import 389-ds-base-1.3.1.6-26.el7_0

SOURCES/0098-Bug-1123477-unauthenticated-information-disclosure.patch

@@ -0,0 +1,103 @@
+From 394277fdcef70078b54a280de88ab06dd289cc7a Mon Sep 17 00:00:00 2001
+From: Noriko Hosoi <nhosoi@redhat.com>
+Date: Mon, 28 Jul 2014 09:42:43 -0700
+Subject: [PATCH] Bug 1123477 - unauthenticated information disclosure
+
+Fix Description: nscpentrywsi is returned only authenticated as root.
+The bug was fixed by lkrispen@redhat.com (Ludwig Krispenz).
+His patch was modified based upon this review comment.
+https://bugzilla.redhat.com/show_bug.cgi?id=1123477#c2
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1123864
+
+(cherry picked from commit aa90e26d5c4ea47b2a4a22f99cf0742cf48b3fae)
+---
+ ldap/servers/slapd/computed.c     | 17 +++++++++++++++--
+ ldap/servers/slapd/entrywsi.c     |  2 +-
+ ldap/servers/slapd/slapi-plugin.h |  1 +
+ 3 files changed, 17 insertions(+), 3 deletions(-)
+
+diff --git a/ldap/servers/slapd/computed.c b/ldap/servers/slapd/computed.c
+index 7c99b45..7a80c96 100644
+--- a/ldap/servers/slapd/computed.c
++++ b/ldap/servers/slapd/computed.c
+@@ -59,6 +59,7 @@ struct _computed_attr_context {
+ struct _compute_evaluator {
+ 	struct _compute_evaluator *next;
+ 	slapi_compute_callback_t function;
++	int rootonly;
+ };
+ typedef struct _compute_evaluator compute_evaluator;
+ 
+@@ -95,6 +96,13 @@ int compute_call_evaluators_nolock(computed_attr_context *c,slapi_compute_output
+         compute_evaluator *current = NULL;
+         
+         for (current = compute_evaluators; (current != NULL) && (-1 == rc); current = current->next) {
++		if (current->rootonly) {
++			int isroot;
++			slapi_pblock_get(c->pb, SLAPI_REQUESTOR_ISROOT, &isroot);
++			if (!isroot) {
++				continue;
++			}
++		}
+                 rc = (*(current->function))(c,type,e,outfn);
+         }
+         return rc;
+@@ -157,14 +165,19 @@ compute_stock_evaluator(computed_attr_context *c,char* type,Slapi_Entry *e,slapi
+ }
+ 
+ static void
+-compute_add_evaluator_nolock(slapi_compute_callback_t function, compute_evaluator *new_eval)
++compute_add_evaluator_nolock(slapi_compute_callback_t function, compute_evaluator *new_eval, int rootonly)
+ {
+     new_eval->next = compute_evaluators;
+     new_eval->function = function;
++    new_eval->rootonly = rootonly;
+     compute_evaluators = new_eval;
+ }
+ int slapi_compute_add_evaluator(slapi_compute_callback_t function)
+ {
++	return slapi_compute_add_evaluator_ext(function, 0);
++}
++int slapi_compute_add_evaluator_ext(slapi_compute_callback_t function, int rootonly)
++{
+ 	int rc = 0;
+ 	compute_evaluator *new_eval = NULL;
+ 	PR_ASSERT(NULL != function);
+@@ -187,7 +200,7 @@ int slapi_compute_add_evaluator(slapi_compute_callback_t function)
+                     slapi_rwlock_wrlock(compute_evaluators_lock);
+                 }
+                 
+-                compute_add_evaluator_nolock(function, new_eval);
++                compute_add_evaluator_nolock(function, new_eval, rootonly);
+                 
+                 if (need_lock) {
+                     slapi_rwlock_unlock(compute_evaluators_lock);
+diff --git a/ldap/servers/slapd/entrywsi.c b/ldap/servers/slapd/entrywsi.c
+index 248a41f..0c01681 100644
+--- a/ldap/servers/slapd/entrywsi.c
++++ b/ldap/servers/slapd/entrywsi.c
+@@ -898,7 +898,7 @@ entry_compute_nscpentrywsi(computed_attr_context *c,char* type,Slapi_Entry *e,sl
+ int 
+ entry_computed_attr_init()
+ {
+-	slapi_compute_add_evaluator(entry_compute_nscpentrywsi);
++	slapi_compute_add_evaluator_ext(entry_compute_nscpentrywsi, 1 /* root only */);
+ 	return 0;
+ }
+ 
+diff --git a/ldap/servers/slapd/slapi-plugin.h b/ldap/servers/slapd/slapi-plugin.h
+index d8cfe33..e1cadbc 100644
+--- a/ldap/servers/slapd/slapi-plugin.h
++++ b/ldap/servers/slapd/slapi-plugin.h
+@@ -6038,6 +6038,7 @@ typedef int (*slapi_compute_output_t)(computed_attr_context *c,Slapi_Attr *a , S
+ typedef int (*slapi_compute_callback_t)(computed_attr_context *c,char* type,Slapi_Entry *e,slapi_compute_output_t outputfn);
+ typedef int (*slapi_search_rewrite_callback_t)(Slapi_PBlock *pb);
+ int slapi_compute_add_evaluator(slapi_compute_callback_t function);
++int slapi_compute_add_evaluator_ext(slapi_compute_callback_t function, int rootonly);
+ int slapi_compute_add_search_rewriter(slapi_search_rewrite_callback_t function);
+ int	compute_rewrite_search_filter(Slapi_PBlock *pb);
+ 
+-- 
+1.8.1.4
+

SPECS/389-ds-base.spec

@@ -25,7 +25,7 @@
 Summary:          389 Directory Server (base)
 Name:             389-ds-base
 Version:          1.3.1.6
-Release:          %{?relprefix}25%{?prerel}%{?dist}
+Release:          %{?relprefix}26%{?prerel}%{?dist}
 License:          GPLv2 with exceptions
 URL:              http://port389.org/
 Group:            System Environment/Daemons
@@ -211,6 +211,7 @@ Patch93:          0094-Ticket-47735-e_uniqueid-fails-to-set-if-an-entry-is-.patc
 Patch94:          0095-Ticket-47739-directory-server-is-insecurely-misinter.patch
 Patch95:          0096-Ticket-47735-e_uniqueid-fails-to-set-if-an-entry-is-.patch
 Patch96:          0097-Ticket-47759-Crash-in-replication-when-server-is-und.patch
+Patch97:          0098-Bug-1123477-unauthenticated-information-disclosure.patch
 
 %description
 389 Directory Server is an LDAPv3 compliant server.  The base package includes
@@ -358,6 +359,7 @@ cp %{SOURCE2} README.devel
 %patch94 -p1
 %patch95 -p1
 %patch96 -p1
+%patch97 -p1
 
 %build
 %if %{use_openldap}
@@ -509,6 +511,11 @@ fi
 %{_libdir}/%{pkgname}/libns-dshttpd.so*
 
 %changelog
+* Mon Jul 28 2014 Noriko Hosoi <nhosoi@redhat.com> - 1.3.1.6-26
+- release 1.3.1.6-26
+- Resolves: #1123864
+  EMBARGOED CVE-2014-3562 389-ds-base: 389-ds: unauthenticated information disclosure [rhel-7.0.z] (BZ 1123477)
+
 * Thu Mar 31 2014 Noriko Hosoi <nhosoi@redhat.com> - 1.3.1.6-25
 - release 1.3.1.6-25
 - Resolves: bug 1082740 - ns-slapd crash in reliability 15