rebase to 2.4.26

- remove upstream included patches
2011-07-20 15:17:58 +02:00 · 2011-07-20 15:17:58 +02:00 · 583cde50ed
commit 583cde50ed
parent b35dfa8417
9 changed files with 12 additions and 204 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-/openldap-2.4.25.tgz
+/openldap-2.4.26.tgz
--- a/openldap-export-ldif.patch
+++ b/openldap-export-ldif.patch
@ -1,18 +0,0 @@
-Add 'ldif.h' into -devel subpackage. 'libldif' was removed by upstrem and the symbols
-were moved to 'libldap'. But the interface is missing.
-
-Author: Jan Vcelak <jvcelak@redhat.com>
-
-diff -uNPrp openldap-2.4.25/include/Makefile.in openldap-2.4.25.ldif/include/Makefile.in
--- openldap-2.4.25/include/Makefile.in	2011-01-05 00:49:52.000000000 +0100
-+++ openldap-2.4.25.ldif/include/Makefile.in	2011-06-27 17:13:57.629416190 +0200
-@@ -20,7 +20,8 @@ install-local: FORCE
- 	for header in $(srcdir)/lber.h lber_types.h \
- 		$(srcdir)/ldap.h $(srcdir)/ldap_cdefs.h \
- 		$(srcdir)/ldap_schema.h $(srcdir)/ldap_utf8.h \
-		$(srcdir)/slapi-plugin.h ldap_features.h; \
-+		$(srcdir)/slapi-plugin.h ldap_features.h \
-+		$(srcdir)/ldif.h; \
- 	do \
- 		$(INSTALL) $(INSTALLFLAGS) -m 644 $$header $(DESTDIR)$(includedir); \
- 	done
--- a/openldap-ldapexop-double-free.patch
+++ b/openldap-ldapexop-double-free.patch
@ -1,28 +0,0 @@
-Segmentation fault fix caused by double free in ldapexop.
-
-Resolves: #699683
-Author: Jan Vcelak <jvcelak@redhat.com>
-Upstream: ITS #6946, git 3fcf2b1
-
-diff --git a/clients/tools/ldapexop.c b/clients/tools/ldapexop.c
-index f17e085..316eca1 100644
--- a/clients/tools/ldapexop.c
-+++ b/clients/tools/ldapexop.c
-@@ -247,7 +247,7 @@ main( int argc, char *argv[] )
- 		char		*retoid = NULL;
- 		struct berval	*retdata = NULL;
- 
-		rc = ldap_parse_extended_result( ld, res, &retoid, &retdata, 1 );
-+		rc = ldap_parse_extended_result( ld, res, &retoid, &retdata, 0 );
- 
- 		if ( rc != LDAP_SUCCESS ) {
- 			tool_perror( "ldap_parse_extended_result", rc, NULL, NULL, NULL, NULL );
-@@ -294,7 +294,7 @@ main( int argc, char *argv[] )
- 			printf(_("# extended operation response\n"));
- 		}
- 
-		rc = ldap_parse_extended_result( ld, res, &retoid, &retdata, 1 );
-+		rc = ldap_parse_extended_result( ld, res, &retoid, &retdata, 0 );
- 		if ( rc != LDAP_SUCCESS ) {
- 			tool_perror( "ldap_parse_extended_result", rc, NULL, NULL, NULL, NULL );
- 			rc = EXIT_FAILURE;
--- a/openldap-nss-cacertdir-soft-error.patch
+++ b/openldap-nss-cacertdir-soft-error.patch
@ -1,68 +0,0 @@
-Connection fails if TLS_CACERTDIR doesn't exist but TLS_REQCERT  is set to 'never'
-
-Resolves: #716854
-Author: Rich Megginson <rmeggins@redhat.com>
-Upstream: ITS #6975, git 7e528ae
-
-diff --git a/libraries/libldap/tls_m.c b/libraries/libldap/tls_m.c
-index 911885d..7be703b 100644
--- a/libraries/libldap/tls_m.c
-+++ b/libraries/libldap/tls_m.c
-@@ -1320,7 +1320,7 @@ static int
- tlsm_init_ca_certs( tlsm_ctx *ctx, const char *cacertfile, const char *cacertdir )
- {
- 	PRBool isca = PR_TRUE;
-	PRStatus status = PR_FAILURE;
-+	PRStatus status = PR_SUCCESS;
- 	PRErrorCode errcode = PR_SUCCESS;
- 
- 	if ( !cacertfile && !cacertdir ) {
-@@ -1336,14 +1336,24 @@ tlsm_init_ca_certs( tlsm_ctx *ctx, const char *cacertfile, const char *cacertdir
- 				   "TLS: %s is not a valid CA certificate file - error %d:%s.\n",
- 				   cacertfile, errcode,
- 				   PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
-+			/* failure with cacertfile is a hard failure even if cacertdir is
-+			   also specified and contains valid CA cert files */
-+			status = PR_FAILURE;
- 		} else {
- 			Debug( LDAP_DEBUG_TRACE,
- 				   "TLS: loaded CA certificate file %s.\n",
- 				   cacertfile, 0, 0 );
-			status = PR_SUCCESS; /* have at least one good CA - we can proceed */
- 		}
- 	}
- 
-+	/* if cacertfile above failed, we will return failure, even
