openldap/openldap-security-pie.patch

Build slapd as position-independent executable (PIE) to take an advantage of
address space layout randomization (ASLD).

Author: Thomas Woerner <twoerner@redhat.com>

diff -uNPrp openldap-2.4.23.old/servers/slapd/Makefile.in openldap-2.4.23.new/servers/slapd/Makefile.in
--- openldap-2.4.23.old/servers/slapd/Makefile.in	2010-04-13 22:23:09.000000000 +0200
+++ openldap-2.4.23.new/servers/slapd/Makefile.in	2010-08-24 15:09:08.999680712 +0200
@@ -266,7 +266,7 @@ libslapi.a: slapi/.libs/libslapi.a
 	cp slapi/.libs/libslapi.a .
 
 slapd: $(SLAPD_DEPENDS) @LIBSLAPI@
-	$(LTLINK) -o $@ $(SLAPD_OBJECTS) $(LIBS) \
+	$(LTLINK) -pie -Wl,-z,defs -o $@ $(SLAPD_OBJECTS) $(LIBS) \
 		$(WRAP_LIBS)
 	$(RM) $(SLAPTOOLS)
 	for i in $(SLAPTOOLS); do \