Compare commits

...

4 Commits

Author SHA1 Message Date
CentOS Sources
61b321a953 import python-ldap-3.3.1-2.el8 2021-12-08 12:23:46 +00:00
CentOS Sources
d42713b72a import python-ldap-3.3.1-1.1.el8_4 2021-09-21 07:16:13 +00:00
CentOS Sources
d648685aa1 import python-ldap-3.3.1-1.el8 2021-09-10 02:53:33 +00:00
CentOS Sources
57454f8b5a import python-ldap-3.1.0-5.el8 2021-09-10 02:53:30 +00:00
4 changed files with 192 additions and 4 deletions

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/python-ldap-3.1.0.tar.gz SOURCES/python-ldap-3.3.1.tar.gz

View File

@ -1 +1 @@
3735d44524f096e145c91c486c8b1984b6d0122f SOURCES/python-ldap-3.1.0.tar.gz 324f671225f10005b34e9cce2c0e307a96fa8ac3 SOURCES/python-ldap-3.3.1.tar.gz

View File

@ -0,0 +1,169 @@
From 30fb0a8bda8fbedc22de87b21b8b1b64de310a6b Mon Sep 17 00:00:00 2001
From: Christian Heimes <cheimes@redhat.com>
Date: Mon, 28 Jun 2021 11:03:02 +0200
Subject: [PATCH] Fix SASL get/set options on big endian platforms
The options OPT_X_SASL_SSF_MIN, OPT_X_SASL_SSF_MAX, and OPT_X_SASL_SSF
take *ber_len_t as input and output arguments. ber_len_t is defined as
unsigned long:
```
/* LBER lengths (32 bits or larger) */
#define LBER_LEN_T long
typedef unsigned LBER_LEN_T ber_len_t;
```
Wrong type handling is causing issues on big endian platforms.
Signed-off-by: Christian Heimes <cheimes@redhat.com>
---
Modules/options.c | 41 ++++++++++++++++++++++++++++++-----------
Tests/t_ldapobject.py | 23 ++++++++++++++++++++++-
2 files changed, 52 insertions(+), 12 deletions(-)
diff --git a/Modules/options.c b/Modules/options.c
index 549a672..67511e8 100644
--- a/Modules/options.c
+++ b/Modules/options.c
@@ -43,6 +43,10 @@ LDAP_set_option(LDAPObject *self, int option, PyObject *value)
double doubleval;
char *strval;
struct timeval tv;
+#if HAVE_SASL
+ /* unsigned long */
+ ber_len_t blen;
+#endif
void *ptr;
LDAP *ld;
LDAPControl **controls = NULL;
@@ -89,10 +93,6 @@ LDAP_set_option(LDAPObject *self, int option, PyObject *value)
case LDAP_OPT_X_TLS_PROTOCOL_MIN:
#endif
#endif
-#ifdef HAVE_SASL
- case LDAP_OPT_X_SASL_SSF_MIN:
- case LDAP_OPT_X_SASL_SSF_MAX:
-#endif
#ifdef LDAP_OPT_X_KEEPALIVE_IDLE
case LDAP_OPT_X_KEEPALIVE_IDLE:
#endif
@@ -108,6 +108,16 @@ LDAP_set_option(LDAPObject *self, int option, PyObject *value)
return 0;
ptr = &intval;
break;
+
+#ifdef HAVE_SASL
+ case LDAP_OPT_X_SASL_SSF_MIN:
+ case LDAP_OPT_X_SASL_SSF_MAX:
+ if (!PyArg_Parse(value, "k:set_option", &blen))
+ return 0;
+ ptr = &blen;
+ break;
+#endif
+
case LDAP_OPT_HOST_NAME:
case LDAP_OPT_URI:
#ifdef LDAP_OPT_DEFBASE
@@ -135,6 +145,7 @@ LDAP_set_option(LDAPObject *self, int option, PyObject *value)
return 0;
ptr = strval;
break;
+
case LDAP_OPT_TIMEOUT:
case LDAP_OPT_NETWORK_TIMEOUT:
/* Float valued timeval options */
