1
0
forked from pool/openldap2

Accepting request 339075 from network:ldap

1

OBS-URL: https://build.opensuse.org/request/show/339075
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openldap2?expand=0&rev=113
This commit is contained in:
Stephan Kulow 2015-10-24 08:23:16 +00:00 committed by Git OBS Bridge
commit 029d25d1f0
18 changed files with 55 additions and 1227 deletions

View File

@ -1,28 +0,0 @@
Updating from OpenLDAP 2.3.X to 2.4.X
=====================================
Changed Database format:
Due change in the "BDB"-backend's index database format, existing
bdb-databases need to be reloaded from LDIF completely. This is
normally done during the package installation/update. This might not
work in all setups and for that database dumps of all bdb/hdb
databases are created during the update.
You can find the database dump of each bdb database in the
database directory for that database (default: /var/lib/ldap/). The
file name is "ldapbak.ldif.X" where "X" presents the number of the
database.
If the database backups where not created during the package update for
some reason, you can do them manually by using the command:
/usr/sbin/openldap-2.3-slapcat -T c \
-f /etc/openldap/schema.backup.XXXXXX/slapd.conf.update
Before dumping the database you should remove the db's enviroment (the
__db*-file in /var/lib/ldap)
To reload the databases please use the tool "slapadd".
Other Changes:
For additional information on important changes and upgrade
instructions, please have a look a the OpenLDAP Administrator's Guide.
You can find in at:
/usr/share/doc/packages/openldap2/guide/admin/guide.html
or online at:
http://www.openldap.org/doc/admin24/

View File

@ -1,14 +0,0 @@
#!/bin/bash
# Copyright (c) 2003 SuSE Linux AG, Germany. All rights reserved.
# get kernel version
OFS="$IFS" ; IFS=".-" ; version=(`uname -r`) ; IFS="$OIFS"
if test ${version[0]} -gt 2 ; then
: # okay
elif test ${version[0]} -lt 2 -o ${version[1]} -lt 6 -o ${version[2]} -lt 11 ; then
echo "FATAL: kernel too old, need kernel >= 2.6.11 for this package" 1>&2
exit 1
fi
exit 0

View File

@ -1,93 +0,0 @@
Index: libraries/liblber/io.c
===================================================================
--- libraries/liblber/io.c.orig
+++ libraries/liblber/io.c
@@ -495,14 +495,18 @@ ber_get_next(
}
while (ber->ber_rwptr > (char *)&ber->ber_tag && ber->ber_rwptr <
- (char *)&ber->ber_len + LENSIZE*2 -1) {
+ (char *)&ber->ber_len + LENSIZE*2) {
ber_slen_t sblen;
char buf[sizeof(ber->ber_len)-1];
ber_len_t tlen = 0;
+ /* The tag & len can be at most 9 bytes; we try to read up to 8 here */
sock_errset(0);
- sblen=ber_int_sb_read( sb, ber->ber_rwptr,
- ((char *)&ber->ber_len + LENSIZE*2 - 1)-ber->ber_rwptr);
+ sblen=((char *)&ber->ber_len + LENSIZE*2 - 1)-ber->ber_rwptr;
+ /* Trying to read the last len byte of a 9 byte tag+len */
+ if (sblen<1)
+ sblen = 1;
+ sblen=ber_int_sb_read( sb, ber->ber_rwptr, sblen );
if (sblen<=0) return LBER_DEFAULT;
ber->ber_rwptr += sblen;
@@ -552,7 +556,7 @@ ber_get_next(
int i;
unsigned char *p = (unsigned char *)ber->ber_ptr;
int llen = *p++ & 0x7f;
- if (llen > (int)sizeof(ber_len_t)) {
+ if (llen > LENSIZE) {
sock_errset(ERANGE);
return LBER_DEFAULT;
}
Index: libraries/libldap/result.c
===================================================================
--- libraries/libldap/result.c.orig
+++ libraries/libldap/result.c
@@ -296,18 +296,20 @@
#endif
if ( !lc_ready ) {
+ int err;
rc = ldap_int_select( ld, tvp );
-#ifdef LDAP_DEBUG
if ( rc == -1 ) {
+ err = sock_errno();
+#ifdef LDAP_DEBUG
Debug( LDAP_DEBUG_TRACE,
"ldap_int_select returned -1: errno %d\n",
- sock_errno(), 0, 0 );
- }
+ err, 0, 0 );
#endif
+ }
if ( rc == 0 || ( rc == -1 && (
!LDAP_BOOL_GET(&ld->ld_options, LDAP_BOOL_RESTART)
- || sock_errno() != EINTR )))
+ || err != EINTR )))
{
ld->ld_errno = (rc == -1 ? LDAP_SERVER_DOWN :
LDAP_TIMEOUT);
@@ -410,7 +412,7 @@
LDAPRequest *lr, *tmplr;
LDAPConn *lc;
BerElement tmpber;
- int rc, refer_cnt, hadref, simple_request;
+ int rc, refer_cnt, hadref, simple_request, err;
ber_int_t lderr;
#ifdef LDAP_CONNECTIONLESS
@@ -469,15 +471,16 @@
}
if ( tag != LDAP_TAG_MESSAGE ) {
if ( tag == LBER_DEFAULT) {
+ err = sock_errno();
#ifdef LDAP_DEBUG
Debug( LDAP_DEBUG_CONNS,
"ber_get_next failed.\n", 0, 0, 0 );
-#endif
+#endif
#ifdef EWOULDBLOCK
- if ( sock_errno() == EWOULDBLOCK ) return LDAP_MSG_X_KEEP_LOOKING;
+ if ( err == EWOULDBLOCK ) return LDAP_MSG_X_KEEP_LOOKING;
#endif
#ifdef EAGAIN
- if ( sock_errno() == EAGAIN ) return LDAP_MSG_X_KEEP_LOOKING;
+ if ( err == EAGAIN ) return LDAP_MSG_X_KEEP_LOOKING;
#endif
ld->ld_errno = LDAP_SERVER_DOWN;
return -1;

View File

@ -1,20 +0,0 @@
--- libraries/libldap/util-int.c 2005/08/23 16:07:09 1.1
+++ libraries/libldap/util-int.c 2005/08/23 16:16:03
@@ -52,7 +52,7 @@
#ifndef LDAP_R_COMPILE
# undef HAVE_REENTRANT_FUNCTIONS
# undef HAVE_CTIME_R
-# undef HAVE_GETHOSTBYNAME_R
+/* # undef HAVE_GETHOSTBYNAME_R */
# undef HAVE_GETHOSTBYADDR_R
#else
@@ -110,7 +110,7 @@
#define BUFSTART (1024-32)
#define BUFMAX (32*1024-32)
-#if defined(LDAP_R_COMPILE)
+#if defined(LDAP_R_COMPILE) || defined(HAVE_GETHOSTBYNAME_R)
static char *safe_realloc( char **buf, int len );
#if !(defined(HAVE_GETHOSTBYNAME_R) && defined(HAVE_GETHOSTBYADDR_R))

View File

@ -1,23 +0,0 @@
Index: libraries/libldap/request.c
===================================================================
--- libraries/libldap/request.c.orig
+++ libraries/libldap/request.c
@@ -601,6 +601,9 @@ ldap_free_connection( LDAP *ld, LDAPConn
} else {
prevlc->lconn_next = tmplc->lconn_next;
}
+ if ( ld->ld_defconn == lc ) {
+ ld->ld_defconn = NULL;
+ }
break;
}
prevlc = tmplc;
@@ -631,6 +634,8 @@ ldap_free_connection( LDAP *ld, LDAPConn
}
if ( lc->lconn_sb != ld->ld_sb ) {
ber_sockbuf_free( lc->lconn_sb );
+ } else {
+ ber_int_sb_close( lc->lconn_sb );
}
if ( lc->lconn_rebind_queue != NULL) {
int i;

View File

@ -1,11 +0,0 @@
--- include/ldap_defaults.h 2004/04/14 14:13:27 1.1
+++ include/ldap_defaults.h 2004/04/14 14:14:01
@@ -39,7 +39,7 @@
#define LDAP_ENV_PREFIX "LDAP"
/* default ldapi:// socket */
-#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "ldapi"
+#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "ldapi"
/*
* SLAPD DEFINITIONS

