Bug 663752 - Cert renewal for attrcrypt and encchangelog

https://bugzilla.redhat.com/show_bug.cgi?id=663752

Description: There was a bug in using openldap API ldif_read_record
in cl5ImportLDIF (replication/cl5_api.c).  The API ldif_read_record
reuses the buffer allocated internally, where buffer length variable
plays a role to determine the current buffer is large enough for the
new ldif line.  The caller function cl5ImportLDIF freed the buffer
without setting 0 to the length.  It caused segfault.
This patch sets 0 to the buffer length when the buffer is freed.

ldap/servers/plugins/replication/cl5_api.c

@@ -1028,11 +1028,16 @@ cl5ImportLDIF (const char *clDir, const char *ldifFile, Object **replicas)
                 }
             }
             slapi_ch_free_string(&buff);
+#if defined(USE_OPENLDAP)
+            buflen = 0;
+#endif
             goto next;
-		}
-		slapi_ch_free_string(&buff);
-
-		/* if we perform selective import, check if the operation should be wriiten to changelog */
+        }
+        slapi_ch_free_string(&buff);
+#if defined(USE_OPENLDAP)
+        buflen = 0;
+#endif
+        /* if we perform selective import, check if the operation should be wriiten to changelog */
         replica_obj = _cl5GetReplica (&op, replGen);
         if (replica_obj == NULL)
         {