- Updated to 2.4.21:

- removed some obsolete RPM dependencies
- Added missing tags to init script to silence rpmlint warnings

OBS-URL: https://build.opensuse.org/package/show/network:ldap/openldap2?expand=0&rev=27
This commit is contained in:
Ralf Haferkamp 2010-01-07 15:56:53 +00:00 committed by Git OBS Bridge
parent d853972d0c
commit 6cb5f5b7be
10 changed files with 45 additions and 377 deletions

View File

@ -1,55 +0,0 @@
From 49921a1e1a1832f9461d800eeeaee30f12864441 Mon Sep 17 00:00:00 2001
From: Ralf Haferkamp <rhafer@suse.de>
Date: Tue, 8 Dec 2009 12:13:39 +0100
Subject: [PATCH 1/3] back-config objectclass inheritence (ITS#6408)
bnc#558059
---
servers/slapd/bconfig.c | 12 ++++++------
1 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c
index c903458..d43e927 100644
--- a/servers/slapd/bconfig.c
+++ b/servers/slapd/bconfig.c
@@ -4932,10 +4932,10 @@ config_add_internal( CfBackInfo *cfb, Entry *e, ConfigArgs *ca, SlapReply *rs,
ok:
/* Newly added databases and overlays need to be started up */
if ( CONFIG_ONLINE_ADD( ca )) {
- if ( colst[0]->co_type == Cft_Database ) {
+ if ( coptr->co_type == Cft_Database ) {
rc = backend_startup_one( ca->be, &ca->reply );
- } else if ( colst[0]->co_type == Cft_Overlay ) {
+ } else if ( coptr->co_type == Cft_Overlay ) {
if ( ca->bi->bi_db_open ) {
BackendInfo *bi_orig = ca->be->bd_info;
ca->be->bd_info = ca->bi;
@@ -4961,7 +4961,7 @@ ok:
ce->ce_parent = last;
ce->ce_entry = entry_dup( e );
ce->ce_entry->e_private = ce;
- ce->ce_type = colst[0]->co_type;
+ ce->ce_type = coptr->co_type;
ce->ce_be = ca->be;
ce->ce_bi = ca->bi;
ce->ce_private = ca->ca_private;
@@ -5006,12 +5006,12 @@ ok:
done:
if ( rc ) {
- if ( (colst[0]->co_type == Cft_Database) && ca->be ) {
+ if ( (coptr->co_type == Cft_Database) && ca->be ) {
if ( ca->be != frontendDB )
backend_destroy_one( ca->be, 1 );
- } else if ( (colst[0]->co_type == Cft_Overlay) && ca->bi ) {
+ } else if ( (coptr->co_type == Cft_Overlay) && ca->bi ) {
overlay_destroy_one( ca->be, (slap_overinst *)ca->bi );
- } else if ( colst[0]->co_type == Cft_Schema ) {
+ } else if ( coptr->co_type == Cft_Schema ) {
schema_destroy_one( ca, colst, nocs, last );
}
}
--
1.6.4.2