-+	   if there is a valid CA cert in cacertdir - but we still
-+	   process cacertdir in case the user has enabled trace level
-+	   debugging so they can see the processing for cacertdir too */
-+	/* any cacertdir failures are "soft" failures - if the user specifies
-+	   no cert checking, then we allow the tls/ssl to continue, no matter
-+	   what was specified for cacertdir, or the contents of the directory
-+	   - this is different behavior than that of cacertfile */
- 	if ( cacertdir ) {
- 		PRFileInfo fi;
- 		PRDir *dir;
-@@ -1397,7 +1407,6 @@ tlsm_init_ca_certs( tlsm_ctx *ctx, const char *cacertfile, const char *cacertdir
- 					Debug( LDAP_DEBUG_TRACE,
- 						   "TLS: loaded CA certificate file %s from CA certificate directory %s.\n",
- 						   fullpath, cacertdir, 0 );
-					status = PR_SUCCESS; /* found at least 1 valid CA file in the dir */
- 				} else {
- 					errcode = PR_GetError();
- 					Debug( LDAP_DEBUG_TRACE,
-@@ -1412,14 +1421,6 @@ tlsm_init_ca_certs( tlsm_ctx *ctx, const char *cacertfile, const char *cacertdir
- 	}
- done:
- 	if ( status != PR_SUCCESS ) {
-		const char *fmtstr = NULL;
-		if ( cacertfile && cacertdir ) {
-			fmtstr = "TLS: did not find any valid CA certificates in %s or %s\n";
-		} else {
-			fmtstr = "TLS: did not find any valid CA certificates in %s%s\n";
-		}
-		Debug( LDAP_DEBUG_ANY, fmtstr, cacertdir ? cacertdir : "",
-			   cacertfile ? cacertfile : "", 0 );
- 		return -1;
- 	}
- 
--- a/openldap-nss-nofork.patch
+++ b/openldap-nss-nofork.patch
@ -1,19 +0,0 @@
-fix: OpenLDAP can't use TLS after a fork()
-
-Resolves: #636956
-Upstream ITS: #6862
-Author: Rich Megginson <rmeggins@redhat.com>
-
--- openldap-2.4.24.orig/libraries/libldap/tls_m.c
-+++ openldap-2.4.24/libraries/libldap/tls_m.c
-@@ -2890,7 +2890,9 @@
- 	 * context in the child.
- 	 */
- 	if ( !nofork ) {
-		PR_SetEnv( "NSS_STRICT_NOFORK=DISABLED" );
-+		/* will leak one time */
-+		char *noforkenvvar = PL_strdup( "NSS_STRICT_NOFORK=DISABLED" );
-+		PR_SetEnv( noforkenvvar );
- 	}
- 
- 	return 0;
--- a/openldap-segfault-ldif-indent.patch
+++ b/openldap-segfault-ldif-indent.patch
@ -1,19 +0,0 @@
-Segmentation fault of client tool when input LDIF line is splitted but not indented correctly.
-
-Resolves: #716855
-Author: Howard Chu <hyc@openldap.org>
-Upstream: ITS#6978, git 4b057bc
-
-diff --git a/clients/tools/ldapmodify.c b/clients/tools/ldapmodify.c
-index 7cd9774..2d11045 100644
--- a/clients/tools/ldapmodify.c
-+++ b/clients/tools/ldapmodify.c
-@@ -449,7 +449,7 @@ process_ldif_rec( char *rbuf, int linenum )
- 			fprintf( stderr, _("%s: invalid format (line %d) entry: \"%s\"\n"),
- 				prog, linenum+i, dn == NULL ? "" : dn );
- 			rc = LDAP_PARAM_ERROR;
-			break;
-+			goto leave;
- 		}
- 		freeval[i] = freev;
- 
--- a/openldap-segfault-ldif-nl-end.patch
+++ b/openldap-segfault-ldif-nl-end.patch
@ -1,31 +0,0 @@
-commit 83814a220fb70db8344469dc3e2db5357b36fc5c
-Author: Jan Vcelak <jvcelak@redhat.com>
-Date:   Mon Jun 20 17:31:57 2011 +0200
-
-    ITS#6947 Handle missing '\n' termination in LDIF input
-
-diff --git a/libraries/libldap/ldif.c b/libraries/libldap/ldif.c
-index 0ee7849..0bc35bb 100644
--- a/libraries/libldap/ldif.c
-+++ b/libraries/libldap/ldif.c
-@@ -842,11 +842,16 @@ ldif_read_record(
- 
- 		if ( fgets( line, sizeof( line ), lfp->fp ) == NULL ) {
- 			stop = 1;
-			/* Add \n in case the file does not end with newline */
-			line[0] = '\n';
-			line[1] = '\0';
-+			len = 0;
-+		} else {
-+			len = strlen( line );
-+		}
-+
-+		if ( len == 0 || line[len-1] != '\n' ) {
-+			/* Add \n in case the line/file does not end with newline */
-+			line[len] = '\n';
-+			line[++len] = '\0';
- 		}
-		len = strlen( line );
- 
- 		if ( last_ch == '\n' ) {
- 			(*lno)++;
--- a/openldap.spec
+++ b/openldap.spec
@ -5,7 +5,7 @@
 %define evolution_connector_libdir %{evolution_connector_prefix}/%{_lib}

