From 62d9efcc4781f8389dd72186733391c7d69c898c Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Nov 03 2016 06:21:11 +0000 Subject: import mod_revocator-1.0.3-21.el7 --- diff --git a/SOURCES/mod_revocator-clean-semaphore.patch b/SOURCES/mod_revocator-clean-semaphore.patch new file mode 100644 index 0000000..548289d --- /dev/null +++ b/SOURCES/mod_revocator-clean-semaphore.patch @@ -0,0 +1,95 @@ +From 1ae96f0e2befb602a8e1b63f642e525df5b44bb8 Mon Sep 17 00:00:00 2001 +From: Rob Crittenden +Date: Fri, 5 Aug 2016 18:22:00 -0400 +Subject: [PATCH] Fix leaking semaphore on shutdown + +When Apache kills its children it does so with a SIGTERM. +This wasn't being handled so the semaphore used to do locking +for the crlhelper wasn't being removed. + +Add a signal handler to catch SIGTERM and perform cleanup. + +Resolves: #1326840 + +--- + crlhelper.cpp | 43 ++++++++++++++++++++++++++++++++----------- + 1 file changed, 32 insertions(+), 11 deletions(-) + +diff --git a/crlhelper.cpp b/crlhelper.cpp +index f0a5b8a..719f8ff 100644 +--- a/crlhelper.cpp ++++ b/crlhelper.cpp +@@ -98,16 +98,41 @@ static void printList(Node *list) + + /* global variables */ + Node *urlcache = NULL; ++int semid = 0; ++PRFileDesc *in = NULL; ++PRFileDesc *out = NULL; ++ ++void cleanup() { ++ union semun semarg; ++ ++ freeList(urlcache); ++ if (in) { ++ PR_Close(in); ++ in = NULL; ++ } ++ if (NSS_IsInitialized()) { ++ NSS_Shutdown(); ++ } ++ ++ /* Remove the semaphore used for locking here. This is because this ++ * program only goes away when Apache shuts down so we don't have to ++ * worry about reloads. ++ */ ++ semctl(semid, 0, IPC_RMID, semarg); ++} ++ ++void signalhandler(int signo) { ++ if (signo == SIGTERM) { ++ cleanup(); ++ } ++} + + int main(int argc, char ** argv) + { + SECStatus rv; + PRInt32 numfds; +- PRFileDesc *in; +- PRFileDesc *out; + PRPollDesc pd; + PRIntervalTime timeout = PR_INTERVAL_NO_TIMEOUT; +- int semid; + pid_t parent_pid; + union semun semarg; + char buf[4096]; +@@ -121,6 +146,8 @@ int main(int argc, char ** argv) + PRInt32 len = 0; + PRInt32 errnum = -1; + ++ signal(SIGTERM, signalhandler); ++ + /* Close all fds but stdin, stdout and stderr */ + fd = 3; + while (fd < fdlimit) +@@ -290,14 +317,8 @@ done: + } + } /* end POLL */ + } /* end while */ +- freeList(urlcache); +- PR_Close(in); +- NSS_Shutdown(); + +- /* Remove the semaphore used for locking here. This is because this +- * program only goes away when Apache shuts down so we don't have to +- * worry about reloads. +- */ +- semctl(semid, 0, IPC_RMID, semarg); ++ cleanup(); ++ + return 0; + } +-- +1.8.3.1 + diff --git a/SPECS/mod_revocator.spec b/SPECS/mod_revocator.spec index 792b39a..17b769a 100644 --- a/SPECS/mod_revocator.spec +++ b/SPECS/mod_revocator.spec @@ -5,11 +5,11 @@ Name: mod_revocator Version: 1.0.3 -Release: 19%{?dist} +Release: 21%{?dist} Summary: CRL retrieval module for the Apache HTTP server Group: System Environment/Daemons License: ASL 2.0 -URL: http://directory.fedoraproject.org/wiki/Mod_revocator +URL: https://fedorahosted.org/mod_revocator/ Source: http://directory.fedoraproject.org/sources/%{name}-%{version}.tar.gz BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: nspr-devel >= 4.6, nss-devel >= 3.11.9 @@ -26,6 +26,8 @@ Patch4: mod_revocator-32-bit-semaphore-fix.patch Patch5: mod_revocator-array-size.patch Patch6: mod_revocator-waitpid.patch Patch7: mod_revocator-man.patch +# Clean up semaphore on shutdown +Patch8: mod_revocator-clean-semaphore.patch %description The mod_revocator module retrieves and installs remote @@ -40,6 +42,7 @@ Certificate Revocate Lists (CRLs) into an Apache web server. %patch5 -p1 %patch6 -p1 %patch7 -p1 +%patch8 -p1 %build autoreconf -fvi @@ -138,6 +141,13 @@ rm -rf $RPM_BUILD_ROOT %{_bindir}/crlhelper %changelog +* Tue Aug 9 2016 Rob Crittenden - 1.0.3-21 +- Respin to fix segfault in cleanup call. (#1326840) + +* Mon Aug 8 2016 Rob Crittenden - 1.0.3-20 +- Clean up semaphore in crlhelper on shutdown (#1326840) +- Update URL to https://fedorahosted.org/mod_revocator/ + * Fri Jan 24 2014 Daniel Mach - 1.0.3-19 - Mass rebuild 2014-01-24