fix: slapd segfaults when PEM certificate is used and key is not set
Resolves: #772890
This commit is contained in:
		
							parent
							
								
									f47de25361
								
							
						
					
					
						commit
						65b981d99e
					
				
							
								
								
									
										22
									
								
								openldap-nss-segfault-key-not-set.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										22
									
								
								openldap-nss-segfault-key-not-set.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,22 @@ | |||||||
|  | MozNSS + PEM: fix segfault when TLS certificate key is not set | ||||||
|  | 
 | ||||||
|  | Upstream ITS: #7135 | ||||||
|  | Upstream commit: 1107103dd7e767db9c080b3276cb6e742fcf36a1 | ||||||
|  | Resolves: #772890 | ||||||
|  | Author: Jan Vcelak <jvcelak@redhat.com> | ||||||
|  | 
 | ||||||
|  | diff --git a/libraries/libldap/tls_m.c b/libraries/libldap/tls_m.c
 | ||||||
|  | index 09348b7..da230c5 100644
 | ||||||
|  | --- a/libraries/libldap/tls_m.c
 | ||||||
|  | +++ b/libraries/libldap/tls_m.c
 | ||||||
|  | @@ -2267,8 +2267,8 @@ tlsm_deferred_ctx_init( void *arg )
 | ||||||
|  |  		} | ||||||
|  |  	} else { /* set up secure server */ | ||||||
|  |  		SSLKEAType certKEA; | ||||||
|  | -		CERTCertificate *serverCert;
 | ||||||
|  | -		SECKEYPrivateKey *serverKey;
 | ||||||
|  | +		CERTCertificate *serverCert = NULL;
 | ||||||
|  | +		SECKEYPrivateKey *serverKey = NULL;
 | ||||||
|  |  		SECStatus status; | ||||||
|  |   | ||||||
|  |  		/* must have a certificate for the server to use */ | ||||||
| @ -34,6 +34,7 @@ Patch6: openldap-userconfig-setgid.patch | |||||||
| Patch7: openldap-dns-priority.patch | Patch7: openldap-dns-priority.patch | ||||||
| Patch8: openldap-syncrepl-unset-tls-options.patch | Patch8: openldap-syncrepl-unset-tls-options.patch | ||||||
| Patch9: openldap-nss-deferred-init-copy-params.patch | Patch9: openldap-nss-deferred-init-copy-params.patch | ||||||
|  | Patch10: openldap-nss-segfault-key-not-set.patch | ||||||
| 
 | 
 | ||||||
| # Fedora specific patches | # Fedora specific patches | ||||||
| Patch100: openldap-fedora-systemd.patch | Patch100: openldap-fedora-systemd.patch | ||||||
| @ -136,6 +137,7 @@ pushd openldap-%{version} | |||||||
| %patch7 -p1 | %patch7 -p1 | ||||||
| %patch8 -p1 | %patch8 -p1 | ||||||
| %patch9 -p1 | %patch9 -p1 | ||||||
|  | %patch10 -p1 | ||||||
| 
 | 
 | ||||||
| %patch100 -p1 | %patch100 -p1 | ||||||
| 
 | 
 | ||||||
| @ -653,6 +655,7 @@ exit 0 | |||||||
| %changelog | %changelog | ||||||
| * Tue Jan 31 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.28-3 | * Tue Jan 31 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.28-3 | ||||||
| - fix: replication (syncrepl) with TLS causes segfault (#783431) | - fix: replication (syncrepl) with TLS causes segfault (#783431) | ||||||
|  | - fix: slapd segfaults when PEM certificate is used and key is not set (#772890) | ||||||
| 
 | 
 | ||||||
| * Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.28-2 | * Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.28-2 | ||||||
| - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild | - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild | ||||||
|  | |||||||
		Loading…
	
		Reference in New Issue
	
	Block a user