new upstream release (2.4.34)

Resolves: #917603 #872784

.gitignore

@@ -4,3 +4,4 @@
 /openldap-2.4.31.tgz
 /openldap-2.4.32.tgz
 /openldap-2.4.33.tgz
+/openldap-2.4.34.tgz

openldap-ai-addrconfig.patch

@@ -4,15 +4,11 @@ Author: Jan Vcelak <jvcelak@redhat.com>
 Upstream ITS: #7326
 Resolves: #835013
 
----
- libraries/libldap/os-ip.c |    3 +--
- 1 file changed, 1 insertion(+), 2 deletions(-)
-
 diff --git a/libraries/libldap/os-ip.c b/libraries/libldap/os-ip.c
-index 2864256..c3e0876 100644
+index b31e05d..fa361ab 100644
 --- a/libraries/libldap/os-ip.c
 +++ b/libraries/libldap/os-ip.c
-@@ -584,8 +584,7 @@ ldap_connect_to_host(LDAP *ld, Sockbuf *sb,
+@@ -594,8 +594,7 @@ ldap_connect_to_host(LDAP *ld, Sockbuf *sb,
  
  #if defined( HAVE_GETADDRINFO ) && defined( HAVE_INET_NTOP )
  	memset( &hints, '\0', sizeof(hints) );
@@ -22,6 +18,3 @@ index 2864256..c3e0876 100644
  	hints.ai_flags = AI_ADDRCONFIG;
  #endif
  	hints.ai_family = ldap_int_inet4or6;
--- 
-1.7.10.4
-

openldap-evolution-ntlm.patch

@@ -1,9 +1,11 @@
 Get rid of this patch as soon as possible.
 More details are provided in README.evolution
 
---- openldap-2.4.24.orig/include/ldap.h
-+++ openldap-2.4.24/include/ldap.h
-@@ -2518,5 +2518,26 @@ ldap_parse_deref_control LDAP_P((
+diff --git a/include/ldap.h b/include/ldap.h
+index 3791732..fe01b18 100644
+--- a/include/ldap.h
++++ b/include/ldap.h
+@@ -2517,5 +2517,26 @@ ldap_parse_deref_control LDAP_P((
  	LDAPControl	**ctrls,
  	LDAPDerefRes	**drp ));
  
@@ -30,9 +32,11 @@ More details are provided in README.evolution
 +
  LDAP_END_DECL
  #endif /* _LDAP_H */
---- openldap-2.4.24.orig/libraries/libldap/Makefile.in
-+++ openldap-2.4.24/libraries/libldap/Makefile.in
-@@ -20,7 +20,7 @@ PROGRAMS = apitest dntest ftest ltest ur
+diff --git a/libraries/libldap/Makefile.in b/libraries/libldap/Makefile.in
+index ce4be1b..2326680 100644
+--- a/libraries/libldap/Makefile.in
++++ b/libraries/libldap/Makefile.in
+@@ -20,7 +20,7 @@ PROGRAMS = apitest dntest ftest ltest urltest
  SRCS	= bind.c open.c result.c error.c compare.c search.c \
  	controls.c messages.c references.c extended.c cyrus.c \
  	modify.c add.c modrdn.c delete.c abandon.c \
@@ -41,7 +45,7 @@ More details are provided in README.evolution
  	filter.c free.c sort.c passwd.c whoami.c \
  	getdn.c getentry.c getattr.c getvalues.c addentry.c \
  	request.c os-ip.c url.c pagectrl.c sortctrl.c vlvctrl.c \
-@@ -33,7 +33,7 @@ SRCS	= bind.c open.c result.c error.c co
+@@ -33,7 +33,7 @@ SRCS	= bind.c open.c result.c error.c compare.c search.c \
  OBJS	= bind.lo open.lo result.lo error.lo compare.lo search.lo \
  	controls.lo messages.lo references.lo extended.lo cyrus.lo \
  	modify.lo add.lo modrdn.lo delete.lo abandon.lo \
@@ -50,8 +54,11 @@ More details are provided in README.evolution
  	filter.lo free.lo sort.lo passwd.lo whoami.lo \
  	getdn.lo getentry.lo getattr.lo getvalues.lo addentry.lo \
  	request.lo os-ip.lo url.lo pagectrl.lo sortctrl.lo vlvctrl.lo \
+diff --git a/libraries/libldap/ntlm.c b/libraries/libldap/ntlm.c
+new file mode 100644
+index 0000000..e0734d5
 --- /dev/null
-+++ openldap-2.4.24/libraries/libldap/ntlm.c
++++ b/libraries/libldap/ntlm.c
 @@ -0,0 +1,137 @@
 +/* $OpenLDAP: pkg/ldap/libraries/libldap/ntlm.c,v 1.1.4.10 2002/01/04 20:38:21 kurt Exp $ */
 +/*

