Hello community,

here is the log from the commit of package nss_ldap for openSUSE:Factory 
checked in at 2016-08-29 15:40:09
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/nss_ldap (Old)
 and      /work/SRC/openSUSE:Factory/.nss_ldap.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "nss_ldap"

Changes:
--------
--- /work/SRC/openSUSE:Factory/nss_ldap/nss_ldap.changes        2015-09-08 
17:44:06.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.nss_ldap.new/nss_ldap.changes   2016-08-29 
15:43:03.000000000 +0200
@@ -1,0 +2,23 @@
+Fri Aug 26 09:49:48 UTC 2016 - h...@suse.com
+
+- Relabel patches:
+    nss_ldap.dif -> 0000-nss_ldap.dif
+    group-utf8.dif -> 0001-group-utf8.dif
+    nss_ldap-ldapconn-leak-bug418.dif ->
+       0002-nss_ldap-ldapconn-leak-bug418.dif
+    nss_ldap-getent-retry.dif -> 0003-nss_ldap-getent-retry.dif
+    nss_ldap-getent-skip-invalid-uidgidnumber.dif ->
+      0004-nss_ldap-getent-skip-invalid-uidgidnumber.dif
+    nss_ldap-265-glibc-2.16.patch -> 0005-nss_ldap-265-glibc-2.16.patch
+    nss_ldap-265-pthread.patch -> 0006-nss_ldap-265-pthread.patch
+    bnc#842120.dif -> 0007-bnc#842120.dif
+    bnc#866763.dif -> 0008-bnc#866763.dif
+- Add patches:
+  * Resolve a connection management issue in oneshot operation mode &
+    Fix bad variable initialisation (bsc#934444)
+    0009-fix-for-BUG-412-don-t-close-nested-contexts.patch
+    0010-initialize-context-in-_nss_ldap_getbyname.patch
+  * Fix buffer management issue between glibc and LDAP (bsc#986858)
+    0011-When-invoked-via-glibc-the-input-buffer-is-enlarged.patch
+
+-------------------------------------------------------------------

Old:
----
  bnc#842120.dif
  bnc#866763.dif
  group-utf8.dif
  nss_ldap-265-glibc-2.16.patch
  nss_ldap-265-pthread.patch
  nss_ldap-getent-retry.dif
  nss_ldap-getent-skip-invalid-uidgidnumber.dif
  nss_ldap-ldapconn-leak-bug418.dif
  nss_ldap.dif

New:
----
  0000-nss_ldap.dif
  0001-group-utf8.dif
  0002-nss_ldap-ldapconn-leak-bug418.dif
  0003-nss_ldap-getent-retry.dif
  0004-nss_ldap-getent-skip-invalid-uidgidnumber.dif
  0005-nss_ldap-265-glibc-2.16.patch
  0006-nss_ldap-265-pthread.patch
  0007-bnc#842120.dif
  0008-bnc#866763.dif
  0009-fix-for-BUG-412-don-t-close-nested-contexts.patch
  0010-initialize-context-in-_nss_ldap_getbyname.patch
  0011-When-invoked-via-glibc-the-input-buffer-is-enlarged.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ nss_ldap.spec ++++++
--- /var/tmp/diff_new_pack.AfjDmS/_old  2016-08-29 15:43:07.000000000 +0200
+++ /var/tmp/diff_new_pack.AfjDmS/_new  2016-08-29 15:43:07.000000000 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package nss_ldap
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -27,19 +27,22 @@
 Source1:        README.SUSE
 Source2:        baselibs.conf
 Source3:        ldap.conf
-Patch0:         nss_ldap.dif
-Patch1:         group-utf8.dif
-Patch2:         nss_ldap-ldapconn-leak-bug418.dif
-Patch3:         nss_ldap-getent-retry.dif
-Patch4:         nss_ldap-getent-skip-invalid-uidgidnumber.dif
+Patch0:         0000-nss_ldap.dif
+Patch1:         0001-group-utf8.dif
+Patch2:         0002-nss_ldap-ldapconn-leak-bug418.dif
+Patch3:         0003-nss_ldap-getent-retry.dif
+Patch4:         0004-nss_ldap-getent-skip-invalid-uidgidnumber.dif
 # Upstream issue with glibc-2.16 http://bugzilla.padl.com/show_bug.cgi?id=445
-Patch5:         nss_ldap-265-glibc-2.16.patch
+Patch5:         0005-nss_ldap-265-glibc-2.16.patch
 # Fix also issue with threads on glibc-2.16 
http://bugzilla.padl.com/show_bug.cgi?id=446
-Patch6:         nss_ldap-265-pthread.patch
+Patch6:         0006-nss_ldap-265-pthread.patch
 # SIGPIPE handling atfork
-Patch7:         bnc#842120.dif
+Patch7:         0007-bnc#842120.dif
 # reverse ipv6 host lookups fail when ldap is used
-Patch8:         bnc#866763.dif
+Patch8:         0008-bnc#866763.dif
+Patch9:         0009-fix-for-BUG-412-don-t-close-nested-contexts.patch
+Patch10:        0010-initialize-context-in-_nss_ldap_getbyname.patch
+Patch11:        0011-When-invoked-via-glibc-the-input-buffer-is-enlarged.patch
 BuildRequires:  autoconf
 BuildRequires:  automake
 BuildRequires:  db-devel
@@ -69,6 +72,9 @@
 %patch6
 %patch7 -p1
 %patch8 -p1
+%patch9 -p1
+%patch10 -p1
+%patch11 -p1
 cp -v %{SOURCE1} .
 
