rpms/openldap
6
0
Fork 0
Code Issues Pull Requests Releases Activity

import UBI openldap-2.4.46-21.el8_10

Browse Source
This commit is contained in:
eabdullin 2025-03-11 08:32:13 +00:00
parent bcf77a0ee8
commit 9ff3f3daee
3 changed files with 58 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
SOURCES/openldap-libldap-fix-double-sb_close-when-first-TLS.patch Normal file
View File

@ -0,0 +1,25 @@
From 2b842a7eed3c299659bf7ede341fc1d6d281b603 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Florin=20Cri=C8=99an?= <florin.crisan@gmail.com>
Date: Wed, 20 Sep 2023 16:06:09 +0300
Subject: [PATCH] ITS#10101 libldap: fix double sb_close when first TLS
connection fails
---
libraries/libldap/open.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/libraries/libldap/open.c b/libraries/libldap/open.c
index f1c7b9d031..b90b3ca181 100644
--- a/libraries/libldap/open.c
+++ b/libraries/libldap/open.c
@@ -480,6 +480,7 @@ ldap_int_open_connection(
LDAP_MUTEX_UNLOCK( &lo->ldo_mutex );
}
ber_int_sb_close( conn->lconn_sb );
+ ber_int_sb_destroy( conn->lconn_sb );
return -1;
}
}
--
2.47.1

24
SOURCES/openldap-plug-descriptor-leak-if-ldaps-connect-fails.patch Normal file
View File

@ -0,0 +1,24 @@
From a64febc5c646952773e6195ab1ec54ef63deb73a Mon Sep 17 00:00:00 2001
From: Howard Chu <hyc@openldap.org>
Date: Sat, 11 Jan 2020 04:16:01 +0000
Subject: [PATCH 001/336] ITS#9147 plug descriptor leak if ldaps connect fails
---
libraries/libldap/open.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/libraries/libldap/open.c b/libraries/libldap/open.c
index 4e0f9f8028..cde157b079 100644
--- a/libraries/libldap/open.c
+++ b/libraries/libldap/open.c
@@ -476,6 +476,7 @@ ldap_int_open_connection(
}
LDAP_MUTEX_UNLOCK( &lo->ldo_mutex );
}
+ ber_int_sb_close( conn->lconn_sb );
return -1;
}
}
--
2.47.1

10
SPECS/openldap.spec
View File

@ -5,7 +5,7 @@
Name: openldap
Version: 2.4.46
Release: 20%{?dist}
Release: 21%{?dist}
Summary: LDAP support libraries
License: OpenLDAP
URL: http://www.openldap.org/
@ -61,6 +61,8 @@ Patch64: openldap-change-TLS_REQSAN-default-to-TRY.patch
Patch65: openldap-cbinding-fix-openssl-digest.patch
Patch66: 0001-ITS-9904-ldap_url_parsehosts-check-for-strdup-failur.patch
Patch67: 0001-ITS-9904-ldif_open_url-check-for-ber_strdup-failure.patch
Patch68: openldap-plug-descriptor-leak-if-ldaps-connect-fails.patch
Patch69: openldap-libldap-fix-double-sb_close-when-first-TLS.patch
# check-password module specific patches
Patch90: check-password-makefile.patch
@ -159,6 +161,8 @@ AUTOMAKE=%{_bindir}/true autoreconf -fi
%patch65 -p1
%patch66 -p1
%patch67 -p1
%patch68 -p1
%patch69 -p1
# build smbk5pwd with other overlays
ln -s ../../../contrib/slapd-modules/smbk5pwd/smbk5pwd.c servers/slapd/overlays
@ -528,6 +532,10 @@ exit 0
%{_mandir}/man3/*
%changelog
* Mon Jan 27 2025 Simon Pichugin <spichugi@redhat.com> - 2.4.46-21
- Bump version to 2.4.46-21
- Resolves: RHEL-75823 - Fix double file close when first TLS connection fails
* Wed Jul 3 2024 Simon Pichugin <spichugi@redhat.com> - 2.4.46-20
- Bump version to 2.4.46-20
- Resolves: RHEL-35538 - Fix OpenSSL channel binding digest