openldap-fedora-systemd.patch

@@ -6,10 +6,11 @@ Fedora specific patch.
 
 Author: Jan Vcelak <jvcelak@redhat.com>
 
-diff -uNPrp openldap-2.4.26/servers/slapd/main.c openldap-2.4.26.fix/servers/slapd/main.c
---- openldap-2.4.26/servers/slapd/main.c	2011-06-30 17:13:36.000000000 +0200
-+++ openldap-2.4.26.fix/servers/slapd/main.c	2011-10-27 17:05:02.641066298 +0200
-@@ -682,6 +682,10 @@ unhandled_option:;
+diff --git a/servers/slapd/main.c b/servers/slapd/main.c
+index dac4864..83614f4 100644
+--- a/servers/slapd/main.c
++++ b/servers/slapd/main.c
+@@ -685,6 +685,10 @@ unhandled_option:;
  		}
  	}
  

openldap-ldaprc-currentdir.patch

@@ -4,9 +4,11 @@ Resolves: #38402
 Upstream: ITS #1131
 Author: Henning Schmiedehausen <hps@intermeta.de>
 
---- openldap-2.4.24.orig/libraries/libldap/init.c
-+++ openldap-2.4.24/libraries/libldap/init.c
-@@ -346,9 +346,6 @@ static void openldap_ldap_init_w_usercon
+diff --git a/libraries/libldap/init.c b/libraries/libldap/init.c
+index 8617527..e6b17b4 100644
+--- a/libraries/libldap/init.c
++++ b/libraries/libldap/init.c
+@@ -352,9 +352,6 @@ static void openldap_ldap_init_w_userconf(const char *file)
  	if(path != NULL) {
  		LDAP_FREE(path);
  	}

openldap-manpages.patch

@@ -2,9 +2,11 @@ Various manual pages changes:
 * removes LIBEXECDIR from slapd.8
 * removes references to non-existing manpages (bz 624616)
 
---- openldap-2.4.24.orig/doc/man/man1/ldapmodify.1
-+++ openldap-2.4.24/doc/man/man1/ldapmodify.1
-@@ -364,9 +364,7 @@ exit status and a diagnostic message bei
+diff --git a/doc/man/man1/ldapmodify.1 b/doc/man/man1/ldapmodify.1
+index 3def6da..466c772 100644
+--- a/doc/man/man1/ldapmodify.1
++++ b/doc/man/man1/ldapmodify.1
+@@ -397,9 +397,7 @@ exit status and a diagnostic message being written to standard error.
  .BR ldap_add_ext (3),
  .BR ldap_delete_ext (3),
  .BR ldap_modify_ext (3),
@@ -15,9 +17,11 @@ Various manual pages changes:
  .SH AUTHOR
  The OpenLDAP Project <http://www.openldap.org/>
  .SH ACKNOWLEDGEMENTS
---- openldap-2.4.24.orig/doc/man/man5/ldap.conf.5
-+++ openldap-2.4.24/doc/man/man5/ldap.conf.5
-@@ -317,6 +317,7 @@ certificates in separate individual file
+diff --git a/doc/man/man5/ldap.conf.5 b/doc/man/man5/ldap.conf.5
+index cfde143..63592cb 100644
+--- a/doc/man/man5/ldap.conf.5
++++ b/doc/man/man5/ldap.conf.5
+@@ -317,6 +317,7 @@ certificates in separate individual files. The
  .B TLS_CACERT
  is always used before
  .B TLS_CACERTDIR.
@@ -25,8 +29,10 @@ Various manual pages changes:
  This parameter is ignored with GnuTLS.
  
