[packages/openldap] - default path for CA certs search
adwol
adwol at pld-linux.org
Sun Sep 3 20:46:05 CEST 2017
commit 1f48008599d4a9734acc45cd1985e1721669614d
Author: Adam Osuchowski <adwol at pld-linux.org>
Date: Sun Sep 3 20:44:24 2017 +0200
- default path for CA certs search
openldap-default_cacert_path.patch | 13 +++++++++++++
openldap.spec | 2 ++
2 files changed, 15 insertions(+)
---
diff --git a/openldap.spec b/openldap.spec
index 4185bd5..a96f7ab 100644
--- a/openldap.spec
+++ b/openldap.spec
@@ -59,6 +59,7 @@ Patch19: %{name}-gcc47.patch
Patch20: %{name}-man.patch
Patch22: %{name}-am.patch
Patch23: %{name}-db.patch
+Patch24: %{name}-default_cacert_path.patch
# Patch for the evolution library
Patch100: %{name}-ntlm.diff
URL: http://www.openldap.org/
@@ -1247,6 +1248,7 @@ cd %{name}
%patch20 -p1
%patch22 -p1
%patch23 -p1
+%patch24 -p1
%if %{with krb5}
%patch17 -p1
%endif
diff --git a/openldap-default_cacert_path.patch b/openldap-default_cacert_path.patch
new file mode 100644
index 0000000..813d790
--- /dev/null
+++ b/openldap-default_cacert_path.patch
@@ -0,0 +1,13 @@
+diff -ruNp openldap-2.4.45.orig/libraries/libldap/tls_o.c openldap-2.4.45/libraries/libldap/tls_o.c
+--- openldap-2.4.45.orig/libraries/libldap/tls_o.c 2017-06-01 22:01:07.000000000 +0200
++++ openldap-2.4.45/libraries/libldap/tls_o.c 2017-09-03 20:23:39.222111712 +0200
+@@ -275,7 +275,8 @@ tlso_ctx_init( struct ldapoptions *lo, s
+ }
+ } else {
+ if ( !SSL_CTX_load_verify_locations( ctx,
+- lt->lt_cacertfile, lt->lt_cacertdir ) )
++ lt->lt_cacertfile, lt->lt_cacertdir ) ||
++ !SSL_CTX_set_default_verify_paths( ctx ) )
+ {
+ Debug( LDAP_DEBUG_ANY, "TLS: "
+ "could not load verify locations (file:`%s',dir:`%s').\n",
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/openldap.git/commitdiff/46dff2fa95ba14a64e9338f9f664924c831f815c
More information about the pld-cvs-commit
mailing list