forked from pool/openldap2
- Fixed an issue in back-config's objectclass inheritence code that
could cause the server to fail to start or to spin in an endless loop (bnc#558059,ITS#6408) - default the tls_reqcert parameter of a syncrepl config to "demand" as documented even if other tls_ options are absent (bnc#558397, ITS#6319) - apply changes to the global size and timelimits to all database that don't specify limits themself. (bnc#562184, ITS#6428) OBS-URL: https://build.opensuse.org/package/show/network:ldap/openldap2?expand=0&rev=25
This commit is contained in:
parent
f7b2645466
commit
06a856973e
55
0001-back-config-objectclass-inheritence-ITS-6408.dif
Normal file
55
0001-back-config-objectclass-inheritence-ITS-6408.dif
Normal file
@ -0,0 +1,55 @@
|
|||||||
|
From 49921a1e1a1832f9461d800eeeaee30f12864441 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Ralf Haferkamp <rhafer@suse.de>
|
||||||
|
Date: Tue, 8 Dec 2009 12:13:39 +0100
|
||||||
|
Subject: [PATCH 1/3] back-config objectclass inheritence (ITS#6408)
|
||||||
|
|
||||||
|
bnc#558059
|
||||||
|
---
|
||||||
|
servers/slapd/bconfig.c | 12 ++++++------
|
||||||
|
1 files changed, 6 insertions(+), 6 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c
|
||||||
|
index c903458..d43e927 100644
|
||||||
|
--- a/servers/slapd/bconfig.c
|
||||||
|
+++ b/servers/slapd/bconfig.c
|
||||||
|
@@ -4932,10 +4932,10 @@ config_add_internal( CfBackInfo *cfb, Entry *e, ConfigArgs *ca, SlapReply *rs,
|
||||||
|
ok:
|
||||||
|
/* Newly added databases and overlays need to be started up */
|
||||||
|
if ( CONFIG_ONLINE_ADD( ca )) {
|
||||||
|
- if ( colst[0]->co_type == Cft_Database ) {
|
||||||
|
+ if ( coptr->co_type == Cft_Database ) {
|
||||||
|
rc = backend_startup_one( ca->be, &ca->reply );
|
||||||
|
|
||||||
|
- } else if ( colst[0]->co_type == Cft_Overlay ) {
|
||||||
|
+ } else if ( coptr->co_type == Cft_Overlay ) {
|
||||||
|
if ( ca->bi->bi_db_open ) {
|
||||||
|
BackendInfo *bi_orig = ca->be->bd_info;
|
||||||
|
ca->be->bd_info = ca->bi;
|
||||||
|
@@ -4961,7 +4961,7 @@ ok:
|
||||||
|
ce->ce_parent = last;
|
||||||
|
ce->ce_entry = entry_dup( e );
|
||||||
|
ce->ce_entry->e_private = ce;
|
||||||
|
- ce->ce_type = colst[0]->co_type;
|
||||||
|
+ ce->ce_type = coptr->co_type;
|
||||||
|
ce->ce_be = ca->be;
|
||||||
|
ce->ce_bi = ca->bi;
|
||||||
|
ce->ce_private = ca->ca_private;
|
||||||
|
@@ -5006,12 +5006,12 @@ ok:
|
||||||
|
|
||||||
|
done:
|
||||||
|
if ( rc ) {
|
||||||
|
- if ( (colst[0]->co_type == Cft_Database) && ca->be ) {
|
||||||
|
+ if ( (coptr->co_type == Cft_Database) && ca->be ) {
|
||||||
|
if ( ca->be != frontendDB )
|
||||||
|
backend_destroy_one( ca->be, 1 );
|
||||||
|
- } else if ( (colst[0]->co_type == Cft_Overlay) && ca->bi ) {
|
||||||
|