 %build

++++++ 0000-nss_ldap.dif ++++++
Index: nss_ldap-265/ldap-nss.c
===================================================================
--- nss_ldap-265.orig/ldap-nss.c
+++ nss_ldap-265/ldap-nss.c
@@ -2640,7 +2640,8 @@ do_with_reconnect (const char *base, int
           * If a soft reconnect policy is specified, then do not
           * try to reconnect to the LDAP server if it is down.
           */
-         if (__session.ls_config->ldc_reconnect_pol == LP_RECONNECT_SOFT)
+         if ( (__session.ls_config->ldc_reconnect_pol == LP_RECONNECT_SOFT) &&
+               ( tries > 0 ) )
            hard = 0;
 
          ++tries;
Index: nss_ldap-265/Makefile.am
===================================================================
--- nss_ldap-265.orig/Makefile.am
+++ nss_ldap-265/Makefile.am
@@ -109,5 +109,5 @@ uninstall-local:
        @$(NORMAL_UNINSTALL)
 
 vers.c: $(top_srcdir)/CVSVersionInfo.txt
-       CVSVERSIONDIR=$(top_srcdir) vers_string -v
+       CVSVERSIONDIR=$(top_srcdir) ./vers_string -v
 
++++++ 0001-group-utf8.dif ++++++
Index: nss_ldap-265/ldap-grp.c
===================================================================
--- nss_ldap-265.orig/ldap-grp.c
+++ nss_ldap-265/ldap-grp.c
@@ -591,8 +591,9 @@ _nss_ldap_parse_gr (LDAPMessage * e,
                                                              10);
 
   stat =
-    _nss_ldap_getrdnvalue (e, ATM (LM_GROUP, cn), &gr->gr_name, &buffer,
+    _nss_ldap_assign_attrval (e, ATM (LM_GROUP, cn), &gr->gr_name, &buffer,
                           &buflen);
+  
   if (stat != NSS_SUCCESS)
     return stat;
 
++++++ 0002-nss_ldap-ldapconn-leak-bug418.dif ++++++
bnc#659100, PADL#418

Index: nss_ldap-265/ldap-nss.c
===================================================================
--- nss_ldap-265.orig/ldap-nss.c
+++ nss_ldap-265/ldap-nss.c
@@ -1234,9 +1234,14 @@ do_init (void)
        }
     }
 
-  __session.ls_conn = NULL;
+  /* looks like a problem. could be initialized, but not connected */
+  if (__session.ls_state != LS_UNINITIALIZED)
+    {
+      debug ("<== do_init (already initialized)");
+      goto initialized;
+    }
+
   __session.ls_timestamp = 0;
-  __session.ls_state = LS_UNINITIALIZED;
 
 #if defined(HAVE_PTHREAD_ONCE) && defined(HAVE_PTHREAD_ATFORK)
   if (pthread_once (&__once, do_atfork_setup) != 0)
@@ -1356,6 +1361,7 @@ do_init (void)
 
   debug ("<== do_init (initialized session)");
 
+initialized:
   return NSS_SUCCESS;
 }
 
@@ -1575,6 +1581,7 @@ do_open (void)
        }
       else
        {
+         syslog(LOG_ERR, "nss-ldap: do_open: do_start_tls failed:stat=%d", 
stat);
          do_close ();
          debug ("<== do_open (TLS startup failed)");
          return stat;
++++++ 0003-nss_ldap-getent-retry.dif ++++++
bnc#662752, PADL#215

Index: nss_ldap-265/ldap-nss.c
===================================================================
--- nss_ldap-265.orig/ldap-nss.c
+++ nss_ldap-265/ldap-nss.c
@@ -2033,6 +2033,7 @@ _nss_ldap_ent_context_init_locked (ent_c
   ctx->ec_msgid = -1;
   ctx->ec_sd = NULL;
   ctx->ec_eof = 0;
+  ctx->ec_ldaprc = 0;
 
   LS_INIT (ctx->ec_state);
 
@@ -2067,6 +2068,7 @@ do_context_release (ent_context_t * ctx,
 
   ctx->ec_sd = NULL;
   ctx->ec_eof = 0;
+  ctx->ec_ldaprc = 0;
 
   LS_INIT (ctx->ec_state);
 
@@ -2491,6 +2493,7 @@ do_result (ent_context_t * ctx, int all)
          syslog (LOG_ERR, "nss_ldap: could not get LDAP result - %s",
                  ldap_err2string (rc));
          do_close();
+          ctx->ec_ldaprc = rc;
          stat = NSS_UNAVAIL;
          break;
        case LDAP_RES_SEARCH_ENTRY:
@@ -3395,6 +3398,9 @@ _nss_ldap_getent_ex (ldap_args_t * args,
                     const char **user_attrs, parser_t parser)
 {
   NSS_STATUS stat = NSS_SUCCESS;
+  int retry;
+
+  retry = (__session.ls_state == LS_CONNECTED_TO_DSA ) ? 1 : 0;
 
   debug ("==> _nss_ldap_getent_ex");
 
@@ -3437,6 +3443,18 @@ next:
 
   stat = do_parse (*ctx, result, buffer, buflen, errnop, parser);
 
+  if (stat == NSS_UNAVAIL && retry &&
+      ( ((*ctx)->ec_ldaprc == LDAP_UNAVAILABLE) ||
+        ((*ctx)->ec_ldaprc == LDAP_SERVER_DOWN) )
+     )
+    {
+      retry = 0;
+      (*ctx)->ec_msgid = -1;
+      syslog (LOG_ERR, "nss_ldap: Server might have closed connection. 
Retrying.");
+      goto next;
+    }
+
+  retry = 0;
 #ifdef HAVE_LDAP_SEARCH_EXT
   if (stat == NSS_NOTFOUND)
     {
Index: nss_ldap-265/ldap-nss.h
===================================================================
--- nss_ldap-265.orig/ldap-nss.h
+++ nss_ldap-265/ldap-nss.h
@@ -570,6 +570,7 @@ struct ent_context
 {
   ldap_state_t ec_state;       /* eg. for services */
   int ec_msgid;                        /* message ID */
+  int ec_ldaprc;               /* LDAP error code */
   LDAPMessage *ec_res;         /* result chain */
   ldap_service_search_descriptor_t *ec_sd;     /* current sd */
   struct berval *ec_cookie;     /* cookie for paged searches */
++++++ 0004-nss_ldap-getent-skip-invalid-uidgidnumber.dif ++++++
Index: nss_ldap-265/ldap-pwd.c
===================================================================
--- nss_ldap-265.orig/ldap-pwd.c
+++ nss_ldap-265/ldap-pwd.c
@@ -121,7 +121,17 @@ _nss_ldap_parse_pw (LDAPMessage * e,
   stat =
     _nss_ldap_assign_attrval (e, AT (uidNumber), &uid, &tmp, &tmplen);
   if (stat != NSS_SUCCESS)
-    return stat;
+    {
+      /*
+       * uidNumber is to large to fit into the fixed size tmpbuf buffer,
+       * handle this as if it was a Schema violation to skip this entry,
+       * such large ids aren't valid
+       */
+      if ( stat == NSS_TRYAGAIN )
+       stat = NSS_NOTFOUND;
+      return stat;
+    }
+
   if (*uid == '\0')
     pw->pw_uid = UID_NOBODY;
   else
@@ -138,7 +148,16 @@ _nss_ldap_parse_pw (LDAPMessage * e,
     _nss_ldap_assign_attrval (e, ATM (LM_PASSWD, gidNumber), &gid, &tmp,
                               &tmplen);
   if (stat != NSS_SUCCESS)
-    return stat;
+    {
+      /*
+       * gidNumber is to large to fit into the fixed size tmpbuf buffer,
+       * handle this as if it was a Schema violation to skip this entry,
+       * such large ids aren't valid
+       */
+      if ( stat == NSS_TRYAGAIN )
+       stat = NSS_NOTFOUND;
+      return stat;
+    }
   if (*gid == '\0')
     pw->pw_gid = GID_NOBODY;
   else
++++++ 0005-nss_ldap-265-glibc-2.16.patch ++++++
--- ldap-nss.c.orig     2012-10-17 12:32:03.908730283 +0000
+++ ldap-nss.c  2012-10-17 12:38:10.906767283 +0000
@@ -148,7 +148,7 @@
  */
 static ldap_session_t __session = { NULL, NULL, 0, LS_UNINITIALIZED };
 
