From 805956a8d3ce29b0d1928d1d0d3b2dd0bf68d5f8 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Mon, 14 May 2012 12:49:14 +0200 Subject: [PATCH] Backport upstream r1659 --- nss-pam-ldapd-0.7.16-skipall.patch | 95 ++++++++++++++++++++++++++++++ nss-pam-ldapd.spec | 31 ++++++---- 2 files changed, 114 insertions(+), 12 deletions(-) create mode 100644 nss-pam-ldapd-0.7.16-skipall.patch diff --git a/nss-pam-ldapd-0.7.16-skipall.patch b/nss-pam-ldapd-0.7.16-skipall.patch new file mode 100644 index 0000000..9102403 --- /dev/null +++ b/nss-pam-ldapd-0.7.16-skipall.patch @@ -0,0 +1,95 @@ +diff -up nss-pam-ldapd-0.7.16/common/tio.c.epipe2 nss-pam-ldapd-0.7.16/common/tio.c +--- nss-pam-ldapd-0.7.16/common/tio.c.epipe2 2012-05-14 12:37:25.534323927 +0200 ++++ nss-pam-ldapd-0.7.16/common/tio.c 2012-05-14 12:37:49.597023102 +0200 +@@ -312,18 +312,19 @@ int tio_read(TFILE *fp, void *buf, size_ + } + } + +-/* Read and discard the specified number of bytes from the stream. +- If count is 0 reads and discards any data that can be read and empties +- the read buffer. */ ++/* Read and discard the specified number of bytes from the stream. */ + int tio_skip(TFILE *fp, size_t count) + { ++ return tio_read(fp,NULL,count); ++} ++ ++/* Read all available data from the stream and empty the read buffer. */ ++int tio_skipall(TFILE *fp) ++{ ++ struct timeval tv; ++ fd_set fdset; + int rv; + size_t len; +- /* for simple cases just read */ +- if (count>0) +- { +- return tio_read(fp,NULL,count); +- } + /* clear the read buffer */ + fp->readbuffer.start=0; + fp->readbuffer.len=0; +@@ -336,8 +337,22 @@ int tio_skip(TFILE *fp, size_t count) + #endif /* SSIZE_MAX */ + while (1) + { ++ /* prepare our file descriptor set */ ++ FD_ZERO(&fdset); ++ FD_SET(fp->fd,&fdset); ++ /* prepare the time to wait */ ++ tv.tv_sec=0; ++ tv.tv_usec=0; ++ /* see if any data is available */ ++ rv=select(FD_SETSIZE,&fdset,NULL,NULL,&tv); ++ if (rv==0) ++ return 0; /* no file descriptor ready */ ++ if ((rv<0)&&((errno==EINTR)||(errno==EAGAIN))) ++ continue; /* interrupted, try again */ ++ if (rv<0) ++ return -1; /* something went wrong */ ++ /* read data from the stream */ + rv=read(fp->fd,fp->readbuffer.buffer,len); +- /* check for errors */ + if (rv==0) + return 0; /* end-of-file */ + if ((rv<0)&&(errno==EWOULDBLOCK)) +diff -up nss-pam-ldapd-0.7.16/common/tio.h.epipe2 nss-pam-ldapd-0.7.16/common/tio.h +--- nss-pam-ldapd-0.7.16/common/tio.h.epipe2 2012-05-14 12:38:17.645672445 +0200 ++++ nss-pam-ldapd-0.7.16/common/tio.h 2012-05-14 12:38:22.621610236 +0200 +@@ -56,11 +56,12 @@ TFILE *tio_fdopen(int fd,struct timeval + /* Read the specified number of bytes from the stream. */ + int tio_read(TFILE *fp,void *buf,size_t count); + +-/* Read and discard the specified number of bytes from the stream. +- If count is 0 reads and discards any data that can be read and empties +- the read buffer. */ ++/* Read and discard the specified number of bytes from the stream. */ + int tio_skip(TFILE *fp,size_t count); + ++/* Read all available data from the stream and empty the read buffer. */ ++int tio_skipall(TFILE *fp); ++ + /* Write the specified buffer to the stream. */ + int tio_write(TFILE *fp,const void *buf,size_t count); + +diff -up nss-pam-ldapd-0.7.16/nss/common.h.epipe2 nss-pam-ldapd-0.7.16/nss/common.h +--- nss-pam-ldapd-0.7.16/nss/common.h.epipe2 2012-05-14 12:37:25.534323927 +0200 ++++ nss-pam-ldapd-0.7.16/nss/common.h 2012-05-14 12:39:25.420825140 +0200 +@@ -98,7 +98,7 @@ + retv=readfn; \ + /* close socket and we're done */ \ + if ((retv==NSS_STATUS_SUCCESS)||(retv==NSS_STATUS_TRYAGAIN)) { \ +- (void)tio_skip(fp,0); /* read any buffered data */ \ ++ (void)tio_skipall(fp); /* read any buffered data */ \ + (void)tio_close(fp); \ + } \ + return retv; +@@ -186,7 +186,7 @@ + return NSS_STATUS_UNAVAIL; \ + if (fp!