View File

@ -1,162 +0,0 @@
From d14434499207d1f0ca4686ce46787056b23b4d2c Mon Sep 17 00:00:00 2001
From: Ralf Haferkamp <rhafer@suse.de>
Date: Tue, 8 Dec 2009 13:36:17 +0100
Subject: [PATCH 2/3] init bindconf TLS settings (ITS#6419)
bnc#558397
---
servers/slapd/config.c | 71 +++++++++++++++++++++++++++++++++++++++++----
servers/slapd/slap.h | 8 +++++
servers/slapd/syncrepl.c | 4 ++
3 files changed, 76 insertions(+), 7 deletions(-)
diff --git a/servers/slapd/config.c b/servers/slapd/config.c
index be5a2f7..171e968 100644
--- a/servers/slapd/config.c
+++ b/servers/slapd/config.c
@@ -1210,8 +1210,32 @@ static slap_verbmasks versionkey[] = {
{ BER_BVNULL, 0 }
};
+static int
+slap_sb_uri(
+ struct berval *val,
+ void *bcp,
+ slap_cf_aux_table *tab0,
+ const char *tabmsg,
+ int unparse )
+{
+ slap_bindconf *bc = bcp;
+ if ( unparse ) {
+ if ( bc->sb_uri.bv_len >= val->bv_len )
+ return -1;
+ val->bv_len = bc->sb_uri.bv_len;
+ AC_MEMCPY( val->bv_val, bc->sb_uri.bv_val, val->bv_len );
+ } else {
+ bc->sb_uri = *val;
+#ifdef HAVE_TLS
+ if ( ldap_is_ldaps_url( val->bv_val ))
+ bc->sb_tls_do_init = 1;
+#endif
+ }
+ return 0;
+}
+
static slap_cf_aux_table bindkey[] = {
- { BER_BVC("uri="), offsetof(slap_bindconf, sb_uri), 'b', 1, NULL },
+ { BER_BVC("uri="), 0, 'x', 1, slap_sb_uri },
{ BER_BVC("version="), offsetof(slap_bindconf, sb_version), 'i', 0, versionkey },
{ BER_BVC("bindmethod="), offsetof(slap_bindconf, sb_method), 'i', 0, methkey },
{ BER_BVC("timeout="), offsetof(slap_bindconf, sb_timeout_api), 'i', 0, NULL },
@@ -1224,21 +1248,20 @@ static slap_cf_aux_table bindkey[] = {
{ BER_BVC("authcID="), offsetof(slap_bindconf, sb_authcId), 'b', 1, NULL },
{ BER_BVC("authzID="), offsetof(slap_bindconf, sb_authzId), 'b', 1, (slap_verbmasks *)authzNormalize },
#ifdef HAVE_TLS
- { BER_BVC("starttls="), offsetof(slap_bindconf, sb_tls), 'i', 0, tlskey },
-
/* NOTE: replace "13" with the actual index
* of the first TLS-related line */
#define aux_TLS (bindkey+13) /* beginning of TLS keywords */
+ { BER_BVC("starttls="), offsetof(slap_bindconf, sb_tls), 'i', 0, tlskey },
{ BER_BVC("tls_cert="), offsetof(slap_bindconf, sb_tls_cert), 's', 1, NULL },
{ BER_BVC("tls_key="), offsetof(slap_bindconf, sb_tls_key), 's', 1, NULL },
{ BER_BVC("tls_cacert="), offsetof(slap_bindconf, sb_tls_cacert), 's', 1, NULL },
{ BER_BVC("tls_cacertdir="), offsetof(slap_bindconf, sb_tls_cacertdir), 's', 1, NULL },
- { BER_BVC("tls_reqcert="), offsetof(slap_bindconf, sb_tls_reqcert), 's', 1, NULL },
- { BER_BVC("tls_cipher_suite="), offsetof(slap_bindconf, sb_tls_cipher_suite), 's', 1, NULL },
- { BER_BVC("tls_protocol_min="), offsetof(slap_bindconf, sb_tls_protocol_min), 's', 1, NULL },