+ } else if ( (coptr->co_type == Cft_Overlay) && ca->bi ) {
|
||||||
|
overlay_destroy_one( ca->be, (slap_overinst *)ca->bi );
|
||||||
|
- } else if ( colst[0]->co_type == Cft_Schema ) {
|
||||||
|
+ } else if ( coptr->co_type == Cft_Schema ) {
|
||||||
|
schema_destroy_one( ca, colst, nocs, last );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
--
|
||||||
|
1.6.4.2
|
||||||
|
|
162
0002-init-bindconf-TLS-settings-ITS-6419.dif
Normal file
162
0002-init-bindconf-TLS-settings-ITS-6419.dif
Normal file
@ -0,0 +1,162 @@
|
|||||||
|
From d14434499207d1f0ca4686ce46787056b23b4d2c Mon Sep 17 00:00:00 2001
|
||||||
|
From: Ralf Haferkamp <rhafer@suse.de>
|
||||||
|
Date: Tue, 8 Dec 2009 13:36:17 +0100
|
||||||
|
Subject: [PATCH 2/3] init bindconf TLS settings (ITS#6419)
|
||||||
|
|
||||||
|
bnc#558397
|
||||||
|
---
|
||||||
|
servers/slapd/config.c | 71 +++++++++++++++++++++++++++++++++++++++++----
|
||||||
|
servers/slapd/slap.h | 8 +++++
|
||||||
|
servers/slapd/syncrepl.c | 4 ++
|
||||||
|
3 files changed, 76 insertions(+), 7 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/servers/slapd/config.c b/servers/slapd/config.c
|
||||||
|
index be5a2f7..171e968 100644
|
||||||
|
--- a/servers/slapd/config.c
|
||||||
|
+++ b/servers/slapd/config.c
|
||||||
|
@@ -1210,8 +1210,32 @@ static slap_verbmasks versionkey[] = {
|
||||||
|
{ BER_BVNULL, 0 }
|
||||||
|
};
|
||||||
|
|
||||||
|
+static int
|
||||||
|
+slap_sb_uri(
|
||||||
|
+ struct berval *val,
|
||||||
|
+ void *bcp,
|
||||||
|
+ slap_cf_aux_table *tab0,
|
||||||
|
+ const char *tabmsg,
|
||||||
|
+ int unparse )
|
||||||
|
+{
|
||||||
|
+ slap_bindconf *bc = bcp;
|
||||||
|
+ if ( unparse ) {
|
||||||
|
+ if ( bc->sb_uri.bv_len >= val->bv_len )
|
||||||
|
+ return -1;
|
||||||
|
+ val->bv_len = bc->sb_uri.bv_len;
|
||||||
|
+ AC_MEMCPY( val->bv_val, bc->sb_uri.bv_val, val->bv_len );
|
||||||
|
+ } else {
|
||||||
|
+ bc->sb_uri = *val;
|
||||||
|
+#ifdef HAVE_TLS
|
||||||
|
+ if ( ldap_is_ldaps_url( val->bv_val ))
|
||||||
|
+ bc->sb_tls_do_init = 1;
|
||||||
|
+#endif
|
||||||
|
+ }
|
||||||
|
+ return 0;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
static slap_cf_aux_table bindkey[] = {
|
||||||
|
- { BER_BVC("uri="), offsetof(slap_bindconf, sb_uri), 'b', 1, NULL },
|
||||||
|
+ { BER_BVC("uri="), 0, 'x', 1, slap_sb_uri },
|
||||||
|
{ BER_BVC("version="), offsetof(slap_bindconf, sb_version), 'i', 0, versionkey },
|
||||||
|
{ BER_BVC("bindmethod="), offsetof(slap_bindconf, sb_method), 'i', 0, methkey },
|
||||||
|
{ BER_BVC("timeout="), offsetof(slap_bindconf, sb_timeout_api), 'i', 0, NULL },
|
||||||
|
@@ -1224,21 +1248,20 @@ static slap_cf_aux_table bindkey[] = {
|
||||||
|
{ BER_BVC("authcID="), offsetof(slap_bindconf, sb_authcId), 'b', 1, NULL },
|
||||||
|
