Jan Vcelak
parent
af7e905857
commit
9c0ef47ce4
69
openldap-syncrepl-unset-tls-options.patch
Normal file
69
openldap-syncrepl-unset-tls-options.patch
Normal file
@ -0,0 +1,69 @@
|
|||||||
|
allow unsetting of tls_* syncrepl options
|
||||||
|
|
||||||
|
Author: Patrick Monnerat <pm@datasphere.ch>
|
||||||
|
Upstream ITS: #7042
|
||||||
|
Resolves: #734187
|
||||||
|
|
||||||
|
---
|
||||||
|
libraries/libldap/tls2.c | 16 ++++++++--------
|
||||||
|
1 files changed, 8 insertions(+), 8 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/libraries/libldap/tls2.c b/libraries/libldap/tls2.c
|
||||||
|
index 5c35fb5..4c9eb30 100644
|
||||||
|
--- a/libraries/libldap/tls2.c
|
||||||
|
+++ b/libraries/libldap/tls2.c
|
||||||
|
@@ -731,27 +731,27 @@ ldap_pvt_tls_set_option( LDAP *ld, int option, void *arg )
|
||||||
|
return 0;
|
||||||
|
case LDAP_OPT_X_TLS_CACERTFILE:
|
||||||
|
if ( lo->ldo_tls_cacertfile ) LDAP_FREE( lo->ldo_tls_cacertfile );
|
||||||
|
- lo->ldo_tls_cacertfile = arg ? LDAP_STRDUP( (char *) arg ) : NULL;
|
||||||
|
+ lo->ldo_tls_cacertfile = (arg && *(char *)arg) ? LDAP_STRDUP( (char *) arg ) : NULL;
|
||||||
|
return 0;
|
||||||
|
case LDAP_OPT_X_TLS_CACERTDIR:
|
||||||
|
if ( lo->ldo_tls_cacertdir ) LDAP_FREE( lo->ldo_tls_cacertdir );
|
||||||
|
- lo->ldo_tls_cacertdir = arg ? LDAP_STRDUP( (char *) arg ) : NULL;
|
||||||
|
+ lo->ldo_tls_cacertdir = (arg && *(char *)arg) ? LDAP_STRDUP( (char *) arg ) : NULL;
|
||||||
|
return 0;
|
||||||
|
case LDAP_OPT_X_TLS_CERTFILE:
|
||||||
|
if ( lo->ldo_tls_certfile ) LDAP_FREE( lo->ldo_tls_certfile );
|
||||||
|
- lo->ldo_tls_certfile = arg ? LDAP_STRDUP( (char *) arg ) : NULL;
|
||||||
|
+ lo->ldo_tls_certfile = (arg && *(char *)arg) ? LDAP_STRDUP( (char *) arg ) : NULL;
|
||||||
|
return 0;
|
||||||
|
case LDAP_OPT_X_TLS_KEYFILE:
|
||||||
|
if ( lo->ldo_tls_keyfile ) LDAP_FREE( lo->ldo_tls_keyfile );
|
||||||
|
- lo->ldo_tls_keyfile = arg ? LDAP_STRDUP( (char *) arg ) : NULL;
|
||||||
|
+ lo->ldo_tls_keyfile = (arg && *(char *)arg) ? LDAP_STRDUP( (char *) arg ) : NULL;
|
||||||
|
return 0;
|
||||||
|
case LDAP_OPT_X_TLS_DHFILE:
|
||||||
|
if ( lo->ldo_tls_dhfile ) LDAP_FREE( lo->ldo_tls_dhfile );
|
||||||
|
- lo->ldo_tls_dhfile = arg ? LDAP_STRDUP( (char *) arg ) : NULL;
|
||||||
|
+ lo->ldo_tls_dhfile = (arg && *(char *)arg) ? LDAP_STRDUP( (char *) arg ) : NULL;
|
||||||
|
return 0;
|
||||||
|
case LDAP_OPT_X_TLS_CRLFILE: /* GnuTLS only */
|
||||||
|
if ( lo->ldo_tls_crlfile ) LDAP_FREE( lo->ldo_tls_crlfile );
|
||||||
|
- lo->ldo_tls_crlfile = arg ? LDAP_STRDUP( (char *) arg ) : NULL;
|
||||||
|
+ lo->ldo_tls_crlfile = (arg && *(char *)arg) ? LDAP_STRDUP( (char *) arg ) : NULL;
|
||||||
|
return 0;
|
||||||
|
case LDAP_OPT_X_TLS_REQUIRE_CERT:
|
||||||
|
if ( !arg ) return -1;
|
||||||
|
@@ -779,7 +779,7 @@ ldap_pvt_tls_set_option( LDAP *ld, int option, void *arg )
|