-#if defined(HAVE_PTHREAD_ATFORK) || defined(HAVE_LIBC_LOCK_H) || 
defined(HAVE_BITS_LIBC_LOCK_H)
+#if defined(HAVE_PTHREAD_ATFORK) || defined(HAVE___LIBC_ONCE)
 static pthread_once_t __once = PTHREAD_ONCE_INIT;
 #endif
 
@@ -168,7 +168,7 @@
 static int __ssl_initialized = 0;
 #endif /* HAVE_LDAPSSL_CLIENT_INIT */
 
-#if defined(HAVE_PTHREAD_ATFORK) || defined(HAVE_LIBC_LOCK_H) || 
defined(HAVE_BITS_LIBC_LOCK_H)
+#if defined(HAVE_PTHREAD_ATFORK) || defined(HAVE___LIBC_ONCE)
 /*
  * Prepare for fork(); lock mutex.
  */
@@ -519,7 +519,7 @@
 }
 #endif /* HAVE_NSSWITCH_H */
 
-#if defined(HAVE_PTHREAD_ATFORK) || defined(HAVE_LIBC_LOCK_H) || 
defined(HAVE_BITS_LIBC_LOCK_H)
+#if defined(HAVE_PTHREAD_ATFORK) || defined(HAVE___LIBC_ONCE)
 static void
 do_atfork_prepare (void)
 {
@@ -553,7 +553,7 @@
 #ifdef HAVE_PTHREAD_ATFORK
   (void) pthread_atfork (do_atfork_prepare, do_atfork_parent,
                         do_atfork_child);
-#elif defined(HAVE_LIBC_LOCK_H) || defined(HAVE_BITS_LIBC_LOCK_H)
+#elif defined(HAVE___LIBC_ATFORK)
   (void) __libc_atfork (do_atfork_prepare, do_atfork_parent, do_atfork_child);
 #endif
 
@@ -1119,7 +1119,7 @@
     }
 
 #ifndef HAVE_PTHREAD_ATFORK
-#if defined(HAVE_LIBC_LOCK_H) || defined(HAVE_BITS_LIBC_LOCK_H)
+#if defined(HAVE___LIBC_ONCE)
   /*
    * This bogosity is necessary because Linux uses different
    * PIDs for different threads (like IRIX, which we don't
@@ -1151,7 +1151,7 @@
     pid = -1;                  /* linked against libpthreads, don't care */
 #else
   pid = getpid ();
-#endif /* HAVE_LIBC_LOCK_H || HAVE_BITS_LIBC_LOCK_H */
+#endif /* HAVE___LIBC_ONCE */
 #endif /* HAVE_PTHREAD_ATFORK */
 
   euid = geteuid ();
@@ -1161,7 +1161,7 @@
   syslog (LOG_DEBUG,
          "nss_ldap: __session.ls_state=%d, __session.ls_conn=%p, __euid=%i, 
euid=%i",
          __session.ls_state, __session.ls_conn, __euid, euid);
-#elif defined(HAVE_LIBC_LOCK_H) || defined(HAVE_BITS_LIBC_LOCK_H)
+#elif defined(HAVE___LIBC_ONCE)
   syslog (LOG_DEBUG,
          "nss_ldap: libpthreads=%s, __session.ls_state=%d, 
__session.ls_conn=%p, __pid=%i, pid=%i, __euid=%i, euid=%i",
          ((__pthread_once == NULL || __pthread_atfork == NULL) ? "FALSE" : 
"TRUE"),
@@ -1185,11 +1185,11 @@
     }
   else
 #ifndef HAVE_PTHREAD_ATFORK
-#if defined(HAVE_LIBC_LOCK_H) || defined(HAVE_BITS_LIBC_LOCK_H)
+#if defined(HAVE___LIBC_ONCE)
   if ((__pthread_once == NULL || __pthread_atfork == NULL) && __pid != pid)
 #else
   if (__pid != pid)
-#endif /* HAVE_LIBC_LOCK_H || HAVE_BITS_LIBC_LOCK_H */
+#endif /* HAVE___LIBC_ONCE */
     {
       do_close_no_unbind ();
     }
@@ -1250,9 +1250,9 @@
       debug ("<== do_init (pthread_once failed)");
       return NSS_UNAVAIL;
     }
-#elif defined(HAVE_PTHREAD_ATFORK) && ( defined(HAVE_LIBC_LOCK_H) || 
defined(HAVE_BITS_LIBC_LOCK_H) )
+#elif defined(HAVE_PTHREAD_ATFORK) && defined(HAVE___LIBC_ONCE)
   __libc_once (__once, do_atfork_setup);
-#elif defined(HAVE_LIBC_LOCK_H) || defined(HAVE_BITS_LIBC_LOCK_H)
+#elif defined(HAVE___LIBC_ONCE)
   /*
    * Only install the pthread_atfork() handlers i
    * we are linked against libpthreads. Otherwise,
--- ldap-nss.h.orig     2012-10-17 12:33:05.681379283 +0000
+++ ldap-nss.h  2012-10-17 12:34:06.337050753 +0000
@@ -671,7 +671,7 @@
 #define NSS_LDAP_LOCK(m)               mutex_lock(&m)
 #define NSS_LDAP_UNLOCK(m)             mutex_unlock(&m)
 #define NSS_LDAP_DEFINE_LOCK(m)                static mutex_t m = DEFAULTMUTEX
-#elif defined(HAVE_LIBC_LOCK_H) || defined(HAVE_BITS_LIBC_LOCK_H)
+#elif defined(HAVE___LIBC_LOCK_LOCK) && defined(HAVE___LIBC_LOCK_UNLOCK)
 #define NSS_LDAP_LOCK(m)               __libc_lock_lock(m)
 #define NSS_LDAP_UNLOCK(m)             __libc_lock_unlock(m)
 #define NSS_LDAP_DEFINE_LOCK(m)                static pthread_mutex_t m = 
PTHREAD_MUTEX_INITIALIZER
--- ldap-nss.c.orig     2012-10-17 12:58:20.270783283 +0000
+++ ldap-nss.c  2012-10-17 12:58:43.699267283 +0000
@@ -156,7 +156,7 @@
 static FILE *__debugfile;
 #endif /* LBER_OPT_LOG_PRINT_FILE */
 