  When using Mozilla NSS, <path> may contain a Mozilla NSS cert/key
---- openldap-2.4.24.orig/doc/man/man5/ldif.5
-+++ openldap-2.4.24/doc/man/man5/ldif.5
+diff --git a/doc/man/man5/ldif.5 b/doc/man/man5/ldif.5
+index 79615b6..2c06246 100644
+--- a/doc/man/man5/ldif.5
++++ b/doc/man/man5/ldif.5
 @@ -270,8 +270,7 @@ commands.
  .BR ldapmodify (1),
  .BR slapadd (8),
@@ -37,9 +43,11 @@ Various manual pages changes:
  .LP
  "LDAP Data Interchange Format," Good, G., RFC 2849.
  .SH ACKNOWLEDGEMENTS
---- openldap-2.4.24.orig/doc/man/man5/slapd-config.5
-+++ openldap-2.4.24/doc/man/man5/slapd-config.5
-@@ -2068,7 +2068,6 @@ default slapd configuration directory
+diff --git a/doc/man/man5/slapd-config.5 b/doc/man/man5/slapd-config.5
+index 742876a..31643c7 100644
+--- a/doc/man/man5/slapd-config.5
++++ b/doc/man/man5/slapd-config.5
+@@ -2086,7 +2086,6 @@ default slapd configuration directory
  .BR slapd.conf (5),
  .BR slapd.overlays (5),
  .BR slapd.plugin (5),
@@ -47,9 +55,11 @@ Various manual pages changes:
  .BR slapd (8),
  .BR slapacl (8),
  .BR slapadd (8),
---- openldap-2.4.24.orig/doc/man/man5/slapd.conf.5
-+++ openldap-2.4.24/doc/man/man5/slapd.conf.5
-@@ -1998,7 +1998,6 @@ default slapd configuration file
+diff --git a/doc/man/man5/slapd.conf.5 b/doc/man/man5/slapd.conf.5
+index 0a3a955..352cc7e 100644
+--- a/doc/man/man5/slapd.conf.5
++++ b/doc/man/man5/slapd.conf.5
+@@ -2016,7 +2016,6 @@ default slapd configuration file
  .BR slapd.backends (5),
  .BR slapd.overlays (5),
  .BR slapd.plugin (5),
@@ -57,18 +67,20 @@ Various manual pages changes:
  .BR slapd (8),
  .BR slapacl (8),
  .BR slapadd (8),
---- openldap-2.4.24.orig/doc/man/man8/slapd.8
-+++ openldap-2.4.24/doc/man/man8/slapd.8
+diff --git a/doc/man/man8/slapd.8 b/doc/man/man8/slapd.8
+index b739f4d..e2a1a00 100644
+--- a/doc/man/man8/slapd.8
++++ b/doc/man/man8/slapd.8
 @@ -5,7 +5,7 @@
  .SH NAME
  slapd \- Stand-alone LDAP Daemon
  .SH SYNOPSIS
 -.B LIBEXECDIR/slapd 
-+.B slapd 
++.B slapd
  [\c
  .BR \-4 | \-6 ]
  [\c
-@@ -301,7 +301,7 @@ the LDAP databases defined in the defaul
+@@ -317,7 +317,7 @@ the LDAP databases defined in the default config file, just type:
  .LP
  .nf
  .ft tt
@@ -77,7 +89,7 @@ Various manual pages changes:
  .ft
  .fi
  .LP
-@@ -312,7 +312,7 @@ on voluminous debugging which will be pr
+@@ -328,7 +328,7 @@ on voluminous debugging which will be printed on standard error, type:
  .LP
  .nf
  .ft tt
@@ -86,7 +98,7 @@ Various manual pages changes:
  .ft
  .fi
  .LP
-@@ -320,7 +320,7 @@ To test whether the configuration file i
+@@ -336,7 +336,7 @@ To test whether the configuration file is correct or not, type:
  .LP
  .nf
  .ft tt
@@ -95,3 +107,6 @@ Various manual pages changes:
  .ft
  .fi
  .LP
+-- 
+1.8.1.4
+