{ BER_BVC("authzID="), offsetof(slap_bindconf, sb_authzId), 'b', 1, (slap_verbmasks *)authzNormalize },
|
||||||
|
#ifdef HAVE_TLS
|
||||||
|
- { BER_BVC("starttls="), offsetof(slap_bindconf, sb_tls), 'i', 0, tlskey },
|
||||||
|
-
|
||||||
|
/* NOTE: replace "13" with the actual index
|
||||||
|
* of the first TLS-related line */
|
||||||
|
#define aux_TLS (bindkey+13) /* beginning of TLS keywords */
|
||||||
|
|
||||||
|
+ { BER_BVC("starttls="), offsetof(slap_bindconf, sb_tls), 'i', 0, tlskey },
|
||||||
|
{ BER_BVC("tls_cert="), offsetof(slap_bindconf, sb_tls_cert), 's', 1, NULL },
|
||||||
|
{ BER_BVC("tls_key="), offsetof(slap_bindconf, sb_tls_key), 's', 1, NULL },
|
||||||
|
{ BER_BVC("tls_cacert="), offsetof(slap_bindconf, sb_tls_cacert), 's', 1, NULL },
|
||||||
|
{ BER_BVC("tls_cacertdir="), offsetof(slap_bindconf, sb_tls_cacertdir), 's', 1, NULL },
|
||||||
|
- { BER_BVC("tls_reqcert="), offsetof(slap_bindconf, sb_tls_reqcert), 's', 1, NULL },
|
||||||
|
- { BER_BVC("tls_cipher_suite="), offsetof(slap_bindconf, sb_tls_cipher_suite), 's', 1, NULL },
|
||||||
|
- { BER_BVC("tls_protocol_min="), offsetof(slap_bindconf, sb_tls_protocol_min), 's', 1, NULL },
|
||||||
|
+ { BER_BVC("tls_reqcert="), offsetof(slap_bindconf, sb_tls_reqcert), 's', 0, NULL },
|
||||||
|
+ { BER_BVC("tls_cipher_suite="), offsetof(slap_bindconf, sb_tls_cipher_suite), 's', 0, NULL },
|
||||||
|
+ { BER_BVC("tls_protocol_min="), offsetof(slap_bindconf, sb_tls_protocol_min), 's', 0, NULL },
|
||||||
|
#ifdef HAVE_OPENSSL_CRL
|
||||||
|
- { BER_BVC("tls_crlcheck="), offsetof(slap_bindconf, sb_tls_crlcheck), 's', 1, NULL },
|
||||||
|
+ { BER_BVC("tls_crlcheck="), offsetof(slap_bindconf, sb_tls_crlcheck), 's', 0, NULL },
|
||||||
|
#endif
|
||||||
|
#endif
|
||||||
|
{ BER_BVNULL, 0, 0, 0, NULL }
|
||||||
|
@@ -1330,6 +1353,20 @@ slap_cf_aux_table_parse( const char *word, void *dst, slap_cf_aux_table *tab0, L
|
||||||
|
|
||||||
|
rc = lutil_atoulx( ulptr, val, 0 );
|
||||||
|
break;
|
||||||
|
+
|
||||||
|
+ case 'x':
|
||||||
|
+ if ( tab->aux != NULL ) {
|
||||||
|
+ struct berval value;
|
||||||
|
+ slap_cf_aux_table_parse_x *func = (slap_cf_aux_table_parse_x *)tab->aux;
|
||||||
|
+
|
||||||
|
+ ber_str2bv( val, 0, 1, &value );
|
||||||
|
+
|
||||||
|
+ rc = func( &value, (void *)((char *)dst + tab->off), tab, tabmsg, 0 );
|
||||||
|
+
|
||||||
|
+ } else {
|
||||||
|
+ rc = 1;
|
||||||
|
+ }
|
||||||
|
+ break;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( rc ) {
|
||||||
|
@@ -1420,6 +1457,26 @@ slap_cf_aux_table_unparse( void *src, struct berval *bv, slap_cf_aux_table *tab0
|
||||||
|
ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), "%lu", *ulptr );
|
||||||
|
break;
|
||||||
|
|
||||||
|
+ case 'x':
|
||||||
|
+ *ptr++ = ' ';
|
||||||
|
+ ptr = lutil_strcopy( ptr, tab->key.bv_val );
|
||||||
|