-#ifndef HAVE_PTHREAD_ATFORK
+#if !defined(HAVE_PTHREAD_ATFORK) || !defined(HAVE___LIBC_ONCE)
 /* 
  * Process ID that opened the session.
  */
--- configure.in.orig   2012-10-17 12:59:31.707235283 +0000
+++ configure.in        2012-10-17 13:00:15.854289283 +0000
@@ -255,6 +255,7 @@
 AC_CHECK_FUNCS(pthread_once)
 AC_CHECK_FUNCS(ether_aton)
 AC_CHECK_FUNCS(ether_ntoa)
+AC_CHECK_FUNCS(__libc_once __libc_atfork __libc_lock_lock __libc_lock_unlock)
 
 AC_MSG_CHECKING(for struct ether_addr)
 AC_TRY_COMPILE([#include <sys/types.h>
--- ldap-nss.c.orig     2012-10-17 13:02:01.418010283 +0000
+++ ldap-nss.c  2012-10-17 13:03:25.017240283 +0000
@@ -1102,7 +1102,7 @@
 do_init (void)
 {
   ldap_config_t *cfg;
-#ifndef HAVE_PTHREAD_ATFORK
+#if !defined(HAVE_PTHREAD_ATFORK) || !defined(HAVE___LIBC_ONCE)
   pid_t pid;
 #endif
   uid_t euid;
++++++ 0006-nss_ldap-265-pthread.patch ++++++
--- configure.in.orig   2012-10-17 13:32:35.894846283 +0000
+++ configure.in        2012-10-17 13:35:29.334105697 +0000
@@ -1,6 +1,7 @@
 AC_INIT(ldap-nss.c)
 AC_CANONICAL_SYSTEM
 AC_PREFIX_DEFAULT()
+AC_CONFIG_MACRO_DIR([m4])
 
 AM_INIT_AUTOMAKE(nss_ldap, 265)
 AM_CONFIG_HEADER(config.h)
@@ -250,11 +251,17 @@
 AC_CHECK_FUNCS(snprintf)
 AC_CHECK_FUNCS(gethostbyname)
 AC_CHECK_FUNCS(nsdispatch)
+AC_CHECK_FUNCS(ether_aton)
+AC_CHECK_FUNCS(ether_ntoa)
+
+AX_PTHREAD
+LIBS="$PTHREAD_LIBS $LIBS"
+CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
+CC="$PTHREAD_CC"
+
 AC_CHECK_LIB(pthread_nonshared, main)
 AC_CHECK_FUNCS(pthread_atfork)
 AC_CHECK_FUNCS(pthread_once)
-AC_CHECK_FUNCS(ether_aton)
-AC_CHECK_FUNCS(ether_ntoa)
 AC_CHECK_FUNCS(__libc_once __libc_atfork __libc_lock_lock __libc_lock_unlock)
 
