From aab5878142aa71845978ff8eb5c2301a76d0d20f Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Mar 30 2021 14:17:22 +0000
Subject: import openldap-2.4.46-16.el8


---

diff --git a/SOURCES/openldap-cldap-check-for-error-on-connected-socket.patch b/SOURCES/openldap-cldap-check-for-error-on-connected-socket.patch
new file mode 100644
index 0000000..bade69a
--- /dev/null
+++ b/SOURCES/openldap-cldap-check-for-error-on-connected-socket.patch
@@ -0,0 +1,41 @@
+From ec5eba5393e5cc65b05e54658c55500cdbff775a Mon Sep 17 00:00:00 2001
+From: Howard Chu <hyc@openldap.org>
+Date: Wed, 26 Aug 2020 13:22:52 +0100
+Subject: [PATCH 01/34] ITS#9328 cldap: check for error on connected socket
+
+libldap doesn't use a connected socket for UDP sessions, but 3rd
+parties can, passed in with ldap_init_fd().
+---
+ libraries/libldap/result.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/libraries/libldap/result.c b/libraries/libldap/result.c
+index bdced135b..e2b220630 100644
+--- a/libraries/libldap/result.c
++++ b/libraries/libldap/result.c
+@@ -486,7 +486,8 @@ retry:
+ #ifdef LDAP_CONNECTIONLESS
+ 	if ( LDAP_IS_UDP(ld) ) {
+ 		struct sockaddr_storage from;
+-		ber_int_sb_read( lc->lconn_sb, &from, sizeof(struct sockaddr_storage) );
++		if ( ber_int_sb_read( lc->lconn_sb, &from, sizeof(struct sockaddr_storage) ) < 0 )
++			goto fail;
+ 		if ( ld->ld_options.ldo_version == LDAP_VERSION2 ) isv2 = 1;
+ 	}
+ nextresp3:
+@@ -502,10 +503,11 @@ nextresp3:
+ 		break;
+ 
+ 	case LBER_DEFAULT:
++fail:
+ 		err = sock_errno();
+ #ifdef LDAP_DEBUG		   
+ 		Debug( LDAP_DEBUG_CONNS,
+-			"ber_get_next failed.\n", 0, 0, 0 );
++			"ber_get_next failed, errno=%d.\n", err, 0, 0 );
+ #endif		   
+ 		if ( err == EWOULDBLOCK ) return LDAP_MSG_X_KEEP_LOOKING;
+ 		if ( err == EAGAIN ) return LDAP_MSG_X_KEEP_LOOKING;
+-- 
+2.26.2
+
diff --git a/SPECS/openldap.spec b/SPECS/openldap.spec
index 937b7a3..af1ba5d 100644
--- a/SPECS/openldap.spec
+++ b/SPECS/openldap.spec
@@ -5,7 +5,7 @@
 
 Name: openldap
 Version: 2.4.46
-Release: 15%{?dist}
+Release: 16%{?dist}
 Summary: LDAP support libraries
 License: OpenLDAP
 URL: http://www.openldap.org/
@@ -26,6 +26,7 @@ Patch2: openldap-reentrant-gethostby.patch
 Patch3: openldap-smbk5pwd-overlay.patch
 Patch5: openldap-ai-addrconfig.patch
 Patch17: openldap-allop-overlay.patch
+Patch18: openldap-cldap-check-for-error-on-connected-socket.patch
 
 # fix back_perl problems with lt_dlopen()
 # might cause crashes because of symbol collisions
@@ -130,6 +131,7 @@ AUTOMAKE=%{_bindir}/true autoreconf -fi
 %patch3 -p1
 %patch5 -p1
 %patch17 -p1
+%patch18 -p1
 %patch19 -p1
 %patch20 -p1
 %patch22 -p1
@@ -518,6 +520,9 @@ exit 0
 %{_mandir}/man3/*
 
 %changelog
+* Thu Sep 10 2020 Simon Pichugin <spichugi@redhat.com> - 2.4.46-16
+- CLDAP ldap_result hangs if nobody listens on the port (#1875361)
+
 * Thu Jun 18 2020 Matus Honek <mhonek@redhat.com> - 2.4.46-15
 - Fix covscan issues from previous release (#1822737)