rpms/nss_ldap/devel nss_ldap-253-netgroups.patch, NONE, 1.1 nss_ldap.spec, 1.97, 1.98

Nalin Dahyabhai nalin at fedoraproject.org
Mon Sep 15 20:34:51 UTC 2008 

Author: nalin

Update of /cvs/pkgs/rpms/nss_ldap/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv14709

Modified Files:
	nss_ldap.spec 
Added Files:
	nss_ldap-253-netgroups.patch 
Log Message:
- return 0 (fail) instead of 1 (success) when setnetgrent() is called for
  a netgroup which doesn't actually exist or which has no members (#445972,
  upstream #374)


nss_ldap-253-netgroups.patch:

--- NEW FILE nss_ldap-253-netgroups.patch ---
In _nss_ldap_search_s(), after we've cycled through how ever many search
descriptors we need to in order to try to find an entry, return NOTFOUND
if we run out of descriptors before we find an entry.

In setnetgrent(), if _nss_ldap_getbyname returns NOTFOUND, return an
error rather than postponing it to a subsequent call to getnetgrent().

Original patch from Jose Plans, modification to handle multiple search
descriptors.

diff -up nss_ldap/ldap-netgrp.c nss_ldap/ldap-netgrp.c
--- nss_ldap/ldap-netgrp.c	2008-03-26 14:03:59.000000000 -0400
+++ nss_ldap/ldap-netgrp.c	2008-03-26 14:19:21.000000000 -0400
@@ -372,6 +372,9 @@ _nss_ldap_setnetgrent (char *group, stru
 			 _nss_ldap_filt_getnetgrent, LM_NETGROUP,
 			 _nss_ldap_load_netgr);
 
+  if (stat == NSS_NOTFOUND)
+    return stat;
+
   LOOKUP_SETENT (_ngbe);
 }
 
diff -up nss_ldap/ldap-nss.c nss_ldap/ldap-nss.c
--- nss_ldap/ldap-nss.c	2008-03-26 14:06:58.000000000 -0400
+++ nss_ldap/ldap-nss.c	2008-03-26 14:23:00.000000000 -0400
@@ -3073,6 +3073,10 @@ _nss_ldap_search_s (const ldap_args_t * 
 	}
     }
 
+  if ((stat == NSS_SUCCESS) &&
+      (ldap_count_entries (__session.ls_conn, *res) == 0)) /* No results */
+    stat = NSS_NOTFOUND;
+
   debug ("<== _nss_ldap_search_s");
 
   return stat;


Index: nss_ldap.spec
===================================================================
RCS file: /cvs/pkgs/rpms/nss_ldap/devel/nss_ldap.spec,v
retrieving revision 1.97
retrieving revision 1.98
diff -u -r1.97 -r1.98
--- nss_ldap.spec	11 Sep 2008 21:06:29 -0000	1.97
+++ nss_ldap.spec	15 Sep 2008 20:34:21 -0000	1.98
@@ -23,6 +23,7 @@
 Patch15: nss_ldap-257-mozldap.patch
 Patch16: pam_ldap-184-referral-passwd2.patch
 Patch17: nss_ldap-259-res_init.patch
+Patch18: nss_ldap-253-netgroups.patch
 
 URL: http://www.padl.com/
 License: LGPLv2+
@@ -63,6 +64,7 @@
 %patch2 -p1 -b .parse2
 %patch8 -p1 -b .soname
 %patch17 -p1 -b .res_init
+%patch18 -p1 -b .netgroups
 autoreconf -f -i
 popd
 
@@ -188,6 +190,11 @@
 %doc pam_ldap-%{pam_ldap_version}/ns-pwd-policy.schema
 
 %changelog
+* Mon Sep 15 2008 Nalin Dahyabhai <nalin at redhat.com>
+- return 0 (fail) instead of 1 (success) when setnetgrent() is called for
+  a netgroup which doesn't actually exist or which has no members (#445972,
+  upstream #374)
+
 * Thu Sep 11 2008 Nalin Dahyabhai <nalin at redhat.com> - 261-3
 - promote the previous change from a scratch build to the real thing

More information about the fedora-extras-commits mailing list