 AC_MSG_CHECKING(for struct ether_addr)
--- /dev/null   2012-10-15 13:43:01.683577607 +0000
+++ m4/ax_pthread.m4    2012-10-17 13:34:51.918922283 +0000
@@ -0,0 +1,309 @@
+# ===========================================================================
+#        http://www.gnu.org/software/autoconf-archive/ax_pthread.html
+# ===========================================================================
+#
+# SYNOPSIS
+#
+#   AX_PTHREAD([ACTION-IF-FOUND[, ACTION-IF-NOT-FOUND]])
+#
+# DESCRIPTION
+#
+#   This macro figures out how to build C programs using POSIX threads. It
+#   sets the PTHREAD_LIBS output variable to the threads library and linker
+#   flags, and the PTHREAD_CFLAGS output variable to any special C compiler
+#   flags that are needed. (The user can also force certain compiler
+#   flags/libs to be tested by setting these environment variables.)
+#
+#   Also sets PTHREAD_CC to any special C compiler that is needed for
+#   multi-threaded programs (defaults to the value of CC otherwise). (This
+#   is necessary on AIX to use the special cc_r compiler alias.)
+#
+#   NOTE: You are assumed to not only compile your program with these flags,
+#   but also link it with them as well. e.g. you should link with
+#   $PTHREAD_CC $CFLAGS $PTHREAD_CFLAGS $LDFLAGS ... $PTHREAD_LIBS $LIBS
+#
+#   If you are only building threads programs, you may wish to use these
+#   variables in your default LIBS, CFLAGS, and CC:
+#
+#     LIBS="$PTHREAD_LIBS $LIBS"
+#     CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
+#     CC="$PTHREAD_CC"
+#
+#   In addition, if the PTHREAD_CREATE_JOINABLE thread-attribute constant
+#   has a nonstandard name, defines PTHREAD_CREATE_JOINABLE to that name
+#   (e.g. PTHREAD_CREATE_UNDETACHED on AIX).
+#
+#   Also HAVE_PTHREAD_PRIO_INHERIT is defined if pthread is found and the
+#   PTHREAD_PRIO_INHERIT symbol is defined when compiling with
+#   PTHREAD_CFLAGS.
+#
+#   ACTION-IF-FOUND is a list of shell commands to run if a threads library
+#   is found, and ACTION-IF-NOT-FOUND is a list of commands to run it if it
+#   is not found. If ACTION-IF-FOUND is not specified, the default action
+#   will define HAVE_PTHREAD.
+#
+#   Please let the authors know if this macro fails on any platform, or if
+#   you have any other suggestions or comments. This macro was based on work
+#   by SGJ on autoconf scripts for FFTW (http://www.fftw.org/) (with help
+#   from M. Frigo), as well as ac_pthread and hb_pthread macros posted by
+#   Alejandro Forero Cuervo to the autoconf macro repository. We are also
+#   grateful for the helpful feedback of numerous users.
+#
+#   Updated for Autoconf 2.68 by Daniel Richard G.
+#
+# LICENSE
+#
+#   Copyright (c) 2008 Steven G. Johnson <stev...@alum.mit.edu>
+#   Copyright (c) 2011 Daniel Richard G. <sk...@iskunk.org>
+#
+#   This program is free software: you can redistribute it and/or modify it
+#   under the terms of the GNU General Public License as published by the
+#   Free Software Foundation, either version 3 of the License, or (at your
+#   option) any later version.
+#
+#   This program is distributed in the hope that it will be useful, but
+#   WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
+#   Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License along
+#   with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+#   As a special exception, the respective Autoconf Macro's copyright owner
+#   gives unlimited permission to copy, distribute and modify the configure
+#   scripts that are the output of Autoconf when processing the Macro. You
+#   need not follow the terms of the GNU General Public License when using
+#   or distributing such scripts, even though portions of the text of the
+#   Macro appear in them. The GNU General Public License (GPL) does govern
+#   all other use of the material that constitutes the Autoconf Macro.
+#
+#   This special exception to the GPL applies to versions of the Autoconf
+#   Macro released by the Autoconf Archive. When you make and distribute a
+#   modified version of the Autoconf Macro, you may extend this special
+#   exception to the GPL to apply to your modified version as well.
+
+#serial 18
+
+AU_ALIAS([ACX_PTHREAD], [AX_PTHREAD])
+AC_DEFUN([AX_PTHREAD], [
+AC_REQUIRE([AC_CANONICAL_HOST])
+AC_LANG_PUSH([C])
+ax_pthread_ok=no
+
+# We used to check for pthread.h first, but this fails if pthread.h
+# requires special compiler flags (e.g. on True64 or Sequent).
+# It gets checked for in the link test anyway.
+
+# First of all, check if the user has set any of the PTHREAD_LIBS,
+# etcetera environment variables, and if threads linking works using
+# them:
+if test x"$PTHREAD_LIBS$PTHREAD_CFLAGS" != x; then
+        save_CFLAGS="$CFLAGS"
+        CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
+        save_LIBS="$LIBS"
+        LIBS="$PTHREAD_LIBS $LIBS"
+        AC_MSG_CHECKING([for pthread_join in LIBS=$PTHREAD_LIBS with 
CFLAGS=$PTHREAD_CFLAGS])
+        AC_TRY_LINK_FUNC(pthread_join, ax_pthread_ok=yes)
+        AC_MSG_RESULT($ax_pthread_ok)
+        if test x"$ax_pthread_ok" = xno; then
+                PTHREAD_LIBS=""
+                PTHREAD_CFLAGS=""
+        fi
+        LIBS="$save_LIBS"
+        CFLAGS="$save_CFLAGS"
+fi
+
+# We must check for the threads library under a number of different
+# names; the ordering is very important because some systems
+# (e.g. DEC) have both -lpthread and -lpthreads, where one of the
+# libraries is broken (non-POSIX).
+
+# Create a list of thread flags to try.  Items starting with a "-" are
+# C compiler flags, and other items are library names, except for "none"
+# which indicates that we try without any flags at all, and "pthread-config"
+# which is a program returning the flags for the Pth emulation library.
+
+ax_pthread_flags="pthreads none -Kthread -kthread lthread -pthread -pthreads 
-mthreads pthread --thread-safe -mt pthread-config"
+
+# The ordering *is* (sometimes) important.  Some notes on the
+# individual items follow:
+
+# pthreads: AIX (must check this before -lpthread)
+# none: in case threads are in libc; should be tried before -Kthread and
+#       other compiler flags to prevent continual compiler warnings
+# -Kthread: Sequent (threads in libc, but -Kthread needed for pthread.h)
+# -kthread: FreeBSD kernel threads (preferred to -pthread since SMP-able)
+# lthread: LinuxThreads port on FreeBSD (also preferred to -pthread)
+# -pthread: Linux/gcc (kernel threads), BSD/gcc (userland threads)
+# -pthreads: Solaris/gcc
+# -mthreads: Mingw32/gcc, Lynx/gcc
+# -mt: Sun Workshop C (may only link SunOS threads [-lthread], but it
+#      doesn't hurt to check since this sometimes defines pthreads too;
+#      also defines -D_REENTRANT)