View File

@ -1,195 +0,0 @@
Index: include/ldap.h
===================================================================
--- include/ldap.h.orig
+++ include/ldap.h
@@ -2118,5 +2118,26 @@ LDAP_F( const char * )
ldap_passwordpolicy_err2txt LDAP_P(( LDAPPasswordPolicyError ));
#endif /* LDAP_CONTROL_PASSWORDPOLICYREQUEST */
+/*
+ * hacks for NTLM
+ */
+#define LDAP_AUTH_NTLM_REQUEST ((ber_tag_t) 0x8aU)
+#define LDAP_AUTH_NTLM_RESPONSE ((ber_tag_t) 0x8bU)
+LDAP_F( int )
+ldap_ntlm_bind LDAP_P((
+ LDAP *ld,
+ LDAP_CONST char *dn,
+ ber_tag_t tag,
+ struct berval *cred,
+ LDAPControl **sctrls,
+ LDAPControl **cctrls,
+ int *msgidp ));
+LDAP_F( int )
+ldap_parse_ntlm_bind_result LDAP_P((
+ LDAP *ld,
+ LDAPMessage *res,
+ struct berval *challenge));
+
+
LDAP_END_DECL
#endif /* _LDAP_H */
Index: libraries/libldap/Makefile.in
===================================================================
--- libraries/libldap/Makefile.in.orig
+++ libraries/libldap/Makefile.in
@@ -20,7 +20,7 @@ PROGRAMS = apitest dntest ftest ltest
SRCS = bind.c open.c result.c error.c compare.c search.c \
controls.c messages.c references.c extended.c cyrus.c \
modify.c add.c modrdn.c delete.c abandon.c \
- sasl.c sbind.c kbind.c unbind.c cancel.c \
+ sasl.c ntlm.c sbind.c kbind.c unbind.c cancel.c \
filter.c free.c sort.c passwd.c whoami.c \
getdn.c getentry.c getattr.c getvalues.c addentry.c \
request.c os-ip.c url.c sortctrl.c vlvctrl.c \
@@ -31,7 +31,7 @@ SRCS = bind.c open.c result.c error.c co
OBJS = bind.lo open.lo result.lo error.lo compare.lo search.lo \
controls.lo messages.lo references.lo extended.lo cyrus.lo \
modify.lo add.lo modrdn.lo delete.lo abandon.lo \
- sasl.lo sbind.lo kbind.lo unbind.lo cancel.lo \
+ sasl.lo ntlm.lo sbind.lo kbind.lo unbind.lo cancel.lo \
filter.lo free.lo sort.lo passwd.lo whoami.lo \
getdn.lo getentry.lo getattr.lo getvalues.lo addentry.lo \
request.lo os-ip.lo url.lo sortctrl.lo vlvctrl.lo \
Index: libraries/libldap/ntlm.c
===================================================================
--- /dev/null
+++ libraries/libldap/ntlm.c
@@ -0,0 +1,137 @@
+/* $OpenLDAP: pkg/ldap/libraries/libldap/ntlm.c,v 1.1.4.10 2002/01/04 20:38:21 kurt Exp $ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+/* Mostly copied from sasl.c */
+
+#include "portable.h"
+
+#include <stdlib.h>
+#include <stdio.h>
+
+#include <ac/socket.h>
+#include <ac/string.h>
+#include <ac/time.h>
+#include <ac/errno.h>
+
+#include "ldap-int.h"
+
+int
+ldap_ntlm_bind(
+ LDAP *ld,
+ LDAP_CONST char *dn,
+ ber_tag_t tag,
+ struct berval *cred,
+ LDAPControl **sctrls,
+ LDAPControl **cctrls,
+ int *msgidp )
+{
+ BerElement *ber;
+ int rc;
+ ber_int_t id;
+
+ Debug( LDAP_DEBUG_TRACE, "ldap_ntlm_bind\n", 0, 0, 0 );
+
+ assert( ld != NULL );
+ assert( LDAP_VALID( ld ) );
+ assert( msgidp != NULL );
+
+ if( msgidp == NULL ) {
+ ld->ld_errno = LDAP_PARAM_ERROR;
+ return ld->ld_errno;
+ }
+
+ /* create a message to send */
+ if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
+ ld->ld_errno = LDAP_NO_MEMORY;
+ return ld->ld_errno;
+ }
+
+ assert( LBER_VALID( ber ) );
+
+ LDAP_NEXT_MSGID( ld, id );
+ rc = ber_printf( ber, "{it{istON}" /*}*/,
+ id, LDAP_REQ_BIND,
+ ld->ld_version, dn, tag,
+ cred );
+
+ /* Put Server Controls */
+ if( ldap_int_put_controls( ld, sctrls, ber ) != LDAP_SUCCESS ) {
+ ber_free( ber, 1 );
+ return ld->ld_errno;
+ }
+
+ if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) {
+ ld->ld_errno = LDAP_ENCODING_ERROR;
+ ber_free( ber, 1 );
+ return ld->ld_errno;
+ }
+
+ /* send the message */
+ *msgidp = ldap_send_initial_request( ld, LDAP_REQ_BIND, dn, ber, id );
+
+ if(*msgidp < 0)
+ return ld->ld_errno;
+
+ return LDAP_SUCCESS;
+}
+
+int
+ldap_parse_ntlm_bind_result(
+ LDAP *ld,
+ LDAPMessage *res,
+ struct berval *challenge)
+{
+ ber_int_t errcode;
+ ber_tag_t tag;
+ BerElement *ber;
+ ber_len_t len;
+
+ Debug( LDAP_DEBUG_TRACE, "ldap_parse_ntlm_bind_result\n", 0, 0, 0 );
+
+ assert( ld != NULL );
+ assert( LDAP_VALID( ld ) );
+ assert( res != NULL );
+
+ if ( ld == NULL || res == NULL ) {
+ return LDAP_PARAM_ERROR;
+ }
+
+ if( res->lm_msgtype != LDAP_RES_BIND ) {
+ ld->ld_errno = LDAP_PARAM_ERROR;
+ return ld->ld_errno;
+ }
+
+ if ( ld->ld_error ) {
+ LDAP_FREE( ld->ld_error );
+ ld->ld_error = NULL;
+ }
+ if ( ld->ld_matched ) {
+ LDAP_FREE( ld->ld_matched );
+ ld->ld_matched = NULL;
+ }
+
+ /* parse results */
+
+ ber = ber_dup( res->lm_ber );
+
+ if( ber == NULL ) {
+ ld->ld_errno = LDAP_NO_MEMORY;
+ return ld->ld_errno;
+ }
+
+ tag = ber_scanf( ber, "{ioa" /*}*/,
+ &errcode, challenge, &ld->ld_error );
+ ber_free( ber, 0 );
+
+ if( tag == LBER_ERROR ) {
+ ld->ld_errno = LDAP_DECODING_ERROR;
+ return ld->ld_errno;
+ }
+
+ ld->ld_errno = errcode;
+
+ return( ld->ld_errno );
+}

View File

@ -1,17 +0,0 @@
Index: libraries/libldap/cyrus.c
===================================================================
RCS file: /repo/OpenLDAP/pkg/ldap/libraries/libldap/cyrus.c,v
retrieving revision 1.139
retrieving revision 1.140
diff -u -r1.139 -r1.140
--- libraries/libldap/cyrus.c 2 Jan 2007 19:00:58 -0000 1.139
+++ libraries/libldap/cyrus.c 23 Apr 2007 12:21:48 -0000 1.140
@@ -208,7 +208,7 @@
| buf[2] << 8
| buf[3];
- if ( size > SASL_MAX_BUFF_SIZE ) {
+ if ( size >= SASL_MAX_BUFF_SIZE ) {
/* somebody is trying to mess me up. */
ber_log_printf( LDAP_DEBUG_ANY, debuglevel,
"sb_sasl_pkt_length: received illegal packet length "

View File

@ -1,15 +0,0 @@
Index: libraries/libldap/tls.c
===================================================================
--- libraries/libldap/tls.c 2013-11-12 17:09:55.284965672 +0100
+++ libraries/libldap/tls.c 2013-11-12 17:10:22.829163042 +0100
@@ -918,10 +918,6 @@
{
/* If peer cert was bad, treat as if no cert was given */
if (SSL_get_verify_result(s)) {
- /* If we can send an alert, do so */
- if (SSL_version(s) != SSL2_VERSION) {
- ssl3_send_alert(s,SSL3_AL_WARNING,SSL3_AD_BAD_CERTIFICATE);
- }
return NULL;
}
return SSL_get_peer_certificate(s);