@@ -239,6 +250,10 @@ LDAP_get_option(LDAPObject *self, int option)
LDAPAPIInfo apiinfo;
LDAPControl **lcs;
char *strval;
+#if HAVE_SASL
+ /* unsigned long */
+ ber_len_t blen;
+#endif
PyObject *extensions, *v;
Py_ssize_t i, num_extensions;
@@ -277,9 +292,6 @@ LDAP_get_option(LDAPObject *self, int option)
return v;
-#ifdef HAVE_SASL
- case LDAP_OPT_X_SASL_SSF:
-#endif
case LDAP_OPT_REFERRALS:
case LDAP_OPT_RESTART:
case LDAP_OPT_DEREF:
@@ -299,10 +311,6 @@ LDAP_get_option(LDAPObject *self, int option)
case LDAP_OPT_X_TLS_PROTOCOL_MIN:
#endif
#endif
-#ifdef HAVE_SASL
- case LDAP_OPT_X_SASL_SSF_MIN:
- case LDAP_OPT_X_SASL_SSF_MAX:
-#endif
#ifdef LDAP_OPT_X_SASL_NOCANON
case LDAP_OPT_X_SASL_NOCANON:
#endif
@@ -324,6 +332,17 @@ LDAP_get_option(LDAPObject *self, int option)
return option_error(res, "ldap_get_option");
return PyInt_FromLong(intval);
+#ifdef HAVE_SASL
+ case LDAP_OPT_X_SASL_SSF:
+ case LDAP_OPT_X_SASL_SSF_MIN:
+ case LDAP_OPT_X_SASL_SSF_MAX:
+#endif
+ /* ber_len_t options (unsigned long)*/
+ res = LDAP_int_get_option(self, option, &blen);
+ if (res != LDAP_OPT_SUCCESS)
+ return option_error(res, "ldap_get_option");
+ return PyLong_FromUnsignedLong(blen);
+
case LDAP_OPT_HOST_NAME:
case LDAP_OPT_URI:
#ifdef LDAP_OPT_DEFBASE
diff --git a/Tests/t_ldapobject.py b/Tests/t_ldapobject.py
index e54bbfd..0a089c9 100644
--- a/Tests/t_ldapobject.py
+++ b/Tests/t_ldapobject.py
@@ -334,7 +334,7 @@ class Test00_SimpleLDAPObject(SlapdTestCase):
@requires_sasl()
@requires_ldapi()
- def test006_sasl_extenal_bind_s(self):
+ def test006_sasl_external_bind_s(self):
l = self.ldap_object_class(self.server.ldapi_uri)
l.sasl_external_bind_s()
self.assertEqual(l.whoami_s(), 'dn:'+self.server.root_dn.lower())
@@ -343,6 +343,27 @@ class Test00_SimpleLDAPObject(SlapdTestCase):
l.sasl_external_bind_s(authz_id=authz_id)
self.assertEqual(l.whoami_s(), authz_id.lower())
+ @requires_sasl()
+ @requires_ldapi()
+ def test006_sasl_options(self):
+ l = self.ldap_object_class(self.server.ldapi_uri)
+
+ minssf = l.get_option(ldap.OPT_X_SASL_SSF_MIN)
+ self.assertGreaterEqual(minssf, 0)
+ self.assertLessEqual(minssf, 256)
+ maxssf = l.get_option(ldap.OPT_X_SASL_SSF_MAX)
+ self.assertGreaterEqual(maxssf, 0)
+ # libldap sets SSF_MAX to INT_MAX
+ self.assertLessEqual(maxssf, 2**31 - 1)
+
+ l.set_option(ldap.OPT_X_SASL_SSF_MIN, 56)
+ l.set_option(ldap.OPT_X_SASL_SSF_MAX, 256)
+ self.assertEqual(l.get_option(ldap.OPT_X_SASL_SSF_MIN), 56)
+ self.assertEqual(l.get_option(ldap.OPT_X_SASL_SSF_MAX), 256)
+
+ l.sasl_external_bind_s()
+ self.assertEqual(l.whoami_s(), 'dn:' + self.server.root_dn.lower())
+
def test007_timeout(self):
l = self.ldap_object_class(self.server.ldap_uri)
m = l.search_ext(self.server.suffix, ldap.SCOPE_SUBTREE, '(objectClass=*)')
--
2.31.1

