Issue 7269 - [PATCH] Make slapd-sha2 module thread-safe
Summary: [PATCH] Make slapd-sha2 module thread-safe
Status: VERIFIED FIXED
Alias: None
Product: OpenLDAP
Classification: Unclassified
Component: contrib (show other issues)
Version: unspecified
Hardware: All All
: --- normal
Target Milestone: ---
Assignee: OpenLDAP project
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-05-10 11:41 UTC by SATOH Fumiyasu
Modified: 2014-08-01 21:03 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.
Description SATOH Fumiyasu 2012-05-10 11:41:19 UTC 
Full_Name: SATOH Fumiyasu
Version: master
OS: 
URL: ftp://ftp.openldap.org/incoming/openldap-2.4.31-sha2-multithread.patch
Submission from: (NULL) (125.2.180.244)


In contrib/slapd-modules/passwd/sha2/slapd-sha2.c:sha*_hex_hash(),
a static buffer "static char real_hash[]" is declared and is
used by threads, but it is not TLS (Thread Local Storage) and
no lock.

This patch removes sha*_hex_hash() and replaces chk_sha*() with
libraries/liblutil/passwd.c:chk_sha1() implementation to
fix this problem.
Comment 1 Howard Chu 2012-05-29 23:02:54 UTC 
changed notes
changed state Open to Test
moved from Incoming to Contrib
Comment 2 Quanah Gibson-Mount 2012-05-30 20:21:22 UTC 
changed notes
changed state Test to Release
Comment 3 Quanah Gibson-Mount 2012-08-17 01:35:07 UTC 
changed notes
changed state Release to Closed
Comment 4 OpenLDAP project 2014-08-01 21:03:30 UTC 
fixed in master
fixed in RE24