+#      ... -mt is also the pthreads flag for HP/aCC
+# pthread: Linux, etcetera
+# --thread-safe: KAI C++
+# pthread-config: use pthread-config program (for GNU Pth library)
+
+case ${host_os} in
+        solaris*)
+
+        # On Solaris (at least, for some versions), libc contains stubbed
+        # (non-functional) versions of the pthreads routines, so link-based
+        # tests will erroneously succeed.  (We need to link with -pthreads/-mt/
+        # -lpthread.)  (The stubs are missing pthread_cleanup_push, or rather
+        # a function called by this macro, so we could check for that, but
+        # who knows whether they'll stub that too in a future libc.)  So,
+        # we'll just look for -pthreads and -lpthread first:
+
+        ax_pthread_flags="-pthreads pthread -mt -pthread $ax_pthread_flags"
+        ;;
+
+        darwin*)
+        ax_pthread_flags="-pthread $ax_pthread_flags"
+        ;;
+esac
+
+if test x"$ax_pthread_ok" = xno; then
+for flag in $ax_pthread_flags; do
+
+        case $flag in
+                none)
+                AC_MSG_CHECKING([whether pthreads work without any flags])
+                ;;
+
+                -*)
+                AC_MSG_CHECKING([whether pthreads work with $flag])
+                PTHREAD_CFLAGS="$flag"
+                ;;
+
+                pthread-config)
+                AC_CHECK_PROG(ax_pthread_config, pthread-config, yes, no)
+                if test x"$ax_pthread_config" = xno; then continue; fi
+                PTHREAD_CFLAGS="`pthread-config --cflags`"
+                PTHREAD_LIBS="`pthread-config --ldflags` `pthread-config 
--libs`"
+                ;;
+
+                *)
+                AC_MSG_CHECKING([for the pthreads library -l$flag])
+                PTHREAD_LIBS="-l$flag"
+                ;;
+        esac
+
+        save_LIBS="$LIBS"
+        save_CFLAGS="$CFLAGS"
+        LIBS="$PTHREAD_LIBS $LIBS"
+        CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
+
+        # Check for various functions.  We must include pthread.h,
+        # since some functions may be macros.  (On the Sequent, we
+        # need a special flag -Kthread to make this header compile.)
+        # We check for pthread_join because it is in -lpthread on IRIX
+        # while pthread_create is in libc.  We check for pthread_attr_init
+        # due to DEC craziness with -lpthreads.  We check for
+        # pthread_cleanup_push because it is one of the few pthread
+        # functions on Solaris that doesn't have a non-functional libc stub.
+        # We try pthread_create on general principles.
+        AC_LINK_IFELSE([AC_LANG_PROGRAM([#include <pthread.h>
+                        static void routine(void *a) { a = 0; }
+                        static void *start_routine(void *a) { return a; }],
+                       [pthread_t th; pthread_attr_t attr;
+                        pthread_create(&th, 0, start_routine, 0);
+                        pthread_join(th, 0);
+                        pthread_attr_init(&attr);
+                        pthread_cleanup_push(routine, 0);
+                        pthread_cleanup_pop(0) /* ; */])],
+                [ax_pthread_ok=yes],
+                [])
+
+        LIBS="$save_LIBS"
+        CFLAGS="$save_CFLAGS"
+
+        AC_MSG_RESULT($ax_pthread_ok)
+        if test "x$ax_pthread_ok" = xyes; then
+                break;
+        fi
+
+        PTHREAD_LIBS=""
+        PTHREAD_CFLAGS=""
+done
+fi
+
+# Various other checks:
+if test "x$ax_pthread_ok" = xyes; then
+        save_LIBS="$LIBS"
+        LIBS="$PTHREAD_LIBS $LIBS"
+        save_CFLAGS="$CFLAGS"
+        CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
+
+        # Detect AIX lossage: JOINABLE attribute is called UNDETACHED.
+        AC_MSG_CHECKING([for joinable pthread attribute])
+        attr_name=unknown
+        for attr in PTHREAD_CREATE_JOINABLE PTHREAD_CREATE_UNDETACHED; do
+            AC_LINK_IFELSE([AC_LANG_PROGRAM([#include <pthread.h>],
+                           [int attr = $attr; return attr /* ; */])],
+                [attr_name=$attr; break],
+                [])
+        done
+        AC_MSG_RESULT($attr_name)
+        if test "$attr_name" != PTHREAD_CREATE_JOINABLE; then
+            AC_DEFINE_UNQUOTED(PTHREAD_CREATE_JOINABLE, $attr_name,
+                               [Define to necessary symbol if this constant
+                                uses a non-standard name on your system.])
+        fi
+
+        AC_MSG_CHECKING([if more special flags are required for pthreads])
+        flag=no
+        case ${host_os} in
+            aix* | freebsd* | darwin*) flag="-D_THREAD_SAFE";;
+            osf* | hpux*) flag="-D_REENTRANT";;
+            solaris*)
+            if test "$GCC" = "yes"; then
+                flag="-D_REENTRANT"
+            else
+                flag="-mt -D_REENTRANT"
+            fi
+            ;;
+        esac
+        AC_MSG_RESULT(${flag})
+        if test "x$flag" != xno; then
+            PTHREAD_CFLAGS="$flag $PTHREAD_CFLAGS"
+        fi
+
+        AC_CACHE_CHECK([for PTHREAD_PRIO_INHERIT],
+            ax_cv_PTHREAD_PRIO_INHERIT, [
+                AC_LINK_IFELSE([
+                    AC_LANG_PROGRAM([[#include <pthread.h>]], [[int i = 
PTHREAD_PRIO_INHERIT;]])],
+                    [ax_cv_PTHREAD_PRIO_INHERIT=yes],
+                    [ax_cv_PTHREAD_PRIO_INHERIT=no])
+            ])
+        AS_IF([test "x$ax_cv_PTHREAD_PRIO_INHERIT" = "xyes"],
+            AC_DEFINE([HAVE_PTHREAD_PRIO_INHERIT], 1, [Have 
PTHREAD_PRIO_INHERIT.]))
+
+        LIBS="$save_LIBS"
+        CFLAGS="$save_CFLAGS"
+
+        # More AIX lossage: must compile with xlc_r or cc_r
+        if test x"$GCC" != xyes; then
+          AC_CHECK_PROGS(PTHREAD_CC, xlc_r cc_r, ${CC})
+        else
+          PTHREAD_CC=$CC
+        fi
+else
+        PTHREAD_CC="$CC"
+fi
+
+AC_SUBST(PTHREAD_LIBS)
+AC_SUBST(PTHREAD_CFLAGS)
+AC_SUBST(PTHREAD_CC)
+
+# Finally, execute ACTION-IF-FOUND/ACTION-IF-NOT-FOUND:
+if test x"$ax_pthread_ok" = xyes; then
+        ifelse([$1],,AC_DEFINE(HAVE_PTHREAD,1,[Define if you have POSIX 
threads libraries and header files.]),[$1])
+        :
+else
+        ax_pthread_ok=no
+        $2
+fi
+AC_LANG_POP
+])dnl AX_PTHREAD
--- Makefile.am.orig    2012-10-17 13:36:27.310869710 +0000
+++ Makefile.am 2012-10-17 13:36:43.355515255 +0000
@@ -1,3 +1,5 @@
+ACLOCAL_AMFLAGS = -I m4
+
 if AIX
 authmod = NSS_LDAP
 else
++++++ 0007-bnc#842120.dif ++++++
Index: nss_ldap-262/ldap-nss.c
===================================================================
--- nss_ldap-262.orig/ldap-nss.c
+++ nss_ldap-262/ldap-nss.c
@@ -121,6 +121,7 @@ extern int ldap_ld_free (LDAP * ld, int
 #endif /* HAVE_LDAP_LD_FREE */
 