View File

@ -13,14 +13,16 @@
%bcond_with python2 %bcond_with python2
Name: python-ldap Name: python-ldap
Version: 3.1.0 Version: 3.3.1
Release: 4%{?dist} Release: 2%{?dist}
License: Python License: Python
Group: System Environment/Libraries Group: System Environment/Libraries
Summary: An object-oriented API to access LDAP directory servers Summary: An object-oriented API to access LDAP directory servers
URL: http://python-ldap.org/ URL: http://python-ldap.org/
Source0: https://files.pythonhosted.org/packages/source/p/%{name}/%{name}-%{version}%{?prerelease}.tar.gz Source0: https://files.pythonhosted.org/packages/source/p/%{name}/%{name}-%{version}%{?prerelease}.tar.gz
Patch0001: 0001-Fix-SASL-get-set-options-on-big-endian-platforms.patch
### Build Dependencies ### ### Build Dependencies ###
BuildRequires: openldap-devel >= %{openldap_version} BuildRequires: openldap-devel >= %{openldap_version}
BuildRequires: openssl-devel BuildRequires: openssl-devel
@ -76,7 +78,11 @@ Summary: %{summary}
Requires: openldap >= %{openldap_version} Requires: openldap >= %{openldap_version}
Requires: python3-pyasn1 >= 0.3.7 Requires: python3-pyasn1 >= 0.3.7
Requires: python3-pyasn1-modules >= 0.1.5 Requires: python3-pyasn1-modules >= 0.1.5
%if 0%{?rhel} && 0%{?rhel} >= 8
Requires: platform-python-setuptools
%else
Requires: python3-setuptools Requires: python3-setuptools
%endif
%{?python_provide:%python_provide python3-ldap} %{?python_provide:%python_provide python3-ldap}
Obsoletes: python3-pyldap < 3 Obsoletes: python3-pyldap < 3
Provides: python3-pyldap = %{version}-%{release} Provides: python3-pyldap = %{version}-%{release}
@ -88,6 +94,7 @@ Provides: python3-pyldap%{?_isa} = %{version}-%{release}
%prep %prep
%setup -qc %setup -qc
pushd %{name}-%{version}%{?prerelease} pushd %{name}-%{version}%{?prerelease}
%patch1 -p1
popd popd
mv %{name}-%{version}%{?prerelease} python3 mv %{name}-%{version}%{?prerelease} python3
@ -167,6 +174,18 @@ popd
%{python3_sitearch}/python_ldap-%{version}%{?prerelease}-py%{python3_version}.egg-info %{python3_sitearch}/python_ldap-%{version}%{?prerelease}-py%{python3_version}.egg-info
%changelog %changelog
* Mon Jun 28 2021 Christian Heimes <cheimes@redhat.com> - 3.3.1-2
- Fix SASL get/set options on big endian platforms
- Resolves: #1931865
* Wed Oct 21 2020 Christian Heimes <cheimes@redhat.com> - 3.3.1-1
- New upstream release 3.1.0
- Resolves: rhbz#1889615
* Fri Nov 16 2018 Lumír Balhar <lbalhar@redhat.com> - 3.1.0-5
- Require platform-python-setuptools instead of python3-setuptools
- Resolves: rhbz#1650537
* Mon Jul 09 2018 Petr Viktorin <pviktori@redhat.com> - 3.1.0-4 * Mon Jul 09 2018 Petr Viktorin <pviktori@redhat.com> - 3.1.0-4
- Don't build the python2 subpackage - Don't build the python2 subpackage
(fix for the previous commit) (fix for the previous commit)