Accepting request 43806 from network:ldap:OpenLDAP:RE24

Copy from network:ldap:OpenLDAP:RE24/openldap2 via accept of submit request 43806 revision 69.
Request was accepted with message:
Reviewed ok

OBS-URL: https://build.opensuse.org/request/show/43806
OBS-URL: https://build.opensuse.org/package/show/network:ldap/openldap2?expand=0&rev=41
This commit is contained in:
Ralf Haferkamp 2010-07-23 07:57:08 +00:00 committed by Git OBS Bridge
parent 4af766a1af
commit 337b984955
16 changed files with 534 additions and 362 deletions

View File

@ -1,8 +1,19 @@
Index: build/top.mk From 2a6dda988ea0b14931427cce835e8a6da5c3488e Mon Sep 17 00:00:00 2001
=================================================================== From: Ralf Haferkamp <rhafer@suse.de>
--- build/top.mk.orig Date: Wed, 16 Jun 2010 14:04:07 +0200
+++ build/top.mk Subject: build-adjustments
@@ -39,7 +39,7 @@ libdir = @libdir@
- Don't strip binaries
- Adjusted modules path
- don't use automake macro
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/build/top.mk b/build/top.mk
index 0794173..eb4c825 100644
--- a/build/top.mk
+++ b/build/top.mk
@@ -40,7 +40,7 @@ libdir = @libdir@
libexecdir = @libexecdir@ libexecdir = @libexecdir@
localstatedir = @localstatedir@ localstatedir = @localstatedir@
mandir = @mandir@ mandir = @mandir@
@ -11,19 +22,10 @@ Index: build/top.mk
sbindir = @sbindir@ sbindir = @sbindir@
sharedstatedir = @sharedstatedir@ sharedstatedir = @sharedstatedir@
sysconfdir = @sysconfdir@$(ldap_subdir) sysconfdir = @sysconfdir@$(ldap_subdir)
@@ -58,7 +58,7 @@ INSTALL_PROGRAM = $(INSTALL) diff --git a/configure.in b/configure.in
INSTALL_DATA = $(INSTALL) -m 644 index ba05a5a..e658b81 100644
INSTALL_SCRIPT = $(INSTALL) --- a/configure.in
+++ b/configure.in
-STRIP = -s
+#STRIP = -s
LINT = lint
5LINT = 5lint
Index: configure.in
===================================================================
--- configure.in.orig
+++ configure.in
@@ -67,7 +67,9 @@ dnl Determine host platform @@ -67,7 +67,9 @@ dnl Determine host platform
dnl we try not to use this for much dnl we try not to use this for much
AC_CANONICAL_TARGET([]) AC_CANONICAL_TARGET([])
@ -35,4 +37,6 @@ Index: configure.in
AC_SUBST(PACKAGE)dnl AC_SUBST(PACKAGE)dnl
AC_SUBST(VERSION)dnl AC_SUBST(VERSION)dnl
AC_DEFINE_UNQUOTED(OPENLDAP_PACKAGE,"$PACKAGE",Package) AC_DEFINE_UNQUOTED(OPENLDAP_PACKAGE,"$PACKAGE",Package)
--
1.7.1

View File

@ -1,5 +1,15 @@
--- servers/slapd/slapd.conf 2007/02/21 16:27:01 1.1 From d9c1061b77eec147e6d1df8b466d4b17b89e6890 Mon Sep 17 00:00:00 2001
+++ servers/slapd/slapd.conf 2007/02/21 16:29:20 From: Ralf Haferkamp <rhafer@suse.de>
Date: Wed, 16 Jun 2010 14:05:49 +0200
Subject: slapd.conf
1 files changed, 33 insertions(+), 17 deletions(-)
diff --git a/servers/slapd/slapd.conf b/servers/slapd/slapd.conf
index 4938b85..9caf292 100644
--- a/servers/slapd/slapd.conf
+++ b/servers/slapd/slapd.conf
@@ -3,6 +3,10 @@ @@ -3,6 +3,10 @@
# This file should NOT be world readable. # This file should NOT be world readable.
# #
@ -11,7 +21,7 @@
# Define global ACLs to disable default read access. # Define global ACLs to disable default read access.
@@ -10,8 +14,8 @@ @@ -10,8 +14,8 @@ include %SYSCONFDIR%/schema/core.schema
# service AND an understanding of referrals. # service AND an understanding of referrals.
#referral ldap://root.openldap.org #referral ldap://root.openldap.org
@ -22,7 +32,7 @@
# Load dynamic backend modules: # Load dynamic backend modules:
# modulepath %MODULEDIR% # modulepath %MODULEDIR%
@@ -26,20 +30,30 @@ @@ -26,20 +30,30 @@ argsfile %LOCALSTATEDIR%/run/slapd.args
# security ssf=1 update_ssf=112 simple_bind=64 # security ssf=1 update_ssf=112 simple_bind=64
# Sample access control policy: # Sample access control policy:
@ -67,7 +77,7 @@
# if no access controls are present, the default policy # if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts # allows anyone and everyone to read anything but restricts
# updates to rootdn. (e.g., "access to * by * read") # updates to rootdn. (e.g., "access to * by * read")
@@ -52,6 +66,8 @@ @@ -52,6 +66,8 @@ argsfile %LOCALSTATEDIR%/run/slapd.args
database bdb database bdb
suffix "dc=my-domain,dc=com" suffix "dc=my-domain,dc=com"
@ -76,7 +86,7 @@
rootdn "cn=Manager,dc=my-domain,dc=com" rootdn "cn=Manager,dc=my-domain,dc=com"
# Cleartext passwords, especially for the rootdn, should # Cleartext passwords, especially for the rootdn, should
# be avoid. See slappasswd(8) and slapd.conf(5) for details. # be avoid. See slappasswd(8) and slapd.conf(5) for details.
@@ -60,6 +76,6 @@ @@ -60,6 +76,6 @@ rootpw secret
# The database directory MUST exist prior to running slapd AND # The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools. # should only be accessible by the slapd and slap tools.
# Mode 700 recommended. # Mode 700 recommended.
@ -84,3 +94,6 @@
+directory /var/lib/ldap +directory /var/lib/ldap
# Indices to maintain # Indices to maintain
index objectClass eq index objectClass eq
--
1.7.1

View File

@ -0,0 +1,24 @@
From 82e121e47976ba0058733976b1c5428a6ee33c31 Mon Sep 17 00:00:00 2001
From: Ralf Haferkamp <rhafer@suse.de>
Date: Wed, 16 Jun 2010 14:06:42 +0200
Subject: LDAPI socket location
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/include/ldap_defaults.h b/include/ldap_defaults.h
index 3e0d4b2..5235339 100644
--- a/include/ldap_defaults.h
+++ b/include/ldap_defaults.h
@@ -39,7 +39,7 @@
#define LDAP_ENV_PREFIX "LDAP"
/* default ldapi:// socket */
-#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "ldapi"
+#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "ldapi"
/*
* SLAPD DEFINITIONS
--
1.7.1

View File

@ -0,0 +1,33 @@
From 21d21f0d9aed8876722748ef8ba92f75dbcdc771 Mon Sep 17 00:00:00 2001
From: Ralf Haferkamp <rhafer@suse.de>
Date: Wed, 16 Jun 2010 14:08:03 +0200
Subject: libldap use gethostbyname_r
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/libraries/libldap/util-int.c b/libraries/libldap/util-int.c
index 0704f9a..50a3389 100644
--- a/libraries/libldap/util-int.c
+++ b/libraries/libldap/util-int.c
@@ -52,7 +52,7 @@ extern int h_errno;
#ifndef LDAP_R_COMPILE
# undef HAVE_REENTRANT_FUNCTIONS
# undef HAVE_CTIME_R
-# undef HAVE_GETHOSTBYNAME_R
+/* # undef HAVE_GETHOSTBYNAME_R */
# undef HAVE_GETHOSTBYADDR_R
#else
@@ -330,7 +330,7 @@ ldap_pvt_csnstr(char *buf, size_t len, unsigned int replica, unsigned int mod)
#define BUFSTART (1024-32)
#define BUFMAX (32*1024-32)
-#if defined(LDAP_R_COMPILE)
+#if defined(LDAP_R_COMPILE) || defined(HAVE_GETHOSTBYNAME_R)
static char *safe_realloc( char **buf, int len );
#if !(defined(HAVE_GETHOSTBYNAME_R) && defined(HAVE_GETHOSTBYADDR_R))
--
1.7.1