=NULL) \ + { \ +- (void)tio_skip(fp,0); /* read any buffered data */ \ ++ (void)tio_skipall(fp); \ + (void)tio_close(fp); \ + fp=NULL; \ + } \ diff --git a/nss-pam-ldapd.spec b/nss-pam-ldapd.spec index e665123..f93e327 100644 --- a/nss-pam-ldapd.spec +++ b/nss-pam-ldapd.spec @@ -14,7 +14,7 @@ Name: nss-pam-ldapd Version: 0.7.16 -Release: 1%{?dist} +Release: 2%{?dist} Summary: An nsswitch module which uses directory servers Group: System Environment/Base License: LGPLv2+ @@ -28,6 +28,7 @@ Patch1: nss-pam-ldapd-0.7.13-validname.patch Patch2: nss-pam-ldapd-0.7.x-dnssrv.patch Patch3: nss-pam-ldapd-0.7.x-uid-overflow.patch Patch4: nss-pam-ldapd-0.7.x-epipe.patch +Patch5: nss-pam-ldapd-0.7.16-skipall.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: openldap-devel, krb5-devel BuildRequires: autoconf, automake @@ -64,6 +65,7 @@ nsswitch module. %patch2 -p1 -b .dnssrv %patch3 -p1 -b .overflow %patch4 -p1 -b .epipe +%patch5 -p1 -b .skipall autoreconf -f -i %build @@ -165,40 +167,40 @@ target=/etc/nslcd.conf if test "$1" -eq "1" && ! grep -q -F "# $comment" $target 2> /dev/null ; then # Try to make sure we only do this the first time. echo "# $comment" >> $target - if egrep -q '^uri[[:blank:]]' $source 2> /dev/null ; then + if grep -E -q '^uri[[:blank:]]' $source 2> /dev/null ; then # Comment out the packaged default host/uri and replace it... sed -i -r -e 's,^((host|uri)[[:blank:]].*),# \1,g' $target # ... with the uri. - egrep '^uri[[:blank:]]' $source >> $target - elif egrep -q '^host[[:blank:]]' $source 2> /dev/null ; then + grep -E '^uri[[:blank:]]' $source >> $target + elif grep -E -q '^host[[:blank:]]' $source 2> /dev/null ; then # Comment out the packaged default host/uri and replace it... sed -i -r -e 's,^((host|uri)[[:blank:]].*),# \1,g' $target # ... with the "host" reformatted as a URI. scheme=ldap # check for 'ssl on', which means we want to use ldaps:// - if egrep -q '^ssl[[:blank:]]+on$' $source 2> /dev/null ; then + if grep -E -q '^ssl[[:blank:]]+on$' $source 2> /dev/null ; then scheme=ldaps fi - egrep '^host[[:blank:]]' $source |\ + grep -E '^host[[:blank:]]' $source |\ sed -r -e "s,^host[[:blank:]](.*),uri ${scheme}://\1/,g" >> $target fi # Base doesn't require any special logic. - if egrep -q '^base[[:blank:]]' $source 2> /dev/null ; then + if grep -E -q '^base[[:blank:]]' $source 2> /dev/null ; then # Comment out the packaged default base and replace it. sed -i -r -e 's,^(base[[:blank:]].*),# \1,g' $target - egrep '^base[[:blank:]]' $source >> $target + grep -E '^base[[:blank:]]' $source >> $target fi # Pull in these settings, if they're set, directly. - egrep '^(binddn|bindpw|port|scope|ssl|pagesize)[[:blank:]]' $source 2> /dev/null >> $target - egrep '^(tls_)' $source 2> /dev/null >> $target - egrep '^(timelimit|bind_timelimit|idle_timelimit)[[:blank:]]' $source 2> /dev/null >> $target + grep -E '^(binddn|bindpw|port|scope|ssl|pagesize)[[:blank:]]' $source 2> /dev/null >> $target + grep -E '^(tls_)' $source 2> /dev/null >> $target + grep -E '^(timelimit|bind_timelimit|idle_timelimit)[[:blank:]]' $source 2> /dev/null >> $target fi # If this is the first time we're being installed, and the system is already # configured to use LDAP as a naming service, enable the daemon, but don't # start it since we can never know if that's a safe thing to do. If this # is an upgrade, leave the user's runlevel selections alone. if [ "$1" -eq "1" ]; then - if egrep -q '^USELDAP=yes$' /etc/sysconfig/authconfig 2> /dev/null ; then + if grep -E -q '^USELDAP=yes$' /etc/sysconfig/authconfig 2> /dev/null ; then %if %{sysvinit} /sbin/chkconfig nslcd on %endif @@ -263,6 +265,11 @@ exit 0 %endif %changelog +* Mon May 14 2012 Jakub Hrozek 0.7.16-2 +- backport upstream revision r1659 related to broken pipe when + requesting a large group +- use grep -E instead of egrep to avoid rpmlint warnings + * Sat Apr 28 2012 Jakub Hrozek 0.7.16-1 - new upstream release 0.7.16