- updated smbk5pwd patch to be linked with libldap (#526500)

- the last buffer overflow patch replaced with the one from upstream - added /etc/openldap/slapd.d and /etc/openldap/slapd.conf.bak to files owned by openldap-servers
2009-10-07 13:43:58 +00:00 · 2009-10-07 13:43:58 +00:00 · bc5ba6fb26
commit bc5ba6fb26
parent 9828bb7d06
3 changed files with 23 additions and 48 deletions
--- a/openldap-2.3.37-smbk5pwd.patch
+++ b/openldap-2.3.37-smbk5pwd.patch
@ -47,7 +47,7 @@ diff -up openldap-2.4.11/servers/slapd/overlays/Makefile.in.patch8 openldap-2.4.
 	$(LTLINK_MOD) -module -o $@ valsort.lo version.lo $(LINK_LIBS)
 +smbk5pwd.la : smbk5pwd.lo
-+	$(LTLINK_MOD) -module -o $@ smbk5pwd.lo version.lo $(LINK_LIBS)
+	$(LTLINK_MOD) -module -o $@ smbk5pwd.lo version.lo -lldap -L../../../libraries/libldap/.libs/ $(LINK_LIBS)
 +
 install-local:	$(PROGRAMS)
 	@if test -n "$?" ; then \
--- a/openldap-2.4.18-ldif-buf-overflow.patch
+++ b/openldap-2.4.18-ldif-buf-overflow.patch
@ -1,54 +1,17 @@
--- openldap-2.4.18/servers/slapd/back-ldif/ldif.c.orig	2009-09-24 09:46:01.000000000 +0200
+Avoid the struct hack, just malloc two data structures in one chunk:
-+++ openldap-2.4.18/servers/slapd/back-ldif/ldif.c	2009-09-24 13:40:07.000000000 +0200
+
-@@ -593,9 +593,7 @@ typedef struct bvlist {
+--- openldap-2.4.18/servers/slapd/back-ldif/ldif.c.orig	2009-08-18 23:58:27
 +++ openldap-2.4.18/servers/slapd/back-ldif/ldif.c	2009-09-24 16:08:14
@@ -593,9 +593,9 @@ typedef struct bvlist {
 	char *trunc;	/* filename was truncated here */
 	int  inum;		/* num from "attr={num}" in filename, or INT_MIN */
 	char savech;	/* original char at *trunc */
 -	char fname;		/* variable length array BVL_NAME(bvl) = &fname */
 -#	define BVL_NAME(bvl) ((char *) (bvl) + offsetof(bvlist, fname))
 -#	define BVL_SIZE(namelen) (sizeof(bvlist) + (namelen))
-+	char *fname;		/* variable length array */
+	/* BVL_NAME(&bvlist) is the filename, allocated after the struct: */
 +#	define BVL_NAME(bvl)     ((char *) ((bvl) + 1))
 +#	define BVL_SIZE(namelen) (sizeof(bvlist) + (namelen) + 1)
 } bvlist;
 static int
@@ -709,17 +707,18 @@ ldif_readdir(
 			if ( *fname_maxlenp < fname_len )
 				*fname_maxlenp = fname_len;
 -			bvl = SLAP_MALLOC( BVL_SIZE( fname_len ) );
 +			bvl = SLAP_MALLOC( sizeof( bvlist ) );
 +			bvl->fname = SLAP_MALLOC( fname_len+1 );
 			if ( bvl == NULL ) {
 				rc = LDAP_OTHER;
 				save_errno = errno;
 				break;
 			}
 -			strcpy( BVL_NAME( bvl ), dir->d_name );
 +			strcpy( bvl->fname, dir->d_name );
 			/* Make it sortable by ("attr=val" or <preceding {num}, num>) */
 -			trunc = BVL_NAME( bvl ) + fname_len - STRLENOF( LDIF );
 -			if ( (idxp = strchr( BVL_NAME( bvl ) + 2, IX_FSL )) != NULL &&
 +			trunc = bvl->fname + fname_len - STRLENOF( LDIF );
 +			if ( (idxp = strchr( bvl->fname + 2, IX_FSL )) != NULL &&