 NSS_LDAP_DEFINE_LOCK (__lock);
+NSS_LDAP_DEFINE_LOCK (__child_atfork_lock);
 
 /*
  * the configuration is read by the first call to do_open().
@@ -532,11 +533,35 @@ do_atfork_parent (void)
   debug ("<== do_atfork_parent");
 }
 
+static int
+_nss_ldap_need_deferred_close_no_unbind;
+
+static void
+do_deferred_close_no_unbind (void)
+{
+  sigset_t unblock, mask;
+  debug ("==> do_deferred_close_no_unbind");
+
+  sigemptyset(&unblock);
+  sigaddset(&unblock, SIGPIPE);
+  sigprocmask(SIG_UNBLOCK, &unblock, &mask);
+  do_close_no_unbind ();
+  sigprocmask(SIG_SETMASK, &mask, NULL);
+  debug ("<== do_deferred_close_no_unbind");
+}
+
 static void
 do_atfork_child (void)
 {
+  int sd = -1;
+
   debug ("==> do_atfork_child");
-  do_close_no_unbind ();
+
+  NSS_LDAP_LOCK (__child_atfork_lock);
+  _nss_ldap_need_deferred_close_no_unbind = 1;
+  if (do_get_our_socket (&sd))
+    fcntl (sd, F_SETFD, FD_CLOEXEC);
+  NSS_LDAP_UNLOCK (__child_atfork_lock);
   _nss_ldap_leave ();
   debug ("<== do_atfork_child");
 }
@@ -600,6 +625,14 @@ _nss_ldap_enter (void)
   __sigpipe_handler = signal (SIGPIPE, SIG_IGN);
 #endif /* HAVE_SIGSET */
 
+  NSS_LDAP_LOCK (__child_atfork_lock);
+  if (_nss_ldap_need_deferred_close_no_unbind)
+    {
+      do_deferred_close_no_unbind ();
+      _nss_ldap_need_deferred_close_no_unbind = 0;
+    }
+  NSS_LDAP_UNLOCK (__child_atfork_lock);
+
   debug ("<== _nss_ldap_enter");
 }
 
@@ -823,6 +856,8 @@ do_get_our_socket(int *sd)
                                               peernamelen);
        }
     }
+  else
+    isOurSocket = 0;
 #endif /* HAVE_LDAPSSL_CLIENT_INIT */
   return isOurSocket;
 }
++++++ 0008-bnc#866763.dif ++++++
diff -Naur nss_ldap-265/ldap-hosts.c nss_ldap-265-new/ldap-hosts.c
--- nss_ldap-265/ldap-hosts.c   2009-11-06 11:28:08.000000000 +0100
+++ nss_ldap-265-new/ldap-hosts.c       2014-03-05 19:28:43.377519356 +0100
@@ -354,14 +357,26 @@
 {
   NSS_STATUS status;
   ldap_args_t a;
+#ifdef INET6
+  char address[INET6_ADDRSTRLEN];
+#else
+  char address[INET_ADDRSTRLEN];
+#endif
 
   /* if querying by IPv6 address, make sure the address is "normalized" --
    * it should contain no leading zeros and all components of the address.
    * still we can't fit an IPv6 address in an int, so who cares for now.
    */
 
+#ifdef INET6
+  if (type == AF_INET6)
+    inet_ntop (AF_INET6, addr, address, INET6_ADDRSTRLEN);
+  else
+#endif
+    inet_ntop (AF_INET, addr, address, INET_ADDRSTRLEN);
+
   LA_INIT (a);
-  LA_STRING (a) = inet_ntoa (*addr);
+  LA_STRING (a) = address;
   LA_TYPE (a) = LA_TYPE_STRING;
 
   status = _nss_ldap_getbyname (&a,
++++++ 0009-fix-for-BUG-412-don-t-close-nested-contexts.patch ++++++
>From 2dbece566df68ce1f48fa066509e7dc4added676 Mon Sep 17 00:00:00 2001
From: Luke Howard <lu...@padl.com>
Date: Wed, 24 Feb 2010 11:28:53 +0000
Subject: [PATCH] fix for BUG#412: don't close nested contexts

diff --git a/ldap-grp.c b/ldap-grp.c
index b4770c1..810bb60 100644
--- a/ldap-grp.c
+++ b/ldap-grp.c
@@ -859,7 +859,7 @@ ng_chase (const char *dn, ldap_initgroups_args_t * lia)
   LA_STRING (a) = dn;
   LA_TYPE (a) = LA_TYPE_STRING;
 
-  if (_nss_ldap_ent_context_init_locked (&ctx) == NULL)
+  if (_nss_ldap_ent_context_init_internal_locked (&ctx) == NULL)
     {
       return NSS_UNAVAIL;
     }
@@ -931,7 +931,7 @@ ng_chase_backlink (const char ** membersOf, 
ldap_initgroups_args_t * lia)
   LA_STRING_LIST (a) = filteredMembersOf;
   LA_TYPE (a) = LA_TYPE_STRING_LIST_OR;
 
-  if (_nss_ldap_ent_context_init_locked (&ctx) == NULL)
+  if (_nss_ldap_ent_context_init_internal_locked (&ctx) == NULL)
     {
       free (filteredMembersOf);
       return NSS_UNAVAIL;
diff --git a/ldap-netgrp.c b/ldap-netgrp.c
index 092efc2..b495ad5 100644
--- a/ldap-netgrp.c
+++ b/ldap-netgrp.c
@@ -691,7 +691,7 @@ do_innetgr_nested (ldap_innetgr_args_t * li_args, const 
char *nested)
   LA_TYPE (a) = LA_TYPE_STRING;
   LA_STRING (a) = nested;      /* memberNisNetgroup */
 