openldap-nss-certs-from-certdb-fallback-pem.patch

@@ -12,7 +12,7 @@ Upstream ITS: #7389
 Resolves: #857455
 
 diff --git a/libraries/libldap/tls_m.c b/libraries/libldap/tls_m.c
-index 61d71d4..f15f0bc 100644
+index 6847bea..8339391 100644
 --- a/libraries/libldap/tls_m.c
 +++ b/libraries/libldap/tls_m.c
 @@ -1412,7 +1412,7 @@ tlsm_ctx_load_private_key( tlsm_ctx *ctx )
@@ -24,7 +24,7 @@ index 61d71d4..f15f0bc 100644
  		ctx->tc_private_key = PK11_FindKeyByDERCert( ctx->tc_certdb_slot, ctx->tc_certificate, pin_arg );
  	else
  		ctx->tc_private_key = PK11_FindKeyByAnyCert( ctx->tc_certificate, pin_arg );
-@@ -1900,8 +1900,6 @@ tlsm_deferred_init( void *arg )
+@@ -1909,8 +1909,6 @@ tlsm_deferred_init( void *arg )
  				}
  				return -1;
  			}
@@ -33,7 +33,7 @@ index 61d71d4..f15f0bc 100644
  		}
  
  		NSS_SetDomesticPolicy();
-@@ -2354,15 +2352,9 @@ tlsm_deferred_ctx_init( void *arg )
+@@ -2363,15 +2361,9 @@ tlsm_deferred_ctx_init( void *arg )
  
  	/* set up our cert and key, if any */
  	if ( lt->lt_certfile ) {
@@ -52,7 +52,7 @@ index 61d71d4..f15f0bc 100644
  			char *tmp_certname;
  
  			if ( tlsm_is_tokenname_certnick( lt->lt_certfile )) {
-@@ -2382,8 +2374,31 @@ tlsm_deferred_ctx_init( void *arg )
+@@ -2391,8 +2383,31 @@ tlsm_deferred_ctx_init( void *arg )
  				Debug( LDAP_DEBUG_ANY,
  					   "TLS: error: the certificate '%s' could not be found in the database - error %d:%s.\n",
  					   lt->lt_certfile, errcode, PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
@@ -84,6 +84,3 @@ index 61d71d4..f15f0bc 100644
  		}
  	}
  
--- 
-1.7.11.7
-

openldap-reentrant-gethostby.patch

@@ -7,8 +7,10 @@ the functions, even if we're not being compiled for use in libldap_r
 Resolves: #179730
 Author: Jeffery Layton <jlayton@redhat.com>
 
---- openldap-2.4.24.orig/libraries/libldap/util-int.c
-+++ openldap-2.4.24/libraries/libldap/util-int.c
+diff --git a/libraries/libldap/util-int.c b/libraries/libldap/util-int.c
+index 373c81c..a012062 100644
+--- a/libraries/libldap/util-int.c
++++ b/libraries/libldap/util-int.c
 @@ -52,8 +52,8 @@ extern int h_errno;
  #ifndef LDAP_R_COMPILE
  # undef HAVE_REENTRANT_FUNCTIONS
@@ -20,7 +22,7 @@ Author: Jeffery Layton <jlayton@redhat.com>
  
