Misc updates from HEAD

diff --git a/CHANGES b/CHANGES
index 2458f5302f77608692f67627837432a780ce4f12..dae960757651ed02a8d991076e94b86c714ec2be 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,11 +1,17 @@
 OpenLDAP 2.0 Change Log
 
 OpenLDAP 2.0.24 Engineering
+       Fixed slapd max incoming macro bug (ITS#1828)
        Fixed slapd acl group/dnaddr bug (ITS#1607)
-       Fixed ber_bvstrdup() empty string ("") bug (ITS#1662)
+       Fixed slapd connection management bug (ITS#1655)
+       Fixed slapd PF_lOCAL typo (ITS#1660)
+       Fixed slurpd tls init bug (ITS#1613)
        Fixed back-ldbm dn normalization bug in onelevel searches (ITS#1654)
        Fixed back-ldbm modrdn root dn check (ITS#1761)
-       Fixed replog logging without replica (ITS#1335)
+       Fixed back-ldbm idl overrun bug (ITS1570)
+       Fixed slapd replog logging without replica (ITS#1335)
+       Fixed ber_bvstrdup() empty string ("") bug (ITS#1662)
+       Fixed ldapsearch filter bug (ITS#1649)
        Documentation
                Updated release documents
 

diff --git a/clients/tools/ldapsearch.c b/clients/tools/ldapsearch.c
index 54402bb9028f2dbb3e6c49b4e6d680755ef7810f..f348109fa94d73d20fee14d9780329afc16a82b9 100644 (file)
--- a/clients/tools/ldapsearch.c
+++ b/clients/tools/ldapsearch.c
@@ -892,7 +892,7 @@ static int dosearch(
        struct timeval *timeout,
        int sizelimit )
 {
-       char            filter[ BUFSIZ ];
+       char                    *filter;
        int                     rc;
        int                     nresponses;
        int                     nentries;
@@ -903,6 +903,12 @@ static int dosearch(
        ber_int_t       msgid;
 
        if( filtpatt != NULL ) {
+               filter = malloc( strlen( filtpatt ) + strlen( value ) );
+               if( filter == NULL ) {
+                       perror( "malloc" );
+                       return EXIT_FAILURE;
+               }
+
                sprintf( filter, filtpatt, value );
 
                if ( verbose ) {
@@ -914,7 +920,7 @@ static int dosearch(
                }
 
        } else {
-               sprintf( filter, "%s", value );
+               filter = value;
        }
 
        if ( not ) {
@@ -924,6 +930,10 @@ static int dosearch(
        rc = ldap_search_ext( ld, base, scope, filter, attrs, attrsonly,
                sctrls, cctrls, timeout, sizelimit, &msgid );
 
+       if ( filtpatt != NULL ) {
+               free( filter );
+       }
+
        if( rc != LDAP_SUCCESS ) {
                fprintf( stderr, "%s: ldap_search_ext: %s (%d)\n",
                        prog, ldap_err2string( rc ), rc );

diff --git a/libraries/liblutil/entropy.c b/libraries/liblutil/entropy.c
index c4b84039bb57b0b36e129ba942eedc541a395c4e..74d3f3210ab8b875d5400428b230a376b47a061e 100644 (file)
--- a/libraries/liblutil/entropy.c
+++ b/libraries/liblutil/entropy.c
@@ -10,9 +10,6 @@
 #include <ac/time.h>
 #include <ac/unistd.h>
 
-#ifdef HAVE_WINCRYPT_H
-#include <wincrypt.h>
-#endif
 #ifdef HAVE_PROCESS_H
 #include <process.h>
 #endif
@@ -39,21 +36,27 @@ int lutil_entropy( unsigned char *buf, ber_len_t nbytes )
        if( nbytes == 0 ) return 0;
 
 #ifdef URANDOM_DEVICE
+#define URANDOM_NREADS 4
        /* Linux and *BSD offer a urandom device */
        {
-               int rc, fd;
+               int rc, fd, n=0;
 
                fd = open( URANDOM_DEVICE, O_RDONLY );
 
                if( fd < 0 ) return -1;
 
-               rc = read( fd, buf, nbytes );
-               close(fd);
+               do {
+                       rc = read( fd, buf, nbytes );
+                       if( rc <= 0 ) break;
 
-               /* should return nbytes */
-               if( rc < nbytes ) return -1;
+                       buf+=rc;
+                       nbytes-=rc;
 
-               return 0;
+                       if( ++n >= URANDOM_NREADS ) break;
+               } while( nbytes > 0 );
+
+               close(fd);
+               return nbytes > 0 ? -1 : 0;
        }
 #elif PROV_RSA_FULL
        {