From 1f856268f54e21242cbe03b4656ca14222275b1f Mon Sep 17 00:00:00 2001 From: Jan Vcelak Date: Fri, 18 Mar 2011 19:50:00 +0100 Subject: [PATCH] fix update: openldap can't use TLS after fork() Resolves: #636956 --- openldap-nss-nofork.patch | 19 +++++++++++++++++++ openldap.spec | 2 ++ series | 1 + 3 files changed, 22 insertions(+) create mode 100644 openldap-nss-nofork.patch diff --git a/openldap-nss-nofork.patch b/openldap-nss-nofork.patch new file mode 100644 index 0000000..87c8c2b --- /dev/null +++ b/openldap-nss-nofork.patch @@ -0,0 +1,19 @@ +fix: OpenLDAP can't use TLS after a fork() + +Resolves: #636956 +Upstream ITS: #6862 +Author: Rich Megginson + +--- openldap-2.4.24.orig/libraries/libldap/tls_m.c ++++ openldap-2.4.24/libraries/libldap/tls_m.c +@@ -2890,7 +2890,9 @@ + * context in the child. + */ + if ( !nofork ) { +- PR_SetEnv( "NSS_STRICT_NOFORK=DISABLED" ); ++ /* will leak one time */ ++ char *noforkenvvar = PL_strdup( "NSS_STRICT_NOFORK=DISABLED" ); ++ PR_SetEnv( noforkenvvar ); + } + + return 0; diff --git a/openldap.spec b/openldap.spec index 63b3d0e..a4017bb 100644 --- a/openldap.spec +++ b/openldap.spec @@ -28,6 +28,7 @@ Patch5: openldap-export-ldif.patch Patch6: openldap-smbk5pwd-overlay.patch Patch7: openldap-ldaprc-currentdir.patch Patch8: openldap-userconfig-setgid.patch +Patch9: openldap-nss-nofork.patch # patches for the evolution library (see README.evolution) Patch200: openldap-evolution-ntlm.patch @@ -128,6 +129,7 @@ pushd openldap-%{version} %patch6 -p1 -b .smbk5pwd-overlay %patch7 -p1 -b .ldaprc-currentdir %patch8 -p1 -b .userconfig-setgid +%patch9 -p1 -b .nss-nofork cp %{_datadir}/libtool/config/config.{sub,guess} build/ diff --git a/series b/series index 563e60e..dc748f6 100644 --- a/series +++ b/series @@ -7,4 +7,5 @@ openldap-export-ldif.patch openldap-smbk5pwd-overlay.patch openldap-ldaprc-currentdir.patch openldap-userconfig-setgid.patch +openldap-nss-nofork.patch openldap-evolution-ntlm.patch