 				 (endp = strchr( ++idxp, IX_FSR )) != NULL && endp > idxp &&
 				 (eq_unsafe || idxp[-2] == '=' || endp + 1 == trunc) )
 			{
@@ -737,7 +736,7 @@ ldif_readdir(
 			*trunc = '\0';
 			for ( prev = listp; (ptr = *prev) != NULL; prev = &ptr->next ) {
 -				int cmp = strcmp( BVL_NAME( bvl ), BVL_NAME( ptr ));
 +				int cmp = strcmp( bvl->fname, ptr->fname );
 				if ( cmp < 0 || (cmp == 0 && bvl->inum < ptr->inum) )
 					break;
 			}
@@ -826,7 +825,7 @@ ldif_search_entry(
 				if ( rc == LDAP_SUCCESS ) {
 					*ptr->trunc = ptr->savech;
 -					FILL_PATH( &fpath, dir_end, BVL_NAME( ptr ));
 +					FILL_PATH( &fpath, dir_end, ptr->fname );
 					rc = ldif_read_entry( op, fpath.bv_val, &dn, &ndn,
 						&e, text );
--- a/openldap.spec
+++ b/openldap.spec
@ -11,7 +11,7 @@
 Summary: LDAP support libraries
 Name: openldap
 Version: %{version}
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: OpenLDAP
 Group: System Environment/Daemons
 Source0: ftp://ftp.OpenLDAP.org/pub/OpenLDAP/openldap-release/openldap-%{version}.tgz
@ -388,6 +388,10 @@ for X in acl add auth cat dn index passwd test; do ln -s slapd $RPM_BUILD_ROOT/%
 chmod 755 $RPM_BUILD_ROOT/%{_libdir}/lib*.so*
 chmod 644 $RPM_BUILD_ROOT/%{_libdir}/lib*.*a
 # Add files and dirs which would be created by %post scriptlet
 touch $RPM_BUILD_ROOT/%{_sysconfdir}/openldap/slapd.conf.bak
 mkdir $RPM_BUILD_ROOT/%{_sysconfdir}/openldap/slapd.d
 # Remove files which we don't want packaged.
 rm -f $RPM_BUILD_ROOT/%{_libdir}/*.la
 rm -f $RPM_BUILD_ROOT/%{evolution_connector_libdir}/*.la
@ -596,7 +600,9 @@ fi
 %ghost %config(noreplace) %{_sysconfdir}/pki/tls/certs/slapd.pem
 %attr(0755,root,root) %{_sysconfdir}/rc.d/init.d/slapd
 %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/openldap/ldap*.conf
-%attr(0640,root,ldap) %config(noreplace) %{_sysconfdir}/openldap/slapd.conf
+%attr(0640,root,ldap) %config(noreplace,missingok) %{_sysconfdir}/openldap/slapd.conf
 %attr(0640,root,ldap) %ghost %{_sysconfdir}/openldap/slapd.conf.bak
 %attr(0640,ldap,ldap) %ghost %{_sysconfdir}/openldap/slapd.d
 %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/ldap
 %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/openldap/schema/*.schema*
 %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/openldap/schema/*.ldif
@ -639,6 +645,12 @@ fi
 %attr(0644,root,root)      %{evolution_connector_libdir}/*.a
 %changelog
 * Wed Oct 07 2009 Jan Zeleny <jzeleny@redhat.com> 2.4.18-4
 - updated smbk5pwd patch to be linked with libldap (#526500)
 - the last buffer overflow patch replaced with the one from upstream
 - added /etc/openldap/slapd.d and /etc/openldap/slapd.conf.bak
  to files owned by openldap-servers
 * Thu Sep 24 2009 Jan Zeleny <jzeleny@redhat.com> 2.4.18-3
 - cleanup of previous patch fixing buffer overflow