View File

@ -1,18 +0,0 @@
Index: libraries/libldap/init.c
===================================================================
--- libraries/libldap/init.c.orig
+++ libraries/libldap/init.c
@@ -579,6 +579,7 @@ void ldap_int_initialize( struct ldapopt
#endif
openldap_ldap_init_w_sysconf(LDAP_CONF_FILE);
+ if( getuid() == geteuid() ){
openldap_ldap_init_w_userconf(LDAP_USERRC_FILE);
{
@@ -608,4 +609,5 @@ void ldap_int_initialize( struct ldapopt
}
openldap_ldap_init_w_env(gopts, NULL);
+ }
}

View File

@ -1,121 +0,0 @@
Index: openldap-2.3.32/libraries/libldap/tls.c
===================================================================
--- openldap-2.3.32.orig/libraries/libldap/tls.c
+++ openldap-2.3.32/libraries/libldap/tls.c
@@ -981,7 +981,7 @@ ldap_pvt_tls_check_hostname( LDAP *ld, v
X509 *x;
const char *name;
char *ptr;
- int ntype = IS_DNS;
+ int ntype = IS_DNS, nlen;
#ifdef LDAP_PF_INET6
struct in6_addr addr;
#else
@@ -995,6 +995,7 @@ ldap_pvt_tls_check_hostname( LDAP *ld, v
} else {
name = name_in;
}
+ nlen = strlen(name);
x = tls_get_cert((SSL *)s);
if (!x) {
@@ -1028,15 +1029,14 @@ ldap_pvt_tls_check_hostname( LDAP *ld, v
ex = X509_get_ext(x, i);
alt = X509V3_EXT_d2i(ex);
if (alt) {
- int n, len1 = 0, len2 = 0;
+ int n, len2 = 0;
char *domain = NULL;
GENERAL_NAME *gn;
if (ntype == IS_DNS) {
- len1 = strlen(name);
domain = strchr(name, '.');
if (domain) {
- len2 = len1 - (domain-name);
+ len2 = nlen - (domain-name);
}
}
n = sk_GENERAL_NAME_num(alt);
@@ -1054,7 +1054,7 @@ ldap_pvt_tls_check_hostname( LDAP *ld, v
if (sl == 0) continue;
/* Is this an exact match? */
- if ((len1 == sl) && !strncasecmp(name, sn, len1)) {
+ if ((nlen == sl) && !strncasecmp(name, sn, nlen)) {
break;
}
@@ -1094,13 +1094,27 @@ ldap_pvt_tls_check_hostname( LDAP *ld, v
if (ret != LDAP_SUCCESS) {
X509_NAME *xn;
- char buf[2048];
- buf[0] = '\0';
+ X509_NAME_ENTRY *ne;
+ ASN1_OBJECT *obj;
+ ASN1_STRING *cn = NULL;
+ int navas;
+
+ /* find the last CN */
+ obj = OBJ_nid2obj( NID_commonName );
+ if ( !obj ) goto no_cn; /* should never happen */
xn = X509_get_subject_name(x);
- if( X509_NAME_get_text_by_NID( xn, NID_commonName,
- buf, sizeof(buf)) == -1)
- {
+ navas = X509_NAME_entry_count( xn );
+ for ( i=navas-1; i>=0; i-- ) {
+ ne = X509_NAME_get_entry( xn, i );
+ if ( !OBJ_cmp( ne->object, obj )) {
+ cn = X509_NAME_ENTRY_get_data( ne );
+ break;
+ }
+ }
+
+ if( !cn ){
+no_cn:
Debug( LDAP_DEBUG_ANY,
"TLS: unable to get common name from peer certificate.\n",
0, 0, 0 );
@@ -1111,21 +1125,20 @@ ldap_pvt_tls_check_hostname( LDAP *ld, v
ld->ld_error = LDAP_STRDUP(
_("TLS: unable to get CN from peer certificate"));
- } else if (strcasecmp(name, buf) == 0 ) {
+ } else if ( cn->length == nlen &&
+ strncasecmp( name, (char *) cn->data, nlen ) == 0 ) {
ret = LDAP_SUCCESS;
- } else if (( buf[0] == '*' ) && ( buf[1] == '.' )) {
+ } else if (( cn->data[0] == '*' ) && ( cn->data[1] == '.' )) {
char *domain = strchr(name, '.');
if( domain ) {
- size_t dlen = 0;
- size_t sl;
+ size_t dlen;
- sl = strlen(name);
- dlen = sl - (domain-name);
- sl = strlen(buf);
+ dlen = nlen - (domain-name);
/* Is this a wildcard match? */
- if ((dlen == sl-1) && !strncasecmp(domain, &buf[1], dlen)) {
+ if ((dlen == cn->length-1) &&
+ !strncasecmp(domain, (char *) &cn->data[1], dlen)) {
ret = LDAP_SUCCESS;
}
}
@@ -1133,8 +1146,8 @@ ldap_pvt_tls_check_hostname( LDAP *ld, v
if( ret == LDAP_LOCAL_ERROR ) {
Debug( LDAP_DEBUG_ANY, "TLS: hostname (%s) does not match "
- "common name in certificate (%s).\n",
- name, buf, 0 );
+ "common name in certificate (%.*s).\n",
+ name, cn->length, cn->data );
ret = LDAP_CONNECT_ERROR;
if ( ld->ld_error ) {
LDAP_FREE( ld->ld_error );

View File

@ -1,107 +0,0 @@
Index: libraries/libldap/getdn.c
===================================================================
--- libraries/libldap/getdn.c.orig
+++ libraries/libldap/getdn.c
@@ -2377,12 +2377,12 @@ strval2DCEstr( struct berval *val, char
/*
* Length of the (supposedly) AD canonical string representation,
- * accounting for escaped hex of UTF-8 chars
+ * accounting for chars that need to be escaped
*/
static int
strval2ADstrlen( struct berval *val, unsigned flags, ber_len_t *len )
{
- ber_len_t l;
+ ber_len_t l, cl;
char *p;
assert( val != NULL );
@@ -2393,37 +2393,31 @@ strval2ADstrlen( struct berval *val, uns
return( 0 );
}
- if ( flags & LDAP_AVA_NONPRINTABLE ) {
- /*
- * FIXME: Turn the value into a binary encoded BER?
- */
- return( -1 );
-
- } else {
- for ( l = 0, p = val->bv_val; p[ 0 ]; p++ ) {
- if ( LDAP_DN_NEEDESCAPE_AD( p[ 0 ] ) ) {
- l += 2;
-
- } else {
- l++;
- }
+ for ( l = 0, p = val->bv_val; p[ 0 ]; p += cl ) {
+ cl = LDAP_UTF8_CHARLEN2( p, cl );
+ if ( cl == 0 ) {
+ /* illegal utf-8 char */
+ return -1;
+ } else if ( (cl == 1) && LDAP_DN_NEEDESCAPE_AD( p[ 0 ] ) ) {
+ l += 2;
+ } else {
+ l += cl;
}
}
*len = l;
-
+
return( 0 );
}
/*
- * convert to (supposedly) AD string representation,
- * escaping with hex the UTF-8 stuff;
+ * convert to (supposedly) AD string representation,
* assume the destination has enough room for escaping
*/
static int
strval2ADstr( struct berval *val, char *str, unsigned flags, ber_len_t *len )
{
- ber_len_t s, d;
+ ber_len_t s, d, cl;
assert( val != NULL );
assert( str != NULL );
@@ -2434,24 +2428,20 @@ strval2ADstr( struct berval *val, char *
return( 0 );
}
- if ( flags & LDAP_AVA_NONPRINTABLE ) {
- /*
- * FIXME: Turn the value into a binary encoded BER?
- */
- *len = 0;
- return( -1 );
-
- } else {
-
- /*
- * we assume the string has enough room for the hex encoding
- * of the value
- */
+ /*
+ * we assume the string has enough room for the escaping
+ * of the value
+ */
- for ( s = 0, d = 0; s < val->bv_len; ) {
- if ( LDAP_DN_NEEDESCAPE_AD( val->bv_val[ s ] ) ) {
- str[ d++ ] = '\\';
- }
+ for ( s = 0, d = 0; s < val->bv_len; ) {
+ cl = LDAP_UTF8_CHARLEN2( val->bv_val+s, cl );
+ if ( cl == 0 ) {
+ /* illegal utf-8 char */
+ return -1;
+ } else if ( (cl == 1) && LDAP_DN_NEEDESCAPE_AD(val->bv_val[ s ]) ) {
+ str[ d++ ] = '\\';
+ }
+ for (; cl--;) {
str[ d++ ] = val->bv_val[ s++ ];
}
}

