diff --git a/backport-ITS-10016-slapo-syncprov-fix-Abandon-with-active-qtask.patch b/backport-ITS-10016-slapo-syncprov-fix-Abandon-with-active-qtask.patch new file mode 100644 index 0000000000000000000000000000000000000000..c1af1a36d63676ad0af7cc96af24df5aa87a63c5 --- /dev/null +++ b/backport-ITS-10016-slapo-syncprov-fix-Abandon-with-active-qtask.patch @@ -0,0 +1,124 @@ +From 5f934c8c457ffe906c844ab2313943ae9b66bc46 Mon Sep 17 00:00:00 2001 +From: Howard Chu +Date: Mon, 27 Feb 2023 15:01:23 +0000 +Subject: [PATCH] ITS#10016: slapo-syncprov: fix Abandon with active qtask + +--- + servers/slapd/overlays/syncprov.c | 42 ++++++++++++++++++++++++++----- + 1 file changed, 36 insertions(+), 6 deletions(-) + +diff --git a/servers/slapd/overlays/syncprov.c b/servers/slapd/overlays/syncprov.c +index f62d6c63ea..44a6181410 100644 +--- a/servers/slapd/overlays/syncprov.c ++++ b/servers/slapd/overlays/syncprov.c +@@ -871,6 +871,11 @@ static void free_resinfo( syncres *sr ) + + #define FS_UNLINK 1 + #define FS_LOCK 2 ++#define FS_DEFER 4 ++ ++#define FSR_NOTFREE 0 ++#define FSR_DIDFREE 1 ++#define FSR_CANFREE 2 + + static int + syncprov_free_syncop( syncops *so, int flags ) +@@ -881,12 +886,19 @@ syncprov_free_syncop( syncops *so, int flags ) + if ( flags & FS_LOCK ) + ldap_pvt_thread_mutex_lock( &so->s_mutex ); + /* already being freed, or still in use */ +- if ( !so->s_inuse || --so->s_inuse > 0 ) { ++ if ( !so->s_inuse || so->s_inuse > 1 ) { + if ( flags & FS_LOCK ) + ldap_pvt_thread_mutex_unlock( &so->s_mutex ); +- return 0; ++ if ( !( flags & FS_DEFER ) && so->s_inuse ) ++ so->s_inuse--; ++ return FSR_NOTFREE; + } + ldap_pvt_thread_mutex_unlock( &so->s_mutex ); ++ ++ /* caller wants to cleanup other stuff before actual free */ ++ if ( flags & FS_DEFER ) ++ return FSR_CANFREE; ++ + if (( flags & FS_UNLINK ) && so->s_si ) { + syncops **sop; + ldap_pvt_thread_mutex_lock( &so->s_si->si_ops_mutex ); +@@ -914,7 +926,7 @@ syncprov_free_syncop( syncops *so, int flags ) + } + ldap_pvt_thread_mutex_destroy( &so->s_mutex ); + ch_free( so ); +- return 1; ++ return FSR_DIDFREE; + } + + /* Send a persistent search response */ +@@ -1029,6 +1041,9 @@ syncprov_qplay( Operation *op, syncops *so ) + } else { + rc = syncprov_sendresp( op, sr->s_info, so, sr->s_mode ); + } ++ } else { ++ /* set rc so we don't do a new qstart */ ++ rc = 1; + } + + free_resinfo( sr ); +@@ -1055,6 +1070,9 @@ syncprov_qplay( Operation *op, syncops *so ) + return rc; + } + ++static int ++syncprov_drop_psearch( syncops *so, int lock ); ++ + /* task for playing back queued responses */ + static void * + syncprov_qtask( void *ctx, void *arg ) +@@ -1063,7 +1081,7 @@ syncprov_qtask( void *ctx, void *arg ) + OperationBuffer opbuf; + Operation *op; + BackendDB be; +- int rc; ++ int rc, flag, frc; + + op = &opbuf.ob_op; + *op = *so->s_op; +@@ -1092,14 +1110,24 @@ syncprov_qtask( void *ctx, void *arg ) + if ( !rc && !so->s_res ) + rc = 1; + ++ flag = FS_UNLINK; ++ if ( rc && op->o_abandon ) ++ flag = FS_DEFER; ++ + /* decrement use count... */ +- if ( !syncprov_free_syncop( so, FS_UNLINK )) { ++ frc = syncprov_free_syncop( so, flag ); ++ if ( frc == FSR_NOTFREE ) { + if ( rc ) + /* if we didn't unlink, and task is no longer queued, clear flag */ + so->s_flags ^= PS_TASK_QUEUED; + ldap_pvt_thread_mutex_unlock( &so->s_mutex ); + } + ++ /* if we got abandoned while processing, cleanup now */ ++ if ( frc == FSR_CANFREE ) { ++ syncprov_drop_psearch( so, 1 ); ++ } ++ + return NULL; + } + +@@ -1274,7 +1302,9 @@ syncprov_op_abandon( Operation *op, SlapReply *rs ) + return SLAP_CB_CONTINUE; + } + } +- syncprov_drop_psearch( so, 0 ); ++ /* if task is active, it must drop itself */ ++ if ( !