View File

@ -1,8 +1,16 @@
Index: build/top.mk From c73e8eb5d25f22ffb1203a38becbe88da4fc9116 Mon Sep 17 00:00:00 2001
=================================================================== From: Ralf Haferkamp <rhafer@suse.de>
--- build/top.mk.orig Date: Wed, 16 Jun 2010 14:08:30 +0200
+++ build/top.mk Subject: pie compile
@@ -178,9 +178,9 @@ SLAPD_L = $(LDAP_LIBLUNICODE_A) $(LDAP_L
12 files changed, 35 insertions(+), 2 deletions(-)
diff --git a/build/top.mk b/build/top.mk
index eb4c825..4cb3da8 100644
--- a/build/top.mk
+++ b/build/top.mk
@@ -178,9 +178,9 @@ SLAPD_L = $(LDAP_LIBLUNICODE_A) $(LDAP_LIBREWRITE_A) \
WRAP_LIBS = @WRAP_LIBS@ WRAP_LIBS = @WRAP_LIBS@
# AutoConfig generated # AutoConfig generated
AC_CC = @CC@ AC_CC = @CC@
@ -14,11 +22,11 @@ Index: build/top.mk
AC_LIBS = @LIBS@ AC_LIBS = @LIBS@
KRB4_LIBS = @KRB4_LIBS@ KRB4_LIBS = @KRB4_LIBS@
Index: libraries/liblunicode/Makefile.in diff --git a/libraries/liblunicode/Makefile.in b/libraries/liblunicode/Makefile.in
=================================================================== index 5348baa..7332d4e 100644
--- libraries/liblunicode/Makefile.in.orig --- a/libraries/liblunicode/Makefile.in
+++ libraries/liblunicode/Makefile.in +++ b/libraries/liblunicode/Makefile.in
@@ -35,6 +35,9 @@ $(XXDIR)/uctable.h: $(XXDIR)/ucgendat.c @@ -35,6 +35,9 @@ $(XXDIR)/uctable.h: $(XXDIR)/ucgendat.c $(srcdir)/UnicodeData.txt $(srcdir)/Comp
$(MAKE) ucgendat $(MAKE) ucgendat
./ucgendat $(srcdir)/UnicodeData.txt -x $(srcdir)/CompositionExclusions.txt ./ucgendat $(srcdir)/UnicodeData.txt -x $(srcdir)/CompositionExclusions.txt
@ -28,10 +36,10 @@ Index: libraries/liblunicode/Makefile.in
ucgendat: $(XLIBS) ucgendat.o ucgendat: $(XLIBS) ucgendat.o
$(LTLINK) -o $@ ucgendat.o $(LIBS) $(LTLINK) -o $@ ucgendat.o $(LIBS)
Index: libraries/liblutil/Makefile.in diff --git a/libraries/liblutil/Makefile.in b/libraries/liblutil/Makefile.in
=================================================================== index b527966..a04e18e 100644
--- libraries/liblutil/Makefile.in.orig --- a/libraries/liblutil/Makefile.in
+++ libraries/liblutil/Makefile.in +++ b/libraries/liblutil/Makefile.in
@@ -19,6 +19,9 @@ PROGRAM = testavl @@ -19,6 +19,9 @@ PROGRAM = testavl
LDAP_INCDIR= ../../include LDAP_INCDIR= ../../include
LDAP_LIBDIR= ../../libraries LDAP_LIBDIR= ../../libraries
@ -42,11 +50,25 @@ Index: libraries/liblutil/Makefile.in
NT_SRCS = ntservice.c NT_SRCS = ntservice.c
NT_OBJS = ntservice.o slapdmsg.res NT_OBJS = ntservice.o slapdmsg.res
Index: servers/slapd/Makefile.in diff --git a/libraries/librewrite/Makefile.in b/libraries/librewrite/Makefile.in
=================================================================== index 72678c1..a4e0bcc 100644
--- servers/slapd/Makefile.in.orig --- a/libraries/librewrite/Makefile.in
+++ servers/slapd/Makefile.in +++ b/libraries/librewrite/Makefile.in
@@ -69,6 +69,9 @@ SLAPD_DYNAMIC_BACKENDS=@SLAPD_DYNAMIC_BA @@ -26,6 +26,9 @@ OBJS = config.o context.o info.o ldapmap.o map.o params.o rule.o \
LDAP_INCDIR= ../../include
LDAP_LIBDIR= ../../libraries
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
LIBRARY = librewrite.a
PROGRAMS = rewrite
XLIBS = $(LIBRARY) $(LDAP_LIBLUTIL_A) \
diff --git a/servers/slapd/Makefile.in b/servers/slapd/Makefile.in
index c170d79..23a18eb 100644
--- a/servers/slapd/Makefile.in
+++ b/servers/slapd/Makefile.in
@@ -69,6 +69,9 @@ SLAPD_DYNAMIC_BACKENDS=@SLAPD_DYNAMIC_BACKENDS@
SLAPI_LIBS=@LIBSLAPI@ @SLAPI_LIBS@ SLAPI_LIBS=@LIBSLAPI@ @SLAPI_LIBS@
@ -56,10 +78,10 @@ Index: servers/slapd/Makefile.in
XDEFS = $(MODULES_CPPFLAGS) XDEFS = $(MODULES_CPPFLAGS)
XLDFLAGS = $(MODULES_LDFLAGS) XLDFLAGS = $(MODULES_LDFLAGS)
Index: servers/slapd/back-bdb/Makefile.in diff --git a/servers/slapd/back-bdb/Makefile.in b/servers/slapd/back-bdb/Makefile.in
=================================================================== index f44dab2..d919931 100644
--- servers/slapd/back-bdb/Makefile.in.orig --- a/servers/slapd/back-bdb/Makefile.in
+++ servers/slapd/back-bdb/Makefile.in +++ b/servers/slapd/back-bdb/Makefile.in
@@ -37,6 +37,9 @@ mod_DEFS = -DSLAPD_IMPORT @@ -37,6 +37,9 @@ mod_DEFS = -DSLAPD_IMPORT
MOD_DEFS = $(@BUILD_BDB@_DEFS) MOD_DEFS = $(@BUILD_BDB@_DEFS)
MOD_LIBS = $(BDB_LIBS) MOD_LIBS = $(BDB_LIBS)
@ -70,10 +92,10 @@ Index: servers/slapd/back-bdb/Makefile.in
shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA) shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA)
NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
Index: servers/slapd/back-hdb/Makefile.in diff --git a/servers/slapd/back-hdb/Makefile.in b/servers/slapd/back-hdb/Makefile.in
=================================================================== index 5d8381c..a80d8c0 100644
--- servers/slapd/back-hdb/Makefile.in.orig --- a/servers/slapd/back-hdb/Makefile.in
+++ servers/slapd/back-hdb/Makefile.in +++ b/servers/slapd/back-hdb/Makefile.in
@@ -41,6 +41,9 @@ mod_DEFS = -DSLAPD_IMPORT @@ -41,6 +41,9 @@ mod_DEFS = -DSLAPD_IMPORT
MOD_DEFS = $(@BUILD_HDB@_DEFS) MOD_DEFS = $(@BUILD_HDB@_DEFS)
MOD_LIBS = $(BDB_LIBS) MOD_LIBS = $(BDB_LIBS)
@ -84,66 +106,10 @@ Index: servers/slapd/back-hdb/Makefile.in
shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA) shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA)
NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
Index: servers/slapd/overlays/Makefile.in diff --git a/servers/slapd/back-ldap/Makefile.in b/servers/slapd/back-ldap/Makefile.in
=================================================================== index 64a4af8..51495d5 100644
--- servers/slapd/overlays/Makefile.in.orig --- a/servers/slapd/back-ldap/Makefile.in
+++ servers/slapd/overlays/Makefile.in +++ b/servers/slapd/back-ldap/Makefile.in
@@ -45,6 +45,9 @@ LTONLY_MOD = $(LTONLY_mod)
LDAP_INCDIR= ../../../include
LDAP_LIBDIR= ../../../libraries
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
MOD_DEFS = -DSLAPD_IMPORT
shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA)
Index: servers/slapd/back-relay/Makefile.in
===================================================================
--- servers/slapd/back-relay/Makefile.in.orig
+++ servers/slapd/back-relay/Makefile.in
@@ -25,6 +25,9 @@ BUILD_MOD = @BUILD_RELAY@
mod_DEFS = -DSLAPD_IMPORT
MOD_DEFS = $(@BUILD_RELAY@_DEFS)
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA)
NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) $(REWRITE)
UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) $(REWRITE)
Index: servers/slapd/back-ldif/Makefile.in
===================================================================
--- servers/slapd/back-ldif/Makefile.in.orig
+++ servers/slapd/back-ldif/Makefile.in
@@ -25,6 +25,9 @@ BUILD_MOD = yes
mod_DEFS = -DSLAPD_IMPORT
MOD_DEFS = $(yes_DEFS)
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA)
NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
Index: libraries/librewrite/Makefile.in
===================================================================
--- libraries/librewrite/Makefile.in.orig
+++ libraries/librewrite/Makefile.in
@@ -26,6 +26,9 @@ OBJS = config.o context.o info.o ldapmap
LDAP_INCDIR= ../../include
LDAP_LIBDIR= ../../libraries
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
LIBRARY = librewrite.a
PROGRAMS = rewrite
XLIBS = $(LIBRARY) $(LDAP_LIBLUTIL_A) \
Index: servers/slapd/back-ldap/Makefile.in
===================================================================
--- servers/slapd/back-ldap/Makefile.in.orig
+++ servers/slapd/back-ldap/Makefile.in
@@ -29,6 +29,9 @@ BUILD_MOD = @BUILD_LDAP@ @@ -29,6 +29,9 @@ BUILD_MOD = @BUILD_LDAP@
mod_DEFS = -DSLAPD_IMPORT mod_DEFS = -DSLAPD_IMPORT
MOD_DEFS = $(@BUILD_LDAP@_DEFS) MOD_DEFS = $(@BUILD_LDAP@_DEFS)
@ -154,10 +120,24 @@ Index: servers/slapd/back-ldap/Makefile.in
shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA) shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA)
NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
Index: servers/slapd/back-monitor/Makefile.in diff --git a/servers/slapd/back-ldif/Makefile.in b/servers/slapd/back-ldif/Makefile.in
=================================================================== index 29450ae..c47641f 100644
--- servers/slapd/back-monitor/Makefile.in.orig --- a/servers/slapd/back-ldif/Makefile.in
+++ servers/slapd/back-monitor/Makefile.in +++ b/servers/slapd/back-ldif/Makefile.in
@@ -25,6 +25,9 @@ BUILD_MOD = yes
mod_DEFS = -DSLAPD_IMPORT
MOD_DEFS = $(yes_DEFS)
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA)
NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
diff --git a/servers/slapd/back-monitor/Makefile.in b/servers/slapd/back-monitor/Makefile.in
index 6005b2d..a8f45a7 100644
--- a/servers/slapd/back-monitor/Makefile.in
+++ b/servers/slapd/back-monitor/Makefile.in
@@ -33,6 +33,9 @@ BUILD_MOD = @BUILD_MONITOR@ @@ -33,6 +33,9 @@ BUILD_MOD = @BUILD_MONITOR@
mod_DEFS = -DSLAPD_IMPORT mod_DEFS = -DSLAPD_IMPORT
MOD_DEFS = $(@BUILD_MONITOR@_DEFS) MOD_DEFS = $(@BUILD_MONITOR@_DEFS)
@ -168,3 +148,34 @@ Index: servers/slapd/back-monitor/Makefile.in
shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA) shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA)
NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS)
diff --git a/servers/slapd/back-relay/Makefile.in b/servers/slapd/back-relay/Makefile.in
index a408f34..518c7e5 100644
--- a/servers/slapd/back-relay/Makefile.in
+++ b/servers/slapd/back-relay/Makefile.in
@@ -25,6 +25,9 @@ BUILD_MOD = @BUILD_RELAY@
mod_DEFS = -DSLAPD_IMPORT
MOD_DEFS = $(@BUILD_RELAY@_DEFS)
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA)
NT_LINK_LIBS = -L.. -lslapd $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) $(REWRITE)
UNIX_LINK_LIBS = $(@BUILD_LIBS_DYNAMIC@_LDAP_LIBS) $(REWRITE)
diff --git a/servers/slapd/overlays/Makefile.in b/servers/slapd/overlays/Makefile.in
index 0b7ce5c..7a48574 100644
--- a/servers/slapd/overlays/Makefile.in
+++ b/servers/slapd/overlays/Makefile.in
@@ -46,6 +46,9 @@ LTONLY_MOD = $(LTONLY_mod)
LDAP_INCDIR= ../../../include
LDAP_LIBDIR= ../../../libraries
+PIE_CFLAGS="-fPIE"
+PIE_LDFLAGS="-pie"
+
MOD_DEFS = -DSLAPD_IMPORT
shared_LDAP_LIBS = $(LDAP_LIBLDAP_R_LA) $(LDAP_LIBLBER_LA)
--
1.7.1