  #else
  # include <ldap_pvt_thread.h>
-@@ -312,7 +312,7 @@ ldap_pvt_csnstr(char *buf, size_t len, u
+@@ -317,7 +317,7 @@ ldap_pvt_csnstr(char *buf, size_t len, unsigned int replica, unsigned int mod)
  #define BUFSTART (1024-32)
  #define BUFMAX (32*1024-32)
  

openldap-rwm-slapd-segfault-modrdn.patch

@@ -1,33 +0,0 @@
-fix: slapd with rwm overlay segfault following ldapmodify
-
-(newSup is NULL if it was specified, but same as old Sup)
-
-Author: Howard Chu <hyc@openldap.org>
-Upstream ITS: #7414
-Upstream commit: d42c7c4
-Resolves: #865685
-
-diff --git a/servers/slapd/overlays/rwm.c b/servers/slapd/overlays/rwm.c
-index cc6211e..d12fd0f 100644
---- a/servers/slapd/overlays/rwm.c
-+++ b/servers/slapd/overlays/rwm.c
-@@ -107,10 +107,12 @@ rwm_op_rollback( Operation *op, SlapReply *rs, rwm_op_state *ros )
- 		break;
- 	case LDAP_REQ_MODRDN:
- 		if ( op->orr_newSup != ros->orr_newSup ) {
--			ch_free( op->orr_newSup->bv_val );
--			ch_free( op->orr_nnewSup->bv_val );
--			op->o_tmpfree( op->orr_newSup, op->o_tmpmemctx );
--			op->o_tmpfree( op->orr_nnewSup, op->o_tmpmemctx );
-+			if ( op->orr_newSup ) {
-+				ch_free( op->orr_newSup->bv_val );
-+				ch_free( op->orr_nnewSup->bv_val );
-+				op->o_tmpfree( op->orr_newSup, op->o_tmpmemctx );
-+				op->o_tmpfree( op->orr_nnewSup, op->o_tmpmemctx );
-+			}
- 			op->orr_newSup = ros->orr_newSup;
- 			op->orr_nnewSup = ros->orr_nnewSup;
- 		}
--- 
-1.7.11.7
-

openldap-syncrepl-unset-tls-options.patch

@@ -4,15 +4,11 @@ Author: Patrick Monnerat <pm@datasphere.ch>
 Upstream ITS: #7042
 Resolves: #734187
 
----
- libraries/libldap/tls2.c |   16 ++++++++--------
- 1 files changed, 8 insertions(+), 8 deletions(-)
-
 diff --git a/libraries/libldap/tls2.c b/libraries/libldap/tls2.c
-index 5c35fb5..4c9eb30 100644
+index 654a4bf..10b993b 100644
 --- a/libraries/libldap/tls2.c
 +++ b/libraries/libldap/tls2.c
-@@ -731,27 +731,27 @@ ldap_pvt_tls_set_option( LDAP *ld, int option, void *arg )
+@@ -735,27 +735,27 @@ ldap_pvt_tls_set_option( LDAP *ld, int option, void *arg )
  		return 0;
  	case LDAP_OPT_X_TLS_CACERTFILE:
  		if ( lo->ldo_tls_cacertfile ) LDAP_FREE( lo->ldo_tls_cacertfile );
@@ -46,7 +42,7 @@ index 5c35fb5..4c9eb30 100644
  		return 0;
  	case LDAP_OPT_X_TLS_REQUIRE_CERT:
  		if ( !arg ) return -1;
-@@ -779,7 +779,7 @@ ldap_pvt_tls_set_option( LDAP *ld, int option, void *arg )
+@@ -783,7 +783,7 @@ ldap_pvt_tls_set_option( LDAP *ld, int option, void *arg )
  #endif
  	case LDAP_OPT_X_TLS_CIPHER_SUITE:
  		if ( lo->ldo_tls_ciphersuite ) LDAP_FREE( lo->ldo_tls_ciphersuite );
@@ -55,7 +51,7 @@ index 5c35fb5..4c9eb30 100644
  		return 0;
  