 Name: openldap
-Version: 2.4.25
+Version: 2.4.26
 Release: 1%{?dist}
 Summary: LDAP support libraries
 Group: System Environment/Daemons
@ -23,15 +23,9 @@ Patch0: openldap-manpages.patch
 Patch1: openldap-security-pie.patch
 Patch2: openldap-sql-linking.patch
 Patch3: openldap-reentrant-gethostby.patch
-Patch4: openldap-export-ldif.patch
-Patch5: openldap-smbk5pwd-overlay.patch
-Patch6: openldap-ldaprc-currentdir.patch
-Patch7: openldap-userconfig-setgid.patch
-Patch8: openldap-nss-nofork.patch
-Patch9: openldap-nss-cacertdir-soft-error.patch
-Patch10: openldap-ldapexop-double-free.patch
-Patch11: openldap-segfault-ldif-indent.patch
-Patch12: openldap-segfault-ldif-nl-end.patch
+Patch4: openldap-smbk5pwd-overlay.patch
+Patch5: openldap-ldaprc-currentdir.patch
+Patch6: openldap-userconfig-setgid.patch

 # patches for the evolution library (see README.evolution)
 Patch200: openldap-evolution-ntlm.patch
@ -128,15 +122,9 @@ pushd openldap-%{version}
 %patch1 -p1 -b .security-pie
 %patch2 -p1 -b .sql-linking
 %patch3 -p1 -b .reentrant-gethostby
-%patch4 -p1 -b .export-ldif
-%patch5 -p1 -b .smbk5pwd-overlay
-%patch6 -p1 -b .ldaprc-currentdir
-%patch7 -p1 -b .userconfig-setgid
-%patch8 -p1 -b .nss-nofork
-%patch9 -p1 -b .nss-cacertdir-soft-error
-%patch10 -p1 -b .ldapexop-double-free
-%patch11 -p1 -b .segfault-ldif-indent
-%patch12 -p1 -b .segfault-ldif-nl-end
+%patch4 -p1 -b .smbk5pwd-overlay
+%patch5 -p1 -b .ldaprc-currentdir
+%patch6 -p1 -b .userconfig-setgid

 cp %{_datadir}/libtool/config/config.{sub,guess} build/

@ -659,6 +647,9 @@ exit 0
 %attr(0644,root,root)      %{evolution_connector_libdir}/*.a

 %changelog
+* Wed Jul 20 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.26-1
+- rebase to new upstream release
+
 * Mon Jun 27 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.25-1
 - rebase to new upstream release
 - change default database type from BDB to HDB
--- a/2
+++ b/2
@ -1 +1 @@
-ec63f9c2add59f323a0459128846905b  openldap-2.4.25.tgz
+f36f3086031dd56ae94f722ffae8df5e  openldap-2.4.26.tgz