-  if (_nss_ldap_ent_context_init_locked (&ctx) == NULL)
+  if (_nss_ldap_ent_context_init_internal_locked (&ctx) == NULL)
     {
       debug ("<== do_innetgr_nested: failed to initialize context");
       return NSS_UNAVAIL;
diff --git a/ldap-nss.c b/ldap-nss.c
index 28c6b3e..2105157 100644
--- a/ldap-nss.c
+++ b/ldap-nss.c
@@ -2029,7 +2029,7 @@ _nss_ldap_ent_context_init_locked (ent_context_t ** pctx)
 
   if (ctx == NULL)
     {
-      ctx = (ent_context_t *) malloc (sizeof (*ctx));
+      ctx = (ent_context_t *) calloc (1, sizeof (*ctx));
       if (ctx == NULL)
        {
          debug ("<== _nss_ldap_ent_context_init_locked");
@@ -2067,6 +2067,20 @@ _nss_ldap_ent_context_init_locked (ent_context_t ** pctx)
   return ctx;
 }
 
+ent_context_t *
+_nss_ldap_ent_context_init_internal_locked (ent_context_t ** pctx)
+{
+  ent_context_t *ctx;
+
+  ctx = _nss_ldap_ent_context_init_locked (pctx);
+  if (ctx == NULL)
+    return NULL;
+
+  ctx->ec_internal = 1;
+
+  return ctx;
+}
+
 static void
 do_context_release (ent_context_t * ctx, int free_context)
 {
@@ -2096,7 +2110,8 @@ do_context_release (ent_context_t * ctx, int free_context)
 
   LS_INIT (ctx->ec_state);
 
-  if (_nss_ldap_test_config_flag (NSS_LDAP_FLAGS_CONNECT_POLICY_ONESHOT))
+  if (!ctx->ec_internal &&
+      _nss_ldap_test_config_flag (NSS_LDAP_FLAGS_CONNECT_POLICY_ONESHOT))
     {
       do_close ();
     }
diff --git a/ldap-nss.h b/ldap-nss.h
index b58f28b..1e96005 100644
--- a/ldap-nss.h
+++ b/ldap-nss.h
@@ -573,7 +573,9 @@ struct ent_context
   LDAPMessage *ec_res;         /* result chain */
   ldap_service_search_descriptor_t *ec_sd;     /* current sd */
   struct berval *ec_cookie;     /* cookie for paged searches */
-  int ec_eof;                  /* reached notional end of file */
+  int ec_eof : 1;              /* reached notional end of file */
+  int ec_internal : 1;         /* this context is just a part of a larger
+                                * query for information */
 };
 
 typedef struct ent_context ent_context_t;
@@ -766,6 +768,15 @@ ent_context_t *_nss_ldap_ent_context_init (ent_context_t 
**);
 ent_context_t *_nss_ldap_ent_context_init_locked (ent_context_t **);
 
 /*
+ * _nss_ldap_ent_context_init_internal_locked() has the same
+ * behaviour, except it marks the context as one that's being
+ * used to fetch additional data used in answering a request, i.e.
+ * that this isn't the "main" context
+ */
+
+ent_context_t *_nss_ldap_ent_context_init_internal_locked (ent_context_t **);
+
+/*
  * _nss_ldap_ent_context_release() is used to manually free a context 
  */
 void _nss_ldap_ent_context_release (ent_context_t **);
-- 
2.4.3

++++++ 0010-initialize-context-in-_nss_ldap_getbyname.patch ++++++
>From e71be5f00337ae890fa219e0cb4459aa435a6437 Mon Sep 17 00:00:00 2001
From: Luke Howard <lu...@padl.com>
Date: Fri, 19 Mar 2010 16:42:20 +0000
Subject: [PATCH] initialize context in _nss_ldap_getbyname()

The patch was slightly adjusted by Howard Guo <h...@suse.com> to fit into this 
older release of nss_ldap.

diff -rupN nss_ldap-265/ldap-nss.c nss_ldap-265-patched/ldap-nss.c
--- nss_ldap-265/ldap-nss.c     2016-03-23 15:12:53.348695960 +0100
+++ nss_ldap-265-patched/ldap-nss.c     2016-03-23 16:24:31.440525358 +0100
@@ -3563,9 +3563,8 @@ _nss_ldap_getbyname (ldap_args_t * args,
 
   debug ("==> _nss_ldap_getbyname");
 
+  memset (&ctx, 0, sizeof(ctx));
   ctx.ec_msgid = -1;
-  ctx.ec_cookie = NULL;
-  ctx.ec_eof = 0;
 
   stat = _nss_ldap_search_s (args, filterprot, sel, NULL, 1, &ctx.ec_res);
   if (stat != NSS_SUCCESS)
++++++ 0011-When-invoked-via-glibc-the-input-buffer-is-enlarged.patch ++++++
>From a12feab75b33a6fc09233794eff203416ca6ebd8 Mon Sep 17 00:00:00 2001
From: HouzuoGuo <guohou...@gmail.com>
Date: Fri, 26 Aug 2016 11:07:15 +0200
Subject: [PATCH] When invoked via glibc, the input buffer is enlarged only if
 errnop is set to ERANGE, so set it that way to comply with glibc's
 expectation.

Authored by William Preston <wpres...@suse.com> on 2016-08-25.

diff --git a/ldap-netgrp.c b/ldap-netgrp.c
index ff70dba..bc7d711 100644
--- a/ldap-netgrp.c
+++ b/ldap-netgrp.c
@@ -382,7 +382,9 @@ NSS_STATUS
 _nss_ldap_getnetgrent_r (struct __netgrent *result,
                         char *buffer, size_t buflen, int *errnop)
 {
-  return _nss_ldap_parse_netgr (result, buffer, buflen);
+  NSS_STATUS status = _nss_ldap_parse_netgr (result, buffer, buflen);
+  if (status == NSS_TRYAGAIN) *errnop = ERANGE;
+  return status;
 }
 #endif /* HAVE_NSS_H */
 
-- 
2.6.6


Reply via email to