  	case LDAP_OPT_X_TLS_PROTOCOL_MIN:
-@@ -790,7 +790,7 @@ ldap_pvt_tls_set_option( LDAP *ld, int option, void *arg )
+@@ -794,7 +794,7 @@ ldap_pvt_tls_set_option( LDAP *ld, int option, void *arg )
  		if ( ld != NULL )
  			return -1;
  		if ( lo->ldo_tls_randfile ) LDAP_FREE (lo->ldo_tls_randfile );
@@ -64,6 +60,3 @@ index 5c35fb5..4c9eb30 100644
  		break;
  	case LDAP_OPT_X_TLS_NEWCTX:
  		if ( !arg ) return -1;
--- 
-1.7.6.1
-

openldap-tls-no-reuse-of-tls_session.patch

@@ -11,10 +11,10 @@ Upstream ITS: #7373
 Resolves: #852476 
 
 diff --git a/libraries/libldap/tls2.c b/libraries/libldap/tls2.c
-index f0b5bef..b13cb6d 100644
+index 10b993b..a3cd590 100644
 --- a/libraries/libldap/tls2.c
 +++ b/libraries/libldap/tls2.c
-@@ -316,7 +316,7 @@ update_flags( Sockbuf *sb, tls_session * ssl, int rc )
+@@ -320,7 +320,7 @@ update_flags( Sockbuf *sb, tls_session * ssl, int rc )
   */
  
  static int
@@ -23,7 +23,7 @@ index f0b5bef..b13cb6d 100644
  {
  	Sockbuf *sb = conn->lconn_sb;
  	int	err;
-@@ -361,6 +361,10 @@ ldap_int_tls_connect( LDAP *ld, LDAPConn *conn )
+@@ -365,6 +365,10 @@ ldap_int_tls_connect( LDAP *ld, LDAPConn *conn )
  	errno = WSAGetLastError();
  #endif
  
@@ -34,7 +34,7 @@ index f0b5bef..b13cb6d 100644
  	if ( err < 0 )
  	{
  		char buf[256], *msg;
-@@ -491,7 +495,15 @@ ldap_pvt_tls_check_hostname( LDAP *ld, void *s, const char *name_in )
+@@ -495,7 +499,15 @@ ldap_pvt_tls_check_hostname( LDAP *ld, void *s, const char *name_in )
  {
  	tls_session *session = s;
  
@@ -51,13 +51,25 @@ index f0b5bef..b13cb6d 100644
  }
  
  int
-@@ -831,25 +843,11 @@ ldap_int_tls_start ( LDAP *ld, LDAPConn *conn, LDAPURLDesc *srv )
- 	/*
- 	 * Fortunately, the lib uses blocking io...
- 	 */
--	if ( ldap_int_tls_connect( ld, conn ) < 0 ) {
-+	if ( ldap_int_tls_connect( ld, conn, host ) < 0 ) {
- 		ld->ld_errno = LDAP_CONNECT_ERROR;
+@@ -857,7 +869,7 @@ ldap_int_tls_start ( LDAP *ld, LDAPConn *conn, LDAPURLDesc *srv )
+ #endif /* LDAP_USE_NON_BLOCKING_TLS */
+ 
+ 	ld->ld_errno = LDAP_SUCCESS;
+-	ret = ldap_int_tls_connect( ld, conn );
++	ret = ldap_int_tls_connect( ld, conn, host );
+ 
+ #ifdef LDAP_USE_NON_BLOCKING_TLS
+ 	while ( ret > 0 ) { /* this should only happen for non-blocking io */
+@@ -878,7 +890,7 @@ ldap_int_tls_start ( LDAP *ld, LDAPConn *conn, LDAPURLDesc *srv )
+ 		} else {
+ 			/* ldap_int_poll called ldap_pvt_ndelay_off */
+ 			ber_sockbuf_ctrl( ld->ld_sb, LBER_SB_OPT_SET_NONBLOCK, sb );
+-			ret = ldap_int_tls_connect( ld, conn );
++			ret = ldap_int_tls_connect( ld, conn, host );
+ 			if ( ret > 0 ) { /* need to call tls_connect once more */
+ 				struct timeval curr_time_tv, delta_tv;
+ 
+@@ -935,20 +947,6 @@ ldap_int_tls_start ( LDAP *ld, LDAPConn *conn, LDAPURLDesc *srv )
  		return (ld->ld_errno);
  	}
  
