From bb1567723f4b0f488342a3de1ef4720db1aa7a44 Mon Sep 17 00:00:00 2001
From: Quanah Gibson-Mount <quanah@openldap.org>
Date: Fri, 21 Nov 2008 02:26:20 +0000
Subject: [PATCH] ITS#4750

---
 CHANGES                  |  1 +
 configure                |  4 +++-
 configure.in             |  1 +
 include/portable.hin     |  3 +++
 libraries/libldap/init.c | 10 ++++++++++
 5 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/CHANGES b/CHANGES
index ee489394b2..9bb6cee824 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,7 @@ OpenLDAP 2.4.13 Release (2008/11/20)
 	Fixed libldap interaction with GnuTLS CN IP-based matches (ITS#5789)
 	Fixed libldap MAXHOSTNAMELEN typo (ITS#5815)
 	Fixed libldap Ipv6 detection (ITS#5739)
+	Fixed libldap setuid usage with .ldaprc (ITS#4750)
 	Fixed slapacl crasher (ITS#5820)
 	Fixed slapd acl checks on ADD (ITS#4556,ITS#5723)
 	Fixed slapd acl application to newly created backends (ITS#5572)
diff --git a/configure b/configure
index d04d8d64ac..94b083ff78 100755
--- a/configure
+++ b/configure
@@ -1,5 +1,5 @@
 #! /bin/sh
-# From configure.in OpenLDAP: pkg/ldap/configure.in,v 1.631.2.15 2008/11/08 00:14:44 quanah Exp .
+# From configure.in OpenLDAP: pkg/ldap/configure.in,v 1.631.2.16 2008/11/10 19:15:16 quanah Exp .
 # Guess values for system-dependent variables and create Makefiles.
 # Generated by GNU Autoconf 2.59.
 #
@@ -37109,6 +37109,7 @@ fi
 
 
 
+
 
 
 for ac_func in \
@@ -37121,6 +37122,7 @@ for ac_func in \
 	flock			\
 	fstat			\
 	getdtablesize		\
+	geteuid			\
 	getgrgid		\
 	gethostname		\
 	getpass			\
diff --git a/configure.in b/configure.in
index 56928631a5..f0857e0681 100644
--- a/configure.in
+++ b/configure.in
@@ -2423,6 +2423,7 @@ AC_CHECK_FUNCS(			\
 	flock			\
 	fstat			\
 	getdtablesize		\
+	geteuid			\
 	getgrgid		\
 	gethostname		\
 	getpass			\
diff --git a/include/portable.hin b/include/portable.hin
index e5ff22e8ff..c2ceb55c55 100644
--- a/include/portable.hin
+++ b/include/portable.hin
@@ -190,6 +190,9 @@
 /* Define to 1 if you have the `getdtablesize' function. */
 #undef HAVE_GETDTABLESIZE
 
+/* Define to 1 if you have the `geteuid' function. */
+#undef HAVE_GETEUID
+
 /* Define to 1 if you have the `getgrgid' function. */
 #undef HAVE_GETGRGID
 
diff --git a/libraries/libldap/init.c b/libraries/libldap/init.c
index 4109b7eb74..d61ec89fbf 100644
--- a/libraries/libldap/init.c
+++ b/libraries/libldap/init.c
@@ -18,6 +18,10 @@
 #include <stdio.h>
 #include <ac/stdlib.h>
 
+#ifdef HAVE_GETEUID
+#include <ac/unistd.h>
+#endif
+
 #include <ac/socket.h>
 #include <ac/string.h>
 #include <ac/ctype.h>
@@ -629,6 +633,12 @@ void ldap_int_initialize( struct ldapoptions *gopts, int *dbglvl )
 #endif
 
 	openldap_ldap_init_w_sysconf(LDAP_CONF_FILE);
+
+#ifdef HAVE_GETEUID
+	if ( geteuid() != getuid() )
+		return;
+#endif
+
 	openldap_ldap_init_w_userconf(LDAP_USERRC_FILE);
 
 	{
-- 
GitLab