[openldap] fix: slapd segfaults when PEM certificate is used and key is not set
jvcelak
jvcelak at fedoraproject.org
Tue Jan 31 17:20:02 UTC 2012
commit 65b981d99ee4a4d557fce71b551faba9799ba697
Author: Jan Vcelak <jvcelak at redhat.com>
Date: Tue Jan 31 18:11:36 2012 +0100
fix: slapd segfaults when PEM certificate is used and key is not set
Resolves: #772890
openldap-nss-segfault-key-not-set.patch | 22 ++++++++++++++++++++++
openldap.spec | 3 +++
2 files changed, 25 insertions(+), 0 deletions(-)
---
diff --git a/openldap-nss-segfault-key-not-set.patch b/openldap-nss-segfault-key-not-set.patch
new file mode 100644
index 0000000..5511225
--- /dev/null
+++ b/openldap-nss-segfault-key-not-set.patch
@@ -0,0 +1,22 @@
+MozNSS + PEM: fix segfault when TLS certificate key is not set
+
+Upstream ITS: #7135
+Upstream commit: 1107103dd7e767db9c080b3276cb6e742fcf36a1
+Resolves: #772890
+Author: Jan Vcelak <jvcelak at redhat.com>
+
+diff --git a/libraries/libldap/tls_m.c b/libraries/libldap/tls_m.c
+index 09348b7..da230c5 100644
+--- a/libraries/libldap/tls_m.c
++++ b/libraries/libldap/tls_m.c
+@@ -2267,8 +2267,8 @@ tlsm_deferred_ctx_init( void *arg )
+ }
+ } else { /* set up secure server */
+ SSLKEAType certKEA;
+- CERTCertificate *serverCert;
+- SECKEYPrivateKey *serverKey;
++ CERTCertificate *serverCert = NULL;
++ SECKEYPrivateKey *serverKey = NULL;
+ SECStatus status;
+
+ /* must have a certificate for the server to use */
diff --git a/openldap.spec b/openldap.spec
index 72759e6..ed3d1c2 100644
--- a/openldap.spec
+++ b/openldap.spec
@@ -34,6 +34,7 @@ Patch6: openldap-userconfig-setgid.patch
Patch7: openldap-dns-priority.patch
Patch8: openldap-syncrepl-unset-tls-options.patch
Patch9: openldap-nss-deferred-init-copy-params.patch
+Patch10: openldap-nss-segfault-key-not-set.patch
# Fedora specific patches
Patch100: openldap-fedora-systemd.patch
@@ -136,6 +137,7 @@ pushd openldap-%{version}
%patch7 -p1
%patch8 -p1
%patch9 -p1
+%patch10 -p1
%patch100 -p1
@@ -653,6 +655,7 @@ exit 0
%changelog
* Tue Jan 31 2012 Jan Vcelak <jvcelak at redhat.com> 2.4.28-3
- fix: replication (syncrepl) with TLS causes segfault (#783431)
+- fix: slapd segfaults when PEM certificate is used and key is not set (#772890)
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.4.28-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
More information about the scm-commits
mailing list