View File

@ -1,360 +0,0 @@
Index: build/top.mk
===================================================================
--- build/top.mk.orig
+++ build/top.mk
@@ -39,7 +39,7 @@ libdir = @libdir@
libexecdir = @libexecdir@
localstatedir = @localstatedir@
mandir = @mandir@
-moduledir = @libexecdir@$(ldap_subdir)
+moduledir = @libexecdir@/modules
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
sysconfdir = @sysconfdir@$(ldap_subdir)
@@ -58,7 +58,7 @@ INSTALL_PROGRAM = $(INSTALL)
INSTALL_DATA = $(INSTALL) -m 644
INSTALL_SCRIPT = $(INSTALL)
-STRIP = -s
+#STRIP = -s
LINT = lint
5LINT = 5lint
Index: configure.in
===================================================================
--- configure.in.orig
+++ configure.in
@@ -64,7 +64,9 @@ dnl Determine host platform
dnl we try not to use this for much
AC_CANONICAL_TARGET([])
-AM_INIT_AUTOMAKE([$OL_PACKAGE],[$OL_VERSION], [no defines])dnl
+AC_PROG_MAKE_SET
+PACKAGE=$OL_PACKAGE
+VERSION=$OL_VERSION
AC_SUBST(PACKAGE)dnl
AC_SUBST(VERSION)dnl
AC_DEFINE_UNQUOTED(OPENLDAP_PACKAGE,"$PACKAGE",Package)
Index: servers/slapd/aclparse.c
===================================================================
--- servers/slapd/aclparse.c.orig
+++ servers/slapd/aclparse.c
@@ -662,7 +662,7 @@ parse_acl(
if ( rc != LDAP_SUCCESS ) {
char buf[ SLAP_TEXT_BUFLEN ];
- snprintf( buf, sizeof( buf ), "%s: line %d: "
+ snprintf( buf, sizeof( buf ),
" attr \"%s\" normalization failed (%d: %s)",
fname, lineno,
a->acl_attrs[ 0 ].an_name.bv_val, rc, text );
Index: libraries/liblunicode/Makefile.in
===================================================================
--- libraries/liblunicode/Makefile.in.orig
+++ libraries/liblunicode/Makefile.in
@@ -35,6 +35,9 @@ $(XXDIR)/uctable.h: $(XXDIR)/ucgendat.c
$(MAKE) ucgendat
./ucgendat $(srcdir)/UnicodeData.txt -x $(srcdir)/CompositionExclusions.txt
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
ucgendat: $(XLIBS) ucgendat.o
$(LTLINK) -o $@ ucgendat.o $(LIBS)
Index: libraries/liblutil/Makefile.in
===================================================================
--- libraries/liblutil/Makefile.in.orig
+++ libraries/liblutil/Makefile.in
@@ -19,6 +19,9 @@ PROGRAM = testavl
LDAP_INCDIR= ../../include
LDAP_LIBDIR= ../../libraries
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
NT_SRCS = ntservice.c
NT_OBJS = ntservice.o slapdmsg.res
Index: servers/slapd/Makefile.in
===================================================================
--- servers/slapd/Makefile.in.orig
+++ servers/slapd/Makefile.in
@@ -69,6 +69,9 @@ SLAPD_DYNAMIC_BACKENDS=@SLAPD_DYNAMIC_BA
SLAPI_LIBS=@LIBSLAPI@ @SLAPI_LIBS@
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
XDEFS = $(MODULES_CPPFLAGS)
XLDFLAGS = $(MODULES_LDFLAGS)
Index: servers/slurpd/Makefile.in
===================================================================
--- servers/slurpd/Makefile.in.orig
+++ servers/slurpd/Makefile.in
@@ -38,6 +38,9 @@ BUILD_SRV = @BUILD_SLURPD@
all-local-srv: $(PROGRAMS)
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
# $(LTHREAD_LIBS) must be last!
XLIBS = $(SLURPD_L)
XXLIBS = $(SLURPD_LIBS) $(SECURITY_LIBS) $(LUTIL_LIBS)
Index: servers/slapd/back-bdb/Makefile.in
===================================================================
--- servers/slapd/back-bdb/Makefile.in.orig
+++ servers/slapd/back-bdb/Makefile.in
@@ -37,6 +37,9 @@ mod_DEFS = -DSLAPD_IMPORT
MOD_DEFS = $(@BUILD_BDB@_DEFS)
MOD_LIBS = $(LDBM_LIBS)
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA)
NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
Index: servers/slapd/back-hdb/Makefile.in
===================================================================
--- servers/slapd/back-hdb/Makefile.in.orig
+++ servers/slapd/back-hdb/Makefile.in
@@ -39,6 +39,9 @@ mod_DEFS = -DSLAPD_IMPORT
MOD_DEFS = $(@BUILD_HDB@_DEFS)
MOD_LIBS = $(LDBM_LIBS)
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA)
NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
Index: servers/slapd/back-ldbm/Makefile.in
===================================================================
--- servers/slapd/back-ldbm/Makefile.in.orig
+++ servers/slapd/back-ldbm/Makefile.in
@@ -36,6 +36,9 @@ mod_DEFS = -DSLAPD_IMPORT
MOD_DEFS = $(@BUILD_LDBM@_DEFS)
MOD_LIBS = $(LDBM_LIBS)
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA)
NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
Index: servers/slapd/overlays/Makefile.in
===================================================================
--- servers/slapd/overlays/Makefile.in.orig
+++ servers/slapd/overlays/Makefile.in
@@ -41,6 +41,9 @@ LTONLY_MOD = $(LTONLY_mod)
LDAP_INCDIR= ../../../include
LDAP_LIBDIR= ../../../libraries
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
MOD_DEFS = -DSLAPD_IMPORT
shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA)
Index: servers/slapd/back-relay/Makefile.in
===================================================================
--- servers/slapd/back-relay/Makefile.in.orig
+++ servers/slapd/back-relay/Makefile.in
@@ -24,6 +24,9 @@ BUILD_MOD = @BUILD_RELAY@
mod_DEFS = -DSLAPD_IMPORT
MOD_DEFS = $(@BUILD_RELAY@_DEFS)
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA)
NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) $(REWRITE)
UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) $(REWRITE)
Index: servers/slapd/back-ldif/Makefile.in
===================================================================
--- servers/slapd/back-ldif/Makefile.in.orig
+++ servers/slapd/back-ldif/Makefile.in
@@ -25,6 +25,9 @@ BUILD_MOD = yes
mod_DEFS = -DSLAPD_IMPORT
MOD_DEFS = $(yes_DEFS)
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA)
NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
Index: libraries/librewrite/Makefile.in
===================================================================
--- libraries/librewrite/Makefile.in.orig
+++ libraries/librewrite/Makefile.in
@@ -26,6 +26,9 @@ OBJS = config.o context.o info.o ldapmap
LDAP_INCDIR= ../../include
LDAP_LIBDIR= ../../libraries
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
LIBRARY = librewrite.a
PROGRAMS = rewrite
XLIBS = $(LIBRARY) $(LDAP_LIBLUTIL_A) \
Index: servers/slapd/back-ldap/Makefile.in
===================================================================
--- servers/slapd/back-ldap/Makefile.in.orig
+++ servers/slapd/back-ldap/Makefile.in
@@ -27,6 +27,9 @@ BUILD_MOD = @BUILD_LDAP@
mod_DEFS = -DSLAPD_IMPORT
MOD_DEFS = $(@BUILD_LDAP@_DEFS)
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA)
NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
Index: servers/slapd/back-monitor/Makefile.in
===================================================================
--- servers/slapd/back-monitor/Makefile.in.orig
+++ servers/slapd/back-monitor/Makefile.in
@@ -33,6 +33,9 @@ BUILD_MOD = @BUILD_MONITOR@
mod_DEFS = -DSLAPD_IMPORT
MOD_DEFS = $(@BUILD_MONITOR@_DEFS)
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA)
NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
Index: servers/slapd/modify.c
===================================================================
--- servers/slapd/modify.c.orig
+++ servers/slapd/modify.c
@@ -1,4 +1,4 @@
-/* $OpenLDAP: pkg/ldap/servers/slapd/modify.c,v 1.227.2.25 2007/01/02 21:43:56 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/modify.c,v 1.227.2.26 2007/09/04 03:42:37 hyc Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2007 The OpenLDAP Foundation.
@@ -734,6 +734,7 @@ int slap_mods_check(
"%s: value #%ld normalization failed",
ml->sml_type.bv_val, (long) nvals );
*text = textbuf;
+ BER_BVZERO( &ml->sml_nvalues[nvals] );
return rc;
}
}
Index: servers/slapd/back-bdb/modrdn.c
===================================================================
--- servers/slapd/back-bdb/modrdn.c.orig
+++ servers/slapd/back-bdb/modrdn.c
@@ -729,6 +729,8 @@ retry: /* transaction retry */
} else {
rs->sr_err = LDAP_X_NO_OPERATION;
ltid = NULL;
+ /* Only free attrs if they were dup'd. */
+ if ( dummy.e_attrs == e->e_attrs ) dummy.e_attrs = NULL;
goto return_results;
}
Index: libraries/liblber/Makefile.in
===================================================================
--- libraries/liblber/Makefile.in.orig
+++ libraries/liblber/Makefile.in
@@ -34,6 +34,9 @@ PROGRAMS= dtest etest idtest
LDAP_INCDIR= ../../include
LDAP_LIBDIR= ../../libraries
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
XLIBS = $(LIBRARY) $(LDAP_LIBLUTIL_A)
XXLIBS =
NT_LINK_LIBS = $(AC_LIBS)
Index: libraries/libldap/Makefile.in
===================================================================
--- libraries/libldap/Makefile.in.orig
+++ libraries/libldap/Makefile.in
@@ -42,6 +42,9 @@ OBJS = bind.lo open.lo result.lo error.l
LDAP_INCDIR= ../../include
LDAP_LIBDIR= ../../libraries
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
LIB_DEFS = -DLDAP_LIBRARY
XLIBS = $(LIBRARY) $(LDAP_LIBLBER_LA) $(LDAP_LIBLUTIL_A)
Index: libraries/libldap_r/Makefile.in
===================================================================
--- libraries/libldap_r/Makefile.in.orig
+++ libraries/libldap_r/Makefile.in
@@ -49,6 +49,9 @@ OBJS = threads.lo rdwr.lo tpool.lo rq.l
LDAP_INCDIR= ../../include
LDAP_LIBDIR= ../../libraries
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
LIB_DEFS = -DLDAP_LIBRARY
XDEFS = -DLDAP_R_COMPILE -I$(XXDIR)
Index: servers/slapd/back-meta/Makefile.in
===================================================================
--- servers/slapd/back-meta/Makefile.in.orig
+++ servers/slapd/back-meta/Makefile.in
@@ -23,6 +23,9 @@ OBJS = init.lo config.lo search.lo bind.
LDAP_INCDIR= ../../../include
LDAP_LIBDIR= ../../../libraries
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
BUILD_OPT = "--enable-meta"
BUILD_MOD = @BUILD_META@
Index: libraries/libldap/os-ip.c
===================================================================
--- libraries/libldap/os-ip.c.orig
+++ libraries/libldap/os-ip.c
@@ -646,7 +646,7 @@ ldap_host_connected_to( Sockbuf *sb, con
char *herr;
#ifdef NI_MAXHOST
char hbuf[NI_MAXHOST];
-#elif defined( MAXHOSTNAMELEN
+#elif defined( MAXHOSTNAMELEN )
char hbuf[MAXHOSTNAMELEN];
#else
char hbuf[256];
Index: include/ldap_pvt_thread.h
===================================================================
--- include/ldap_pvt_thread.h.orig
+++ include/ldap_pvt_thread.h
@@ -61,8 +61,6 @@ ldap_pvt_thread_set_concurrency LDAP_P((
/* LARGE stack. Will be twice as large on 64 bit machine. */
#define LDAP_PVT_THREAD_STACK_SIZE ( 1 * 1024 * 1024 * sizeof(void *) )
/* May be explicitly defined to zero to disable it */
-#elif LDAP_PVT_THREAD_STACK_SIZE == 0
-#undef LDAP_PVT_THREAD_SET_STACK_SIZE
#endif
#endif /* !LDAP_PVT_THREAD_H_DONE */
Index: libraries/liblutil/getpeereid.c
===================================================================
--- libraries/liblutil/getpeereid.c.orig
+++ libraries/liblutil/getpeereid.c
@@ -13,7 +13,9 @@
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
-
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE 1 /* Needed for glibc struct ucred */
+#endif
#include "portable.h"
#ifndef HAVE_GETPEEREID

