diff --git a/openldap-verify-self-issued-certs.patch b/openldap-verify-self-issued-certs.patch
index a40abf6..4995b4c 100644
--- a/openldap-verify-self-issued-certs.patch
+++ b/openldap-verify-self-issued-certs.patch
@@ -1,12 +1,12 @@
 openldap does not trust certs with Basic Constraint ext. with CA == FALSE
 
-Resolves: #657984
-Upstream: ITS #6742
+Resolves: #657984, #668899
+Upstream: ITS #6742, #6791
 Author: Rich Megginson <rmeggins@redhat.com>
 
 diff -uNPrp openldap-2.4.23/libraries/libldap/tls_m.c openldap-2.4.23/libraries/libldap/tls_m.c
---- openldap-2.4.23/libraries/libldap/tls_m.c	2011-01-06 20:24:54.401170400 +0100
-+++ openldap-2.4.23/libraries/libldap/tls_m.c	2011-01-06 20:40:21.180097089 +0100
+--- openldap-2.4.23/libraries/libldap/tls_m.c	2011-01-20 16:06:56.461937417 +0100
++++ openldap-2.4.23/libraries/libldap/tls_m.c	2011-01-20 16:07:58.494922870 +0100
 @@ -63,6 +63,7 @@
  #include <nss/secerr.h>
  #include <nss/keyhi.h>
@@ -65,7 +65,7 @@ diff -uNPrp openldap-2.4.23/libraries/libldap/tls_m.c openldap-2.4.23/libraries/
 +
 +static SECStatus
 +tlsm_verify_cert(CERTCertDBHandle *handle, CERTCertificate *cert, void *pinarg,
-+				 PRBool checksig, SECCertUsage certUsage, int errorToIgnore )
++				 PRBool checksig, SECCertificateUsage certUsage, int errorToIgnore )
 +{
 +	CERTVerifyLog verifylog;
 +	SECStatus ret = SECSuccess;
@@ -159,7 +159,7 @@ diff -uNPrp openldap-2.4.23/libraries/libldap/tls_m.c openldap-2.4.23/libraries/
 +tlsm_auth_cert_handler(void *arg, PRFileDesc *fd,
 +                       PRBool checksig, PRBool isServer)
 +{
-+	SECCertUsage certUsage = isServer ? certUsageSSLClient : certUsageSSLServer;
++	SECCertificateUsage certUsage = isServer ? certificateUsageSSLClient : certificateUsageSSLServer;
 +	SECStatus ret = SECSuccess;
 +
 +	ret = tlsm_verify_cert( (CERTCertDBHandle *)arg, SSL_PeerCertificate( fd ),