View File

@ -1,8 +1,16 @@
Index: servers/slapd/bconfig.c From a998fdc90747f222d261e714ea7e757ad0345f56 Mon Sep 17 00:00:00 2001
=================================================================== From: Ralf Haferkamp <rhafer@suse.de>
--- servers/slapd/bconfig.c.orig Date: Wed, 16 Jun 2010 14:08:56 +0200
+++ servers/slapd/bconfig.c Subject: assorted fixes for back-config DELETE support
@@ -5492,13 +5492,26 @@ config_back_delete( Operation *op, SlapR
1 files changed, 16 insertions(+), 2 deletions(-)
diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c
index 8626f21..4ec085f 100644
--- a/servers/slapd/bconfig.c
+++ b/servers/slapd/bconfig.c
@@ -5924,13 +5924,26 @@ config_back_delete( Operation *op, SlapReply *rs )
rs->sr_err = LDAP_UNWILLING_TO_PERFORM; rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
} else if ( op->o_abandon ) { } else if ( op->o_abandon ) {
rs->sr_err = SLAPD_ABANDON; rs->sr_err = SLAPD_ABANDON;
@ -31,7 +39,7 @@ Index: servers/slapd/bconfig.c
/* remove CfEntryInfo from the siblings list */ /* remove CfEntryInfo from the siblings list */
if ( ce->ce_parent->ce_kids == ce ) { if ( ce->ce_parent->ce_kids == ce ) {
@@ -5560,6 +5573,7 @@ config_back_delete( Operation *op, SlapR @@ -5992,6 +6005,7 @@ config_back_delete( Operation *op, SlapReply *rs )
#else #else
rs->sr_err = LDAP_UNWILLING_TO_PERFORM; rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
#endif /* SLAP_CONFIG_DELETE */ #endif /* SLAP_CONFIG_DELETE */
@ -39,3 +47,6 @@ Index: servers/slapd/bconfig.c
send_ldap_result( op, rs ); send_ldap_result( op, rs );
return rs->sr_err; return rs->sr_err;
} }
--
1.7.1

