rpms/openldap
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Merge branch 'f28' into 'master' for linearity

Browse Source
This commit is contained in:
Matúš Honěk 2018-07-04 13:28:18 +02:00
commit 799c2121f4
2 changed files with 43 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
openldap-tlsmc.patch
View File

@ -1,7 +1,7 @@
MozNSS Interception Code
Author: Matus Honek <mhonek@redhat.com>
Date: Thu Apr 5 15:47:44 CEST 2018
Date: Wed Jul 4 10:35:04 CEST 2018
diff --git a/configure.in b/configure.in
--- a/configure.in
+++ b/configure.in
@ -283,7 +283,7 @@ diff --git a/libraries/libldap/tls_mc.c b/libraries/libldap/tls_mc.c
new file mode 100644
--- /dev/null
+++ b/libraries/libldap/tls_mc.c
@@ -0,0 +1,1346 @@
@@ -0,0 +1,1369 @@
+#include "portable.h"
+
+#ifdef HAVE_MOZNSS_COMPATIBILITY
@ -365,23 +365,33 @@ new file mode 100644
+ int rv = 0;
+ int fd = -1;
+ if ( 0 > ( fd = open( filename, O_WRONLY | O_CREAT | O_EXCL, S_IWUSR ) ) ) {
+ perror("IO ERROR: could not open file");
+ Debug( LDAP_DEBUG_ANY,
+ "tlsmc_write_file: ERROR: could not open file: `%s': %s.\n",
+ filename, strerror(errno), 0 );
+ goto bail;
+ }
+ if ( -1 >= write( fd, buf, strlen(buf) ) ) {
+ perror("IO ERROR: could not write file");
+ Debug( LDAP_DEBUG_ANY,
+ "tlsmc_write_file: ERROR: could not write file: `%s': %s.\n",
+ filename, strerror(errno), 0 );
+ goto bail;
+ }
+ if ( -1 >= fchmod( fd, final_mode ) ) {
+ perror("IO ERROR: could not set file mode");
+ Debug( LDAP_DEBUG_ANY,
+ "tlsmc_write_file: ERROR: could not set file mode: `%s': %s.\n",
+ filename, strerror(errno), 0 );
+ goto bail;
+ }
+ if ( -1 >= fsync( fd ) ) {
+ perror("IO ERROR: could not fsync the file");
+ Debug( LDAP_DEBUG_ANY,
+ "tlsmc_write_file: ERROR: could not fsync file: `%s': %s.\n",
+ filename, strerror(errno), 0 );
+ goto bail;
+ }
+ if ( 0 > close( fd ) ) {
+ perror("IO ERROR: could not close file");
+ Debug( LDAP_DEBUG_ANY,
+ "tlsmc_write_file: ERROR: could not close file: `%s': %s.\n",
+ filename, strerror(errno), 0 );
+ fd = -1;
+ goto bail;
+ }
@ -845,7 +855,9 @@ new file mode 100644
+ goto bail;
+ }
+ if ( 0 == strftime(stime, sizeof(stime), "%FT%T", localtime(&attr.st_mtime)) ) {
+ perror("IO ERROR: could not format mtime");
+ Debug( LDAP_DEBUG_ANY,
+ "tlsmc_filestamp: ERROR: could not format mtime: %s.\n",
+ strerror(errno), 0, 0 );
+ goto bail;
+ }
+
@ -932,7 +944,6 @@ new file mode 100644
+ Debug( LDAP_DEBUG_ANY,
+ "tlsmc_prepare_dir: WARN: could not create the PEM directory.\n",
+ 0, 0, 0 );
+ perror( "tlsmc_prepare_dir: WARN: could not create the PEM directory" );
+ rv = 0;
+ goto bail;
+ }
@ -945,7 +956,6 @@ new file mode 100644
+ Debug( LDAP_DEBUG_ANY,
+ "tlsmc_prepare_dir: WARN: could not create the subdirectory.\n",
+ 0, 0, 0 );
+ perror( "tlsmc_prepare_dir: WARN: could not create the subdirectory" );
+ rv = 0;
+ goto bail;
+ }
@ -1236,11 +1246,15 @@ new file mode 100644
+ "tlsmc_extract_cert_key_pair: INFO: symlinking certificate file `%s' to file `%s'.\n",