@@ -78,6 +90,3 @@ index f0b5bef..b13cb6d 100644
  	return LDAP_SUCCESS;
  }
  
--- 
-1.7.11.4
-

openldap-userconfig-setgid.patch

@@ -3,9 +3,11 @@ This patch adds the same behavior for GID.
 
 Author: Nalin Dahyabhai <nalin@redhat.com>
 
---- openldap-2.4.24.orig/libraries/libldap/init.c
-+++ openldap-2.4.24/libraries/libldap/init.c
-@@ -670,7 +670,7 @@ void ldap_int_initialize( struct ldapopt
+diff --git a/libraries/libldap/init.c b/libraries/libldap/init.c
+index e6b17b4..fbf4829 100644
+--- a/libraries/libldap/init.c
++++ b/libraries/libldap/init.c
+@@ -678,7 +678,7 @@ void ldap_int_initialize( struct ldapoptions *gopts, int *dbglvl )
  	openldap_ldap_init_w_sysconf(LDAP_CONF_FILE);
  
  #ifdef HAVE_GETEUID

openldap.spec

@@ -7,8 +7,8 @@
 %global systemctl_bin /usr/bin/systemctl
 
 Name: openldap
-Version: 2.4.33
-Release: 4%{?dist}
+Version: 2.4.34
+Release: 1%{?dist}
 Summary: LDAP support libraries
 Group: System Environment/Daemons
 License: OpenLDAP
@@ -44,7 +44,6 @@ Patch12: openldap-tls-no-reuse-of-tls_session.patch
 Patch13: openldap-nss-regex-search-hashed-cacert-dir.patch
 Patch14: openldap-nss-ignore-certdb-type-prefix.patch
 Patch15: openldap-nss-certs-from-certdb-fallback-pem.patch
-Patch16: openldap-rwm-slapd-segfault-modrdn.patch
 
 # Fedora specific patches
 Patch100: openldap-autoconf-pkgconfig-nss.patch
@@ -162,7 +161,6 @@ ln -s %{_includedir}/nspr4 include/nspr
 %patch13 -p1
 %patch14 -p1
 %patch15 -p1
-%patch16 -p1
 
 %patch102 -p1
 
@@ -620,6 +618,10 @@ exit 0
 %{evolution_connector_prefix}/
 
 %changelog
+* Wed Mar 06 2013 Jan Vcelak <jvcelak@fedoraproject.org> 2.4.34-1
+- new upstream release (#917603)
+- fix: slapcat segfaults if cn=config.ldif not present (#872784)
+
 * Thu Jan 31 2013 Jan Synáček <jsynacek@redhat.com> 2.4.33-4
 - rebuild against new cyrus-sasl
 

sources

@@ -1 +1 @@
-5adae44897647c15ce5abbff313bc85a  openldap-2.4.33.tgz
+df93a62e396ac312333cdeab0c5b48b6  openldap-2.4.34.tgz