View File

@ -1,38 +0,0 @@
From e32aa64d19840a3b76da532d200fa1cb733e0672 Mon Sep 17 00:00:00 2001
From: ralf <ralf>
Date: Thu, 20 May 2010 15:08:28 +0000
Subject: Syncprov might lose deletes (ITS#6555)
During the refresh phase the sync filter needs to be adjusted (skipping
the "(entrycsn>=cookie)" part that was inserted) when checking whether a
change needs to be replicated, otherwise we lose DELETES that happen during
the refresh phase.
bnc#606294
1 files changed, 9 insertions(+), 1 deletions(-)
diff --git a/servers/slapd/overlays/syncprov.c b/servers/slapd/overlays/syncprov.c
index 675568e..030edf5 100644
--- a/servers/slapd/overlays/syncprov.c
+++ b/servers/slapd/overlays/syncprov.c
@@ -1301,7 +1301,15 @@ syncprov_matchops( Operation *op, opcookie *opc, int saveit )
op2.o_hdr = &oh;
op2.o_extra = op->o_extra;
op2.o_callback = NULL;
- rc = test_filter( &op2, e, ss->s_op->ors_filter );
+ ldap_pvt_thread_mutex_lock( &ss->s_mutex );
+ if (ss->s_flags & PS_FIX_FILTER) {
+ /* Skip the AND/GE clause that we stuck on in front. We
+ would lose deletes/mods that happen during the refresh
+ phase otherwise (ITS#6555) */
+ op2.ors_filter = ss->s_op->ors_filter->f_and->f_next;
+ }
+ ldap_pvt_thread_mutex_unlock( &ss->s_mutex );
+ rc = test_filter( &op2, e, op2.ors_filter );
}
Debug( LDAP_DEBUG_TRACE, "syncprov_matchops: sid %03x fscope %d rc %d\n",
--
1.7.0.3

View File

@ -1,11 +0,0 @@
--- include/ldap_defaults.h 2004/04/14 14:13:27 1.1
+++ include/ldap_defaults.h 2004/04/14 14:14:01
@@ -39,7 +39,7 @@
#define LDAP_ENV_PREFIX "LDAP"
/* default ldapi:// socket */
-#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "ldapi"
+#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "ldapi"
/*
* SLAPD DEFINITIONS

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:7140bb913a95765134daf5ee17254d938f54c981790d328e6cd3ca7ad6cea915
size 4421498

3
openldap-2.4.23.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:56349b44f6219fa305e9ebaffd6f2c2c57e3229a1f1c850f6fc5f6ba4e06c03a
size 4223407

View File

@ -1,3 +1,32 @@
-------------------------------------------------------------------
Fri Jul 23 07:49:40 UTC 2010 - rhafer@novell.com
- Fixed RPM Group and Summary Tags (bnc#624980)
-------------------------------------------------------------------
Thu Jul 1 13:02:13 UTC 2010 - rhafer@novell.com
- Updated to 2.4.23:
* Fixed libldap to return server's error code (ITS#6569)
* Fixed libldap memleaks (ITS#6568)
* Fixed liblutil off-by-one with delta (ITS#6541)
* Fixed slapd acls with glued databases (ITS#6468)
* Fixed slapd syncrepl rid logging (ITS#6533)
* Fixed slapd modrdn handling of invalid values (bnc#612430,
ITS#6570)
* Fixed slapd-bdb hasSubordinates computation (ITS#6549)
* Fixed slapd-bdb to use memcpy instead for strcpy (ITS#6474)
* Fixed slapd-bdb entry cache delete failure (ITS#6577)
* Fixed slapd-ldap to return control responses (ITS#6530)
* Fixed slapo-ppolicy to use Debug (ITS#6566)
* Fixed slapo-refint to zero out freed DN vals (ITS#6572)
* Fixed slapo-rwm to use Debug (ITS#6566)
* Fixed slapo-sssvlv to use Debug (ITS#6566)
* Fixed slapo-syncprov lost deletes in refresh phase (bnc#606294,
ITS#6555)
* Fixed slapo-valsort to use Debug (ITS#6566)
* Fixed contrib/nssov network.c missing patch (ITS#6562)
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Jul 1 12:48:18 UTC 2010 - rhafer@novell.com Thu Jul 1 12:48:18 UTC 2010 - rhafer@novell.com
@ -7,12 +36,85 @@ Thu Jul 1 12:48:18 UTC 2010 - rhafer@novell.com
"refreshAndPersist" replication failed to replicate under "refreshAndPersist" replication failed to replicate under
certain circumstances (bnc#606294, ITS#6555) certain circumstances (bnc#606294, ITS#6555)
-------------------------------------------------------------------
Thu Jun 17 15:53:49 UTC 2010 - rhafer@novell.com
- New subpackage openldap2-back-sql. Contains the SQL backend
module plus some documentation (bnc#395719)
-------------------------------------------------------------------
Thu Jun 17 13:02:40 UTC 2010 - rhafer@novell.com
- generate Patches from git tree (resulted in all patches being
renamed)
- installing binaries without stripping them is done by setting
the STRIP enviroment variable instead for patching the Makefile
now
- Fixed a bug in the syncprov overlay which could lead to not
replicate delete Operations (ITS#6555, bnc#606294)
------------------------------------------------------------------- -------------------------------------------------------------------
Mon May 10 13:35:59 UTC 2010 - rhafer@novell.com Mon May 10 13:35:59 UTC 2010 - rhafer@novell.com
- Create /var/run/slapd on demand. /var/run might be mounted on - Create /var/run/slapd on demand. /var/run might be mounted on
tmpfs. tmpfs.
-------------------------------------------------------------------
Wed Apr 28 11:17:06 UTC 2010 - rhafer@novell.com
- BuildRequires cleanup
-------------------------------------------------------------------
Mon Apr 26 15:14:17 UTC 2010 - rhafer@novell.com
- Updated to 2.4.22:
* Added slapd SLAP_SCHEMA_EXPOSE flag for hidden schema elements
(ITS#6435)
* Added slapd tools selective iterations (ITS#6442)
* Added slapd syncrepl TCP keepalive (ITS#6389)
* Added slapo-ldap idassert-passthru (ITS#6456)
* Added slapo-pbind
* Fixed libldap gmtime re-entrancy (ITS#6262)
* Fixed libldap gssapi off by one error (ITS#6223)
* Fixed libldap referral on bind behavior(ITS#6510)
* Fixed slapd acl non-entry internal searches (ITS#6481)
* Fixed slapd acl attrval style initialization (ITS#6520)
* Fixed slapd certificateListValidate (ITS#6466)
* Fixed slapd empty URI parsing (ITS#6465)
* Fixed slapd glued misplaced entries (ITS#6506)
* Fixed slapd glued paged cookies (ITS#6507)
* Fixed slapd glued paged results (ITS#6504)
* Fixed slapd gmtime re-entrancy (ITS#6262)
* Fixed slapd to ignore controls with unrecognized flag
(ITS#6480)
* Fixed slapd entry ownership (ITS#5340)
* Fixed slapd sasl auxprop_lookup (ITS#6441)
* Fixed slapd sasl auxprop ssf (ITS#5195)
* Fixed slapd syncrepl for attributes with no matching rule
(ITS#6458)
* Fixed slapd syncrepl for unknown attrs and delta-sync
(ITS#6473)
* Fixed slapd syncrep loop with moddn (ITS#6472)
* Fixed slapo-accesslog to not replicate internal purges
(ITS#6519)
* Fixed slapd-bdb contextCSN updates from updatedn (ITS#6469)
* Fixed slapd-bdb lockobj zeroing (ITS#6501)
* Fixed slapd-ldap/meta control criticality (ITS#6523)
* Fixed slapd-ldap/meta with ordered values (ITS#6516)
* Fixed slapo-collect entry ownership (ITS#5340,ITS#6423)
* Fixed slapo-dds with NULL backend (ITS#6490)
* Fixed slapo-dynlist entry ownership (ITS#5340,ITS#6423)
* Fixed slapo-memberof attr count (ITS#6508)
* Fixed slapo-pcache to release its own entries (ITS#6484)
* Fixed slapo-pcache with NULL backend (ITS#6490)
* Fixed slapo-rwm entry release handling (ITS#6484)
* Fixed slapo-rwm memory handling with rewrites (ITS#6526)
* Fixed slapo-rwm olcRwmMap handling (ITS#6436)
* Fixed slapo-rwm entry ownership (ITS#5340,ITS#6423)
* Fixed slapo-syncprov memory leak (ITS#6459)
* Fixed slapo-translucent counter increment (ITS#6497)
* Fixed slapo-valsort entry ownership (ITS#5340,ITS#6423)
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Apr 15 08:18:49 UTC 2010 - adrian@suse.de Thu Apr 15 08:18:49 UTC 2010 - adrian@suse.de