+ if ( tab->quote ) *ptr++ = '"';
|
||||||
|
+ if ( tab->aux != NULL ) {
|
||||||
|
+ struct berval value;
|
||||||
|
+ slap_cf_aux_table_parse_x *func = (slap_cf_aux_table_parse_x *)tab->aux;
|
||||||
|
+ int rc;
|
||||||
|
+
|
||||||
|
+ value.bv_val = ptr;
|
||||||
|
+ value.bv_len = buf + sizeof( buf ) - ptr;
|
||||||
|
+
|
||||||
|
+ rc = func( &value, (void *)((char *)src + tab->off), tab, "(unparse)", 1 );
|
||||||
|
+ if ( rc == 0 ) {
|
||||||
|
+ ptr += value.bv_len;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ if ( tab->quote ) *ptr++ = '"';
|
||||||
|
+ break;
|
||||||
|
+
|
||||||
|
default:
|
||||||
|
assert( 0 );
|
||||||
|
}
|
||||||
|
diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h
|
||||||
|
index 076b898..210f6ba 100644
|
||||||
|
--- a/servers/slapd/slap.h
|
||||||
|
+++ b/servers/slapd/slap.h
|
||||||
|
@@ -1630,6 +1630,14 @@ typedef struct slap_cf_aux_table {
|
||||||
|
void *aux;
|
||||||
|
} slap_cf_aux_table;
|
||||||
|
|
||||||
|
+typedef int
|
||||||
|
+slap_cf_aux_table_parse_x LDAP_P((
|
||||||
|
+ struct berval *val,
|
||||||
|
+ void *bc,
|
||||||
|
+ slap_cf_aux_table *tab0,
|
||||||
|
+ const char *tabmsg,
|
||||||
|
+ int unparse ));
|
||||||
|
+
|
||||||
|
#define SLAP_LIMIT_TIME 1
|
||||||
|
#define SLAP_LIMIT_SIZE 2
|
||||||
|
|
||||||
|
diff --git a/servers/slapd/syncrepl.c b/servers/slapd/syncrepl.c
|
||||||
|
index fb1001f..bf84556 100644
|
||||||
|
--- a/servers/slapd/syncrepl.c
|
||||||
|
+++ b/servers/slapd/syncrepl.c
|
||||||
|
@@ -4060,6 +4060,10 @@ parse_syncrepl_line(
|
||||||
|
{
|
||||||
|
val = c->argv[ i ] + STRLENOF( PROVIDERSTR "=" );
|
||||||
|
ber_str2bv( val, 0, 1, &si->si_bindconf.sb_uri );
|
||||||
|
+#ifdef HAVE_TLS
|
||||||
|
+ if ( ldap_is_ldaps_url( val ))
|
||||||
|
+ si->si_bindconf.sb_tls_do_init = 1;
|
||||||
|
+#endif
|
||||||
|
si->si_got |= GOT_PROVIDER;
|
||||||
|
} else if ( !strncasecmp( c->argv[ i ], SCHEMASTR "=",
|
||||||
|
STRLENOF( SCHEMASTR "=" ) ) )
|
||||||
|
--
|
||||||
|
1.6.4.2
|
||||||
|
|
135
0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif
Normal file
135
0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif
Normal file
@ -0,0 +1,135 @@
|
|||||||
|
From ed86ffeec8ac01f9bc8ed531e5205a924c4a2979 Mon Sep 17 00:00:00 2001
|
||||||
|
From: ralf <ralf>
|
||||||
|
Date: Thu, 10 Dec 2009 10:56:52 +0000
|
||||||
|
Subject: [PATCH 3/3] apply global limit changes to all databases (ITS#6428)
|
||||||
|
|
||||||
|
bnc#562184
|
||||||
|
---
|
||||||
|
servers/slapd/bconfig.c | 90 ++++++++++++++++++++++++++++++++++++++++------
|
||||||
|
1 files changed, 78 insertions(+), 12 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c
|
||||||
|
index d43e927..ae15224 100644
|
||||||
|
--- a/servers/slapd/bconfig.c
|
||||||
|
+++ b/servers/slapd/bconfig.c
|
||||||
