From d117d3163d48441e72226f5946fe1b31e95119b0 Mon Sep 17 00:00:00 2001 From: Nalin Dahyabhai Date: Thu, 17 Jan 2013 18:32:36 -0500 Subject: [PATCH] Update to 0.8.12, part 4 Merge two patches for cutting down EPIPE errors in nslcd into one, and try to cover other cases where the client doesn't flush its read buffer before hanging up on the server. --- nss-pam-ldapd-0.7.16-skipall.patch | 95 --------------------------- nss-pam-ldapd-0.7.x-epipe.patch | 100 ----------------------------- nss-pam-ldapd-0.8.12-epipe.patch | 20 ++++++ nss-pam-ldapd.spec | 4 +- 4 files changed, 21 insertions(+), 198 deletions(-) delete mode 100644 nss-pam-ldapd-0.7.16-skipall.patch delete mode 100644 nss-pam-ldapd-0.7.x-epipe.patch create mode 100644 nss-pam-ldapd-0.8.12-epipe.patch diff --git a/nss-pam-ldapd-0.7.16-skipall.patch b/nss-pam-ldapd-0.7.16-skipall.patch deleted file mode 100644 index 9102403..0000000 --- a/nss-pam-ldapd-0.7.16-skipall.patch +++ /dev/null @@ -1,95 +0,0 @@ -diff -up nss-pam-ldapd-0.7.16/common/tio.c.epipe2 nss-pam-ldapd-0.7.16/common/tio.c ---- nss-pam-ldapd-0.7.16/common/tio.c.epipe2 2012-05-14 12:37:25.534323927 +0200 -+++ nss-pam-ldapd-0.7.16/common/tio.c 2012-05-14 12:37:49.597023102 +0200 -@@ -312,18 +312,19 @@ int tio_read(TFILE *fp, void *buf, size_ - } - } - --/* Read and discard the specified number of bytes from the stream. -- If count is 0 reads and discards any data that can be read and empties -- the read buffer. */ -+/* Read and discard the specified number of bytes from the stream. */ - int tio_skip(TFILE *fp, size_t count) - { -+ return tio_read(fp,NULL,count); -+} -+ -+/* Read all available data from the stream and empty the read buffer. */ -+int tio_skipall(TFILE *fp) -+{ -+ struct timeval tv; -+ fd_set fdset; - int rv; - size_t len; -- /* for simple cases just read */ -- if (count>0) -- { -- return tio_read(fp,NULL,count); -- } - /* clear the read buffer */ - fp->readbuffer.start=0; - fp->readbuffer.len=0; -@@ -336,8 +337,22 @@ int tio_skip(TFILE *fp, size_t count) - #endif /* SSIZE_MAX */ - while (1) - { -+ /* prepare our file descriptor set */ -+ FD_ZERO(&fdset); -+ FD_SET(fp->fd,&fdset); -+ /* prepare the time to wait */ -+ tv.tv_sec=0; -+ tv.tv_usec=0; -+ /* see if any data is available */ -+ rv=select(FD_SETSIZE,&fdset,NULL,NULL,&tv); -+ if (rv==0) -+ return 0; /* no file descriptor ready */ -+ if ((rv<0)&&((errno==EINTR)||(errno==EAGAIN))) -+ continue; /* interrupted, try again */ -+ if (rv<0) -+ return -1; /* something went wrong */ -+ /* read data from the stream */ - rv=read(fp->fd,fp->readbuffer.buffer,len); -- /* check for errors */ - if (rv==0) - return 0; /* end-of-file */ - if ((rv<0)&&(errno==EWOULDBLOCK)) -diff -up nss-pam-ldapd-0.7.16/common/tio.h.epipe2 nss-pam-ldapd-0.7.16/common/tio.h ---- nss-pam-ldapd-0.7.16/common/tio.h.epipe2 2012-05-14 12:38:17.645672445 +0200 -+++ nss-pam-ldapd-0.7.16/common/tio.h 2012-05-14 12:38:22.621610236 +0200 -@@ -56,11 +56,12 @@ TFILE *tio_fdopen(int fd,struct timeval - /* Read the specified number of bytes from the stream. */ - int tio_read(TFILE *fp,void *buf,size_t count); - --/* Read and discard the specified number of bytes from the stream. -- If count is 0 reads and discards