View File

@ -1,5 +1,5 @@
# #
# spec file for package openldap2-client (Version 2.4.21) # spec file for package openldap2 (Version 2.4.21)
# #
# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
# #
@ -19,25 +19,25 @@
%define run_test_suite 1 %define run_test_suite 1
Name: openldap2-client Name: openldap2-client
BuildRequires: cyrus-sasl-devel db-devel libopenssl-devel tcpd-devel BuildRequires: cyrus-sasl-devel libopenssl-devel
%if %sles_version == 9 %if %sles_version == 9 || %sles_version == 10
BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-devel BuildRequires: -libopenssl-devel -pwdutils openssl-devel
%endif %endif
%if %sles_version == 10 Version: 2.4.23
BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-devel Release: 4
%endif
Version: 2.4.21
Release: 6
Url: http://www.openldap.org Url: http://www.openldap.org
License: BSD3c(or similar) ; openldap 2.8 License: BSD3c(or similar) ; openldap 2.8
%if "%{name}" == "openldap2" %if "%{name}" == "openldap2"
BuildRequires: openslp-devel BuildRequires: unixODBC-devel openslp-devel db-devel tcpd-devel
Group: Productivity/Networking/LDAP/Clients %if %sles_version == 9 || %sles_version == 10
BuildRequires: -db-devel libdb-4_5-devel
%endif
Group: Productivity/Networking/LDAP/Servers
Conflicts: openldap Conflicts: openldap
Requires: libldap-2_4-2 = %{version} Requires: libldap-2_4-2 = %{version}
PreReq: %insserv_prereq %fillup_prereq /usr/sbin/useradd /usr/sbin/groupadd /usr/bin/grep PreReq: %insserv_prereq %fillup_prereq /usr/sbin/useradd /usr/sbin/groupadd /usr/bin/grep
Summary: The OpenLDAP commandline client tools Summary: The OpenLDAP Server
%else %else
Group: Productivity/Networking/LDAP/Clients Group: Productivity/Networking/LDAP/Clients
Conflicts: openldap-client Conflicts: openldap-client
@ -53,15 +53,12 @@ Source4: sasl-slapd.conf
Source5: README.update Source5: README.update
Source6: schema2ldif Source6: schema2ldif
Source100: openldap-2.3.37.tar.bz2 Source100: openldap-2.3.37.tar.bz2
Patch1: openldap2.dif Patch1: 0001-build-adjustments.dif
Patch2: slapd_conf.dif Patch2: 0002-slapd.conf.dif
Patch4: ldapi_url.dif Patch3: 0003-LDAPI-socket-location.dif
Patch5: slapd-back-hdb-fortify.dif Patch4: 0004-libldap-use-gethostbyname_r.dif
Patch6: libldap-gethostbyname_r.dif Patch5: 0005-pie-compile.dif
Patch7: pie-compile.dif Patch6: 0006-assorted-fixes-for-back-config-DELETE-support.dif
Patch11: slapd-bconfig-del-db.dif
Patch12: Syncprov-might-lose-deletes-ITS-6555.dif
Patch13: slapd-modrdn-crash-ITS-6570.dif
Patch100: openldap-2.3.37.dif Patch100: openldap-2.3.37.dif
Patch200: slapd_getaddrinfo_dupl.dif Patch200: slapd_getaddrinfo_dupl.dif
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
@ -116,6 +113,21 @@ Authors:
-------- --------
The OpenLDAP Project <project@openldap.org> The OpenLDAP Project <project@openldap.org>
%package -n openldap2-back-sql
License: BSD3c(or similar)
Summary: OpenLDAP SQL Back-End
Requires: openldap2 = %{version}
AutoReqProv: on
Group: Productivity/Networking/LDAP/Servers
%description -n openldap2-back-sql
The primary purpose of this OpenLDAP backend is to present information
stored in a Relational (SQL) Database as an LDAP subtree without the need
to do any programming.
Authors:
--------
The OpenLDAP Project <project@openldap.org>
%else %else
%description %description
@ -173,17 +185,14 @@ Authors:
%prep %prep
%setup -q -n openldap-%{version} -a1 -a2 -b100 %setup -q -n openldap-%{version} -a1 -a2 -b100
%patch1 %patch1 -p1
%patch2 %patch2 -p1
%patch4 %patch3 -p1
%patch5 %patch4 -p1
%patch6
%if %suse_version > 920 %if %suse_version > 920
%patch7 %patch5 -p1
%endif %endif
%patch11 %patch6 -p1
%patch12 -p1
%patch13 -p1
%if %suse_version == 1100 %if %suse_version == 1100
%patch200 -p1 %patch200 -p1
%endif %endif
@ -196,13 +205,10 @@ cd ../openldap-2.3.37
libtoolize --force libtoolize --force
autoreconf autoreconf
export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -DLDAP_DEPRECATED -DLDAP_CONNECTIONLESS -DSLAP_CONFIG_DELETE" export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -DLDAP_DEPRECATED -DLDAP_CONNECTIONLESS -DSLAP_CONFIG_DELETE"
./configure --prefix=/usr \ export STRIP=""
--exec-prefix=/usr \ %configure \
--sysconfdir=%{_sysconfdir} \
--localstatedir=/var/run/slapd \ --localstatedir=/var/run/slapd \
--libexecdir=/usr/lib/openldap \ --libexecdir=/usr/lib/openldap \
--libdir=%{_libdir} \
--mandir=%{_mandir} \
--enable-wrappers \ --enable-wrappers \
--enable-aclgroups \ --enable-aclgroups \
--enable-spasswd \ --enable-spasswd \
@ -222,6 +228,7 @@ export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -DLDAP_DEPRECATED -DLDAP_CONN
--enable-meta=mod \ --enable-meta=mod \
--enable-monitor=yes \ --enable-monitor=yes \
--enable-perl=mod \ --enable-perl=mod \
--enable-sql=mod \
--enable-slp \ --enable-slp \
--enable-overlays=yes \ --enable-overlays=yes \
%else %else
@ -279,7 +286,7 @@ make SLAPD_DEBUG=0 test
%install %install
mkdir -p $RPM_BUILD_ROOT/etc/init.d mkdir -p $RPM_BUILD_ROOT/etc/init.d
mkdir -p $RPM_BUILD_ROOT/usr/sbin mkdir -p $RPM_BUILD_ROOT/usr/sbin
make DESTDIR=$RPM_BUILD_ROOT install make STRIP="" DESTDIR=$RPM_BUILD_ROOT install
install -m 755 rc.ldap $RPM_BUILD_ROOT/etc/init.d/ldap install -m 755 rc.ldap $RPM_BUILD_ROOT/etc/init.d/ldap
ln -sf ../../etc/init.d/ldap $RPM_BUILD_ROOT/usr/sbin/rcldap ln -sf ../../etc/init.d/ldap $RPM_BUILD_ROOT/usr/sbin/rcldap
mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/openldap/slapd.d mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/openldap/slapd.d
@ -313,10 +320,10 @@ rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-null.5
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-passwd.5 rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-passwd.5
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-shell.5 rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-shell.5
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-sock.5 rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-sock.5
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-sql.5
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-tcl.5 rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-tcl.5
# Remove *.la files, libtool does not handle this correct # Remove *.la files, libtool does not handle this correct
rm -f $RPM_BUILD_ROOT%{_libdir}/lib*.la rm -f $RPM_BUILD_ROOT%{_libdir}/lib*.la
#put filelists into files #put filelists into files
cat >openldap2.filelist <<EOF cat >openldap2.filelist <<EOF
/var/adm/fillup-templates/sysconfig.openldap /var/adm/fillup-templates/sysconfig.openldap
@ -401,11 +408,18 @@ cat > openldap2-back-meta.filelist <<EOF
/usr/lib/openldap/modules/back_meta* /usr/lib/openldap/modules/back_meta*
%doc %{_mandir}/man5/slapd-meta.* %doc %{_mandir}/man5/slapd-meta.*
EOF EOF
cat > openldap2-back-sql.filelist <<EOF
/usr/lib/openldap/modules/back_sql*
%doc %{_mandir}/man5/slapd-sql.*
%doc servers/slapd/back-sql/rdbms_depend
%doc servers/slapd/back-sql/docs/bugs
%doc servers/slapd/back-sql/docs/install
EOF
#remove files from other spec file #remove files from other spec file
%if "%{name}" == "openldap2" %if "%{name}" == "openldap2"
cat openldap2-client.filelist libldap.filelist openldap2-devel.filelist | cat openldap2-client.filelist libldap.filelist openldap2-devel.filelist |
%else %else
cat openldap2.filelist openldap2-back-perl.filelist openldap2-back-meta.filelist | cat openldap2.filelist openldap2-back-perl.filelist openldap2-back-meta.filelist openldap2-back-sql.filelist |
%endif %endif
grep -v "%dir " |sed -e "s|^.* ||" |grep "^/" |while read name ; do grep -v "%dir " |sed -e "s|^.* ||" |grep "^/" |while read name ; do
rm -rf $RPM_BUILD_ROOT$name rm -rf $RPM_BUILD_ROOT$name
@ -537,6 +551,9 @@ fi
%files -n openldap2-back-meta -f openldap2-back-meta.filelist %files -n openldap2-back-meta -f openldap2-back-meta.filelist
%defattr(-,root,root) %defattr(-,root,root)
%files -n openldap2-back-sql -f openldap2-back-sql.filelist
%defattr(-,root,root)
%else %else
%post -n libldap-2_4-2 -p /sbin/ldconfig %post -n libldap-2_4-2 -p /sbin/ldconfig