+ { BER_BVC("tls_reqcert="), offsetof(slap_bindconf, sb_tls_reqcert), 's', 0, NULL },
+ { BER_BVC("tls_cipher_suite="), offsetof(slap_bindconf, sb_tls_cipher_suite), 's', 0, NULL },
+ { BER_BVC("tls_protocol_min="), offsetof(slap_bindconf, sb_tls_protocol_min), 's', 0, NULL },
#ifdef HAVE_OPENSSL_CRL
- { BER_BVC("tls_crlcheck="), offsetof(slap_bindconf, sb_tls_crlcheck), 's', 1, NULL },
+ { BER_BVC("tls_crlcheck="), offsetof(slap_bindconf, sb_tls_crlcheck), 's', 0, NULL },
#endif
#endif
{ BER_BVNULL, 0, 0, 0, NULL }
@@ -1330,6 +1353,20 @@ slap_cf_aux_table_parse( const char *word, void *dst, slap_cf_aux_table *tab0, L
rc = lutil_atoulx( ulptr, val, 0 );
break;
+
+ case 'x':
+ if ( tab->aux != NULL ) {
+ struct berval value;
+ slap_cf_aux_table_parse_x *func = (slap_cf_aux_table_parse_x *)tab->aux;
+
+ ber_str2bv( val, 0, 1, &value );
+
+ rc = func( &value, (void *)((char *)dst + tab->off), tab, tabmsg, 0 );
+
+ } else {
+ rc = 1;
+ }
+ break;
}
if ( rc ) {
@@ -1420,6 +1457,26 @@ slap_cf_aux_table_unparse( void *src, struct berval *bv, slap_cf_aux_table *tab0
ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), "%lu", *ulptr );
break;
+ case 'x':
+ *ptr++ = ' ';
+ ptr = lutil_strcopy( ptr, tab->key.bv_val );
+ if ( tab->quote ) *ptr++ = '"';
+ if ( tab->aux != NULL ) {
+ struct berval value;
+ slap_cf_aux_table_parse_x *func = (slap_cf_aux_table_parse_x *)tab->aux;
+ int rc;
+
+ value.bv_val = ptr;
+ value.bv_len = buf + sizeof( buf ) - ptr;
+
+ rc = func( &value, (void *)((char *)src + tab->off), tab, "(unparse)", 1 );
+ if ( rc == 0 ) {
+ ptr += value.bv_len;
+ }
+ }
+ if ( tab->quote ) *ptr++ = '"';
+ break;
+
default:
assert( 0 );
}
diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h
index 076b898..210f6ba 100644
--- a/servers/slapd/slap.h
+++ b/servers/slapd/slap.h
@@ -1630,6 +1630,14 @@ typedef struct slap_cf_aux_table {
void *aux;
} slap_cf_aux_table;
+typedef int
+slap_cf_aux_table_parse_x LDAP_P((
+ struct berval *val,
+ void *bc,
+ slap_cf_aux_table *tab0,
+ const char *tabmsg,
+ int unparse ));
+
#define SLAP_LIMIT_TIME 1
#define SLAP_LIMIT_SIZE 2
diff --git a/servers/slapd/syncrepl.c b/servers/slapd/syncrepl.c
index fb1001f..bf84556 100644
--- a/servers/slapd/syncrepl.c
+++ b/servers/slapd/syncrepl.c
@@ -4060,6 +4060,10 @@ parse_syncrepl_line(
{
val = c->argv[ i ] + STRLENOF( PROVIDERSTR "=" );
ber_str2bv( val, 0, 1, &si->si_bindconf.sb_uri );
+#ifdef HAVE_TLS
+ if ( ldap_is_ldaps_url( val ))
+ si->si_bindconf.sb_tls_do_init = 1;
+#endif
si->si_got |= GOT_PROVIDER;
} else if ( !strncasecmp( c->argv[ i ], SCHEMASTR "=",
STRLENOF( SCHEMASTR "=" ) ) )
--
1.6.4.2