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:4546f03ff5fb1bbac51a6080112a57131566c4fb25334567ea6e0e35fa89ea24
size 3799622

View File

@ -1,3 +1,25 @@
-------------------------------------------------------------------
Fri Oct 9 09:19:35 UTC 2015 - hguo@suse.com
- Remove OpenLDAP 2.3 code and patches from build source.
Compatibility libraries for OpenLDAP 2.3 are built in package:
compat-libldap-2_3-0
Removed source files:
openldap-2.3.37-liblber-length-decoding.dif
openldap-2.3.37-libldap-ntlm.diff
openldap-2.3.37-libldap-ssl.dif
openldap-2.3.37-libldap-sasl-max-buff-size.dif
openldap-2.3.37-libldap-tls_chkhost-its6239.dif
openldap-2.3.37-libldap-gethostbyname_r.dif
openldap-2.3.37-libldap-suid.diff
openldap-2.3.37.dif
openldap-2.3.37-libldap-ld_defconn-ldap_free_connection.dif
openldap-2.3.37-libldap-ldapi_url.dif
openldap-2.3.37.tgz
openldap-2.3.37-libldap-utf8-ADcanonical.dif
README.update
check-build.sh
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Oct 1 11:08:59 UTC 2015 - hguo@suse.com Thu Oct 1 11:08:59 UTC 2015 - hguo@suse.com

