Bug 731112
Summary: | NSS_Init* functions are not thread safe | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Rich Megginson <rmeggins> | ||||
Component: | openldap | Assignee: | Jan Vcelak <jvcelak> | ||||
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
Severity: | high | Docs Contact: | |||||
Priority: | unspecified | ||||||
Version: | rawhide | CC: | georgi.georgiev, jvcelak, rmeggins, tsmetana | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Whiteboard: | |||||||
Fixed In Version: | openldap-2.4.24-5.fc15 | Doc Type: | Bug Fix | ||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | |||||||
: | 731168 (view as bug list) | Environment: | |||||
Last Closed: | 2011-11-17 23:41:35 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | |||||||
Bug Blocks: | 731168 | ||||||
Attachments: |
|
Description
Rich Megginson
2011-08-16 18:12:08 UTC
Steps to reproduce: set up 2 openldap servers - one as a syncrepl provider, and the other as a syncrepl consumer, doing replication over TLS, for example: olcSyncrepl: {0}rid=1 provider=ldap://localhost.localdomain:1389 searchbase=dc =example,dc=com bindmethod=simple binddn=cn=manager,dc=example,dc=com credent ials=secret type=refreshAndPersist retry="1 +" starttls=critical tls_cacert=/ share/junk/cacert.pem where the provider is listening to ldap://localhost.localdomain:1389/ and has a database with a suffix dc=example,dc=com. In my testing, I also had a olcRootDN: cn=Manager,dc=example,dc=com for this database which I also used for syncrepl. Run a client that adds entries to the provider, and run an ldapsearch (using TLS) on the consumer to check that the entries are synced to the consumer. You should notice the crash on the consumer soon after enabling syncrepl to use TLS on the consumer. Created attachment 518654 [details]
backported patch for F14
LDAP_MUTEX_LOCK -> ldap_pvt_thread_mutex_lock
LDAP_MUTEX_UNLOCK -> ldap_pvt_thread_mutex_unlock
openldap-2.4.26-2.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/openldap-2.4.26-2.fc16 openldap-2.4.24-4.fc15 has been submitted as an update for Fedora 15. https://admin.fedoraproject.org/updates/openldap-2.4.24-4.fc15 Package openldap-2.4.24-4.fc15: * should fix your issue, * was pushed to the Fedora 15 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing openldap-2.4.24-4.fc15' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/openldap-2.4.24-4.fc15 then log in and leave karma (feedback). openldap-2.4.26-3.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/openldap-2.4.26-3.fc16 openldap-2.4.24-5.fc15 has been submitted as an update for Fedora 15. https://admin.fedoraproject.org/updates/openldap-2.4.24-5.fc15 openldap-2.4.26-5.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report. openldap-2.4.24-5.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report. |