[Pkg-openldap-devel] r1089 - in openldap/trunk/debian: . patches

[vorlon at alioth.debian.org]

tags 340601 pending
thanks

Author: vorlon
Date: 2008-02-10 06:07:22 +0000 (Sun, 10 Feb 2008)
New Revision: 1089

Added:
   openldap/trunk/debian/patches/getaddrinfo-is-threadsafe
Modified:
   openldap/trunk/debian/changelog
   openldap/trunk/debian/patches/series
Log:
* Avoid using a mutex around getaddrinfo() and getnameinfo() calls, which
  are guaranteed by glibc to be threadsafe; this fixes a deadlock when
  using nss_ldap for host lookups.  Closes: #340601.

Modified: openldap/trunk/debian/changelog
===================================================================
--- openldap/trunk/debian/changelog	2008-02-10 02:04:08 UTC (rev 1088)
+++ openldap/trunk/debian/changelog	2008-02-10 06:07:22 UTC (rev 1089)
@@ -3,6 +3,9 @@
   * Relax build-dependency on libsasl2-dev now that the versioned dependency
     is satisfied by all extant versions (including in oldstable), fixing a
     lintian warning about versioned build-deps on Debian revisions.
+  * Avoid using a mutex around getaddrinfo() and getnameinfo() calls, which
+    are guaranteed by glibc to be threadsafe; this fixes a deadlock when
+    using nss_ldap for host lookups.  Closes: #340601.
 
  -- Steve Langasek <vorlon at debian.org>  Sat, 09 Feb 2008 18:02:00 -0800
 

Added: openldap/trunk/debian/patches/getaddrinfo-is-threadsafe
===================================================================
--- openldap/trunk/debian/patches/getaddrinfo-is-threadsafe	                        (rev 0)
+++ openldap/trunk/debian/patches/getaddrinfo-is-threadsafe	2008-02-10 06:07:22 UTC (rev 1089)
@@ -0,0 +1,55 @@
+Author: Steve Langasek <vorlon at debian.org>
+
+OpenLDAP upstream conservatively assumes that certain resolver functions
+(getaddrinfo, getnameinfo, res_query, dn_expand) are not re-entrant; but we
+know that the glibc implementations of these functions are thread-safe, so
+we should bypass the use of this mutex.  This fixes a locking problem when
+an application uses libldap and libnss-ldap is also used for hosts
+resolution.
+
+Closes Debian bug #340601.
+
+Not suitable for forwarding upstream; might be made suitable by adding a
+configure-time check for glibc and disabling the mutex only on known
+thread-safe implementations.
+
+Index: trunk/libraries/libldap/os-ip.c
+===================================================================
+--- trunk.orig/libraries/libldap/os-ip.c
++++ trunk/libraries/libldap/os-ip.c
+@@ -471,17 +471,8 @@
+ 	hints.ai_socktype = socktype;
+ 	snprintf(serv, sizeof serv, "%d", port );
+ 
+-#ifdef LDAP_R_COMPILE
+-	/* most getaddrinfo(3) use non-threadsafe resolver libraries */
+-	ldap_pvt_thread_mutex_lock(&ldap_int_resolv_mutex);
+-#endif
+-
+ 	err = getaddrinfo( host, serv, &hints, &res );
+ 
+-#ifdef LDAP_R_COMPILE
+-	ldap_pvt_thread_mutex_unlock(&ldap_int_resolv_mutex);
+-#endif
+-
+ 	if ( err != 0 ) {
+ 		osip_debug(ld, "ldap_connect_to_host: getaddrinfo failed: %s\n",
+ 			AC_GAI_STRERROR(err), 0, 0);
+Index: trunk/libraries/libldap/util-int.c
+===================================================================
+--- trunk.orig/libraries/libldap/util-int.c
++++ trunk/libraries/libldap/util-int.c
+@@ -224,13 +224,7 @@
+ 	int rc;
+ #if defined( HAVE_GETNAMEINFO )
+ 
+-#if defined( LDAP_R_COMPILE )
+-	ldap_pvt_thread_mutex_lock( &ldap_int_resolv_mutex );
+-#endif
+ 	rc = getnameinfo( sa, len, name, namelen, NULL, 0, 0 );
+-#if defined( LDAP_R_COMPILE )
+-	ldap_pvt_thread_mutex_unlock( &ldap_int_resolv_mutex );
+-#endif
+ 	if ( rc ) *err = (char *)AC_GAI_STRERROR( rc );
+ 	return rc;
+ 

Modified: openldap/trunk/debian/patches/series
===================================================================
--- openldap/trunk/debian/patches/series	2008-02-10 02:04:08 UTC (rev 1088)
+++ openldap/trunk/debian/patches/series	2008-02-10 06:07:22 UTC (rev 1089)
@@ -12,3 +12,4 @@
 entryCSN-backwards-compatibility
 slapd-tlsverifyclient-default -p0
 gnutls-altname-nulterminated -p0
+getaddrinfo-is-threadsafe