View File

@ -35,11 +35,9 @@ Source1: openldap-rc.tgz
Source2: addonschema.tar.gz Source2: addonschema.tar.gz
Source3: DB_CONFIG Source3: DB_CONFIG
Source4: sasl-slapd.conf Source4: sasl-slapd.conf
Source5: README.update Source5: README.dynamic-overlays
Source6: README.dynamic-overlays Source6: schema2ldif
Source7: schema2ldif Source7: baselibs.conf
Source8: baselibs.conf
Source100: openldap-2.3.37.tgz
Patch1: 0001-build-adjustments.dif Patch1: 0001-build-adjustments.dif
Patch2: 0002-slapd.conf.dif Patch2: 0002-slapd.conf.dif
Patch3: 0003-LDAPI-socket-location.dif Patch3: 0003-LDAPI-socket-location.dif
@ -48,17 +46,6 @@ Patch5: 0005-pie-compile.dif
Patch6: 0006-No-Build-date-and-time-in-binaries.dif Patch6: 0006-No-Build-date-and-time-in-binaries.dif
Patch7: 0007-Recover-on-DB-version-change.dif Patch7: 0007-Recover-on-DB-version-change.dif
Patch8: 0008-In-monitor-backend-do-not-return-Connection0-entries.patch Patch8: 0008-In-monitor-backend-do-not-return-Connection0-entries.patch
Patch100: openldap-2.3.37.dif
Patch101: openldap-2.3.37-libldap-suid.diff
Patch102: openldap-2.3.37-libldap-ldapi_url.dif
Patch103: openldap-2.3.37-libldap-ntlm.diff
Patch104: openldap-2.3.37-libldap-gethostbyname_r.dif
Patch105: openldap-2.3.37-libldap-sasl-max-buff-size.dif
Patch106: openldap-2.3.37-libldap-utf8-ADcanonical.dif
Patch107: openldap-2.3.37-liblber-length-decoding.dif
Patch108: openldap-2.3.37-libldap-ld_defconn-ldap_free_connection.dif
Patch109: openldap-2.3.37-libldap-tls_chkhost-its6239.dif
Patch110: openldap-2.3.37-libldap-ssl.dif
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: cyrus-sasl-devel BuildRequires: cyrus-sasl-devel
BuildRequires: groff BuildRequires: groff
@ -95,7 +82,6 @@ service that has an X.500 back-end.
%package -n openldap2-back-perl %package -n openldap2-back-perl
Summary: OpenLDAP Perl Back-End Summary: OpenLDAP Perl Back-End
License: OLDAP-2.8
Group: Productivity/Networking/LDAP/Servers Group: Productivity/Networking/LDAP/Servers
Requires: openldap2 = %{version_main} Requires: openldap2 = %{version_main}
Requires: perl = %{perl_version} Requires: perl = %{perl_version}
@ -106,7 +92,6 @@ different LDAP operations.
%package -n openldap2-back-meta %package -n openldap2-back-meta
Summary: OpenLDAP Meta Back-End Summary: OpenLDAP Meta Back-End
License: OLDAP-2.8
Group: Productivity/Networking/LDAP/Servers Group: Productivity/Networking/LDAP/Servers
Requires: openldap2 = %{version_main} Requires: openldap2 = %{version_main}
Provides: openldap2:/usr/share/man/man5/slapd-meta.5.gz Provides: openldap2:/usr/share/man/man5/slapd-meta.5.gz
@ -119,7 +104,6 @@ Information Tree (DIT).
%package -n openldap2-back-sql %package -n openldap2-back-sql
Summary: OpenLDAP SQL Back-End Summary: OpenLDAP SQL Back-End
License: OLDAP-2.8
Group: Productivity/Networking/LDAP/Servers Group: Productivity/Networking/LDAP/Servers
Requires: openldap2 = %{version_main} Requires: openldap2 = %{version_main}
@ -130,7 +114,6 @@ to do any programming.
%package -n openldap2-doc %package -n openldap2-doc
Summary: OpenLDAP Documentation Summary: OpenLDAP Documentation
License: OLDAP-2.8
Group: Documentation/Other Group: Documentation/Other
Provides: openldap2:/usr/share/doc/packages/openldap2/drafts/README Provides: openldap2:/usr/share/doc/packages/openldap2/drafts/README
%if 0%{?suse_version} > 1110 %if 0%{?suse_version} > 1110
@ -140,18 +123,6 @@ BuildArch: noarch
%description -n openldap2-doc %description -n openldap2-doc
The OpenLDAP Admin Guide plus a set of OpenLDAP related IETF internet drafts The OpenLDAP Admin Guide plus a set of OpenLDAP related IETF internet drafts
%package -n compat-libldap-2_3-0
Summary: OpenLDAP Client Libraries
License: BSD-3-Clause and OLDAP-2.8 and OLDAP-2.8
Group: Productivity/Networking/LDAP/Clients
Version: 2.3.37
Release: 0
%description -n compat-libldap-2_3-0
This package contains the OpenLDAP client libraries.
Authors: Authors:
-------- --------
The OpenLDAP Project <project@openldap.org> The OpenLDAP Project <project@openldap.org>
@ -163,7 +134,6 @@ This package contains the OpenLDAP client utilities.
%package -n openldap2-devel %package -n openldap2-devel
Summary: Libraries, Header Files and Documentation for OpenLDAP Summary: Libraries, Header Files and Documentation for OpenLDAP
License: OLDAP-2.8
Group: Development/Libraries/C and C++ Group: Development/Libraries/C and C++
# bug437293 # bug437293
%ifarch ppc64 %ifarch ppc64
@ -179,7 +149,6 @@ documentation.
%package -n openldap2-devel-static %package -n openldap2-devel-static
Summary: Static libraries for the OpenLDAP libraries Summary: Static libraries for the OpenLDAP libraries
License: OLDAP-2.8
Group: Development/Libraries/C and C++ Group: Development/Libraries/C and C++
Requires: cyrus-sasl-devel Requires: cyrus-sasl-devel
Requires: libopenssl-devel Requires: libopenssl-devel
@ -191,7 +160,6 @@ for development.
%package -n libldap-2_4-2 %package -n libldap-2_4-2
Summary: OpenLDAP Client Libraries Summary: OpenLDAP Client Libraries
License: OLDAP-2.8
Group: Productivity/Networking/LDAP/Clients Group: Productivity/Networking/LDAP/Clients
%description -n libldap-2_4-2 %description -n libldap-2_4-2
@ -200,7 +168,7 @@ This package contains the OpenLDAP client libraries.
%endif %endif
%prep %prep
%setup -q -n openldap-%{version_main} -a1 -a2 -b100 %setup -q -n openldap-%{version_main} -a1 -a2
%patch1 -p1 %patch1 -p1
%patch2 -p1 %patch2 -p1
%patch3 -p1 %patch3 -p1
@ -210,19 +178,6 @@ This package contains the OpenLDAP client libraries.
%patch7 -p1 %patch7 -p1
%patch8 -p1 %patch8 -p1
cp %{SOURCE5} . cp %{SOURCE5} .
cp %{SOURCE6} .
cd ../openldap-2.3.37
%patch100
%patch101
%patch102
%patch103
%patch104
%patch105
%patch106
%patch107
%patch108
%patch109 -p1
%patch110
%build %build
%{?suse_update_config:%{suse_update_config -f build}} %{?suse_update_config:%{suse_update_config -f build}}
@ -264,29 +219,6 @@ export STRIP=""
--with-yielding-select --with-yielding-select
make depend make depend
make %{?_smp_mflags} make %{?_smp_mflags}
%if "%{name}" == "openldap2"
#%if %suse_version < 1130
# build a static slapcat binary from the OpenLDAP 2.3 release
# to be able to update existing databases
cd ../openldap-2.3.37
%{?suse_update_config:%{suse_update_config -f build}}
# update config.sub for recent architectures
cp -a ../openldap-%{version_main}/build/config.sub build/config.sub
libtoolize --force
#aclocal -I build
autoreconf
export CFLAGS="$RPM_OPT_FLAGS -Wno-format-extra-args -fno-strict-aliasing -DLDAP_DEPRECATED -DLDAP_CONNECTIONLESS"
%configure --localstatedir=%{_rundir}/slapd --libexecdir=/usr/lib/openldap \
--enable-aci \
--enable-hdb --enable-bdb --enable-ldbm --enable-crypt \
--enable-ipv6=no \
--enable-ldap --enable-monitor --enable-meta --enable-rewrite \
--enable-dynamic=no --enable-shared=yes
make depend
make -C libraries %{?_smp_mflags}
#%endif
%endif
%check %check
%if %run_test_suite %if %run_test_suite
@ -327,7 +259,7 @@ install -m 755 -d $RPM_BUILD_ROOT/var/lib/ldap
chmod a+x $RPM_BUILD_ROOT/%{_libdir}/liblber.so* chmod a+x $RPM_BUILD_ROOT/%{_libdir}/liblber.so*
chmod a+x $RPM_BUILD_ROOT/%{_libdir}/libldap_r.so* chmod a+x $RPM_BUILD_ROOT/%{_libdir}/libldap_r.so*
chmod a+x $RPM_BUILD_ROOT/%{_libdir}/libldap.so* chmod a+x $RPM_BUILD_ROOT/%{_libdir}/libldap.so*
install -m 755 %{SOURCE7} $RPM_BUILD_ROOT/usr/sbin/schema2ldif install -m 755 %{SOURCE6} $RPM_BUILD_ROOT/usr/sbin/schema2ldif
%if "%{name}" == "openldap2" %if "%{name}" == "openldap2"
%define DOCDIR %{_defaultdocdir}/%{name} %define DOCDIR %{_defaultdocdir}/%{name}
mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates
@ -351,7 +283,6 @@ install -m 644 ANNOUNCEMENT \
README \ README \
CHANGES \ CHANGES \
%{SOURCE5} \ %{SOURCE5} \
%{SOURCE6} \
$RPM_BUILD_ROOT/%{DOCDIR} $RPM_BUILD_ROOT/%{DOCDIR}
install -m 644 servers/slapd/slapd.ldif \ install -m 644 servers/slapd/slapd.ldif \
$RPM_BUILD_ROOT/%{DOCDIR}/slapd.ldif.default $RPM_BUILD_ROOT/%{DOCDIR}/slapd.ldif.default
@ -367,14 +298,6 @@ ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcslapd
%else %else
ln -s /sbin/service %{buildroot}%{_sbindir}/rcslapd ln -s /sbin/service %{buildroot}%{_sbindir}/rcslapd
%endif %endif
%if %suse_version < 1130
# install 2.3 slapcat
install -m 755 ../openldap-2.3.37/servers/slapd/slapcat $RPM_BUILD_ROOT/usr/sbin/openldap-2.3-slapcat
%endif
echo "install sle-10 compat libraries (for SLE11)"
pushd ../openldap-2.3.37/libraries
make DESTDIR=$RPM_BUILD_ROOT install
popd
%endif %endif
rm -f $RPM_BUILD_ROOT/usr/lib/openldap/modules/*.a rm -f $RPM_BUILD_ROOT/usr/lib/openldap/modules/*.a
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-dnssrv.5 rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-dnssrv.5
@ -449,15 +372,6 @@ cat >openldap2.filelist <<EOF
%doc %{DOCDIR}/CHANGES %doc %{DOCDIR}/CHANGES
%doc %{DOCDIR}/slapd.ldif.default %doc %{DOCDIR}/slapd.ldif.default
EOF EOF
%if %suse_version < 1130
cat >>openldap2.filelist <<EOF
/usr/sbin/openldap-2.3-slapcat
EOF
%endif
cat > compat-libldap.filelist <<EOF
%{_libdir}/liblber*2.3.so.*
%{_libdir}/libldap*2.3.so.*
EOF
# #
# #
cat > openldap2-client.filelist <<EOF cat > openldap2-client.filelist <<EOF
@ -534,18 +448,6 @@ cat openldap2.filelist openldap2-back-perl.filelist \
%pre %pre
/usr/sbin/groupadd -g 70 -o -r ldap || : /usr/sbin/groupadd -g 70 -o -r ldap || :
/usr/sbin/useradd -r -o -g ldap -u 76 -s /bin/bash -c "User for OpenLDAP" -d /var/lib/ldap ldap || : /usr/sbin/useradd -r -o -g ldap -u 76 -s /bin/bash -c "User for OpenLDAP" -d /var/lib/ldap ldap || :
# try to figure out if a db update is needed
if [ ${1:-0} -gt 1 ] && [ -f /usr/lib/openldap/slapd ] &&
/usr/bin/strings /usr/lib/openldap/slapd | \
grep "slapd 2.3" 2>&1 > /dev/null;
then
# create a backup of the schema shipped with 2.3
# at least core.schema changed between 2.3 and 2.4
TEMPDIR=`mktemp -d /etc/openldap/schema.backup.XXXXXX`
echo "Schema backup created in $TEMPDIR"
cp -p --remove-destination /etc/openldap/schema/* $TEMPDIR
echo $TEMPDIR > /etc/openldap/UPDATE_NEEDED ;
fi
if /usr/bin/chkconfig ldap 2>&1 | grep -q on; then if /usr/bin/chkconfig ldap 2>&1 | grep -q on; then
touch /var/run/enable_slapd_service touch /var/run/enable_slapd_service
fi fi
@ -569,10 +471,6 @@ fi
%postun %postun
%service_del_postun slapd.service %service_del_postun slapd.service
%post -n compat-libldap-2_3-0 -p /sbin/ldconfig
%postun -n compat-libldap-2_3-0 -p /sbin/ldconfig
%files -f openldap2.filelist %files -f openldap2.filelist
%defattr(-,root,root) %defattr(-,root,root)
@ -588,9 +486,6 @@ fi
%files -n openldap2-doc -f openldap2-doc.filelist %files -n openldap2-doc -f openldap2-doc.filelist
%defattr(-,root,root) %defattr(-,root,root)
%files -n compat-libldap-2_3-0 -f compat-libldap.filelist
%defattr(-,root,root)
%else %else
%post -n libldap-2_4-2 -p /sbin/ldconfig %post -n libldap-2_4-2 -p /sbin/ldconfig

