[openldap/f15/master] fix update: openldap can't use TLS after fork()

jvcelak jvcelak at fedoraproject.org
Fri Mar 18 22:44:13 UTC 2011 

commit c0c36b25c3bcffd8a67a1283999434f7e745cbda
Author: Jan Vcelak <jvcelak at redhat.com>
Date:   Fri Mar 18 19:50:00 2011 +0100

    fix update: openldap can't use TLS after fork()
    
    Resolves: #636956

 openldap-nss-nofork.patch |   19 +++++++++++++++++++
 openldap.spec             |    2 ++
 series                    |    1 +
 3 files changed, 22 insertions(+), 0 deletions(-)
---
diff --git a/openldap-nss-nofork.patch b/openldap-nss-nofork.patch
new file mode 100644
index 0000000..87c8c2b
--- /dev/null
+++ b/openldap-nss-nofork.patch
@@ -0,0 +1,19 @@
+fix: OpenLDAP can't use TLS after a fork()
+
+Resolves: #636956
+Upstream ITS: #6862
+Author: Rich Megginson <rmeggins at redhat.com>
+
+--- openldap-2.4.24.orig/libraries/libldap/tls_m.c
++++ openldap-2.4.24/libraries/libldap/tls_m.c
+@@ -2890,7 +2890,9 @@
+ 	 * context in the child.
+ 	 */
+ 	if ( !nofork ) {
+-		PR_SetEnv( "NSS_STRICT_NOFORK=DISABLED" );
++		/* will leak one time */
++		char *noforkenvvar = PL_strdup( "NSS_STRICT_NOFORK=DISABLED" );
++		PR_SetEnv( noforkenvvar );
+ 	}
+ 
+ 	return 0;
diff --git a/openldap.spec b/openldap.spec
index 3d2ff99..0d5fbcc 100644
--- a/openldap.spec
+++ b/openldap.spec
@@ -28,6 +28,7 @@ Patch5: openldap-export-ldif.patch
 Patch6: openldap-smbk5pwd-overlay.patch
 Patch7: openldap-ldaprc-currentdir.patch
 Patch8: openldap-userconfig-setgid.patch
+Patch9: openldap-nss-nofork.patch
 
 # patches for the evolution library (see README.evolution)
 Patch200: openldap-evolution-ntlm.patch
@@ -128,6 +129,7 @@ pushd openldap-%{version}
 %patch6 -p1 -b .smbk5pwd-overlay
 %patch7 -p1 -b .ldaprc-currentdir
 %patch8 -p1 -b .userconfig-setgid
+%patch9 -p1 -b .nss-nofork
 
 cp %{_datadir}/libtool/config/config.{sub,guess} build/
 
diff --git a/series b/series
index 563e60e..dc748f6 100644
--- a/series
+++ b/series
@@ -7,4 +7,5 @@ openldap-export-ldif.patch
 openldap-smbk5pwd-overlay.patch
 openldap-ldaprc-currentdir.patch
 openldap-userconfig-setgid.patch
+openldap-nss-nofork.patch
 openldap-evolution-ntlm.patch

More information about the scm-commits mailing list