( so->s_flags & PS_TASK_QUEUED )) ++ syncprov_drop_psearch( so, 0 ); + } + return SLAP_CB_CONTINUE; + } +-- +GitLab diff --git a/backport-ITS-10028-crash-with-pwdMinDelay.patch b/backport-ITS-10028-crash-with-pwdMinDelay.patch new file mode 100644 index 0000000000000000000000000000000000000000..90587704dcd2286d33c3a4f8a8e47f882ad7200c --- /dev/null +++ b/backport-ITS-10028-crash-with-pwdMinDelay.patch @@ -0,0 +1,27 @@ +From 0e409f49ec9a83d7259f9a671e85125d4d724144 Mon Sep 17 00:00:00 2001 +From: HAMANO Tsukasa +Date: Fri, 24 Mar 2023 11:24:15 +0900 +Subject: [PATCH] ITS#10028 - crash with pwdMinDelay + +--- + servers/slapd/overlays/ppolicy.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/servers/slapd/overlays/ppolicy.c b/servers/slapd/overlays/ppolicy.c +index 0271dde6a7..d4032cc7d3 100644 +--- a/servers/slapd/overlays/ppolicy.c ++++ b/servers/slapd/overlays/ppolicy.c +@@ -1868,7 +1868,8 @@ ppolicy_bind_response( Operation *op, SlapReply *rs ) + } else if ( ppb->pp.pwdMinDelay ) { + int waittime = ppb->pp.pwdMinDelay << fc; + time_t wait_end; +- struct berval lockout_stamp; ++ char lockout_stamp_buf[ LDAP_LUTIL_GENTIME_BUFSIZE ]; ++ struct berval lockout_stamp = BER_BVC(lockout_stamp_buf); + + if ( waittime > ppb->pp.pwdMaxDelay ) { + waittime = ppb->pp.pwdMaxDelay; +-- +GitLab + + diff --git a/backport-ITS-10035-Fix-setting-TLSv1.3-ciphersuite.patch b/backport-ITS-10035-Fix-setting-TLSv1.3-ciphersuite.patch new file mode 100644 index 0000000000000000000000000000000000000000..1a992246d23bfe13036339fc6afad7d51a86c516 --- /dev/null +++ b/backport-ITS-10035-Fix-setting-TLSv1.3-ciphersuite.patch @@ -0,0 +1,24 @@ +From 818e2a5455bac1db029124b5aabc8b03415f917b Mon Sep 17 00:00:00 2001 +From: Ian Puleston +Date: Thu, 30 Mar 2023 13:04:50 -0700 +Subject: [PATCH] ITS#10035 Fix setting TLSv1.3 ciphersuite + +--- + libraries/libldap/tls_o.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libraries/libldap/tls_o.c b/libraries/libldap/tls_o.c +index 0a74ffa7f9..8f1d84efa1 100644 +--- a/libraries/libldap/tls_o.c ++++ b/libraries/libldap/tls_o.c +@@ -335,7 +335,7 @@ tlso_ctx_cipher13( tlso_ctx *ctx, char *suites ) + if ( !strncmp( ver, "TLSv", 4 ) && strncmp( ver+4, "1.3", 3 ) >= 0 ) { + if ( tls13_suites[0] ) + ts = tlso_stecpy( ts, ":", te ); +- ts = tlso_stecpy( ts, sname, te ); ++ ts = tlso_stecpy( ts, nptr, te ); + } + } + } +-- +GitLab diff --git a/openldap.spec b/openldap.spec index f7128f301415ed8a7e50619ac4c0e1d49810a315..4feef263730a752aa55d2b715920d48433db5817 100644 --- a/openldap.spec +++ b/openldap.spec @@ -2,7 +2,7 @@ Name: openldap Version: 2.6.0 -Release: 5 +Release: 6 Summary: LDAP support libraries License: OpenLDAP URL: https://www.openldap.org/ @@ -66,6 +66,9 @@ Patch6035: backport-ITS-9882-bind-fix-9863-commit-use-correct-op-backend.pa Patch6036: backport-ITS-9898-tests-fix-slapd-addel-non-std-syntax.patch Patch6037: backport-ITS-9904-ldif_open_url-check-for-ber_strdup-failure.patch Patch6038: backport-ITS-9904-check-for-strdup-failure.patch +Patch6039: backport-ITS-10016-slapo-syncprov-fix-Abandon-with-active-qtask.patch +Patch6040: backport-ITS-10028-crash-with-pwdMinDelay.patch +Patch6041: backport-ITS-10035-Fix-setting-TLSv1.3-ciphersuite.patch BuildRequires: cyrus-sasl-devel openssl-devel krb5-devel unixODBC-devel @@ -181,6 +184,9 @@ AUTOMAKE=%{_bindir}/true autoreconf -fi %patch6036 -p1 %patch6037 -p1 %patch6038 -p1 +%patch6039 -p1 +%patch6040 -p1 +%patch6041 -p1 ln -s ../../../contrib/slapd-modules/smbk5pwd/smbk5pwd.c servers/slapd/overlays mv contrib/slapd-modules/smbk5pwd/README contrib/slapd-modules/smbk5pwd/README.smbk5pwd @@ -462,6 +468,12 @@ popd %doc ltb-project-openldap-ppolicy-check-password-1.1/README.check_pwd %changelog +* Wed Aug 30 2023 zhujunhao - 2.6.0-6 +- Type:bugfix +- CVE:NA +- SUG:restart +- DESC:backport patch + * Wed Jun 7 2023 zhujunhao - 2.6.0-5 - Type:cve - CVE:cve-2023-2953