+ nickname, cert_file_path, 0 );
+ if ( NULL == ( file_realpath = realpath( nickname, NULL ) ) ) {
+ perror( "Could not get the realpath" );
+ Debug( LDAP_DEBUG_ANY,
+ "tlsmc_extract_cert_key_pair: ERROR: could not get realpath of certificate file `%s'.\n",
+ nickname, 0, 0 );
+ goto bail;
+ }
+ if ( -1 == symlink( file_realpath, cert_file_path ) ) {
+ perror( "Could not create a symlink" );
+ Debug( LDAP_DEBUG_ANY,
+ "tlsmc_extract_cert_key_pair: ERROR: could not create a symlink of `%s' to `%s'.\n",
+ file_realpath, cert_file_path, 0 );
+ goto bail;
+ }
+ if ( file_realpath ) free( file_realpath );
@ -1249,11 +1263,15 @@ new file mode 100644
+ "tlsmc_extract_cert_key_pair: INFO: symlinking PK file `%s' to file `%s'.\n",
+ pin_filename, key_file_path, 0 );
+ if ( NULL == ( file_realpath = realpath( pin_filename, NULL ) ) ) {
+ perror( "Could not get the realpath" );
+ Debug( LDAP_DEBUG_ANY,
+ "tlsmc_extract_cert_key_pair: ERROR: could not get realpath of PK file `%s'.\n",
+ pin_filename, 0, 0 );
+ goto bail;
+ }
+ if ( -1 == symlink( file_realpath, key_file_path ) ) {
+ perror( "Could not create a symlink" );
+ Debug( LDAP_DEBUG_ANY,
+ "tlsmc_extract_cert_key_pair: ERROR: could not create a symlink of `%s' to `%s'.\n",
+ file_realpath, key_file_path, 0 );
+ goto bail;
+ }
+ }
@ -1525,6 +1543,7 @@ new file mode 100644
+ Debug( LDAP_DEBUG_ANY,
+ "tlsmc_convert: WARN: extracted cacerts dir is not present.\n",
+ 0, 0, 0 );
+ if ( *ld_cacertdir ) PR_smprintf_free( *ld_cacertdir );
+ *ld_cacertdir = NULL;
+ }
+
@ -1536,6 +1555,7 @@ new file mode 100644
+ Debug( LDAP_DEBUG_ANY,
+ "tlsmc_convert: WARN: extracted cert file is not present.\n",
+ 0, 0, 0 );
+ if ( *ld_cert ) PR_smprintf_free( *ld_cert );
+ *ld_cert = NULL;
+ }
+
@ -1547,13 +1567,16 @@ new file mode 100644
+ Debug( LDAP_DEBUG_ANY,
+ "tlsmc_convert: WARN: extracted key file is not present.\n",
+ 0, 0, 0 );
+ if ( *ld_key ) PR_smprintf_free( *ld_key );
+ *ld_key = NULL;
+ }
+
+ rv = 1;
+
+bail:
+ if ( checksum ) free( checksum );
+ if ( pem_dir ) PR_smprintf_free( pem_dir );
+ if ( readme_path ) PR_smprintf_free( readme_path );
+ if ( data ) free( data );
+ if ( nssdb_prefix ) free( nssdb_prefix );
+ if ( nssdb_dir_path ) free( nssdb_dir_path );

7
openldap.spec
View File

@ -12,7 +12,7 @@
Name: openldap
Version: 2.4.46
Release: 2%{?dist}
Release: 3%{?dist}
Summary: LDAP support libraries
License: OpenLDAP
URL: http://www.openldap.org/
@ -504,8 +504,13 @@ exit 0
%{_mandir}/man3/*
%changelog
* Wed Jul 4 2018 Matus Honek <mhonek@redhat.com> - 2.4.46-3
- MozNSS Compat. Layer: Make log messages more clear (#1598103)
- MozNSS Compat. Layer: Fix memleaks reported by valgrind (#1595203)
* Wed Jun 27 2018 Jitka Plesnikova <jplesnik@redhat.com> - 2.4.46-2
- Perl 5.28 rebuild
- MozNSS Compat. Layer: Fix typos, and spelling in the README file header (#1564161)
* Tue Mar 27 2018 Matus Honek <mhonek@redhat.com> - 2.4.46-1
- Rebase to version OpenLDAP 2.4.46 (#1559652)