Hello community,

here is the log from the commit of package nss_ldap for openSUSE:Factory 
checked in at 2014-09-06 12:18:38
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/nss_ldap (Old)
 and      /work/SRC/openSUSE:Factory/.nss_ldap.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "nss_ldap"

Changes:
--------
--- /work/SRC/openSUSE:Factory/nss_ldap/nss_ldap.changes        2014-08-05 
21:11:29.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.nss_ldap.new/nss_ldap.changes   2014-09-06 
16:59:50.000000000 +0200
@@ -2 +2,17 @@
-Fri Aug  1 20:13:18 UTC 2014 - vark...@suse.com
+Fri Aug 15 11:28:44 CEST 2014 - ku...@suse.de
+
+- Save old ldap.conf from pwdutils to not lose ldap configuration
+  [bnc#891585]
+
+-------------------------------------------------------------------
+Fri Aug  8 09:49:19 UTC 2014 - vark...@suse.com
+
+- added bnc#842120.dif  bnc#866763.dif
+- bnc#879368 - Bug in ldap_nss prevents Nomachine NX server to start 
+- bnc#866763 - reverse ipv6 host lookups fail when ldap is used
+  * bnc#866763.dif
+- bnc#842120 - nss_ldap crashes when running atfork() hooks
+  * bnc#842120.dif
+
+-------------------------------------------------------------------
+Fri Aug  1 20:10:52 UTC 2014 - vark...@suse.com

New:
----
  bnc#842120.dif
  bnc#866763.dif

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ nss_ldap.spec ++++++
--- /var/tmp/diff_new_pack.FGzntK/_old  2014-09-06 16:59:51.000000000 +0200
+++ /var/tmp/diff_new_pack.FGzntK/_new  2014-09-06 16:59:51.000000000 +0200
@@ -46,6 +46,10 @@
 Patch5:         nss_ldap-265-glibc-2.16.patch
 # Fix also issue with threads on glibc-2.16 
http://bugzilla.padl.com/show_bug.cgi?id=446
 Patch6:         nss_ldap-265-pthread.patch
+# SIGPIPE handling atfork
+Patch7:         bnc#842120.dif
+# reverse ipv6 host lookups fail when ldap is used
+Patch8:         bnc#866763.dif
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
@@ -63,6 +67,8 @@
 %patch4 -p1
 %patch5
 %patch6
+%patch7 -p1
+%patch8 -p1
 cp -v %{S:1} .
 
 %build
@@ -92,8 +98,19 @@
 %clean
 rm -fr $RPM_BUILD_ROOT
 
+%pre
+# If we have a /etc/ldap.conf.rpmsave, and no /etc/ldap.conf,
+# backup the rpmsave file and use that later instead of our
+# own version. This fixes the problem that the file was moved
+# from pwdutils to nss_ldap and else the changes would go lost.
+if [ ! -e /etc/ldap.conf -a -f /etc/ldap.conf.rpmsave ]; then
+   cp -p /etc/ldap.conf.rpmsave /etc/...ldap.conf.pwdutils
+fi
+
 %post
 /sbin/ldconfig
+# If we backuped ldap.conf, move now the backup in place
+test -f /etc/...ldap.conf.pwdutils && mv /etc/...ldap.conf.pwdutils 
/etc/ldap.conf ||:
 
 %postun -p /sbin/ldconfig
 

++++++ bnc#842120.dif ++++++
Index: nss_ldap-262/ldap-nss.c
===================================================================
--- nss_ldap-262.orig/ldap-nss.c
+++ nss_ldap-262/ldap-nss.c
@@ -121,6 +121,7 @@ extern int ldap_ld_free (LDAP * ld, int
 #endif /* HAVE_LDAP_LD_FREE */
 
 NSS_LDAP_DEFINE_LOCK (__lock);
+NSS_LDAP_DEFINE_LOCK (__child_atfork_lock);
 
 /*
  * the configuration is read by the first call to do_open().
@@ -532,11 +533,35 @@ do_atfork_parent (void)
   debug ("<== do_atfork_parent");
 }
 
+static int
+_nss_ldap_need_deferred_close_no_unbind;
+
+static void
+do_deferred_close_no_unbind (void)
+{
+  sigset_t unblock, mask;
+  debug ("==> do_deferred_close_no_unbind");
+
+  sigemptyset(&unblock);
+  sigaddset(&unblock, SIGPIPE);
+  sigprocmask(SIG_UNBLOCK, &unblock, &mask);
+  do_close_no_unbind ();
+  sigprocmask(SIG_SETMASK, &mask, NULL);
+  debug ("<== do_deferred_close_no_unbind");
+}
+
 static void
 do_atfork_child (void)
 {
+  int sd = -1;
+
   debug ("==> do_atfork_child");
-  do_close_no_unbind ();
+
+  NSS_LDAP_LOCK (__child_atfork_lock);
+  _nss_ldap_need_deferred_close_no_unbind = 1;
+  if (do_get_our_socket (&sd))
+    fcntl (sd, F_SETFD, FD_CLOEXEC);
+  NSS_LDAP_UNLOCK (__child_atfork_lock);
   _nss_ldap_leave ();
   debug ("<== do_atfork_child");
 }
@@ -600,6 +625,14 @@ _nss_ldap_enter (void)
   __sigpipe_handler = signal (SIGPIPE, SIG_IGN);
 #endif /* HAVE_SIGSET */
 
+  NSS_LDAP_LOCK (__child_atfork_lock);
+  if (_nss_ldap_need_deferred_close_no_unbind)
+    {
+      do_deferred_close_no_unbind ();
+      _nss_ldap_need_deferred_close_no_unbind = 0;
+    }
+  NSS_LDAP_UNLOCK (__child_atfork_lock);
+
   debug ("<== _nss_ldap_enter");
 }
 
@@ -823,6 +856,8 @@ do_get_our_socket(int *sd)
                                               peernamelen);
        }
     }
+  else
+    isOurSocket = 0;
 #endif /* HAVE_LDAPSSL_CLIENT_INIT */
   return isOurSocket;
 }
++++++ bnc#866763.dif ++++++
diff -Naur nss_ldap-265/ldap-hosts.c nss_ldap-265-new/ldap-hosts.c
--- nss_ldap-265/ldap-hosts.c   2009-11-06 11:28:08.000000000 +0100
+++ nss_ldap-265-new/ldap-hosts.c       2014-03-05 19:28:43.377519356 +0100
@@ -354,14 +357,26 @@
 {
   NSS_STATUS status;
   ldap_args_t a;
+#ifdef INET6
+  char address[INET6_ADDRSTRLEN];
+#else
+  char address[INET_ADDRSTRLEN];
+#endif
 
   /* if querying by IPv6 address, make sure the address is "normalized" --
    * it should contain no leading zeros and all components of the address.
    * still we can't fit an IPv6 address in an int, so who cares for now.
    */
 
+#ifdef INET6
+  if (type == AF_INET6)
+    inet_ntop (AF_INET6, addr, address, INET6_ADDRSTRLEN);
+  else
+#endif
+    inet_ntop (AF_INET, addr, address, INET_ADDRSTRLEN);
+
   LA_INIT (a);
-  LA_STRING (a) = inet_ntoa (*addr);
+  LA_STRING (a) = address;
   LA_TYPE (a) = LA_TYPE_STRING;
 
   status = _nss_ldap_getbyname (&a,
-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

Reply via email to