View File

@ -1,3 +1,25 @@
-------------------------------------------------------------------
Fri Oct 9 09:19:35 UTC 2015 - hguo@suse.com
- Remove OpenLDAP 2.3 code and patches from build source.
Compatibility libraries for OpenLDAP 2.3 are built in package:
compat-libldap-2_3-0
Removed source files:
openldap-2.3.37-liblber-length-decoding.dif
openldap-2.3.37-libldap-ntlm.diff
openldap-2.3.37-libldap-ssl.dif
openldap-2.3.37-libldap-sasl-max-buff-size.dif
openldap-2.3.37-libldap-tls_chkhost-its6239.dif
openldap-2.3.37-libldap-gethostbyname_r.dif
openldap-2.3.37-libldap-suid.diff
openldap-2.3.37.dif
openldap-2.3.37-libldap-ld_defconn-ldap_free_connection.dif
openldap-2.3.37-libldap-ldapi_url.dif
openldap-2.3.37.tgz
openldap-2.3.37-libldap-utf8-ADcanonical.dif
README.update
check-build.sh
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Oct 1 11:08:41 UTC 2015 - hguo@suse.com Thu Oct 1 11:08:41 UTC 2015 - hguo@suse.com

View File

@ -35,11 +35,9 @@ Source1: openldap-rc.tgz
Source2: addonschema.tar.gz Source2: addonschema.tar.gz
Source3: DB_CONFIG Source3: DB_CONFIG
Source4: sasl-slapd.conf Source4: sasl-slapd.conf
Source5: README.update Source5: README.dynamic-overlays
Source6: README.dynamic-overlays Source6: schema2ldif
Source7: schema2ldif Source7: baselibs.conf
Source8: baselibs.conf
Source100: openldap-2.3.37.tgz
Patch1: 0001-build-adjustments.dif Patch1: 0001-build-adjustments.dif
Patch2: 0002-slapd.conf.dif Patch2: 0002-slapd.conf.dif
Patch3: 0003-LDAPI-socket-location.dif Patch3: 0003-LDAPI-socket-location.dif
@ -48,17 +46,6 @@ Patch5: 0005-pie-compile.dif
Patch6: 0006-No-Build-date-and-time-in-binaries.dif Patch6: 0006-No-Build-date-and-time-in-binaries.dif
Patch7: 0007-Recover-on-DB-version-change.dif Patch7: 0007-Recover-on-DB-version-change.dif
Patch8: 0008-In-monitor-backend-do-not-return-Connection0-entries.patch Patch8: 0008-In-monitor-backend-do-not-return-Connection0-entries.patch
Patch100: openldap-2.3.37.dif
Patch101: openldap-2.3.37-libldap-suid.diff
Patch102: openldap-2.3.37-libldap-ldapi_url.dif
Patch103: openldap-2.3.37-libldap-ntlm.diff
Patch104: openldap-2.3.37-libldap-gethostbyname_r.dif
Patch105: openldap-2.3.37-libldap-sasl-max-buff-size.dif
Patch106: openldap-2.3.37-libldap-utf8-ADcanonical.dif
Patch107: openldap-2.3.37-liblber-length-decoding.dif
Patch108: openldap-2.3.37-libldap-ld_defconn-ldap_free_connection.dif
Patch109: openldap-2.3.37-libldap-tls_chkhost-its6239.dif
Patch110: openldap-2.3.37-libldap-ssl.dif
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: cyrus-sasl-devel BuildRequires: cyrus-sasl-devel
BuildRequires: groff BuildRequires: groff
@ -95,7 +82,6 @@ service that has an X.500 back-end.
%package -n openldap2-back-perl %package -n openldap2-back-perl
Summary: OpenLDAP Perl Back-End Summary: OpenLDAP Perl Back-End
License: OLDAP-2.8
Group: Productivity/Networking/LDAP/Servers Group: Productivity/Networking/LDAP/Servers
Requires: openldap2 = %{version_main} Requires: openldap2 = %{version_main}
Requires: perl = %{perl_version} Requires: perl = %{perl_version}
@ -106,7 +92,6 @@ different LDAP operations.
%package -n openldap2-back-meta %package -n openldap2-back-meta
Summary: OpenLDAP Meta Back-End Summary: OpenLDAP Meta Back-End
License: OLDAP-2.8
Group: Productivity/Networking/LDAP/Servers Group: Productivity/Networking/LDAP/Servers
Requires: openldap2 = %{version_main} Requires: openldap2 = %{version_main}
Provides: openldap2:/usr/share/man/man5/slapd-meta.5.gz Provides: openldap2:/usr/share/man/man5/slapd-meta.5.gz
@ -119,7 +104,6 @@ Information Tree (DIT).
%package -n openldap2-back-sql %package -n openldap2-back-sql
Summary: OpenLDAP SQL Back-End Summary: OpenLDAP SQL Back-End
License: OLDAP-2.8
Group: Productivity/Networking/LDAP/Servers Group: Productivity/Networking/LDAP/Servers
Requires: openldap2 = %{version_main} Requires: openldap2 = %{version_main}
@ -130,7 +114,6 @@ to do any programming.
%package -n openldap2-doc %package -n openldap2-doc
Summary: OpenLDAP Documentation Summary: OpenLDAP Documentation
License: OLDAP-2.8
Group: Documentation/Other Group: Documentation/Other
Provides: openldap2:/usr/share/doc/packages/openldap2/drafts/README Provides: openldap2:/usr/share/doc/packages/openldap2/drafts/README
%if 0%{?suse_version} > 1110 %if 0%{?suse_version} > 1110
@ -140,18 +123,6 @@ BuildArch: noarch
%description -n openldap2-doc %description -n openldap2-doc
The OpenLDAP Admin Guide plus a set of OpenLDAP related IETF internet drafts The OpenLDAP Admin Guide plus a set of OpenLDAP related IETF internet drafts
%package -n compat-libldap-2_3-0
Summary: OpenLDAP Client Libraries
License: BSD-3-Clause and OLDAP-2.8 and OLDAP-2.8
Group: Productivity/Networking/LDAP/Clients
Version: 2.3.37
Release: 0
%description -n compat-libldap-2_3-0
This package contains the OpenLDAP client libraries.
Authors: Authors:
-------- --------
The OpenLDAP Project <project@openldap.org> The OpenLDAP Project <project@openldap.org>
@ -163,7 +134,6 @@ This package contains the OpenLDAP client utilities.
%package -n openldap2-devel %package -n openldap2-devel
Summary: Libraries, Header Files and Documentation for OpenLDAP Summary: Libraries, Header Files and Documentation for OpenLDAP
License: OLDAP-2.8
Group: Development/Libraries/C and C++ Group: Development/Libraries/C and C++
# bug437293 # bug437293
%ifarch ppc64 %ifarch ppc64
@ -179,7 +149,6 @@ documentation.
%package -n openldap2-devel-static %package -n openldap2-devel-static
Summary: Static libraries for the OpenLDAP libraries Summary: Static libraries for the OpenLDAP libraries