|
@@ -2208,14 +2208,23 @@ config_sizelimit(ConfigArgs *c) {
|
||||||
|
rc = 1;
|
||||||
|
return rc;
|
||||||
|
} else if ( c->op == LDAP_MOD_DELETE ) {
|
||||||
|
- /* Reset to defaults */
|
||||||
|
- lim->lms_s_soft = SLAPD_DEFAULT_SIZELIMIT;
|
||||||
|
- lim->lms_s_hard = 0;
|
||||||
|
- lim->lms_s_unchecked = -1;
|
||||||
|
- lim->lms_s_pr = 0;
|
||||||
|
- lim->lms_s_pr_hide = 0;
|
||||||
|
- lim->lms_s_pr_total = 0;
|
||||||
|
- return 0;
|
||||||
|
+ /* Reset to defaults or values from frontend */
|
||||||
|
+ if ( c->be == frontendDB ) {
|
||||||
|
+ lim->lms_s_soft = SLAPD_DEFAULT_SIZELIMIT;
|
||||||
|
+ lim->lms_s_hard = 0;
|
||||||
|
+ lim->lms_s_unchecked = -1;
|
||||||
|
+ lim->lms_s_pr = 0;
|
||||||
|
+ lim->lms_s_pr_hide = 0;
|
||||||
|
+ lim->lms_s_pr_total = 0;
|
||||||
|
+ } else {
|
||||||
|
+ lim->lms_s_soft = frontendDB->be_def_limit.lms_s_soft;
|
||||||
|
+ lim->lms_s_hard = frontendDB->be_def_limit.lms_s_hard;
|
||||||
|
+ lim->lms_s_unchecked = frontendDB->be_def_limit.lms_s_unchecked;
|
||||||
|
+ lim->lms_s_pr = frontendDB->be_def_limit.lms_s_pr;
|
||||||
|
+ lim->lms_s_pr_hide = frontendDB->be_def_limit.lms_s_pr_hide;
|
||||||
|
+ lim->lms_s_pr_total = frontendDB->be_def_limit.lms_s_pr_total;
|
||||||
|
+ }
|
||||||
|
+ goto ok;
|
||||||
|
}
|
||||||
|
for(i = 1; i < c->argc; i++) {
|
||||||
|
if(!strncasecmp(c->argv[i], "size", 4)) {
|
||||||
|
@@ -2240,6 +2249,34 @@ config_sizelimit(ConfigArgs *c) {
|
||||||
|
lim->lms_s_hard = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+ok:
|
||||||
|
+ if ( ( c->be == frontendDB ) && ( c->ca_entry ) ) {
|
||||||
|
+ /* This is a modification to the global limits apply it to
|
||||||
|
+ * the other databases as needed */
|
||||||
|
+ AttributeDescription *ad=NULL;
|
||||||
|
+ const char *text = NULL;
|
||||||
|
+ slap_str2ad(c->argv[0], &ad, &text);
|
||||||
|
+ /* if we got here... */
|
||||||
|
+ assert( ad != NULL );
|
||||||
|
+
|
||||||
|
+ CfEntryInfo *ce = c->ca_entry->e_private;
|
||||||
|
+ if ( ce->ce_type == Cft_Global ){
|
||||||
|
+ ce = ce->ce_kids;
|
||||||
|
+ }
|
||||||
|
+ for (; ce; ce=ce->ce_sibs) {
|
||||||
|
+ Entry *dbe = ce->ce_entry;
|
||||||
|
+ if ( (ce->ce_type == Cft_Database) && (ce->ce_be != frontendDB)
|
||||||
|
+ && (!attr_find(dbe->e_attrs, ad)) ) {
|
||||||
|
+ ce->ce_be->be_def_limit.lms_s_soft = lim->lms_s_soft;
|
||||||
|
+ ce->ce_be->be_def_limit.lms_s_hard = lim->lms_s_hard;
|
||||||
|
+ ce->ce_be->be_def_limit.lms_s_unchecked =lim->lms_s_unchecked;
|
||||||
|
+ ce->ce_be->be_def_limit.lms_s_pr =lim->lms_s_pr;
|
||||||
|
+ ce->ce_be->be_def_limit.lms_s_pr_hide =lim->lms_s_pr_hide;
|
||||||
|
+ ce->ce_be->be_def_limit.lms_s_pr_total =lim->lms_s_pr_total;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -2259,10 +2296,15 @@ config_timelimit(ConfigArgs *c) {