View File

@ -1,3 +1,32 @@
-------------------------------------------------------------------
Fri Jul 23 07:49:40 UTC 2010 - rhafer@novell.com
- Fixed RPM Group and Summary Tags (bnc#624980)
-------------------------------------------------------------------
Thu Jul 1 13:02:13 UTC 2010 - rhafer@novell.com
- Updated to 2.4.23:
* Fixed libldap to return server's error code (ITS#6569)
* Fixed libldap memleaks (ITS#6568)
* Fixed liblutil off-by-one with delta (ITS#6541)
* Fixed slapd acls with glued databases (ITS#6468)
* Fixed slapd syncrepl rid logging (ITS#6533)
* Fixed slapd modrdn handling of invalid values (bnc#612430,
ITS#6570)
* Fixed slapd-bdb hasSubordinates computation (ITS#6549)
* Fixed slapd-bdb to use memcpy instead for strcpy (ITS#6474)
* Fixed slapd-bdb entry cache delete failure (ITS#6577)
* Fixed slapd-ldap to return control responses (ITS#6530)
* Fixed slapo-ppolicy to use Debug (ITS#6566)
* Fixed slapo-refint to zero out freed DN vals (ITS#6572)
* Fixed slapo-rwm to use Debug (ITS#6566)
* Fixed slapo-sssvlv to use Debug (ITS#6566)
* Fixed slapo-syncprov lost deletes in refresh phase (bnc#606294,
ITS#6555)
* Fixed slapo-valsort to use Debug (ITS#6566)
* Fixed contrib/nssov network.c missing patch (ITS#6562)
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Jul 1 12:48:18 UTC 2010 - rhafer@novell.com Thu Jul 1 12:48:18 UTC 2010 - rhafer@novell.com
@ -7,12 +36,85 @@ Thu Jul 1 12:48:18 UTC 2010 - rhafer@novell.com
"refreshAndPersist" replication failed to replicate under "refreshAndPersist" replication failed to replicate under
certain circumstances (bnc#606294, ITS#6555) certain circumstances (bnc#606294, ITS#6555)
-------------------------------------------------------------------
Thu Jun 17 15:53:49 UTC 2010 - rhafer@novell.com
- New subpackage openldap2-back-sql. Contains the SQL backend
module plus some documentation (bnc#395719)
-------------------------------------------------------------------
Thu Jun 17 13:02:40 UTC 2010 - rhafer@novell.com
- generate Patches from git tree (resulted in all patches being
renamed)
- installing binaries without stripping them is done by setting
the STRIP enviroment variable instead for patching the Makefile
now
- Fixed a bug in the syncprov overlay which could lead to not
replicate delete Operations (ITS#6555, bnc#606294)
------------------------------------------------------------------- -------------------------------------------------------------------
Mon May 10 13:35:59 UTC 2010 - rhafer@novell.com Mon May 10 13:35:59 UTC 2010 - rhafer@novell.com
- Create /var/run/slapd on demand. /var/run might be mounted on - Create /var/run/slapd on demand. /var/run might be mounted on
tmpfs. tmpfs.
-------------------------------------------------------------------
Wed Apr 28 11:17:06 UTC 2010 - rhafer@novell.com
- BuildRequires cleanup
-------------------------------------------------------------------
Mon Apr 26 15:14:17 UTC 2010 - rhafer@novell.com
- Updated to 2.4.22:
* Added slapd SLAP_SCHEMA_EXPOSE flag for hidden schema elements
(ITS#6435)
* Added slapd tools selective iterations (ITS#6442)
* Added slapd syncrepl TCP keepalive (ITS#6389)
* Added slapo-ldap idassert-passthru (ITS#6456)
* Added slapo-pbind
* Fixed libldap gmtime re-entrancy (ITS#6262)
* Fixed libldap gssapi off by one error (ITS#6223)
* Fixed libldap referral on bind behavior(ITS#6510)
* Fixed slapd acl non-entry internal searches (ITS#6481)
* Fixed slapd acl attrval style initialization (ITS#6520)
* Fixed slapd certificateListValidate (ITS#6466)
* Fixed slapd empty URI parsing (ITS#6465)
* Fixed slapd glued misplaced entries (ITS#6506)
* Fixed slapd glued paged cookies (ITS#6507)
* Fixed slapd glued paged results (ITS#6504)
* Fixed slapd gmtime re-entrancy (ITS#6262)
* Fixed slapd to ignore controls with unrecognized flag
(ITS#6480)
* Fixed slapd entry ownership (ITS#5340)
* Fixed slapd sasl auxprop_lookup (ITS#6441)
* Fixed slapd sasl auxprop ssf (ITS#5195)
* Fixed slapd syncrepl for attributes with no matching rule
(ITS#6458)
* Fixed slapd syncrepl for unknown attrs and delta-sync
(ITS#6473)
* Fixed slapd syncrep loop with moddn (ITS#6472)
* Fixed slapo-accesslog to not replicate internal purges
(ITS#6519)
* Fixed slapd-bdb contextCSN updates from updatedn (ITS#6469)
* Fixed slapd-bdb lockobj zeroing (ITS#6501)
* Fixed slapd-ldap/meta control criticality (ITS#6523)
* Fixed slapd-ldap/meta with ordered values (ITS#6516)
* Fixed slapo-collect entry ownership (ITS#5340,ITS#6423)
* Fixed slapo-dds with NULL backend (ITS#6490)
* Fixed slapo-dynlist entry ownership (ITS#5340,ITS#6423)
* Fixed slapo-memberof attr count (ITS#6508)
* Fixed slapo-pcache to release its own entries (ITS#6484)
* Fixed slapo-pcache with NULL backend (ITS#6490)
* Fixed slapo-rwm entry release handling (ITS#6484)
* Fixed slapo-rwm memory handling with rewrites (ITS#6526)
* Fixed slapo-rwm olcRwmMap handling (ITS#6436)
* Fixed slapo-rwm entry ownership (ITS#5340,ITS#6423)
* Fixed slapo-syncprov memory leak (ITS#6459)
* Fixed slapo-translucent counter increment (ITS#6497)
* Fixed slapo-valsort entry ownership (ITS#5340,ITS#6423)
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Apr 15 08:18:49 UTC 2010 - adrian@suse.de Thu Apr 15 08:18:49 UTC 2010 - adrian@suse.de