||||||
|
#endif
|
||||||
|
case LDAP_OPT_X_TLS_CIPHER_SUITE:
|
||||||
|
if ( lo->ldo_tls_ciphersuite ) LDAP_FREE( lo->ldo_tls_ciphersuite );
|
||||||
|
- lo->ldo_tls_ciphersuite = arg ? LDAP_STRDUP( (char *) arg ) : NULL;
|
||||||
|
+ lo->ldo_tls_ciphersuite = (arg && *(char *)arg) ? LDAP_STRDUP( (char *) arg ) : NULL;
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
case LDAP_OPT_X_TLS_PROTOCOL_MIN:
|
||||||
|
@@ -790,7 +790,7 @@ ldap_pvt_tls_set_option( LDAP *ld, int option, void *arg )
|
||||||
|
if ( ld != NULL )
|
||||||
|
return -1;
|
||||||
|
if ( lo->ldo_tls_randfile ) LDAP_FREE (lo->ldo_tls_randfile );
|
||||||
|
- lo->ldo_tls_randfile = arg ? LDAP_STRDUP( (char *) arg ) : NULL;
|
||||||
|
+ lo->ldo_tls_randfile = (arg && *(char *)arg) ? LDAP_STRDUP( (char *) arg ) : NULL;
|
||||||
|
break;
|
||||||
|
case LDAP_OPT_X_TLS_NEWCTX:
|
||||||
|
if ( !arg ) return -1;
|
||||||
|
--
|
||||||
|
1.7.6.1
|
||||||
|
|
||||||
@ -41,6 +41,7 @@ Patch15: openldap-nss-wildcards.patch
|
|||||||
Patch16: openldap-dns-priority.patch
|
Patch16: openldap-dns-priority.patch
|
||||||
Patch17: openldap-man-ldap-sync.patch
|
Patch17: openldap-man-ldap-sync.patch
|
||||||
Patch18: openldap-nss-handshake-threadsafe.patch
|
Patch18: openldap-nss-handshake-threadsafe.patch
|
||||||
|
Patch19: openldap-syncrepl-unset-tls-options.patch
|
||||||
|
|
||||||
# patches for the evolution library (see README.evolution)
|
# patches for the evolution library (see README.evolution)
|
||||||
Patch200: openldap-evolution-ntlm.patch
|
Patch200: openldap-evolution-ntlm.patch
|
||||||
@ -152,6 +153,7 @@ pushd openldap-%{version}
|
|||||||
%patch16 -p1 -b .dns-priority
|
%patch16 -p1 -b .dns-priority
|
||||||
%patch17 -p1 -b .man-ldap-sync
|
%patch17 -p1 -b .man-ldap-sync
|
||||||
%patch18 -p1 -b .nss-handshake-threadsafe
|
%patch18 -p1 -b .nss-handshake-threadsafe
|
||||||
|
%patch19 -p1 -b .syncrepl-unset-tls-options
|
||||||
|
|
||||||
cp %{_datadir}/libtool/config/config.{sub,guess} build/
|
cp %{_datadir}/libtool/config/config.{sub,guess} build/
|
||||||
|
|
||||||
@ -677,6 +679,7 @@ exit 0
|
|||||||
%changelog
|
%changelog
|
||||||
* Mon Sep 12 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.26-3
|
* Mon Sep 12 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.26-3
|
||||||
- fix: SSL_ForceHandshake function is not thread safe (#701678)
|
- fix: SSL_ForceHandshake function is not thread safe (#701678)
|
||||||
|
- fix: allow unsetting of tls_* syncrepl options (#734187)
|
||||||
|
|
||||||
* Wed Aug 24 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.26-2
|
* Wed Aug 24 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.26-2
|
||||||
- security hardening: library needs partial RELRO support added (#733071)
|
- security hardening: library needs partial RELRO support added (#733071)
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user