|
||||||
|
rc = 1;
|
||||||
|
return rc;
|
||||||
|
} else if ( c->op == LDAP_MOD_DELETE ) {
|
||||||
|
- /* Reset to defaults */
|
||||||
|
- lim->lms_t_soft = SLAPD_DEFAULT_TIMELIMIT;
|
||||||
|
- lim->lms_t_hard = 0;
|
||||||
|
- return 0;
|
||||||
|
+ /* Reset to defaults or values from frontend */
|
||||||
|
+ if ( c->be == frontendDB ) {
|
||||||
|
+ lim->lms_t_soft = SLAPD_DEFAULT_TIMELIMIT;
|
||||||
|
+ lim->lms_t_hard = 0;
|
||||||
|
+ } else {
|
||||||
|
+ lim->lms_t_soft = frontendDB->be_def_limit.lms_t_soft;
|
||||||
|
+ lim->lms_t_hard = frontendDB->be_def_limit.lms_t_hard;
|
||||||
|
+ }
|
||||||
|
+ goto ok;
|
||||||
|
}
|
||||||
|
for(i = 1; i < c->argc; i++) {
|
||||||
|
if(!strncasecmp(c->argv[i], "time", 4)) {
|
||||||
|
@@ -2287,6 +2329,30 @@ config_timelimit(ConfigArgs *c) {
|
||||||
|
lim->lms_t_hard = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+ok:
|
||||||
|
+ if ( ( c->be == frontendDB ) && ( c->ca_entry ) ) {
|
||||||
|
+ /* This is a modification to the global limits apply it to
|
||||||
|
+ * the other databases as needed */
|
||||||
|
+ AttributeDescription *ad=NULL;
|
||||||
|
+ const char *text = NULL;
|
||||||
|
+ slap_str2ad(c->argv[0], &ad, &text);
|
||||||
|
+ /* if we got here... */
|
||||||
|
+ assert( ad != NULL );
|
||||||
|
+
|
||||||
|
+ CfEntryInfo *ce = c->ca_entry->e_private;
|
||||||
|
+ if ( ce->ce_type == Cft_Global ){
|
||||||
|
+ ce = ce->ce_kids;
|
||||||
|
+ }
|
||||||
|
+ for (; ce; ce=ce->ce_sibs) {
|
||||||
|
+ Entry *dbe = ce->ce_entry;
|
||||||
|
+ if ( (ce->ce_type == Cft_Database) && (ce->ce_be != frontendDB)
|
||||||
|
+ && (!attr_find(dbe->e_attrs, ad)) ) {
|
||||||
|
+ ce->ce_be->be_def_limit.lms_t_soft = lim->lms_t_soft;
|
||||||
|
+ ce->ce_be->be_def_limit.lms_t_hard = lim->lms_t_hard;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
|
||||||
|
--
|
||||||
|
1.6.4.2
|
||||||
|
|
@ -1,3 +1,15 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Dec 10 15:41:11 UTC 2009 - rhafer@novell.com
|
||||||
|
|
||||||
|
- Fixed an issue in back-config's objectclass inheritence code that
|
||||||
|
could cause the server to fail to start or to spin in an endless
|
||||||
|
loop (bnc#558059,ITS#6408)
|
||||||
|
- default the tls_reqcert parameter of a syncrepl config to
|
||||||
|
"demand" as documented even if other tls_ options are absent
|
||||||
|
(bnc#558397, ITS#6319)
|
||||||
|
- apply changes to the global size and timelimits to all database
|
||||||
|
that don't specify limits themself. (bnc#562184, ITS#6428)
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Mon Nov 30 16:09:22 UTC 2009 - rhafer@novell.com
|
Mon Nov 30 16:09:22 UTC 2009 - rhafer@novell.com
|
||||||
|
|
||||||
|
@ -61,6 +61,9 @@ Patch4: ldapi_url.dif
|
|||||||
Patch6: libldap-gethostbyname_r.dif