View File

@ -20,24 +20,24 @@
%define run_test_suite 1 %define run_test_suite 1
Name: openldap2 Name: openldap2
BuildRequires: cyrus-sasl-devel db-devel libopenssl-devel tcpd-devel BuildRequires: cyrus-sasl-devel libopenssl-devel
%if %sles_version == 9 %if %sles_version == 9 || %sles_version == 10
BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-devel BuildRequires: -libopenssl-devel -pwdutils openssl-devel
%endif %endif
%if %sles_version == 10 Version: 2.4.23
BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-devel Release: 4
%endif
Version: 2.4.21
Release: 6
Url: http://www.openldap.org Url: http://www.openldap.org
License: BSD3c(or similar) ; openldap 2.8 License: BSD3c(or similar) ; openldap 2.8
%if "%{name}" == "openldap2" %if "%{name}" == "openldap2"
BuildRequires: openslp-devel BuildRequires: unixODBC-devel openslp-devel db-devel tcpd-devel
Group: Productivity/Networking/LDAP/Clients %if %sles_version == 9 || %sles_version == 10
BuildRequires: -db-devel libdb-4_5-devel
%endif
Group: Productivity/Networking/LDAP/Servers
Conflicts: openldap Conflicts: openldap
Requires: libldap-2_4-2 = %{version} Requires: libldap-2_4-2 = %{version}
PreReq: %insserv_prereq %fillup_prereq /usr/sbin/useradd /usr/sbin/groupadd /usr/bin/grep PreReq: %insserv_prereq %fillup_prereq /usr/sbin/useradd /usr/sbin/groupadd /usr/bin/grep
Summary: The OpenLDAP commandline client tools Summary: The OpenLDAP Server
%else %else
Group: Productivity/Networking/LDAP/Clients Group: Productivity/Networking/LDAP/Clients
Conflicts: openldap-client Conflicts: openldap-client
@ -53,15 +53,12 @@ Source4: sasl-slapd.conf
Source5: README.update Source5: README.update
Source6: schema2ldif Source6: schema2ldif
Source100: openldap-2.3.37.tar.bz2 Source100: openldap-2.3.37.tar.bz2
Patch1: openldap2.dif Patch1: 0001-build-adjustments.dif
Patch2: slapd_conf.dif Patch2: 0002-slapd.conf.dif
Patch4: ldapi_url.dif Patch3: 0003-LDAPI-socket-location.dif
Patch5: slapd-back-hdb-fortify.dif Patch4: 0004-libldap-use-gethostbyname_r.dif
Patch6: libldap-gethostbyname_r.dif Patch5: 0005-pie-compile.dif
Patch7: pie-compile.dif Patch6: 0006-assorted-fixes-for-back-config-DELETE-support.dif
Patch11: slapd-bconfig-del-db.dif
Patch12: Syncprov-might-lose-deletes-ITS-6555.dif
Patch13: slapd-modrdn-crash-ITS-6570.dif
Patch100: openldap-2.3.37.dif Patch100: openldap-2.3.37.dif
Patch200: slapd_getaddrinfo_dupl.dif Patch200: slapd_getaddrinfo_dupl.dif
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
@ -116,6 +113,21 @@ Authors:
-------- --------
The OpenLDAP Project <project@openldap.org> The OpenLDAP Project <project@openldap.org>
%package -n openldap2-back-sql
License: BSD3c(or similar)
Summary: OpenLDAP SQL Back-End
Requires: openldap2 = %{version}
AutoReqProv: on
Group: Productivity/Networking/LDAP/Servers
%description -n openldap2-back-sql
The primary purpose of this OpenLDAP backend is to present information
stored in a Relational (SQL) Database as an LDAP subtree without the need
to do any programming.
Authors:
--------
The OpenLDAP Project <project@openldap.org>
%else %else
%description %description
@ -173,17 +185,14 @@ Authors:
%prep %prep
%setup -q -n openldap-%{version} -a1 -a2 -b100 %setup -q -n openldap-%{version} -a1 -a2 -b100
%patch1 %patch1 -p1
%patch2 %patch2 -p1
%patch4 %patch3 -p1
%patch5 %patch4 -p1
%patch6
%if %suse_version > 920 %if %suse_version > 920
%patch7 %patch5 -p1
%endif %endif
%patch11 %patch6 -p1
%patch12 -p1
%patch13 -p1
%if %suse_version == 1100 %if %suse_version == 1100
%patch200 -p1 %patch200 -p1
%endif %endif
@ -196,13 +205,10 @@ cd ../openldap-2.3.37
libtoolize --force libtoolize --force
autoreconf autoreconf
export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -DLDAP_DEPRECATED -DLDAP_CONNECTIONLESS -DSLAP_CONFIG_DELETE" export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -DLDAP_DEPRECATED -DLDAP_CONNECTIONLESS -DSLAP_CONFIG_DELETE"
./configure --prefix=/usr \ export STRIP=""
--exec-prefix=/usr \ %configure \
--sysconfdir=%{_sysconfdir} \
--localstatedir=/var/run/slapd \ --localstatedir=/var/run/slapd \
--libexecdir=/usr/lib/openldap \ --libexecdir=/usr/lib/openldap \
--libdir=%{_libdir} \
--mandir=%{_mandir} \
--enable-wrappers \ --enable-wrappers \
--enable-aclgroups \ --enable-aclgroups \
--enable-spasswd \ --enable-spasswd \
@ -222,6 +228,7 @@ export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -DLDAP_DEPRECATED -DLDAP_CONN
--enable-meta=mod \ --enable-meta=mod \
--enable-monitor=yes \ --enable-monitor=yes \
--enable-perl=mod \ --enable-perl=mod \
--enable-sql=mod \
--enable-slp \ --enable-slp \
--enable-overlays=yes \ --enable-overlays=yes \
%else %else
@ -279,7 +286,7 @@ make SLAPD_DEBUG=0 test
%install %install
mkdir -p $RPM_BUILD_ROOT/etc/init.d mkdir -p $RPM_BUILD_ROOT/etc/init.d
mkdir -p $RPM_BUILD_ROOT/usr/sbin mkdir -p $RPM_BUILD_ROOT/usr/sbin
make DESTDIR=$RPM_BUILD_ROOT install make STRIP="" DESTDIR=$RPM_BUILD_ROOT install
install -m 755 rc.ldap $RPM_BUILD_ROOT/etc/init.d/ldap install -m 755 rc.ldap $RPM_BUILD_ROOT/etc/init.d/ldap
ln -sf ../../etc/init.d/ldap $RPM_BUILD_ROOT/usr/sbin/rcldap ln -sf ../../etc/init.d/ldap $RPM_BUILD_ROOT/usr/sbin/rcldap
mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/openldap/slapd.d mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/openldap/slapd.d
@ -313,10 +320,10 @@ rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-null.5
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-passwd.5 rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-passwd.5
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-shell.5 rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-shell.5
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-sock.5 rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-sock.5
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-sql.5
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-tcl.5 rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-tcl.5
# Remove *.la files, libtool does not handle this correct # Remove *.la files, libtool does not handle this correct
rm -f $RPM_BUILD_ROOT%{_libdir}/lib*.la rm -f $RPM_BUILD_ROOT%{_libdir}/lib*.la
#put filelists into files #put filelists into files
cat >openldap2.filelist <<EOF cat >openldap2.filelist <<EOF
/var/adm/fillup-templates/sysconfig.openldap /var/adm/fillup-templates/sysconfig.openldap
@ -401,11 +408,18 @@ cat > openldap2-back-meta.filelist <<EOF
/usr/lib/openldap/modules/back_meta* /usr/lib/openldap/modules/back_meta*
%doc %{_mandir}/man5/slapd-meta.* %doc %{_mandir}/man5/slapd-meta.*
EOF EOF
cat > openldap2-back-sql.filelist <<EOF
/usr/lib/openldap/modules/back_sql*
%doc %{_mandir}/man5/slapd-sql.*
%doc servers/slapd/back-sql/rdbms_depend
%doc servers/slapd/back-sql/docs/bugs
%doc servers/slapd/back-sql/docs/install
EOF
#remove files from other spec file #remove files from other spec file
%if "%{name}" == "openldap2" %if "%{name}" == "openldap2"
cat openldap2-client.filelist libldap.filelist openldap2-devel.filelist | cat openldap2-client.filelist libldap.filelist openldap2-devel.filelist |
%else %else
cat openldap2.filelist openldap2-back-perl.filelist openldap2-back-meta.filelist | cat openldap2.filelist openldap2-back-perl.filelist openldap2-back-meta.filelist openldap2-back-sql.filelist |
%endif %endif
grep -v "%dir " |sed -e "s|^.* ||" |grep "^/" |while read name ; do grep -v "%dir " |sed -e "s|^.* ||" |grep "^/" |while read name ; do
rm -rf $RPM_BUILD_ROOT$name rm -rf $RPM_BUILD_ROOT$name
@ -537,6 +551,9 @@ fi
%files -n openldap2-back-meta -f openldap2-back-meta.filelist %files -n openldap2-back-meta -f openldap2-back-meta.filelist
%defattr(-,root,root) %defattr(-,root,root)
%files -n openldap2-back-sql -f openldap2-back-sql.filelist
%defattr(-,root,root)
%else %else
%post -n libldap-2_4-2 -p /sbin/ldconfig %post -n libldap-2_4-2 -p /sbin/ldconfig

View File

@ -1,13 +0,0 @@
Index: servers/slapd/back-bdb/dn2id.c
===================================================================
--- servers/slapd/back-bdb/dn2id.c.orig
+++ servers/slapd/back-bdb/dn2id.c
@@ -676,7 +676,7 @@ hdb_dn2id_delete(
d->nrdnlen[0] = (BEI(e)->bei_nrdn.bv_len >> 8) | 0x80;
dlen[0] = d->nrdnlen[0];
dlen[1] = d->nrdnlen[1];
- strcpy( d->nrdn, BEI(e)->bei_nrdn.bv_val );
+ memcpy ( d->nrdn, BEI(e)->bei_nrdn.bv_val, BEI(e)->bei_nrdn.bv_len + 1);
data.data = d;
rc = db->cursor( db, txn, &cursor, bdb->bi_db_opflags );

View File

@ -1,100 +0,0 @@
From 6e229f5b94be41c4b9372914ae9bff90ccd81014 Mon Sep 17 00:00:00 2001
From: hyc <hyc>
Date: Sun, 6 Jun 2010 22:02:32 +0000
Subject: slapd modrdn crash (ITS#6570)
part #1 reject RDNs with binary BER values
part #2 reject RDNs with empty values
Unauthenticated LDAP clients could crash the server by submitting a
specially crafted LDAP ModRDN operatoin.
Part #1:
OpenLDAP crashes with segfault during the processing of a modrdn call with
maliciously formed destination rdn string. No authentication is required to
trigger this vulnerability.
Part #2:
OpenLDAP crashes at a null pointer dereference during the processing of modrdn
call with maliciously formed destination rdn string. No authentication is
required to trigger this vulnerability.
3 files changed, 16 insertions(+), 7 deletions(-)
diff --git a/servers/slapd/dn.c b/servers/slapd/dn.c
index 3534e7f..75d2204 100644
--- a/servers/slapd/dn.c
+++ b/servers/slapd/dn.c
@@ -302,16 +302,13 @@ LDAPRDN_rewrite( LDAPRDN rdn, unsigned flags, void *ctx )
ava->la_attr = ad->ad_cname;
if( ava->la_flags & LDAP_AVA_BINARY ) {
- if( ava->la_value.bv_len == 0 ) {
- /* BER encoding is empty */
- return LDAP_INVALID_SYNTAX;
- }
+ /* AVA is binary encoded, not supported */
+ return LDAP_INVALID_SYNTAX;
/* Do not allow X-ORDERED 'VALUES' naming attributes */
} else if( ad->ad_type->sat_flags & SLAP_AT_ORDERED_VAL ) {
return LDAP_INVALID_SYNTAX;
- /* AVA is binary encoded, don't muck with it */
} else if( flags & SLAP_LDAPDN_PRETTY ) {
transf = ad->ad_type->sat_syntax->ssyn_pretty;
if( !transf ) {
@@ -379,6 +376,10 @@ LDAPRDN_rewrite( LDAPRDN rdn, unsigned flags, void *ctx )
ava->la_value = bv;
ava->la_flags |= LDAP_AVA_FREE_VALUE;
}
+ /* reject empty values */
+ if (!ava->la_value.bv_len) {
+ return LDAP_INVALID_SYNTAX;
+ }
}
rc = LDAP_SUCCESS;
diff --git a/servers/slapd/modrdn.c b/servers/slapd/modrdn.c
index e386ef9..e143a7b 100644
--- a/servers/slapd/modrdn.c
+++ b/servers/slapd/modrdn.c
@@ -445,12 +445,19 @@ slap_modrdn2mods(
mod_tmp->sml_values[1].bv_val = NULL;
if( desc->ad_type->sat_equality->smr_normalize) {
mod_tmp->sml_nvalues = ( BerVarray )ch_malloc( 2 * sizeof( struct berval ) );
- (void) (*desc->ad_type->sat_equality->smr_normalize)(
+ rs->sr_err = desc->ad_type->sat_equality->smr_normalize(
SLAP_MR_EQUALITY|SLAP_MR_VALUE_OF_ASSERTION_SYNTAX,
desc->ad_type->sat_syntax,
desc->ad_type->sat_equality,
&mod_tmp->sml_values[0],
&mod_tmp->sml_nvalues[0], NULL );
+ if (rs->sr_err != LDAP_SUCCESS) {
+ ch_free(mod_tmp->sml_nvalues);
+ ch_free(mod_tmp->sml_values[0].bv_val);
+ ch_free(mod_tmp->sml_values);
+ ch_free(mod_tmp);
+ goto done;
+ }
mod_tmp->sml_nvalues[1].bv_val = NULL;
} else {
mod_tmp->sml_nvalues = NULL;
diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c
index 68e6d28..d2f4708 100644
--- a/servers/slapd/schema_init.c
+++ b/servers/slapd/schema_init.c
@@ -1732,8 +1732,9 @@ UTF8StringNormalize(
? LDAP_UTF8_APPROX : 0;
val = UTF8bvnormalize( val, &tmp, flags, ctx );
+ /* out of memory or syntax error, the former is unlikely */
if( val == NULL ) {
- return LDAP_OTHER;
+ return LDAP_INVALID_SYNTAX;
}
/* collapse spaces (in place) */
--
1.7.0.3