openldap/openldap-security-pie.patch
Jan Vcelak 95d8d32fc5 rebase to 2.4.23
- package rebased
- removed embeded db4
- removed patches merged by upstream
- removed no longer required patches
- merged patches doing manpage changes
- merged patches exporting ldif API
- reapplied patches and added description to each one
- removed unnecessary BuildRequires
- cleaned %config, %build and %install sections
- updated database upgrade process:
  - database is exported (slapcat) and reimported (slapadd) when minor
	version of openldap changes (safe and recomended way)
  - database is upgraded (db4) when minor version of db4 package changes
	(this is not done in %post anymore, as the database is not embeded,
	but using triggers)

Resolved: #624616 Bogus links in "SEE ALSO" part of several man-pages
Resolved: #625740 openldap-2.4.23 is available
2010-08-27 14:45:25 +02:00

18 lines
740 B
Diff

Build slapd as position-independent executable (PIE) to take an advantage of
address space layout randomization (ASLD).
Author: Thomas Woerner <twoerner@redhat.com>
diff -uNPrp openldap-2.4.23.old/servers/slapd/Makefile.in openldap-2.4.23.new/servers/slapd/Makefile.in
--- openldap-2.4.23.old/servers/slapd/Makefile.in 2010-04-13 22:23:09.000000000 +0200
+++ openldap-2.4.23.new/servers/slapd/Makefile.in 2010-08-24 15:09:08.999680712 +0200
@@ -266,7 +266,7 @@ libslapi.a: slapi/.libs/libslapi.a
cp slapi/.libs/libslapi.a .
slapd: $(SLAPD_DEPENDS) @LIBSLAPI@
- $(LTLINK) -o $@ $(SLAPD_OBJECTS) $(LIBS) \
+ $(LTLINK) -pie -Wl,-z,defs -o $@ $(SLAPD_OBJECTS) $(LIBS) \
$(WRAP_LIBS)
$(RM) $(SLAPTOOLS)
for i in $(SLAPTOOLS); do \