|
Patch6: libldap-gethostbyname_r.dif
|
||||||
Patch7: pie-compile.dif
|
Patch7: pie-compile.dif
|
||||||
Patch11: slapd-bconfig-del-db.dif
|
Patch11: slapd-bconfig-del-db.dif
|
||||||
|
Patch12: 0001-back-config-objectclass-inheritence-ITS-6408.dif
|
||||||
|
Patch13: 0002-init-bindconf-TLS-settings-ITS-6419.dif
|
||||||
|
Patch14: 0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif
|
||||||
Patch100: openldap-2.3.37.dif
|
Patch100: openldap-2.3.37.dif
|
||||||
Patch200: slapd_getaddrinfo_dupl.dif
|
Patch200: slapd_getaddrinfo_dupl.dif
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||||
@ -181,6 +184,9 @@ Authors:
|
|||||||
%patch7
|
%patch7
|
||||||
%endif
|
%endif
|
||||||
%patch11
|
%patch11
|
||||||
|
%patch12 -p1
|
||||||
|
%patch13 -p1
|
||||||
|
%patch14 -p1
|
||||||
%if %suse_version == 1100
|
%if %suse_version == 1100
|
||||||
%patch200 -p1
|
%patch200 -p1
|
||||||
%endif
|
%endif
|
||||||
|
@ -1,3 +1,15 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Dec 10 15:41:11 UTC 2009 - rhafer@novell.com
|
||||||
|
|
||||||
|
- Fixed an issue in back-config's objectclass inheritence code that
|
||||||
|
could cause the server to fail to start or to spin in an endless
|
||||||
|
loop (bnc#558059,ITS#6408)
|
||||||
|
- default the tls_reqcert parameter of a syncrepl config to
|
||||||
|
"demand" as documented even if other tls_ options are absent
|
||||||
|
(bnc#558397, ITS#6319)
|
||||||
|
- apply changes to the global size and timelimits to all database
|
||||||
|
that don't specify limits themself. (bnc#562184, ITS#6428)
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Mon Nov 30 16:09:22 UTC 2009 - rhafer@novell.com
|
Mon Nov 30 16:09:22 UTC 2009 - rhafer@novell.com
|
||||||
|
|
||||||
|
@ -61,6 +61,9 @@ Patch4: ldapi_url.dif
|
|||||||
Patch6: libldap-gethostbyname_r.dif
|
Patch6: libldap-gethostbyname_r.dif
|
||||||
Patch7: pie-compile.dif
|
Patch7: pie-compile.dif
|
||||||
Patch11: slapd-bconfig-del-db.dif
|
Patch11: slapd-bconfig-del-db.dif
|
||||||
|
Patch12: 0001-back-config-objectclass-inheritence-ITS-6408.dif
|
||||||
|
Patch13: 0002-init-bindconf-TLS-settings-ITS-6419.dif
|
||||||
|
Patch14: 0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif
|
||||||
Patch100: openldap-2.3.37.dif
|
Patch100: openldap-2.3.37.dif
|
||||||
Patch200: slapd_getaddrinfo_dupl.dif
|
Patch200: slapd_getaddrinfo_dupl.dif
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||||
@ -181,6 +184,9 @@ Authors:
|
|||||||
%patch7
|
%patch7
|
||||||
%endif
|
%endif
|
||||||
%patch11
|
%patch11
|
||||||
|
%patch12 -p1
|
||||||
|
%patch13 -p1
|
||||||
|
%patch14 -p1
|
||||||
%if %suse_version == 1100
|
%if %suse_version == 1100
|
||||||
%patch200 -p1
|
%patch200 -p1
|
||||||
%endif
|
%endif
|
||||||
|
Loading…
Reference in New Issue
Block a user