diff options
| author | Remi Collet <fedora@famillecollet.com> | 2012-06-13 18:43:31 +0200 |
|---|---|---|
| committer | Remi Collet <fedora@famillecollet.com> | 2012-06-13 18:43:31 +0200 |
| commit | 2b82c78080e74f3f249dd9e7bd47822de8dfd2ff (patch) | |
| tree | 6ff4bf7be3fdf67a6ef87521b2882791cedab530 /mod_revocator-segfault-fix.patch | |
reorg repo
Diffstat (limited to 'mod_revocator-segfault-fix.patch')
| -rw-r--r-- | mod_revocator-segfault-fix.patch | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/mod_revocator-segfault-fix.patch b/mod_revocator-segfault-fix.patch new file mode 100644 index 0000000..e32dd34 --- /dev/null +++ b/mod_revocator-segfault-fix.patch @@ -0,0 +1,73 @@ +diff -rupN mod_revocator-1.0.3.patched/Makefile.am mod_revocator-1.0.3.segfault/Makefile.am +--- mod_revocator-1.0.3.patched/Makefile.am 2010-04-13 07:11:09.000000000 -0700 ++++ mod_revocator-1.0.3.segfault/Makefile.am 2011-10-11 09:41:23.000000000 -0700 +@@ -10,7 +10,7 @@ libmodrev_la_SOURCES = mod_rev.c + libmodrev_la_LDFLAGS = -module -avoid-version + + INCLUDES = -I@apache_inc@ @nspr_inc@ @nss_inc@ @apr_inc@ -Imozilla/security/nss/lib/base @ldapsdk_inc@ -Imozilla/security/nss/lib/ckfw +-LIBS = @ldapsdk_lib@ @nspr_lib@ @nss_lib@ @ldapsdk_libs_ssl@ -lssl3 -lsmime3 -lnss3 -lnssb @ldapsdk_libs@ -lplc4 -lplds4 -lnspr4 -lpthread -ldl ++LIBS = @ldapsdk_lib@ @nspr_lib@ @nss_lib@ @ldapsdk_libs_ssl@ -lssl3 -lsmime3 -lnss3 -lnssutil3 -lnssb @ldapsdk_libs@ -lplc4 -lplds4 -lnspr4 -lpthread -ldl + DEFS = -D__REVOCATION_IMPLEMENTATION__=1 @extra_cppflags@ + + # Remove nsprstub.o from libnssckfw.a so we can use our own stub, then +diff -rupN mod_revocator-1.0.3.patched/crlhelper.cpp mod_revocator-1.0.3.segfault/crlhelper.cpp +--- mod_revocator-1.0.3.patched/crlhelper.cpp 2011-10-11 09:18:33.000000000 -0700 ++++ mod_revocator-1.0.3.segfault/crlhelper.cpp 2011-10-11 09:35:53.000000000 -0700 +@@ -229,7 +229,7 @@ int main(int argc, char ** argv) + } + if (NULL == data) { + data = fetch_url(url, 30, lastfetchtime, &len, &errnum); +- if (expired) ++ if (expired) { + if (errnum == CL_NOUPDATE_AVAILABLE) { + node->fetchtime = PR_Now(); + data = node->data; +@@ -243,6 +243,7 @@ int main(int argc, char ** argv) + urlcache = node->next; + } + freeNode(node); ++ } + } + if (data) { + node = (Node *)malloc(sizeof(Node)); +@@ -262,10 +263,11 @@ int main(int argc, char ** argv) + data = node->data; + node->fetchtime = PR_Now(); + node->errnum = errnum; +- if (urlcache) ++ if (urlcache) { + node->next = urlcache; +- else ++ } else { + node->next = NULL; ++ } + urlcache = node; + } + } +diff -rupN mod_revocator-1.0.3.patched/mod_rev.c mod_revocator-1.0.3.segfault/mod_rev.c +--- mod_revocator-1.0.3.patched/mod_rev.c 2011-10-11 09:18:33.000000000 -0700 ++++ mod_revocator-1.0.3.segfault/mod_rev.c 2011-10-11 11:15:37.000000000 -0700 +@@ -501,6 +501,23 @@ InitRevocation(apr_pool_t *p, server_rec + apr_os_file_get(&infd, sc->proc.out); + PR_snprintf(configstring, CONFIGLEN, "library=%s name=revocation parameters=\"%s %ld %d %d\"", revocation_library, sc->crlfile ? sc->crlfile : "", sc->semid, infd, outfd); + ++ /* Since NSS now separates some functionality into 'libnssutil3.so', ++ * to prevent a segmentation violation from occurring, it is now ++ * necessary to insure that all executables and libraries are ++ * linked against this library, and that the SECOID_Init() function ++ * is called prior to calling the SECMOD_LoadUserModule() function. ++ */ ++ if (SECOID_Init() != SECSuccess) { ++ free(configstring); ++ apr_dso_unload(dlh); ++ ap_log_error(APLOG_MARK, APLOG_ERR, 0, base_server, ++ "Unable to initialize SECOID, NSS error %d. %s", PR_GetError(), critical ? "" : "CRL retrieval will be disabled."); ++ if (critical) { ++ kill_apache(); ++ } ++ return APR_EGENERAL; ++ } ++ + mod = SECMOD_LoadUserModule(configstring, NULL, PR_FALSE); + if (!mod || !mod->loaded) + { |