[openldap] fix: invalid order of TLS shutdown operations

jvcelak jvcelak at fedoraproject.org
Wed Jun 27 11:31:31 UTC 2012 

commit ac8a31ed532476c66960f896054713d98be3ecf7
Author: Jan Vcelak <jvcelak at redhat.com>
Date:   Wed Jun 27 13:31:05 2012 +0200

    fix: invalid order of TLS shutdown operations
    
    Resolves: #808465

 openldap-tls-unbind-shutdown-order.patch |   37 ++++++++++++++++++++++++++++++
 openldap.spec                            |    3 ++
 2 files changed, 40 insertions(+), 0 deletions(-)
---
diff --git a/openldap-tls-unbind-shutdown-order.patch b/openldap-tls-unbind-shutdown-order.patch
new file mode 100644
index 0000000..60162f7
--- /dev/null
+++ b/openldap-tls-unbind-shutdown-order.patch
@@ -0,0 +1,37 @@
+unbind: free socket prior to destroying TLS context
+
+Author: Jan Vcelak <jvcelak at redhat.com>
+Resolves: #808464
+Upstream ITS: #7241
+Upstream commit: 221531b31a02c162c60c7d4491169855454c1ee0
+
+---
+ libraries/libldap/unbind.c |    5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/libraries/libldap/unbind.c b/libraries/libldap/unbind.c
+index 35a92a8..82bc12d 100644
+--- a/libraries/libldap/unbind.c
++++ b/libraries/libldap/unbind.c
+@@ -129,6 +129,9 @@ ldap_ld_free(
+ 		ld->ld_abandoned = NULL;
+ 	}
+ 	LDAP_MUTEX_UNLOCK( &ld->ld_res_mutex );
++
++	ber_sockbuf_free( ld->ld_sb );
++
+ 	LDAP_MUTEX_LOCK( &ld->ld_ldopts_mutex );
+ 
+ 	/* final close callbacks */
+@@ -217,8 +220,6 @@ ldap_ld_free(
+ 	}
+ 	LDAP_MUTEX_UNLOCK( &ld->ld_ldopts_mutex );
+ 
+-	ber_sockbuf_free( ld->ld_sb );   
+-   
+ #ifdef LDAP_R_COMPILE
+ 	ldap_pvt_thread_mutex_destroy( &ld->ld_msgid_mutex );
+ 	ldap_pvt_thread_mutex_destroy( &ld->ld_conn_mutex );
+-- 
+1.7.10.4
+
diff --git a/openldap.spec b/openldap.spec
index 3c8dbbc..aebaa3c 100644
--- a/openldap.spec
+++ b/openldap.spec
@@ -40,6 +40,7 @@ Patch8: openldap-syncrepl-unset-tls-options.patch
 Patch9: openldap-constraint-count.patch
 Patch10: openldap-man-sasl-nocanon.patch
 Patch11: openldap-nss-allow-ca-dbdir-pemfile.patch
+Patch12: openldap-tls-unbind-shutdown-order.patch
 
 # Fedora specific patches
 Patch100: openldap-fedora-systemd.patch
@@ -147,6 +148,7 @@ pushd openldap-%{version}
 %patch9 -p1
 %patch10 -p1
 %patch11 -p1
+%patch12 -p1
 
 %patch100 -p1
 
@@ -660,6 +662,7 @@ exit 0
 %changelog
 * Wed Jun 27 2012 Jan Vcelak <jvcelak at redhat.com> 2.4.31-3
 - update fix: count constraint broken when using multiple modifications (#795766)
+- fix: invalid order of TLS shutdown operations (#808464)
 
 * Fri May 18 2012 Jan Vcelak <jvcelak at redhat.com> 2.4.31-2
 - fix: nss-tools package is required by the base package, not the server subpackage

More information about the scm-commits mailing list