autofs-5.0.8 - extend libldap serialization

From: Leonardo Chiquitto <leonardo.lists@gmail.com>

It's necessary to serialize calls to ldap_unbind() as well as the
initial bind.
---
 CHANGELOG             |    1 +
 modules/lookup_ldap.c |   20 ++++++++++++++++----
 2 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 6ff7c9b..da83d17 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -14,6 +14,7 @@
 - fix rpc_getport() when libtirpc is disabled.
 - fix rpc_getrpcbport() when libtirpc is disabled.
 - don't reset errno.
+- extend fix for crash due to thread unsafe use of libldap.
 
 17/10/2013 autofs-5.0.8
 =======================
diff --git a/modules/lookup_ldap.c b/modules/lookup_ldap.c
index 04b1da7..fd96d1d 100644
--- a/modules/lookup_ldap.c
+++ b/modules/lookup_ldap.c
@@ -53,8 +53,9 @@ static struct ldap_schema common_schema[] = {
 static unsigned int common_schema_count = sizeof(common_schema)/sizeof(struct ldap_schema);
 
 /*
- * Initialization of LDAP and OpenSSL must be always serialized to
- * avoid corruption of context structures inside these libraries.
+ * Initialization and de-initialization of LDAP and OpenSSL must be
+ * always serialized to avoid corruption of context structures inside
+ * these libraries.
  */
 pthread_mutex_t ldapinit_mutex = PTHREAD_MUTEX_INITIALIZER;
 
@@ -203,7 +204,7 @@ int bind_ldap_simple(unsigned logopt, LDAP *ldap, const char *uri, struct lookup
 	return 0;
 }
 
-int unbind_ldap_connection(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt)
+int __unbind_ldap_connection(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt)
 {
 	int rv;
 
@@ -220,6 +221,17 @@ int unbind_ldap_connection(unsigned logopt, LDAP *ldap, struct lookup_context *c
 	return rv;
 }
 
+int unbind_ldap_connection(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt)
+{
+	int rv;
+
+	ldapinit_mutex_lock();
+	rv = __unbind_ldap_connection(logopt, ldap, ctxt);
+	ldapinit_mutex_unlock();
+
+	return rv;
+}
+
 LDAP *__init_ldap_connection(unsigned logopt, const char *uri, struct lookup_context *ctxt)
 {
 	LDAP *ldap = NULL;
@@ -280,7 +292,7 @@ LDAP *__init_ldap_connection(unsigned logopt, const char *uri, struct lookup_con
 
 		rv = ldap_start_tls_s(ldap, NULL, NULL);
 		if (rv != LDAP_SUCCESS) {
-			unbind_ldap_connection(logopt, ldap, ctxt);
+			__unbind_ldap_connection(logopt, ldap, ctxt);
 			if (ctxt->tls_required) {
 				error(logopt, MODPREFIX
 				      "TLS required but START_TLS failed: %s",