License: OLDAP-2.8
Group: Development/Libraries/C and C++ Group: Development/Libraries/C and C++
Requires: cyrus-sasl-devel Requires: cyrus-sasl-devel
Requires: libopenssl-devel Requires: libopenssl-devel
@ -191,7 +160,6 @@ for development.
%package -n libldap-2_4-2 %package -n libldap-2_4-2
Summary: OpenLDAP Client Libraries Summary: OpenLDAP Client Libraries
License: OLDAP-2.8
Group: Productivity/Networking/LDAP/Clients Group: Productivity/Networking/LDAP/Clients
%description -n libldap-2_4-2 %description -n libldap-2_4-2
@ -200,7 +168,7 @@ This package contains the OpenLDAP client libraries.
%endif %endif
%prep %prep
%setup -q -n openldap-%{version_main} -a1 -a2 -b100 %setup -q -n openldap-%{version_main} -a1 -a2
%patch1 -p1 %patch1 -p1
%patch2 -p1 %patch2 -p1
%patch3 -p1 %patch3 -p1
@ -210,19 +178,6 @@ This package contains the OpenLDAP client libraries.
%patch7 -p1 %patch7 -p1
%patch8 -p1 %patch8 -p1
cp %{SOURCE5} . cp %{SOURCE5} .
cp %{SOURCE6} .
cd ../openldap-2.3.37
%patch100
%patch101
%patch102
%patch103
%patch104
%patch105
%patch106
%patch107
%patch108
%patch109 -p1
%patch110
%build %build
%{?suse_update_config:%{suse_update_config -f build}} %{?suse_update_config:%{suse_update_config -f build}}
@ -265,27 +220,6 @@ export STRIP=""
make depend make depend
make %{?_smp_mflags} make %{?_smp_mflags}
%if "%{name}" == "openldap2" %if "%{name}" == "openldap2"
#%if %suse_version < 1130
# build a static slapcat binary from the OpenLDAP 2.3 release
# to be able to update existing databases
cd ../openldap-2.3.37
%{?suse_update_config:%{suse_update_config -f build}}
# update config.sub for recent architectures
cp -a ../openldap-%{version_main}/build/config.sub build/config.sub
libtoolize --force
#aclocal -I build
autoreconf
export CFLAGS="$RPM_OPT_FLAGS -Wno-format-extra-args -fno-strict-aliasing -DLDAP_DEPRECATED -DLDAP_CONNECTIONLESS"
%configure --localstatedir=%{_rundir}/slapd --libexecdir=/usr/lib/openldap \
--enable-aci \
--enable-hdb --enable-bdb --enable-ldbm --enable-crypt \
--enable-ipv6=no \
--enable-ldap --enable-monitor --enable-meta --enable-rewrite \
--enable-dynamic=no --enable-shared=yes
make depend
make -C libraries %{?_smp_mflags}
#%endif
%endif %endif
%check %check
@ -327,7 +261,7 @@ install -m 755 -d $RPM_BUILD_ROOT/var/lib/ldap
chmod a+x $RPM_BUILD_ROOT/%{_libdir}/liblber.so* chmod a+x $RPM_BUILD_ROOT/%{_libdir}/liblber.so*
chmod a+x $RPM_BUILD_ROOT/%{_libdir}/libldap_r.so* chmod a+x $RPM_BUILD_ROOT/%{_libdir}/libldap_r.so*
chmod a+x $RPM_BUILD_ROOT/%{_libdir}/libldap.so* chmod a+x $RPM_BUILD_ROOT/%{_libdir}/libldap.so*
install -m 755 %{SOURCE7} $RPM_BUILD_ROOT/usr/sbin/schema2ldif install -m 755 %{SOURCE6} $RPM_BUILD_ROOT/usr/sbin/schema2ldif
%if "%{name}" == "openldap2" %if "%{name}" == "openldap2"
%define DOCDIR %{_defaultdocdir}/%{name} %define DOCDIR %{_defaultdocdir}/%{name}
mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates
@ -351,7 +285,6 @@ install -m 644 ANNOUNCEMENT \
README \ README \
CHANGES \ CHANGES \
%{SOURCE5} \ %{SOURCE5} \
%{SOURCE6} \
$RPM_BUILD_ROOT/%{DOCDIR} $RPM_BUILD_ROOT/%{DOCDIR}
install -m 644 servers/slapd/slapd.ldif \ install -m 644 servers/slapd/slapd.ldif \
$RPM_BUILD_ROOT/%{DOCDIR}/slapd.ldif.default $RPM_BUILD_ROOT/%{DOCDIR}/slapd.ldif.default
@ -367,14 +300,6 @@ ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcslapd
%else %else
ln -s /sbin/service %{buildroot}%{_sbindir}/rcslapd ln -s /sbin/service %{buildroot}%{_sbindir}/rcslapd
%endif %endif
%if %suse_version < 1130
# install 2.3 slapcat
install -m 755 ../openldap-2.3.37/servers/slapd/slapcat $RPM_BUILD_ROOT/usr/sbin/openldap-2.3-slapcat
%endif
echo "install sle-10 compat libraries (for SLE11)"
pushd ../openldap-2.3.37/libraries
make DESTDIR=$RPM_BUILD_ROOT install
popd
%endif %endif
rm -f $RPM_BUILD_ROOT/usr/lib/openldap/modules/*.a rm -f $RPM_BUILD_ROOT/usr/lib/openldap/modules/*.a
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-dnssrv.5 rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-dnssrv.5
@ -454,10 +379,6 @@ cat >>openldap2.filelist <<EOF
/usr/sbin/openldap-2.3-slapcat /usr/sbin/openldap-2.3-slapcat
EOF EOF
%endif %endif
cat > compat-libldap.filelist <<EOF
%{_libdir}/liblber*2.3.so.*
%{_libdir}/libldap*2.3.so.*
EOF
# #
# #
cat > openldap2-client.filelist <<EOF cat > openldap2-client.filelist <<EOF
@ -524,7 +445,7 @@ cat openldap2-client.filelist libldap.filelist openldap2-devel.filelist \
%else %else
cat openldap2.filelist openldap2-back-perl.filelist \ cat openldap2.filelist openldap2-back-perl.filelist \
openldap2-back-meta.filelist openldap2-back-sql.filelist \ openldap2-back-meta.filelist openldap2-back-sql.filelist \
openldap2-doc.filelist compat-libldap.filelist | openldap2-doc.filelist
%endif %endif
grep -v "%dir " |sed -e "s|^.* ||" |grep "^/" |while read name ; do grep -v "%dir " |sed -e "s|^.* ||" |grep "^/" |while read name ; do
rm -rf $RPM_BUILD_ROOT$name rm -rf $RPM_BUILD_ROOT$name
@ -569,10 +490,6 @@ fi
%postun %postun
%service_del_postun slapd.service %service_del_postun slapd.service
%post -n compat-libldap-2_3-0 -p /sbin/ldconfig
%postun -n compat-libldap-2_3-0 -p /sbin/ldconfig
%files -f openldap2.filelist %files -f openldap2.filelist
%defattr(-,root,root) %defattr(-,root,root)
@ -588,9 +505,6 @@ fi
%files -n openldap2-doc -f openldap2-doc.filelist %files -n openldap2-doc -f openldap2-doc.filelist
%defattr(-,root,root) %defattr(-,root,root)
%files -n compat-libldap-2_3-0 -f compat-libldap.filelist
%defattr(-,root,root)
%else %else
%post -n libldap-2_4-2 -p /sbin/ldconfig %post -n libldap-2_4-2 -p /sbin/ldconfig