[pam_ldap] - don't overwrite an explicitly-configured search base when we're using DNS to locate the server (

[Nalin Dahyabhai]

commit aa9acb185c0b9fcec2fd5ff701984ae8aba4c0cd
Author: Nalin Dahyabhai <nalin at dahyabhai.net>
Date:   Mon Sep 12 17:20:11 2011 -0400

    - don't overwrite an explicitly-configured search base when we're using DNS
      to locate the server (#735375)

 pam_ldap-185-dnsconfig.patch |   13 ++++++++-----
 pam_ldap.spec                |    6 +++++-
 2 files changed, 13 insertions(+), 6 deletions(-)
---
diff --git a/pam_ldap-185-dnsconfig.patch b/pam_ldap-185-dnsconfig.patch
index 191ac5f..3cdd5cc 100644
--- a/pam_ldap-185-dnsconfig.patch
+++ b/pam_ldap-185-dnsconfig.patch
@@ -52,7 +52,7 @@
  AC_CACHE_CHECK(whether gethostbyname_r takes 6 arguments, xad_cv_gethostbyname_r_args, [
 --- /dev/null	2004-10-19 17:45:17.794252000 -0400
 +++ pam_ldap-176/dnsconfig.c	2004-10-28 17:32:36.915435096 -0400
-@@ -0,0 +1,214 @@
+@@ -0,0 +1,217 @@
 +
 +/* Copyright (C) 1997-2001 Luke Howard.
 +   This file started off as part of the nss_ldap library.
@@ -253,11 +253,14 @@
 +#endif /* SSL */
 +
 +	  /* DN */
-+	  stat = _pam_ldap_getdnsdn (_res.defdname, &result->base);
-+	  if (stat != PAM_SUCCESS)
++	  if (result->base == NULL)
 +	    {
-+	      dns_free_data (r);
-+	      return stat;
++	      stat = _pam_ldap_getdnsdn (_res.defdname, &result->base);
++	      if (stat != PAM_SUCCESS)
++	        {
++	          dns_free_data (r);
++	          return stat;
++	        }
 +	    }
 +	}
 +    }
diff --git a/pam_ldap.spec b/pam_ldap.spec
index 003d29a..74dc89d 100644
--- a/pam_ldap.spec
+++ b/pam_ldap.spec
@@ -7,7 +7,7 @@
 Summary: PAM module for LDAP
 Name: pam_ldap
 Version: 185
-Release: 10%{?dist}
+Release: 11%{?dist}
 URL: http://www.padl.com/OSS/pam_ldap.html
 License: LGPLv2+
 Group: System Environment/Base
@@ -131,6 +131,10 @@ fi
 %attr(0600,root,root) %ghost %config(noreplace) /etc/%{name}.secret
 
 %changelog
+* Mon Sep 12 2011 Nalin Dahyabhai <nalin at redhat.com> 185-11
+- don't overwrite an explicitly-configured search base when we're using DNS
+  to locate the server (#735375)
+
 * Thu Mar 17 2011 Nalin Dahyabhai <nalin at redhat.com> 185-10
 - add Ross Tyler's patch to always require authentication during password
   change requests for expired passwords, so that modules which check password