmp == 0 && bvl->inum < ptr->inum) )
|
||||
break;
|
||||
}
|
||||
@@ -826,7 +825,7 @@ ldif_search_entry(
|
||||
|
||||
if ( rc == LDAP_SUCCESS ) {
|
||||
*ptr->trunc = ptr->savech;
|
||||
- FILL_PATH( &fpath, dir_end, BVL_NAME( ptr ));
|
||||
+ FILL_PATH( &fpath, dir_end, ptr->fname );
|
||||
|
||||
rc = ldif_read_entry( op, fpath.bv_val, &dn, &ndn,
|
||||
&e, text );
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@
|
|||
Summary: LDAP support libraries
|
||||
Name: openldap
|
||||
Version: %{version}
|
||||
Release: 3%{?dist}
|
||||
Release: 4%{?dist}
|
||||
License: OpenLDAP
|
||||
Group: System Environment/Daemons
|
||||
Source0: ftp://ftp.OpenLDAP.org/pub/OpenLDAP/openldap-release/openldap-%{version}.tgz
|
||||
|
|
@ -388,6 +388,10 @@ for X in acl add auth cat dn index passwd test; do ln -s slapd $RPM_BUILD_ROOT/%
|
|||
chmod 755 $RPM_BUILD_ROOT/%{_libdir}/lib*.so*
|
||||
chmod 644 $RPM_BUILD_ROOT/%{_libdir}/lib*.*a
|
||||
|
||||
# Add files and dirs which would be created by %post scriptlet
|
||||
touch $RPM_BUILD_ROOT/%{_sysconfdir}/openldap/slapd.conf.bak
|
||||
mkdir $RPM_BUILD_ROOT/%{_sysconfdir}/openldap/slapd.d
|
||||
|
||||
# Remove files which we don't want packaged.
|
||||
rm -f $RPM_BUILD_ROOT/%{_libdir}/*.la
|
||||
rm -f $RPM_BUILD_ROOT/%{evolution_connector_libdir}/*.la
|
||||
|
|
@ -596,7 +600,9 @@ fi
|
|||
%ghost %config(noreplace) %{_sysconfdir}/pki/tls/certs/slapd.pem
|
||||
%attr(0755,root,root) %{_sysconfdir}/rc.d/init.d/slapd
|
||||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/openldap/ldap*.conf
|
||||
%attr(0640,root,ldap) %config(noreplace) %{_sysconfdir}/openldap/slapd.conf
|
||||
%attr(0640,root,ldap) %config(noreplace,missingok) %{_sysconfdir}/openldap/slapd.conf
|
||||
%attr(0640,root,ldap) %ghost %{_sysconfdir}/openldap/slapd.conf.bak
|
||||
%attr(0640,ldap,ldap) %ghost %{_sysconfdir}/openldap/slapd.d
|
||||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/ldap
|
||||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/openldap/schema/*.schema*
|
||||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/openldap/schema/*.ldif
|
||||
|
|
@ -639,6 +645,12 @@ fi
|
|||
%attr(0644,root,root) %{evolution_connector_libdir}/*.a
|
||||
|
||||
%changelog
|
||||
* Wed Oct 07 2009 Jan Zeleny <jzeleny@redhat.com> 2.4.18-4
|
||||
- updated smbk5pwd patch to be linked with libldap (#526500)
|
||||
- the last buffer overflow patch replaced with the one from upstream
|
||||
- added /etc/openldap/slapd.d and /etc/openldap/slapd.conf.bak
|
||||
to files owned by openldap-servers
|
||||
|
||||
* Thu Sep 24 2009 Jan Zeleny <jzeleny@redhat.com> 2.4.18-3
|
||||
- cleanup of previous patch fixing buffer overflow
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue