From c27bdaf3ec4461951480672d51aab4044469434e487eba22dd3608811770e5be Mon Sep 17 00:00:00 2001 From: Howard Guo Date: Thu, 15 Oct 2015 07:10:44 +0000 Subject: [PATCH] Accepting request 338342 from home:guohouzuo:newdap Remove 2.3 source and put 2.3 lib in a separate package OBS-URL: https://build.opensuse.org/request/show/338342 OBS-URL: https://build.opensuse.org/package/show/network:ldap/openldap2?expand=0&rev=139 --- README.update | 28 -- check-build.sh | 14 - openldap-2.3.37-liblber-length-decoding.dif | 93 ----- openldap-2.3.37-libldap-gethostbyname_r.dif | 20 - ...ibldap-ld_defconn-ldap_free_connection.dif | 23 -- openldap-2.3.37-libldap-ldapi_url.dif | 11 - openldap-2.3.37-libldap-ntlm.diff | 195 ---------- ...ldap-2.3.37-libldap-sasl-max-buff-size.dif | 17 - openldap-2.3.37-libldap-ssl.dif | 15 - openldap-2.3.37-libldap-suid.diff | 18 - ...dap-2.3.37-libldap-tls_chkhost-its6239.dif | 121 ------ openldap-2.3.37-libldap-utf8-ADcanonical.dif | 107 ------ openldap-2.3.37.dif | 360 ------------------ openldap-2.3.37.tgz | 3 - openldap2-client.changes | 22 ++ openldap2-client.spec | 115 +----- openldap2.changes | 22 ++ openldap2.spec | 98 +---- 18 files changed, 55 insertions(+), 1227 deletions(-) delete mode 100644 README.update delete mode 100644 check-build.sh delete mode 100644 openldap-2.3.37-liblber-length-decoding.dif delete mode 100644 openldap-2.3.37-libldap-gethostbyname_r.dif delete mode 100644 openldap-2.3.37-libldap-ld_defconn-ldap_free_connection.dif delete mode 100644 openldap-2.3.37-libldap-ldapi_url.dif delete mode 100644 openldap-2.3.37-libldap-ntlm.diff delete mode 100644 openldap-2.3.37-libldap-sasl-max-buff-size.dif delete mode 100644 openldap-2.3.37-libldap-ssl.dif delete mode 100644 openldap-2.3.37-libldap-suid.diff delete mode 100644 openldap-2.3.37-libldap-tls_chkhost-its6239.dif delete mode 100644 openldap-2.3.37-libldap-utf8-ADcanonical.dif delete mode 100644 openldap-2.3.37.dif delete mode 100644 openldap-2.3.37.tgz diff --git a/README.update b/README.update deleted file mode 100644 index 207e396..0000000 --- a/README.update +++ /dev/null @@ -1,28 +0,0 @@ -Updating from OpenLDAP 2.3.X to 2.4.X -===================================== - -Changed Database format: - Due change in the "BDB"-backend's index database format, existing - bdb-databases need to be reloaded from LDIF completely. This is - normally done during the package installation/update. This might not - work in all setups and for that database dumps of all bdb/hdb - databases are created during the update. - You can find the database dump of each bdb database in the - database directory for that database (default: /var/lib/ldap/). The - file name is "ldapbak.ldif.X" where "X" presents the number of the - database. - If the database backups where not created during the package update for - some reason, you can do them manually by using the command: - /usr/sbin/openldap-2.3-slapcat -T c \ - -f /etc/openldap/schema.backup.XXXXXX/slapd.conf.update - Before dumping the database you should remove the db's enviroment (the - __db*-file in /var/lib/ldap) - To reload the databases please use the tool "slapadd". - -Other Changes: - For additional information on important changes and upgrade - instructions, please have a look a the OpenLDAP Administrator's Guide. - You can find in at: - /usr/share/doc/packages/openldap2/guide/admin/guide.html - or online at: - http://www.openldap.org/doc/admin24/ diff --git a/check-build.sh b/check-build.sh deleted file mode 100644 index d3f95d2..0000000 --- a/check-build.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash -# Copyright (c) 2003 SuSE Linux AG, Germany. All rights reserved. - -# get kernel version -OFS="$IFS" ; IFS=".-" ; version=(`uname -r`) ; IFS="$OIFS" -if test ${version[0]} -gt 2 ; then - : # okay -elif test ${version[0]} -lt 2 -o ${version[1]} -lt 6 -o ${version[2]} -lt 11 ; then - echo "FATAL: kernel too old, need kernel >= 2.6.11 for this package" 1>&2 - exit 1 -fi - -exit 0 - diff --git a/openldap-2.3.37-liblber-length-decoding.dif b/openldap-2.3.37-liblber-length-decoding.dif deleted file mode 100644 index 9d21493..0000000 --- a/openldap-2.3.37-liblber-length-decoding.dif +++ /dev/null @@ -1,93 +0,0 @@ -Index: libraries/liblber/io.c -=================================================================== ---- libraries/liblber/io.c.orig -+++ libraries/liblber/io.c -@@ -495,14 +495,18 @@ ber_get_next( - } - - while (ber->ber_rwptr > (char *)&ber->ber_tag && ber->ber_rwptr < -- (char *)&ber->ber_len + LENSIZE*2 -1) { -+ (char *)&ber->ber_len + LENSIZE*2) { - ber_slen_t sblen; - char buf[sizeof(ber->ber_len)-1]; - ber_len_t tlen = 0; - -+ /* The tag & len can be at most 9 bytes; we try to read up to 8 here */ - sock_errset(0); -- sblen=ber_int_sb_read( sb, ber->ber_rwptr, -- ((char *)&ber->ber_len + LENSIZE*2 - 1)-ber->ber_rwptr); -+ sblen=((char *)&ber->ber_len + LENSIZE*2 - 1)-ber->ber_rwptr; -+ /* Trying to read the last len byte of a 9 byte tag+len */ -+ if (sblen<1) -+ sblen = 1; -+ sblen=ber_int_sb_read( sb, ber->ber_rwptr, sblen ); - if (sblen<=0) return LBER_DEFAULT; - ber->ber_rwptr += sblen; - -@@ -552,7 +556,7 @@ ber_get_next( - int i; - unsigned char *p = (unsigned char *)ber->ber_ptr; - int llen = *p++ & 0x7f; -- if (llen > (int)sizeof(ber_len_t)) { -+ if (llen > LENSIZE) { - sock_errset(ERANGE); - return LBER_DEFAULT; - } -Index: libraries/libldap/result.c -=================================================================== ---- libraries/libldap/result.c.orig -+++ libraries/libldap/result.c -@@ -296,18 +296,20 @@ - #endif - - if ( !lc_ready ) { -+ int err; - rc = ldap_int_select( ld, tvp ); --#ifdef LDAP_DEBUG - if ( rc == -1 ) { -+ err = sock_errno(); -+#ifdef LDAP_DEBUG - Debug( LDAP_DEBUG_TRACE, - "ldap_int_select returned -1: errno %d\n", -- sock_errno(), 0, 0 ); -- } -+ err, 0, 0 ); - #endif -+ } - - if ( rc == 0 || ( rc == -1 && ( - !LDAP_BOOL_GET(&ld->ld_options, LDAP_BOOL_RESTART) -- || sock_errno() != EINTR ))) -+ || err != EINTR ))) - { - ld->ld_errno = (rc == -1 ? LDAP_SERVER_DOWN : - LDAP_TIMEOUT); -@@ -410,7 +412,7 @@ - LDAPRequest *lr, *tmplr; - LDAPConn *lc; - BerElement tmpber; -- int rc, refer_cnt, hadref, simple_request; -+ int rc, refer_cnt, hadref, simple_request, err; - ber_int_t lderr; - - #ifdef LDAP_CONNECTIONLESS -@@ -469,15 +471,16 @@ - } - if ( tag != LDAP_TAG_MESSAGE ) { - if ( tag == LBER_DEFAULT) { -+ err = sock_errno(); - #ifdef LDAP_DEBUG - Debug( LDAP_DEBUG_CONNS, - "ber_get_next failed.\n", 0, 0, 0 ); --#endif -+#endif - #ifdef EWOULDBLOCK -- if ( sock_errno() == EWOULDBLOCK ) return LDAP_MSG_X_KEEP_LOOKING; -+ if ( err == EWOULDBLOCK ) return LDAP_MSG_X_KEEP_LOOKING; - #endif - #ifdef EAGAIN -- if ( sock_errno() == EAGAIN ) return LDAP_MSG_X_KEEP_LOOKING; -+ if ( err == EAGAIN ) return LDAP_MSG_X_KEEP_LOOKING; - #endif - ld->ld_errno = LDAP_SERVER_DOWN; - return -1; diff --git a/openldap-2.3.37-libldap-gethostbyname_r.dif b/openldap-2.3.37-libldap-gethostbyname_r.dif deleted file mode 100644 index a653681..0000000 --- a/openldap-2.3.37-libldap-gethostbyname_r.dif +++ /dev/null @@ -1,20 +0,0 @@ ---- libraries/libldap/util-int.c 2005/08/23 16:07:09 1.1 -+++ libraries/libldap/util-int.c 2005/08/23 16:16:03 -@@ -52,7 +52,7 @@ - #ifndef LDAP_R_COMPILE - # undef HAVE_REENTRANT_FUNCTIONS - # undef HAVE_CTIME_R --# undef HAVE_GETHOSTBYNAME_R -+/* # undef HAVE_GETHOSTBYNAME_R */ - # undef HAVE_GETHOSTBYADDR_R - - #else -@@ -110,7 +110,7 @@ - #define BUFSTART (1024-32) - #define BUFMAX (32*1024-32) - --#if defined(LDAP_R_COMPILE) -+#if defined(LDAP_R_COMPILE) || defined(HAVE_GETHOSTBYNAME_R) - static char *safe_realloc( char **buf, int len ); - - #if !(defined(HAVE_GETHOSTBYNAME_R) && defined(HAVE_GETHOSTBYADDR_R)) diff --git a/openldap-2.3.37-libldap-ld_defconn-ldap_free_connection.dif b/openldap-2.3.37-libldap-ld_defconn-ldap_free_connection.dif deleted file mode 100644 index 2e455a4..0000000 --- a/openldap-2.3.37-libldap-ld_defconn-ldap_free_connection.dif +++ /dev/null @@ -1,23 +0,0 @@ -Index: libraries/libldap/request.c -=================================================================== ---- libraries/libldap/request.c.orig -+++ libraries/libldap/request.c -@@ -601,6 +601,9 @@ ldap_free_connection( LDAP *ld, LDAPConn - } else { - prevlc->lconn_next = tmplc->lconn_next; - } -+ if ( ld->ld_defconn == lc ) { -+ ld->ld_defconn = NULL; -+ } - break; - } - prevlc = tmplc; -@@ -631,6 +634,8 @@ ldap_free_connection( LDAP *ld, LDAPConn - } - if ( lc->lconn_sb != ld->ld_sb ) { - ber_sockbuf_free( lc->lconn_sb ); -+ } else { -+ ber_int_sb_close( lc->lconn_sb ); - } - if ( lc->lconn_rebind_queue != NULL) { - int i; diff --git a/openldap-2.3.37-libldap-ldapi_url.dif b/openldap-2.3.37-libldap-ldapi_url.dif deleted file mode 100644 index b8eb3f9..0000000 --- a/openldap-2.3.37-libldap-ldapi_url.dif +++ /dev/null @@ -1,11 +0,0 @@ ---- include/ldap_defaults.h 2004/04/14 14:13:27 1.1 -+++ include/ldap_defaults.h 2004/04/14 14:14:01 -@@ -39,7 +39,7 @@ - #define LDAP_ENV_PREFIX "LDAP" - - /* default ldapi:// socket */ --#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "ldapi" -+#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "ldapi" - - /* - * SLAPD DEFINITIONS diff --git a/openldap-2.3.37-libldap-ntlm.diff b/openldap-2.3.37-libldap-ntlm.diff deleted file mode 100644 index 15dc01e..0000000 --- a/openldap-2.3.37-libldap-ntlm.diff +++ /dev/null @@ -1,195 +0,0 @@ -Index: include/ldap.h -=================================================================== ---- include/ldap.h.orig -+++ include/ldap.h -@@ -2118,5 +2118,26 @@ LDAP_F( const char * ) - ldap_passwordpolicy_err2txt LDAP_P(( LDAPPasswordPolicyError )); - #endif /* LDAP_CONTROL_PASSWORDPOLICYREQUEST */ - -+/* -+ * hacks for NTLM -+ */ -+#define LDAP_AUTH_NTLM_REQUEST ((ber_tag_t) 0x8aU) -+#define LDAP_AUTH_NTLM_RESPONSE ((ber_tag_t) 0x8bU) -+LDAP_F( int ) -+ldap_ntlm_bind LDAP_P(( -+ LDAP *ld, -+ LDAP_CONST char *dn, -+ ber_tag_t tag, -+ struct berval *cred, -+ LDAPControl **sctrls, -+ LDAPControl **cctrls, -+ int *msgidp )); -+LDAP_F( int ) -+ldap_parse_ntlm_bind_result LDAP_P(( -+ LDAP *ld, -+ LDAPMessage *res, -+ struct berval *challenge)); -+ -+ - LDAP_END_DECL - #endif /* _LDAP_H */ -Index: libraries/libldap/Makefile.in -=================================================================== ---- libraries/libldap/Makefile.in.orig -+++ libraries/libldap/Makefile.in -@@ -20,7 +20,7 @@ PROGRAMS = apitest dntest ftest ltest - SRCS = bind.c open.c result.c error.c compare.c search.c \ - controls.c messages.c references.c extended.c cyrus.c \ - modify.c add.c modrdn.c delete.c abandon.c \ -- sasl.c sbind.c kbind.c unbind.c cancel.c \ -+ sasl.c ntlm.c sbind.c kbind.c unbind.c cancel.c \ - filter.c free.c sort.c passwd.c whoami.c \ - getdn.c getentry.c getattr.c getvalues.c addentry.c \ - request.c os-ip.c url.c sortctrl.c vlvctrl.c \ -@@ -31,7 +31,7 @@ SRCS = bind.c open.c result.c error.c co - OBJS = bind.lo open.lo result.lo error.lo compare.lo search.lo \ - controls.lo messages.lo references.lo extended.lo cyrus.lo \ - modify.lo add.lo modrdn.lo delete.lo abandon.lo \ -- sasl.lo sbind.lo kbind.lo unbind.lo cancel.lo \ -+ sasl.lo ntlm.lo sbind.lo kbind.lo unbind.lo cancel.lo \ - filter.lo free.lo sort.lo passwd.lo whoami.lo \ - getdn.lo getentry.lo getattr.lo getvalues.lo addentry.lo \ - request.lo os-ip.lo url.lo sortctrl.lo vlvctrl.lo \ -Index: libraries/libldap/ntlm.c -=================================================================== ---- /dev/null -+++ libraries/libldap/ntlm.c -@@ -0,0 +1,137 @@ -+/* $OpenLDAP: pkg/ldap/libraries/libldap/ntlm.c,v 1.1.4.10 2002/01/04 20:38:21 kurt Exp $ */ -+/* -+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved. -+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file -+ */ -+ -+/* Mostly copied from sasl.c */ -+ -+#include "portable.h" -+ -+#include -+#include -+ -+#include -+#include -+#include -+#include -+ -+#include "ldap-int.h" -+ -+int -+ldap_ntlm_bind( -+ LDAP *ld, -+ LDAP_CONST char *dn, -+ ber_tag_t tag, -+ struct berval *cred, -+ LDAPControl **sctrls, -+ LDAPControl **cctrls, -+ int *msgidp ) -+{ -+ BerElement *ber; -+ int rc; -+ ber_int_t id; -+ -+ Debug( LDAP_DEBUG_TRACE, "ldap_ntlm_bind\n", 0, 0, 0 ); -+ -+ assert( ld != NULL ); -+ assert( LDAP_VALID( ld ) ); -+ assert( msgidp != NULL ); -+ -+ if( msgidp == NULL ) { -+ ld->ld_errno = LDAP_PARAM_ERROR; -+ return ld->ld_errno; -+ } -+ -+ /* create a message to send */ -+ if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) { -+ ld->ld_errno = LDAP_NO_MEMORY; -+ return ld->ld_errno; -+ } -+ -+ assert( LBER_VALID( ber ) ); -+ -+ LDAP_NEXT_MSGID( ld, id ); -+ rc = ber_printf( ber, "{it{istON}" /*}*/, -+ id, LDAP_REQ_BIND, -+ ld->ld_version, dn, tag, -+ cred ); -+ -+ /* Put Server Controls */ -+ if( ldap_int_put_controls( ld, sctrls, ber ) != LDAP_SUCCESS ) { -+ ber_free( ber, 1 ); -+ return ld->ld_errno; -+ } -+ -+ if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) { -+ ld->ld_errno = LDAP_ENCODING_ERROR; -+ ber_free( ber, 1 ); -+ return ld->ld_errno; -+ } -+ -+ /* send the message */ -+ *msgidp = ldap_send_initial_request( ld, LDAP_REQ_BIND, dn, ber, id ); -+ -+ if(*msgidp < 0) -+ return ld->ld_errno; -+ -+ return LDAP_SUCCESS; -+} -+ -+int -+ldap_parse_ntlm_bind_result( -+ LDAP *ld, -+ LDAPMessage *res, -+ struct berval *challenge) -+{ -+ ber_int_t errcode; -+ ber_tag_t tag; -+ BerElement *ber; -+ ber_len_t len; -+ -+ Debug( LDAP_DEBUG_TRACE, "ldap_parse_ntlm_bind_result\n", 0, 0, 0 ); -+ -+ assert( ld != NULL ); -+ assert( LDAP_VALID( ld ) ); -+ assert( res != NULL ); -+ -+ if ( ld == NULL || res == NULL ) { -+ return LDAP_PARAM_ERROR; -+ } -+ -+ if( res->lm_msgtype != LDAP_RES_BIND ) { -+ ld->ld_errno = LDAP_PARAM_ERROR; -+ return ld->ld_errno; -+ } -+ -+ if ( ld->ld_error ) { -+ LDAP_FREE( ld->ld_error ); -+ ld->ld_error = NULL; -+ } -+ if ( ld->ld_matched ) { -+ LDAP_FREE( ld->ld_matched ); -+ ld->ld_matched = NULL; -+ } -+ -+ /* parse results */ -+ -+ ber = ber_dup( res->lm_ber ); -+ -+ if( ber == NULL ) { -+ ld->ld_errno = LDAP_NO_MEMORY; -+ return ld->ld_errno; -+ } -+ -+ tag = ber_scanf( ber, "{ioa" /*}*/, -+ &errcode, challenge, &ld->ld_error ); -+ ber_free( ber, 0 ); -+ -+ if( tag == LBER_ERROR ) { -+ ld->ld_errno = LDAP_DECODING_ERROR; -+ return ld->ld_errno; -+ } -+ -+ ld->ld_errno = errcode; -+ -+ return( ld->ld_errno ); -+} diff --git a/openldap-2.3.37-libldap-sasl-max-buff-size.dif b/openldap-2.3.37-libldap-sasl-max-buff-size.dif deleted file mode 100644 index 5b3be38..0000000 --- a/openldap-2.3.37-libldap-sasl-max-buff-size.dif +++ /dev/null @@ -1,17 +0,0 @@ -Index: libraries/libldap/cyrus.c -=================================================================== -RCS file: /repo/OpenLDAP/pkg/ldap/libraries/libldap/cyrus.c,v -retrieving revision 1.139 -retrieving revision 1.140 -diff -u -r1.139 -r1.140 ---- libraries/libldap/cyrus.c 2 Jan 2007 19:00:58 -0000 1.139 -+++ libraries/libldap/cyrus.c 23 Apr 2007 12:21:48 -0000 1.140 -@@ -208,7 +208,7 @@ - | buf[2] << 8 - | buf[3]; - -- if ( size > SASL_MAX_BUFF_SIZE ) { -+ if ( size >= SASL_MAX_BUFF_SIZE ) { - /* somebody is trying to mess me up. */ - ber_log_printf( LDAP_DEBUG_ANY, debuglevel, - "sb_sasl_pkt_length: received illegal packet length " diff --git a/openldap-2.3.37-libldap-ssl.dif b/openldap-2.3.37-libldap-ssl.dif deleted file mode 100644 index c7d371c..0000000 --- a/openldap-2.3.37-libldap-ssl.dif +++ /dev/null @@ -1,15 +0,0 @@ -Index: libraries/libldap/tls.c -=================================================================== ---- libraries/libldap/tls.c 2013-11-12 17:09:55.284965672 +0100 -+++ libraries/libldap/tls.c 2013-11-12 17:10:22.829163042 +0100 -@@ -918,10 +918,6 @@ - { - /* If peer cert was bad, treat as if no cert was given */ - if (SSL_get_verify_result(s)) { -- /* If we can send an alert, do so */ -- if (SSL_version(s) != SSL2_VERSION) { -- ssl3_send_alert(s,SSL3_AL_WARNING,SSL3_AD_BAD_CERTIFICATE); -- } - return NULL; - } - return SSL_get_peer_certificate(s); diff --git a/openldap-2.3.37-libldap-suid.diff b/openldap-2.3.37-libldap-suid.diff deleted file mode 100644 index 13368a1..0000000 --- a/openldap-2.3.37-libldap-suid.diff +++ /dev/null @@ -1,18 +0,0 @@ -Index: libraries/libldap/init.c -=================================================================== ---- libraries/libldap/init.c.orig -+++ libraries/libldap/init.c -@@ -579,6 +579,7 @@ void ldap_int_initialize( struct ldapopt - #endif - - openldap_ldap_init_w_sysconf(LDAP_CONF_FILE); -+ if( getuid() == geteuid() ){ - openldap_ldap_init_w_userconf(LDAP_USERRC_FILE); - - { -@@ -608,4 +609,5 @@ void ldap_int_initialize( struct ldapopt - } - - openldap_ldap_init_w_env(gopts, NULL); -+ } - } diff --git a/openldap-2.3.37-libldap-tls_chkhost-its6239.dif b/openldap-2.3.37-libldap-tls_chkhost-its6239.dif deleted file mode 100644 index abac817..0000000 --- a/openldap-2.3.37-libldap-tls_chkhost-its6239.dif +++ /dev/null @@ -1,121 +0,0 @@ -Index: openldap-2.3.32/libraries/libldap/tls.c -=================================================================== ---- openldap-2.3.32.orig/libraries/libldap/tls.c -+++ openldap-2.3.32/libraries/libldap/tls.c -@@ -981,7 +981,7 @@ ldap_pvt_tls_check_hostname( LDAP *ld, v - X509 *x; - const char *name; - char *ptr; -- int ntype = IS_DNS; -+ int ntype = IS_DNS, nlen; - #ifdef LDAP_PF_INET6 - struct in6_addr addr; - #else -@@ -995,6 +995,7 @@ ldap_pvt_tls_check_hostname( LDAP *ld, v - } else { - name = name_in; - } -+ nlen = strlen(name); - - x = tls_get_cert((SSL *)s); - if (!x) { -@@ -1028,15 +1029,14 @@ ldap_pvt_tls_check_hostname( LDAP *ld, v - ex = X509_get_ext(x, i); - alt = X509V3_EXT_d2i(ex); - if (alt) { -- int n, len1 = 0, len2 = 0; -+ int n, len2 = 0; - char *domain = NULL; - GENERAL_NAME *gn; - - if (ntype == IS_DNS) { -- len1 = strlen(name); - domain = strchr(name, '.'); - if (domain) { -- len2 = len1 - (domain-name); -+ len2 = nlen - (domain-name); - } - } - n = sk_GENERAL_NAME_num(alt); -@@ -1054,7 +1054,7 @@ ldap_pvt_tls_check_hostname( LDAP *ld, v - if (sl == 0) continue; - - /* Is this an exact match? */ -- if ((len1 == sl) && !strncasecmp(name, sn, len1)) { -+ if ((nlen == sl) && !strncasecmp(name, sn, nlen)) { - break; - } - -@@ -1094,13 +1094,27 @@ ldap_pvt_tls_check_hostname( LDAP *ld, v - - if (ret != LDAP_SUCCESS) { - X509_NAME *xn; -- char buf[2048]; -- buf[0] = '\0'; -+ X509_NAME_ENTRY *ne; -+ ASN1_OBJECT *obj; -+ ASN1_STRING *cn = NULL; -+ int navas; -+ -+ /* find the last CN */ -+ obj = OBJ_nid2obj( NID_commonName ); -+ if ( !obj ) goto no_cn; /* should never happen */ - - xn = X509_get_subject_name(x); -- if( X509_NAME_get_text_by_NID( xn, NID_commonName, -- buf, sizeof(buf)) == -1) -- { -+ navas = X509_NAME_entry_count( xn ); -+ for ( i=navas-1; i>=0; i-- ) { -+ ne = X509_NAME_get_entry( xn, i ); -+ if ( !OBJ_cmp( ne->object, obj )) { -+ cn = X509_NAME_ENTRY_get_data( ne ); -+ break; -+ } -+ } -+ -+ if( !cn ){ -+no_cn: - Debug( LDAP_DEBUG_ANY, - "TLS: unable to get common name from peer certificate.\n", - 0, 0, 0 ); -@@ -1111,21 +1125,20 @@ ldap_pvt_tls_check_hostname( LDAP *ld, v - ld->ld_error = LDAP_STRDUP( - _("TLS: unable to get CN from peer certificate")); - -- } else if (strcasecmp(name, buf) == 0 ) { -+ } else if ( cn->length == nlen && -+ strncasecmp( name, (char *) cn->data, nlen ) == 0 ) { - ret = LDAP_SUCCESS; - -- } else if (( buf[0] == '*' ) && ( buf[1] == '.' )) { -+ } else if (( cn->data[0] == '*' ) && ( cn->data[1] == '.' )) { - char *domain = strchr(name, '.'); - if( domain ) { -- size_t dlen = 0; -- size_t sl; -+ size_t dlen; - -- sl = strlen(name); -- dlen = sl - (domain-name); -- sl = strlen(buf); -+ dlen = nlen - (domain-name); - - /* Is this a wildcard match? */ -- if ((dlen == sl-1) && !strncasecmp(domain, &buf[1], dlen)) { -+ if ((dlen == cn->length-1) && -+ !strncasecmp(domain, (char *) &cn->data[1], dlen)) { - ret = LDAP_SUCCESS; - } - } -@@ -1133,8 +1146,8 @@ ldap_pvt_tls_check_hostname( LDAP *ld, v - - if( ret == LDAP_LOCAL_ERROR ) { - Debug( LDAP_DEBUG_ANY, "TLS: hostname (%s) does not match " -- "common name in certificate (%s).\n", -- name, buf, 0 ); -+ "common name in certificate (%.*s).\n", -+ name, cn->length, cn->data ); - ret = LDAP_CONNECT_ERROR; - if ( ld->ld_error ) { - LDAP_FREE( ld->ld_error ); diff --git a/openldap-2.3.37-libldap-utf8-ADcanonical.dif b/openldap-2.3.37-libldap-utf8-ADcanonical.dif deleted file mode 100644 index 8fa03f4..0000000 --- a/openldap-2.3.37-libldap-utf8-ADcanonical.dif +++ /dev/null @@ -1,107 +0,0 @@ -Index: libraries/libldap/getdn.c -=================================================================== ---- libraries/libldap/getdn.c.orig -+++ libraries/libldap/getdn.c -@@ -2377,12 +2377,12 @@ strval2DCEstr( struct berval *val, char - - /* - * Length of the (supposedly) AD canonical string representation, -- * accounting for escaped hex of UTF-8 chars -+ * accounting for chars that need to be escaped - */ - static int - strval2ADstrlen( struct berval *val, unsigned flags, ber_len_t *len ) - { -- ber_len_t l; -+ ber_len_t l, cl; - char *p; - - assert( val != NULL ); -@@ -2393,37 +2393,31 @@ strval2ADstrlen( struct berval *val, uns - return( 0 ); - } - -- if ( flags & LDAP_AVA_NONPRINTABLE ) { -- /* -- * FIXME: Turn the value into a binary encoded BER? -- */ -- return( -1 ); -- -- } else { -- for ( l = 0, p = val->bv_val; p[ 0 ]; p++ ) { -- if ( LDAP_DN_NEEDESCAPE_AD( p[ 0 ] ) ) { -- l += 2; -- -- } else { -- l++; -- } -+ for ( l = 0, p = val->bv_val; p[ 0 ]; p += cl ) { -+ cl = LDAP_UTF8_CHARLEN2( p, cl ); -+ if ( cl == 0 ) { -+ /* illegal utf-8 char */ -+ return -1; -+ } else if ( (cl == 1) && LDAP_DN_NEEDESCAPE_AD( p[ 0 ] ) ) { -+ l += 2; -+ } else { -+ l += cl; - } - } - - *len = l; -- -+ - return( 0 ); - } - - /* -- * convert to (supposedly) AD string representation, -- * escaping with hex the UTF-8 stuff; -+ * convert to (supposedly) AD string representation, - * assume the destination has enough room for escaping - */ - static int - strval2ADstr( struct berval *val, char *str, unsigned flags, ber_len_t *len ) - { -- ber_len_t s, d; -+ ber_len_t s, d, cl; - - assert( val != NULL ); - assert( str != NULL ); -@@ -2434,24 +2428,20 @@ strval2ADstr( struct berval *val, char * - return( 0 ); - } - -- if ( flags & LDAP_AVA_NONPRINTABLE ) { -- /* -- * FIXME: Turn the value into a binary encoded BER? -- */ -- *len = 0; -- return( -1 ); -- -- } else { -- -- /* -- * we assume the string has enough room for the hex encoding -- * of the value -- */ -+ /* -+ * we assume the string has enough room for the escaping -+ * of the value -+ */ - -- for ( s = 0, d = 0; s < val->bv_len; ) { -- if ( LDAP_DN_NEEDESCAPE_AD( val->bv_val[ s ] ) ) { -- str[ d++ ] = '\\'; -- } -+ for ( s = 0, d = 0; s < val->bv_len; ) { -+ cl = LDAP_UTF8_CHARLEN2( val->bv_val+s, cl ); -+ if ( cl == 0 ) { -+ /* illegal utf-8 char */ -+ return -1; -+ } else if ( (cl == 1) && LDAP_DN_NEEDESCAPE_AD(val->bv_val[ s ]) ) { -+ str[ d++ ] = '\\'; -+ } -+ for (; cl--;) { - str[ d++ ] = val->bv_val[ s++ ]; - } - } diff --git a/openldap-2.3.37.dif b/openldap-2.3.37.dif deleted file mode 100644 index 6cbc4a5..0000000 --- a/openldap-2.3.37.dif +++ /dev/null @@ -1,360 +0,0 @@ -Index: build/top.mk -=================================================================== ---- build/top.mk.orig -+++ build/top.mk -@@ -39,7 +39,7 @@ libdir = @libdir@ - libexecdir = @libexecdir@ - localstatedir = @localstatedir@ - mandir = @mandir@ --moduledir = @libexecdir@$(ldap_subdir) -+moduledir = @libexecdir@/modules - sbindir = @sbindir@ - sharedstatedir = @sharedstatedir@ - sysconfdir = @sysconfdir@$(ldap_subdir) -@@ -58,7 +58,7 @@ INSTALL_PROGRAM = $(INSTALL) - INSTALL_DATA = $(INSTALL) -m 644 - INSTALL_SCRIPT = $(INSTALL) - --STRIP = -s -+#STRIP = -s - - LINT = lint - 5LINT = 5lint -Index: configure.in -=================================================================== ---- configure.in.orig -+++ configure.in -@@ -64,7 +64,9 @@ dnl Determine host platform - dnl we try not to use this for much - AC_CANONICAL_TARGET([]) - --AM_INIT_AUTOMAKE([$OL_PACKAGE],[$OL_VERSION], [no defines])dnl -+AC_PROG_MAKE_SET -+PACKAGE=$OL_PACKAGE -+VERSION=$OL_VERSION - AC_SUBST(PACKAGE)dnl - AC_SUBST(VERSION)dnl - AC_DEFINE_UNQUOTED(OPENLDAP_PACKAGE,"$PACKAGE",Package) -Index: servers/slapd/aclparse.c -=================================================================== ---- servers/slapd/aclparse.c.orig -+++ servers/slapd/aclparse.c -@@ -662,7 +662,7 @@ parse_acl( - if ( rc != LDAP_SUCCESS ) { - char buf[ SLAP_TEXT_BUFLEN ]; - -- snprintf( buf, sizeof( buf ), "%s: line %d: " -+ snprintf( buf, sizeof( buf ), - " attr \"%s\" normalization failed (%d: %s)", - fname, lineno, - a->acl_attrs[ 0 ].an_name.bv_val, rc, text ); -Index: libraries/liblunicode/Makefile.in -=================================================================== ---- libraries/liblunicode/Makefile.in.orig -+++ libraries/liblunicode/Makefile.in -@@ -35,6 +35,9 @@ $(XXDIR)/uctable.h: $(XXDIR)/ucgendat.c - $(MAKE) ucgendat - ./ucgendat $(srcdir)/UnicodeData.txt -x $(srcdir)/CompositionExclusions.txt - -+PIE_CFLAGS="-fPIE" -+PIE_LDFLAGS="-pie" -+ - ucgendat: $(XLIBS) ucgendat.o - $(LTLINK) -o $@ ucgendat.o $(LIBS) - -Index: libraries/liblutil/Makefile.in -=================================================================== ---- libraries/liblutil/Makefile.in.orig -+++ libraries/liblutil/Makefile.in -@@ -19,6 +19,9 @@ PROGRAM = testavl - LDAP_INCDIR= ../../include - LDAP_LIBDIR= ../../libraries - -+PIE_CFLAGS="-fPIE" -+PIE_LDFLAGS="-pie" -+ - NT_SRCS = ntservice.c - NT_OBJS = ntservice.o slapdmsg.res - -Index: servers/slapd/Makefile.in -=================================================================== ---- servers/slapd/Makefile.in.orig -+++ servers/slapd/Makefile.in -@@ -69,6 +69,9 @@ SLAPD_DYNAMIC_BACKENDS=@SLAPD_DYNAMIC_BA - - SLAPI_LIBS=@LIBSLAPI@ @SLAPI_LIBS@ - -+PIE_CFLAGS="-fPIE" -+PIE_LDFLAGS="-pie" -+ - XDEFS = $(MODULES_CPPFLAGS) - XLDFLAGS = $(MODULES_LDFLAGS) - -Index: servers/slurpd/Makefile.in -=================================================================== ---- servers/slurpd/Makefile.in.orig -+++ servers/slurpd/Makefile.in -@@ -38,6 +38,9 @@ BUILD_SRV = @BUILD_SLURPD@ - - all-local-srv: $(PROGRAMS) - -+PIE_CFLAGS="-fPIE" -+PIE_LDFLAGS="-pie" -+ - # $(LTHREAD_LIBS) must be last! - XLIBS = $(SLURPD_L) - XXLIBS = $(SLURPD_LIBS) $(SECURITY_LIBS) $(LUTIL_LIBS) -Index: servers/slapd/back-bdb/Makefile.in -=================================================================== ---- servers/slapd/back-bdb/Makefile.in.orig -+++ servers/slapd/back-bdb/Makefile.in -@@ -37,6 +37,9 @@ mod_DEFS = -DSLAPD_IMPORT - MOD_DEFS = $(@BUILD_BDB@_DEFS) - MOD_LIBS = $(LDBM_LIBS) - -+PIE_CFLAGS="-fPIE" -+PIE_LDFLAGS="-pie" -+ - shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA) - NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) - UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) -Index: servers/slapd/back-hdb/Makefile.in -=================================================================== ---- servers/slapd/back-hdb/Makefile.in.orig -+++ servers/slapd/back-hdb/Makefile.in -@@ -39,6 +39,9 @@ mod_DEFS = -DSLAPD_IMPORT - MOD_DEFS = $(@BUILD_HDB@_DEFS) - MOD_LIBS = $(LDBM_LIBS) - -+PIE_CFLAGS="-fPIE" -+PIE_LDFLAGS="-pie" -+ - shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA) - NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) - UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) -Index: servers/slapd/back-ldbm/Makefile.in -=================================================================== ---- servers/slapd/back-ldbm/Makefile.in.orig -+++ servers/slapd/back-ldbm/Makefile.in -@@ -36,6 +36,9 @@ mod_DEFS = -DSLAPD_IMPORT - MOD_DEFS = $(@BUILD_LDBM@_DEFS) - MOD_LIBS = $(LDBM_LIBS) - -+PIE_CFLAGS="-fPIE" -+PIE_LDFLAGS="-pie" -+ - shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA) - NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) - UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) -Index: servers/slapd/overlays/Makefile.in -=================================================================== ---- servers/slapd/overlays/Makefile.in.orig -+++ servers/slapd/overlays/Makefile.in -@@ -41,6 +41,9 @@ LTONLY_MOD = $(LTONLY_mod) - LDAP_INCDIR= ../../../include - LDAP_LIBDIR= ../../../libraries - -+PIE_CFLAGS="-fPIE" -+PIE_LDFLAGS="-pie" -+ - MOD_DEFS = -DSLAPD_IMPORT - - shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA) -Index: servers/slapd/back-relay/Makefile.in -=================================================================== ---- servers/slapd/back-relay/Makefile.in.orig -+++ servers/slapd/back-relay/Makefile.in -@@ -24,6 +24,9 @@ BUILD_MOD = @BUILD_RELAY@ - mod_DEFS = -DSLAPD_IMPORT - MOD_DEFS = $(@BUILD_RELAY@_DEFS) - -+PIE_CFLAGS="-fPIE" -+PIE_LDFLAGS="-pie" -+ - shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA) - NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) $(REWRITE) - UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) $(REWRITE) -Index: servers/slapd/back-ldif/Makefile.in -=================================================================== ---- servers/slapd/back-ldif/Makefile.in.orig -+++ servers/slapd/back-ldif/Makefile.in -@@ -25,6 +25,9 @@ BUILD_MOD = yes - mod_DEFS = -DSLAPD_IMPORT - MOD_DEFS = $(yes_DEFS) - -+PIE_CFLAGS="-fPIE" -+PIE_LDFLAGS="-pie" -+ - shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA) - NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) - UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) -Index: libraries/librewrite/Makefile.in -=================================================================== ---- libraries/librewrite/Makefile.in.orig -+++ libraries/librewrite/Makefile.in -@@ -26,6 +26,9 @@ OBJS = config.o context.o info.o ldapmap - LDAP_INCDIR= ../../include - LDAP_LIBDIR= ../../libraries - -+PIE_CFLAGS="-fPIE" -+PIE_LDFLAGS="-pie" -+ - LIBRARY = librewrite.a - PROGRAMS = rewrite - XLIBS = $(LIBRARY) $(LDAP_LIBLUTIL_A) \ -Index: servers/slapd/back-ldap/Makefile.in -=================================================================== ---- servers/slapd/back-ldap/Makefile.in.orig -+++ servers/slapd/back-ldap/Makefile.in -@@ -27,6 +27,9 @@ BUILD_MOD = @BUILD_LDAP@ - mod_DEFS = -DSLAPD_IMPORT - MOD_DEFS = $(@BUILD_LDAP@_DEFS) - -+PIE_CFLAGS="-fPIE" -+PIE_LDFLAGS="-pie" -+ - shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA) - NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) - UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) -Index: servers/slapd/back-monitor/Makefile.in -=================================================================== ---- servers/slapd/back-monitor/Makefile.in.orig -+++ servers/slapd/back-monitor/Makefile.in -@@ -33,6 +33,9 @@ BUILD_MOD = @BUILD_MONITOR@ - mod_DEFS = -DSLAPD_IMPORT - MOD_DEFS = $(@BUILD_MONITOR@_DEFS) - -+PIE_CFLAGS="-fPIE" -+PIE_LDFLAGS="-pie" -+ - shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA) - NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) - UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) -Index: servers/slapd/modify.c -=================================================================== ---- servers/slapd/modify.c.orig -+++ servers/slapd/modify.c -@@ -1,4 +1,4 @@ --/* $OpenLDAP: pkg/ldap/servers/slapd/modify.c,v 1.227.2.25 2007/01/02 21:43:56 kurt Exp $ */ -+/* $OpenLDAP: pkg/ldap/servers/slapd/modify.c,v 1.227.2.26 2007/09/04 03:42:37 hyc Exp $ */ - /* This work is part of OpenLDAP Software . - * - * Copyright 1998-2007 The OpenLDAP Foundation. -@@ -734,6 +734,7 @@ int slap_mods_check( - "%s: value #%ld normalization failed", - ml->sml_type.bv_val, (long) nvals ); - *text = textbuf; -+ BER_BVZERO( &ml->sml_nvalues[nvals] ); - return rc; - } - } -Index: servers/slapd/back-bdb/modrdn.c -=================================================================== ---- servers/slapd/back-bdb/modrdn.c.orig -+++ servers/slapd/back-bdb/modrdn.c -@@ -729,6 +729,8 @@ retry: /* transaction retry */ - } else { - rs->sr_err = LDAP_X_NO_OPERATION; - ltid = NULL; -+ /* Only free attrs if they were dup'd. */ -+ if ( dummy.e_attrs == e->e_attrs ) dummy.e_attrs = NULL; - goto return_results; - } - -Index: libraries/liblber/Makefile.in -=================================================================== ---- libraries/liblber/Makefile.in.orig -+++ libraries/liblber/Makefile.in -@@ -34,6 +34,9 @@ PROGRAMS= dtest etest idtest - LDAP_INCDIR= ../../include - LDAP_LIBDIR= ../../libraries - -+PIE_CFLAGS="-fPIE" -+PIE_LDFLAGS="-pie" -+ - XLIBS = $(LIBRARY) $(LDAP_LIBLUTIL_A) - XXLIBS = - NT_LINK_LIBS = $(AC_LIBS) -Index: libraries/libldap/Makefile.in -=================================================================== ---- libraries/libldap/Makefile.in.orig -+++ libraries/libldap/Makefile.in -@@ -42,6 +42,9 @@ OBJS = bind.lo open.lo result.lo error.l - LDAP_INCDIR= ../../include - LDAP_LIBDIR= ../../libraries - -+PIE_CFLAGS="-fPIE" -+PIE_LDFLAGS="-pie" -+ - LIB_DEFS = -DLDAP_LIBRARY - - XLIBS = $(LIBRARY) $(LDAP_LIBLBER_LA) $(LDAP_LIBLUTIL_A) -Index: libraries/libldap_r/Makefile.in -=================================================================== ---- libraries/libldap_r/Makefile.in.orig -+++ libraries/libldap_r/Makefile.in -@@ -49,6 +49,9 @@ OBJS = threads.lo rdwr.lo tpool.lo rq.l - LDAP_INCDIR= ../../include - LDAP_LIBDIR= ../../libraries - -+PIE_CFLAGS="-fPIE" -+PIE_LDFLAGS="-pie" -+ - LIB_DEFS = -DLDAP_LIBRARY - - XDEFS = -DLDAP_R_COMPILE -I$(XXDIR) -Index: servers/slapd/back-meta/Makefile.in -=================================================================== ---- servers/slapd/back-meta/Makefile.in.orig -+++ servers/slapd/back-meta/Makefile.in -@@ -23,6 +23,9 @@ OBJS = init.lo config.lo search.lo bind. - LDAP_INCDIR= ../../../include - LDAP_LIBDIR= ../../../libraries - -+PIE_CFLAGS="-fPIE" -+PIE_LDFLAGS="-pie" -+ - BUILD_OPT = "--enable-meta" - BUILD_MOD = @BUILD_META@ - -Index: libraries/libldap/os-ip.c -=================================================================== ---- libraries/libldap/os-ip.c.orig -+++ libraries/libldap/os-ip.c -@@ -646,7 +646,7 @@ ldap_host_connected_to( Sockbuf *sb, con - char *herr; - #ifdef NI_MAXHOST - char hbuf[NI_MAXHOST]; --#elif defined( MAXHOSTNAMELEN -+#elif defined( MAXHOSTNAMELEN ) - char hbuf[MAXHOSTNAMELEN]; - #else - char hbuf[256]; -Index: include/ldap_pvt_thread.h -=================================================================== ---- include/ldap_pvt_thread.h.orig -+++ include/ldap_pvt_thread.h -@@ -61,8 +61,6 @@ ldap_pvt_thread_set_concurrency LDAP_P(( - /* LARGE stack. Will be twice as large on 64 bit machine. */ - #define LDAP_PVT_THREAD_STACK_SIZE ( 1 * 1024 * 1024 * sizeof(void *) ) - /* May be explicitly defined to zero to disable it */ --#elif LDAP_PVT_THREAD_STACK_SIZE == 0 --#undef LDAP_PVT_THREAD_SET_STACK_SIZE - #endif - #endif /* !LDAP_PVT_THREAD_H_DONE */ - -Index: libraries/liblutil/getpeereid.c -=================================================================== ---- libraries/liblutil/getpeereid.c.orig -+++ libraries/liblutil/getpeereid.c -@@ -13,7 +13,9 @@ - * top-level directory of the distribution or, alternatively, at - * . - */ -- -+#ifndef _GNU_SOURCE -+#define _GNU_SOURCE 1 /* Needed for glibc struct ucred */ -+#endif - #include "portable.h" - - #ifndef HAVE_GETPEEREID diff --git a/openldap-2.3.37.tgz b/openldap-2.3.37.tgz deleted file mode 100644 index 5e15db2..0000000 --- a/openldap-2.3.37.tgz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:4546f03ff5fb1bbac51a6080112a57131566c4fb25334567ea6e0e35fa89ea24 -size 3799622 diff --git a/openldap2-client.changes b/openldap2-client.changes index 5384bf7..295da2f 100644 --- a/openldap2-client.changes +++ b/openldap2-client.changes @@ -1,3 +1,25 @@ +------------------------------------------------------------------- +Fri Oct 9 09:19:35 UTC 2015 - hguo@suse.com + +- Remove OpenLDAP 2.3 code and patches from build source. + Compatibility libraries for OpenLDAP 2.3 are built in package: + compat-libldap-2_3-0 + Removed source files: + openldap-2.3.37-liblber-length-decoding.dif + openldap-2.3.37-libldap-ntlm.diff + openldap-2.3.37-libldap-ssl.dif + openldap-2.3.37-libldap-sasl-max-buff-size.dif + openldap-2.3.37-libldap-tls_chkhost-its6239.dif + openldap-2.3.37-libldap-gethostbyname_r.dif + openldap-2.3.37-libldap-suid.diff + openldap-2.3.37.dif + openldap-2.3.37-libldap-ld_defconn-ldap_free_connection.dif + openldap-2.3.37-libldap-ldapi_url.dif + openldap-2.3.37.tgz + openldap-2.3.37-libldap-utf8-ADcanonical.dif + README.update + check-build.sh + ------------------------------------------------------------------- Thu Oct 1 11:08:59 UTC 2015 - hguo@suse.com diff --git a/openldap2-client.spec b/openldap2-client.spec index bdbe338..aac2bc1 100644 --- a/openldap2-client.spec +++ b/openldap2-client.spec @@ -35,11 +35,9 @@ Source1: openldap-rc.tgz Source2: addonschema.tar.gz Source3: DB_CONFIG Source4: sasl-slapd.conf -Source5: README.update -Source6: README.dynamic-overlays -Source7: schema2ldif -Source8: baselibs.conf -Source100: openldap-2.3.37.tgz +Source5: README.dynamic-overlays +Source6: schema2ldif +Source7: baselibs.conf Patch1: 0001-build-adjustments.dif Patch2: 0002-slapd.conf.dif Patch3: 0003-LDAPI-socket-location.dif @@ -48,17 +46,6 @@ Patch5: 0005-pie-compile.dif Patch6: 0006-No-Build-date-and-time-in-binaries.dif Patch7: 0007-Recover-on-DB-version-change.dif Patch8: 0008-In-monitor-backend-do-not-return-Connection0-entries.patch -Patch100: openldap-2.3.37.dif -Patch101: openldap-2.3.37-libldap-suid.diff -Patch102: openldap-2.3.37-libldap-ldapi_url.dif -Patch103: openldap-2.3.37-libldap-ntlm.diff -Patch104: openldap-2.3.37-libldap-gethostbyname_r.dif -Patch105: openldap-2.3.37-libldap-sasl-max-buff-size.dif -Patch106: openldap-2.3.37-libldap-utf8-ADcanonical.dif -Patch107: openldap-2.3.37-liblber-length-decoding.dif -Patch108: openldap-2.3.37-libldap-ld_defconn-ldap_free_connection.dif -Patch109: openldap-2.3.37-libldap-tls_chkhost-its6239.dif -Patch110: openldap-2.3.37-libldap-ssl.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: cyrus-sasl-devel BuildRequires: groff @@ -95,7 +82,6 @@ service that has an X.500 back-end. %package -n openldap2-back-perl Summary: OpenLDAP Perl Back-End -License: OLDAP-2.8 Group: Productivity/Networking/LDAP/Servers Requires: openldap2 = %{version_main} Requires: perl = %{perl_version} @@ -106,7 +92,6 @@ different LDAP operations. %package -n openldap2-back-meta Summary: OpenLDAP Meta Back-End -License: OLDAP-2.8 Group: Productivity/Networking/LDAP/Servers Requires: openldap2 = %{version_main} Provides: openldap2:/usr/share/man/man5/slapd-meta.5.gz @@ -119,7 +104,6 @@ Information Tree (DIT). %package -n openldap2-back-sql Summary: OpenLDAP SQL Back-End -License: OLDAP-2.8 Group: Productivity/Networking/LDAP/Servers Requires: openldap2 = %{version_main} @@ -130,7 +114,6 @@ to do any programming. %package -n openldap2-doc Summary: OpenLDAP Documentation -License: OLDAP-2.8 Group: Documentation/Other Provides: openldap2:/usr/share/doc/packages/openldap2/drafts/README %if 0%{?suse_version} > 1110 @@ -140,18 +123,6 @@ BuildArch: noarch %description -n openldap2-doc The OpenLDAP Admin Guide plus a set of OpenLDAP related IETF internet drafts -%package -n compat-libldap-2_3-0 -Summary: OpenLDAP Client Libraries -License: BSD-3-Clause and OLDAP-2.8 and OLDAP-2.8 -Group: Productivity/Networking/LDAP/Clients -Version: 2.3.37 -Release: 0 - -%description -n compat-libldap-2_3-0 -This package contains the OpenLDAP client libraries. - - - Authors: -------- The OpenLDAP Project @@ -163,7 +134,6 @@ This package contains the OpenLDAP client utilities. %package -n openldap2-devel Summary: Libraries, Header Files and Documentation for OpenLDAP -License: OLDAP-2.8 Group: Development/Libraries/C and C++ # bug437293 %ifarch ppc64 @@ -179,7 +149,6 @@ documentation. %package -n openldap2-devel-static Summary: Static libraries for the OpenLDAP libraries -License: OLDAP-2.8 Group: Development/Libraries/C and C++ Requires: cyrus-sasl-devel Requires: libopenssl-devel @@ -191,7 +160,6 @@ for development. %package -n libldap-2_4-2 Summary: OpenLDAP Client Libraries -License: OLDAP-2.8 Group: Productivity/Networking/LDAP/Clients %description -n libldap-2_4-2 @@ -200,7 +168,7 @@ This package contains the OpenLDAP client libraries. %endif %prep -%setup -q -n openldap-%{version_main} -a1 -a2 -b100 +%setup -q -n openldap-%{version_main} -a1 -a2 %patch1 -p1 %patch2 -p1 %patch3 -p1 @@ -210,19 +178,6 @@ This package contains the OpenLDAP client libraries. %patch7 -p1 %patch8 -p1 cp %{SOURCE5} . -cp %{SOURCE6} . -cd ../openldap-2.3.37 -%patch100 -%patch101 -%patch102 -%patch103 -%patch104 -%patch105 -%patch106 -%patch107 -%patch108 -%patch109 -p1 -%patch110 %build %{?suse_update_config:%{suse_update_config -f build}} @@ -264,29 +219,6 @@ export STRIP="" --with-yielding-select make depend make %{?_smp_mflags} -%if "%{name}" == "openldap2" -#%if %suse_version < 1130 -# build a static slapcat binary from the OpenLDAP 2.3 release -# to be able to update existing databases -cd ../openldap-2.3.37 -%{?suse_update_config:%{suse_update_config -f build}} -# update config.sub for recent architectures -cp -a ../openldap-%{version_main}/build/config.sub build/config.sub -libtoolize --force -#aclocal -I build -autoreconf -export CFLAGS="$RPM_OPT_FLAGS -Wno-format-extra-args -fno-strict-aliasing -DLDAP_DEPRECATED -DLDAP_CONNECTIONLESS" -%configure --localstatedir=%{_rundir}/slapd --libexecdir=/usr/lib/openldap \ - --enable-aci \ - --enable-hdb --enable-bdb --enable-ldbm --enable-crypt \ - --enable-ipv6=no \ - --enable-ldap --enable-monitor --enable-meta --enable-rewrite \ - --enable-dynamic=no --enable-shared=yes -make depend -make -C libraries %{?_smp_mflags} - -#%endif -%endif %check %if %run_test_suite @@ -327,7 +259,7 @@ install -m 755 -d $RPM_BUILD_ROOT/var/lib/ldap chmod a+x $RPM_BUILD_ROOT/%{_libdir}/liblber.so* chmod a+x $RPM_BUILD_ROOT/%{_libdir}/libldap_r.so* chmod a+x $RPM_BUILD_ROOT/%{_libdir}/libldap.so* -install -m 755 %{SOURCE7} $RPM_BUILD_ROOT/usr/sbin/schema2ldif +install -m 755 %{SOURCE6} $RPM_BUILD_ROOT/usr/sbin/schema2ldif %if "%{name}" == "openldap2" %define DOCDIR %{_defaultdocdir}/%{name} mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates @@ -351,7 +283,6 @@ install -m 644 ANNOUNCEMENT \ README \ CHANGES \ %{SOURCE5} \ - %{SOURCE6} \ $RPM_BUILD_ROOT/%{DOCDIR} install -m 644 servers/slapd/slapd.ldif \ $RPM_BUILD_ROOT/%{DOCDIR}/slapd.ldif.default @@ -367,14 +298,6 @@ ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcslapd %else ln -s /sbin/service %{buildroot}%{_sbindir}/rcslapd %endif -%if %suse_version < 1130 -# install 2.3 slapcat -install -m 755 ../openldap-2.3.37/servers/slapd/slapcat $RPM_BUILD_ROOT/usr/sbin/openldap-2.3-slapcat -%endif -echo "install sle-10 compat libraries (for SLE11)" -pushd ../openldap-2.3.37/libraries -make DESTDIR=$RPM_BUILD_ROOT install -popd %endif rm -f $RPM_BUILD_ROOT/usr/lib/openldap/modules/*.a rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-dnssrv.5 @@ -449,15 +372,6 @@ cat >openldap2.filelist <>openldap2.filelist < compat-libldap.filelist < openldap2-client.filelist <&1 > /dev/null; -then - # create a backup of the schema shipped with 2.3 - # at least core.schema changed between 2.3 and 2.4 - TEMPDIR=`mktemp -d /etc/openldap/schema.backup.XXXXXX` - echo "Schema backup created in $TEMPDIR" - cp -p --remove-destination /etc/openldap/schema/* $TEMPDIR - echo $TEMPDIR > /etc/openldap/UPDATE_NEEDED ; -fi if /usr/bin/chkconfig ldap 2>&1 | grep -q on; then touch /var/run/enable_slapd_service fi @@ -569,10 +471,6 @@ fi %postun %service_del_postun slapd.service -%post -n compat-libldap-2_3-0 -p /sbin/ldconfig - -%postun -n compat-libldap-2_3-0 -p /sbin/ldconfig - %files -f openldap2.filelist %defattr(-,root,root) @@ -588,9 +486,6 @@ fi %files -n openldap2-doc -f openldap2-doc.filelist %defattr(-,root,root) -%files -n compat-libldap-2_3-0 -f compat-libldap.filelist -%defattr(-,root,root) - %else %post -n libldap-2_4-2 -p /sbin/ldconfig diff --git a/openldap2.changes b/openldap2.changes index 2cc7510..9325512 100644 --- a/openldap2.changes +++ b/openldap2.changes @@ -1,3 +1,25 @@ +------------------------------------------------------------------- +Fri Oct 9 09:19:35 UTC 2015 - hguo@suse.com + +- Remove OpenLDAP 2.3 code and patches from build source. + Compatibility libraries for OpenLDAP 2.3 are built in package: + compat-libldap-2_3-0 + Removed source files: + openldap-2.3.37-liblber-length-decoding.dif + openldap-2.3.37-libldap-ntlm.diff + openldap-2.3.37-libldap-ssl.dif + openldap-2.3.37-libldap-sasl-max-buff-size.dif + openldap-2.3.37-libldap-tls_chkhost-its6239.dif + openldap-2.3.37-libldap-gethostbyname_r.dif + openldap-2.3.37-libldap-suid.diff + openldap-2.3.37.dif + openldap-2.3.37-libldap-ld_defconn-ldap_free_connection.dif + openldap-2.3.37-libldap-ldapi_url.dif + openldap-2.3.37.tgz + openldap-2.3.37-libldap-utf8-ADcanonical.dif + README.update + check-build.sh + ------------------------------------------------------------------- Thu Oct 1 11:08:41 UTC 2015 - hguo@suse.com diff --git a/openldap2.spec b/openldap2.spec index 521668b..6e9f5d6 100644 --- a/openldap2.spec +++ b/openldap2.spec @@ -35,11 +35,9 @@ Source1: openldap-rc.tgz Source2: addonschema.tar.gz Source3: DB_CONFIG Source4: sasl-slapd.conf -Source5: README.update -Source6: README.dynamic-overlays -Source7: schema2ldif -Source8: baselibs.conf -Source100: openldap-2.3.37.tgz +Source5: README.dynamic-overlays +Source6: schema2ldif +Source7: baselibs.conf Patch1: 0001-build-adjustments.dif Patch2: 0002-slapd.conf.dif Patch3: 0003-LDAPI-socket-location.dif @@ -48,17 +46,6 @@ Patch5: 0005-pie-compile.dif Patch6: 0006-No-Build-date-and-time-in-binaries.dif Patch7: 0007-Recover-on-DB-version-change.dif Patch8: 0008-In-monitor-backend-do-not-return-Connection0-entries.patch -Patch100: openldap-2.3.37.dif -Patch101: openldap-2.3.37-libldap-suid.diff -Patch102: openldap-2.3.37-libldap-ldapi_url.dif -Patch103: openldap-2.3.37-libldap-ntlm.diff -Patch104: openldap-2.3.37-libldap-gethostbyname_r.dif -Patch105: openldap-2.3.37-libldap-sasl-max-buff-size.dif -Patch106: openldap-2.3.37-libldap-utf8-ADcanonical.dif -Patch107: openldap-2.3.37-liblber-length-decoding.dif -Patch108: openldap-2.3.37-libldap-ld_defconn-ldap_free_connection.dif -Patch109: openldap-2.3.37-libldap-tls_chkhost-its6239.dif -Patch110: openldap-2.3.37-libldap-ssl.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: cyrus-sasl-devel BuildRequires: groff @@ -95,7 +82,6 @@ service that has an X.500 back-end. %package -n openldap2-back-perl Summary: OpenLDAP Perl Back-End -License: OLDAP-2.8 Group: Productivity/Networking/LDAP/Servers Requires: openldap2 = %{version_main} Requires: perl = %{perl_version} @@ -106,7 +92,6 @@ different LDAP operations. %package -n openldap2-back-meta Summary: OpenLDAP Meta Back-End -License: OLDAP-2.8 Group: Productivity/Networking/LDAP/Servers Requires: openldap2 = %{version_main} Provides: openldap2:/usr/share/man/man5/slapd-meta.5.gz @@ -119,7 +104,6 @@ Information Tree (DIT). %package -n openldap2-back-sql Summary: OpenLDAP SQL Back-End -License: OLDAP-2.8 Group: Productivity/Networking/LDAP/Servers Requires: openldap2 = %{version_main} @@ -130,7 +114,6 @@ to do any programming. %package -n openldap2-doc Summary: OpenLDAP Documentation -License: OLDAP-2.8 Group: Documentation/Other Provides: openldap2:/usr/share/doc/packages/openldap2/drafts/README %if 0%{?suse_version} > 1110 @@ -140,18 +123,6 @@ BuildArch: noarch %description -n openldap2-doc The OpenLDAP Admin Guide plus a set of OpenLDAP related IETF internet drafts -%package -n compat-libldap-2_3-0 -Summary: OpenLDAP Client Libraries -License: BSD-3-Clause and OLDAP-2.8 and OLDAP-2.8 -Group: Productivity/Networking/LDAP/Clients -Version: 2.3.37 -Release: 0 - -%description -n compat-libldap-2_3-0 -This package contains the OpenLDAP client libraries. - - - Authors: -------- The OpenLDAP Project @@ -163,7 +134,6 @@ This package contains the OpenLDAP client utilities. %package -n openldap2-devel Summary: Libraries, Header Files and Documentation for OpenLDAP -License: OLDAP-2.8 Group: Development/Libraries/C and C++ # bug437293 %ifarch ppc64 @@ -179,7 +149,6 @@ documentation. %package -n openldap2-devel-static Summary: Static libraries for the OpenLDAP libraries -License: OLDAP-2.8 Group: Development/Libraries/C and C++ Requires: cyrus-sasl-devel Requires: libopenssl-devel @@ -191,7 +160,6 @@ for development. %package -n libldap-2_4-2 Summary: OpenLDAP Client Libraries -License: OLDAP-2.8 Group: Productivity/Networking/LDAP/Clients %description -n libldap-2_4-2 @@ -200,7 +168,7 @@ This package contains the OpenLDAP client libraries. %endif %prep -%setup -q -n openldap-%{version_main} -a1 -a2 -b100 +%setup -q -n openldap-%{version_main} -a1 -a2 %patch1 -p1 %patch2 -p1 %patch3 -p1 @@ -210,19 +178,6 @@ This package contains the OpenLDAP client libraries. %patch7 -p1 %patch8 -p1 cp %{SOURCE5} . -cp %{SOURCE6} . -cd ../openldap-2.3.37 -%patch100 -%patch101 -%patch102 -%patch103 -%patch104 -%patch105 -%patch106 -%patch107 -%patch108 -%patch109 -p1 -%patch110 %build %{?suse_update_config:%{suse_update_config -f build}} @@ -265,27 +220,6 @@ export STRIP="" make depend make %{?_smp_mflags} %if "%{name}" == "openldap2" -#%if %suse_version < 1130 -# build a static slapcat binary from the OpenLDAP 2.3 release -# to be able to update existing databases -cd ../openldap-2.3.37 -%{?suse_update_config:%{suse_update_config -f build}} -# update config.sub for recent architectures -cp -a ../openldap-%{version_main}/build/config.sub build/config.sub -libtoolize --force -#aclocal -I build -autoreconf -export CFLAGS="$RPM_OPT_FLAGS -Wno-format-extra-args -fno-strict-aliasing -DLDAP_DEPRECATED -DLDAP_CONNECTIONLESS" -%configure --localstatedir=%{_rundir}/slapd --libexecdir=/usr/lib/openldap \ - --enable-aci \ - --enable-hdb --enable-bdb --enable-ldbm --enable-crypt \ - --enable-ipv6=no \ - --enable-ldap --enable-monitor --enable-meta --enable-rewrite \ - --enable-dynamic=no --enable-shared=yes -make depend -make -C libraries %{?_smp_mflags} - -#%endif %endif %check @@ -327,7 +261,7 @@ install -m 755 -d $RPM_BUILD_ROOT/var/lib/ldap chmod a+x $RPM_BUILD_ROOT/%{_libdir}/liblber.so* chmod a+x $RPM_BUILD_ROOT/%{_libdir}/libldap_r.so* chmod a+x $RPM_BUILD_ROOT/%{_libdir}/libldap.so* -install -m 755 %{SOURCE7} $RPM_BUILD_ROOT/usr/sbin/schema2ldif +install -m 755 %{SOURCE6} $RPM_BUILD_ROOT/usr/sbin/schema2ldif %if "%{name}" == "openldap2" %define DOCDIR %{_defaultdocdir}/%{name} mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates @@ -351,7 +285,6 @@ install -m 644 ANNOUNCEMENT \ README \ CHANGES \ %{SOURCE5} \ - %{SOURCE6} \ $RPM_BUILD_ROOT/%{DOCDIR} install -m 644 servers/slapd/slapd.ldif \ $RPM_BUILD_ROOT/%{DOCDIR}/slapd.ldif.default @@ -367,14 +300,6 @@ ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcslapd %else ln -s /sbin/service %{buildroot}%{_sbindir}/rcslapd %endif -%if %suse_version < 1130 -# install 2.3 slapcat -install -m 755 ../openldap-2.3.37/servers/slapd/slapcat $RPM_BUILD_ROOT/usr/sbin/openldap-2.3-slapcat -%endif -echo "install sle-10 compat libraries (for SLE11)" -pushd ../openldap-2.3.37/libraries -make DESTDIR=$RPM_BUILD_ROOT install -popd %endif rm -f $RPM_BUILD_ROOT/usr/lib/openldap/modules/*.a rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-dnssrv.5 @@ -454,10 +379,6 @@ cat >>openldap2.filelist < compat-libldap.filelist < openldap2-client.filelist <