any data that can be read and empties -- the read buffer. */ -+/* Read and discard the specified number of bytes from the stream. */ - int tio_skip(TFILE *fp,size_t count); - -+/* Read all available data from the stream and empty the read buffer. */ -+int tio_skipall(TFILE *fp); -+ - /* Write the specified buffer to the stream. */ - int tio_write(TFILE *fp,const void *buf,size_t count); - -diff -up nss-pam-ldapd-0.7.16/nss/common.h.epipe2 nss-pam-ldapd-0.7.16/nss/common.h ---- nss-pam-ldapd-0.7.16/nss/common.h.epipe2 2012-05-14 12:37:25.534323927 +0200 -+++ nss-pam-ldapd-0.7.16/nss/common.h 2012-05-14 12:39:25.420825140 +0200 -@@ -98,7 +98,7 @@ - retv=readfn; \ - /* close socket and we're done */ \ - if ((retv==NSS_STATUS_SUCCESS)||(retv==NSS_STATUS_TRYAGAIN)) { \ -- (void)tio_skip(fp,0); /* read any buffered data */ \ -+ (void)tio_skipall(fp); /* read any buffered data */ \ - (void)tio_close(fp); \ - } \ - return retv; -@@ -186,7 +186,7 @@ - return NSS_STATUS_UNAVAIL; \ - if (fp!=NULL) \ - { \ -- (void)tio_skip(fp,0); /* read any buffered data */ \ -+ (void)tio_skipall(fp); \ - (void)tio_close(fp); \ - fp=NULL; \ - } \ diff --git a/nss-pam-ldapd-0.7.x-epipe.patch b/nss-pam-ldapd-0.7.x-epipe.patch deleted file mode 100644 index c1489f2..0000000 --- a/nss-pam-ldapd-0.7.x-epipe.patch +++ /dev/null @@ -1,100 +0,0 @@ -diff -up nss-pam-ldapd-0.7.17/common/tio.c.epipe nss-pam-ldapd-0.7.17/common/tio.c ---- nss-pam-ldapd-0.7.17/common/tio.c.epipe 2012-09-09 19:59:27.189069033 +0200 -+++ nss-pam-ldapd-0.7.17/common/tio.c 2012-09-09 20:00:34.378229054 +0200 -@@ -312,10 +312,39 @@ int tio_read(TFILE *fp, void *buf, size_ - } - } - --/* Read and discard the specified number of bytes from the stream. */ -+/* Read and discard the specified number of bytes from the stream. -+ If count is 0 reads and discards any data that can be read and empties -+ the read buffer. */ - int tio_skip(TFILE *fp, size_t count) - { -- return tio_read(fp,NULL,count); -+ int rv; -+ size_t len; -+ /* for simple cases just read */ -+ if (count>0) -+ { -+ return tio_read(fp,NULL,count); -+ } -+ /* clear the read buffer */ -+ fp->readbuffer.start=0; -+ fp->readbuffer.len=0; -+ fp->read_resettable=0; -+ /* read until we can't read no more */ -+ len=fp->readbuffer.size; -+#ifdef SSIZE_MAX -+ if (len>SSIZE_MAX) -+ len=SSIZE_MAX; -+#endif /* SSIZE_MAX */ -+ while (1) -+ { -+ rv=read(fp->fd,fp->readbuffer.buffer,len); -+ /* check for errors */ -+ if (rv==0) -+ return 0; /* end-of-file */ -+ if ((rv<0)&&(errno==EWOULDBLOCK)) -+ return 0; /* we've ready everything we can without blocking */ -+ if ((rv<0)&&(errno!=EINTR)&&(errno!=EAGAIN)) -+ return -1; /* something went wrong with the read */ -+ } - } - - /* the caller has assured us that we can write to the file descriptor -diff -up nss-pam-ldapd-0.7.17/common/tio.h.epipe nss-pam-ldapd-0.7.17/common/tio.h ---- nss-pam-ldapd-0.7.17/common/tio.h.epipe 2012-09-09 20:00:55.145969422 +0200 -+++ nss-pam-ldapd-0.7.17/common/tio.h 2012-09-09 20:01:48.294304972 +0200 -@@ -2,7 +2,7 @@ - tio.h - timed io functions - This file is part of the nss-pam-ldapd library. - -- Copyright (C) 2007, 2008 Arthur de Jong -+ Copyright (C) 2007, 2008, 2010, 2012 Arthur de Jong - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public -@@ -56,7 +56,9 @@ TFILE *tio_fdopen(int fd,struct timeval - /* Read the specified number of bytes from the stream. */ - int tio_read(TFILE *fp,void *buf,size_t count); - --/* Read and discard the specified number of bytes from the stream. */ -+/* Read and discard the specified number of bytes from the stream. -+ If count is 0 reads and discards any data that can be read and empties -+ the read buffer. */ - int tio_skip(TFILE *fp,size_t count); - - /* Write the specified buffer to the stream. */ -diff -up nss-pam-ldapd-0.7.17/nss/common.h.epipe nss-pam-ldapd-0.7.17/nss/common.h ---- nss-pam-ldapd-0.7.17/nss/common.h.epipe 2012-09-09 20:02:18.855922903 +0200 -+++ nss-pam-ldapd-0.7.17/nss/common.h 2012-09-09 20:03:52.188756077 +0200 -@@ -2,7 +2,7 @@ - common.h - common functions for NSS lookups - - Copyright (C) 2006 West Consulting -- Copyright (C) 2006, 2007, 2008, 2009, 2010 Arthur de Jong -+ Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012 Arthur de Jong - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public -@@ -97,8 +97,10 @@ - READ_RESPONSE_CODE(fp); \ - retv=readfn; \ - /* close socket and we're done */ \ -- if ((retv==NSS_STATUS_SUCCESS)||(retv==NSS_STATUS_TRYAGAIN)) \ -+ if ((retv==NSS_STATUS_SUCCESS)||(retv==NSS_STATUS_TRYAGAIN)) { \ -+ (void)tio_skip(fp,0); /* read any buffered data */ \ - (void)tio_close(fp); \ -+ } \ - return retv; - - /* This macro can be used to generate a get..byname() function -@@ -123,6 +125,7 @@ - return NSS_STATUS_UNAVAIL; \ - if (fp!=NULL) \ - { \ -+ (void)tio_skip(fp,0); /* read any buffered data */ \ - (void)tio_close(fp); \ - fp=NULL; \ - } \ diff --git a/nss-pam-ldapd-0.8.12-epipe.patch b/nss-pam-ldapd-0.8.12-epipe.patch new file mode 100644 index 0000000..d9a38ef --- /dev/null +++ b/nss-pam-ldapd-0.8.12-epipe.patch @@ -0,0 +1,20 @@ +Try to reduce EPIPE errors in nslcd by reading any pending data before closing +our connection to the daemon, in the cases where we weren't already doing that. +--- nss-pam-ldapd-0.8.12/nss/common.h ++++ nss-pam-ldapd-0.8.12/nss/common.h +@@ -148,6 +148,7 @@ + NSS_AVAILCHECK; \ + if (fp!=NULL) \ + { \ ++ (void)tio_skipall(fp); \ + (void)tio_close(fp); \ + fp=NULL; \ + } \ +@@ -182,6 +183,7 @@ + /* reset failed, we close and give up with a permanent error \ + because we cannot retry just the getent() call because it \ + may not be only the first entry that failed */ \ ++ tio_skipall(fp); \ + tio_close(fp); \ + fp=NULL; \ + *errnop=EINVAL; \ diff --git a/nss-pam-ldapd.spec b/nss-pam-ldapd.spec index c873f9c..2212b87 100644 --- a/nss-pam-ldapd.spec +++ b/nss-pam-ldapd.spec @@ -26,8 +26,7 @@ Source3: nslcd.tmpfiles Source4: nslcd.service Patch1: nss-pam-ldapd-0.8.12-validname.patch Patch3: nss-pam-ldapd-0.8.12-uid-overflow.patch -Patch4: nss-pam-ldapd-0.7.x-epipe.patch -Patch5: nss-pam-ldapd-0.7.16-skipall.patch +Patch4: nss-pam-ldapd-0.8.12-epipe.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: openldap-devel, krb5-devel BuildRequires: autoconf, automake @@ -68,7 +67,6 @@ nsswitch module. %patch1 -p0 -b .validname %patch3 -p1 -b .overflow %patch4 -p1 -b .epipe -%patch5 -p1 -b .skipall autoreconf -f -i %build