View File

@ -1,135 +0,0 @@
From ed86ffeec8ac01f9bc8ed531e5205a924c4a2979 Mon Sep 17 00:00:00 2001
From: ralf <ralf>
Date: Thu, 10 Dec 2009 10:56:52 +0000
Subject: [PATCH 3/3] apply global limit changes to all databases (ITS#6428)
bnc#562184
---
servers/slapd/bconfig.c | 90 ++++++++++++++++++++++++++++++++++++++++------
1 files changed, 78 insertions(+), 12 deletions(-)
diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c
index d43e927..ae15224 100644
--- a/servers/slapd/bconfig.c
+++ b/servers/slapd/bconfig.c
@@ -2208,14 +2208,23 @@ config_sizelimit(ConfigArgs *c) {
rc = 1;
return rc;
} else if ( c->op == LDAP_MOD_DELETE ) {
- /* Reset to defaults */
- lim->lms_s_soft = SLAPD_DEFAULT_SIZELIMIT;
- lim->lms_s_hard = 0;
- lim->lms_s_unchecked = -1;
- lim->lms_s_pr = 0;
- lim->lms_s_pr_hide = 0;
- lim->lms_s_pr_total = 0;
- return 0;
+ /* Reset to defaults or values from frontend */
+ if ( c->be == frontendDB ) {
+ lim->lms_s_soft = SLAPD_DEFAULT_SIZELIMIT;
+ lim->lms_s_hard = 0;
+ lim->lms_s_unchecked = -1;
+ lim->lms_s_pr = 0;
+ lim->lms_s_pr_hide = 0;
+ lim->lms_s_pr_total = 0;
+ } else {
+ lim->lms_s_soft = frontendDB->be_def_limit.lms_s_soft;
+ lim->lms_s_hard = frontendDB->be_def_limit.lms_s_hard;
+ lim->lms_s_unchecked = frontendDB->be_def_limit.lms_s_unchecked;
+ lim->lms_s_pr = frontendDB->be_def_limit.lms_s_pr;
+ lim->lms_s_pr_hide = frontendDB->be_def_limit.lms_s_pr_hide;
+ lim->lms_s_pr_total = frontendDB->be_def_limit.lms_s_pr_total;
+ }
+ goto ok;
}
for(i = 1; i < c->argc; i++) {
if(!strncasecmp(c->argv[i], "size", 4)) {
@@ -2240,6 +2249,34 @@ config_sizelimit(ConfigArgs *c) {
lim->lms_s_hard = 0;
}
}
+
+ok:
+ if ( ( c->be == frontendDB ) && ( c->ca_entry ) ) {
+ /* This is a modification to the global limits apply it to
+ * the other databases as needed */
+ AttributeDescription *ad=NULL;
+ const char *text = NULL;
+ slap_str2ad(c->argv[0], &ad, &text);
+ /* if we got here... */
+ assert( ad != NULL );
+
+ CfEntryInfo *ce = c->ca_entry->e_private;
+ if ( ce->ce_type == Cft_Global ){
+ ce = ce->ce_kids;
+ }
+ for (; ce; ce=ce->ce_sibs) {
+ Entry *dbe = ce->ce_entry;
+ if ( (ce->ce_type == Cft_Database) && (ce->ce_be != frontendDB)
+ && (!attr_find(dbe->e_attrs, ad)) ) {
+ ce->ce_be->be_def_limit.lms_s_soft = lim->lms_s_soft;
+ ce->ce_be->be_def_limit.lms_s_hard = lim->lms_s_hard;
+ ce->ce_be->be_def_limit.lms_s_unchecked =lim->lms_s_unchecked;
+ ce->ce_be->be_def_limit.lms_s_pr =lim->lms_s_pr;
+ ce->ce_be->be_def_limit.lms_s_pr_hide =lim->lms_s_pr_hide;
+ ce->ce_be->be_def_limit.lms_s_pr_total =lim->lms_s_pr_total;
+ }
+ }
+ }
return(0);
}
@@ -2259,10 +2296,15 @@ config_timelimit(ConfigArgs *c) {
rc = 1;
return rc;
} else if ( c->op == LDAP_MOD_DELETE ) {
- /* Reset to defaults */
- lim->lms_t_soft = SLAPD_DEFAULT_TIMELIMIT;
- lim->lms_t_hard = 0;
- return 0;
+ /* Reset to defaults or values from frontend */
+ if ( c->be == frontendDB ) {
+ lim->lms_t_soft = SLAPD_DEFAULT_TIMELIMIT;
+ lim->lms_t_hard = 0;
+ } else {
+ lim->lms_t_soft = frontendDB->be_def_limit.lms_t_soft;
+ lim->lms_t_hard = frontendDB->be_def_limit.lms_t_hard;
+ }
+ goto ok;
}
for(i = 1; i < c->argc; i++) {
if(!strncasecmp(c->argv[i], "time", 4)) {
@@ -2287,6 +2329,30 @@ config_timelimit(ConfigArgs *c) {
lim->lms_t_hard = 0;
}
}
+
+ok:
+ if ( ( c->be == frontendDB ) && ( c->ca_entry ) ) {
+ /* This is a modification to the global limits apply it to
+ * the other databases as needed */
+ AttributeDescription *ad=NULL;
+ const char *text = NULL;
+ slap_str2ad(c->argv[0], &ad, &text);
+ /* if we got here... */
+ assert( ad != NULL );
+
+ CfEntryInfo *ce = c->ca_entry->e_private;
+ if ( ce->ce_type == Cft_Global ){
+ ce = ce->ce_kids;
+ }
+ for (; ce; ce=ce->ce_sibs) {
+ Entry *dbe = ce->ce_entry;
+ if ( (ce->ce_type == Cft_Database) && (ce->ce_be != frontendDB)
+ && (!attr_find(dbe->e_attrs, ad)) ) {
+ ce->ce_be->be_def_limit.lms_t_soft = lim->lms_t_soft;
+ ce->ce_be->be_def_limit.lms_t_hard = lim->lms_t_hard;
+ }
+ }
+ }
return(0);
}
--
1.6.4.2

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:af0f2ceb0fbabd866bf25bc6ea2013d4bf0510d84f6d4bcde25c8f0c270b411c
size 4417900

3
openldap-2.4.21.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:7140bb913a95765134daf5ee17254d938f54c981790d328e6cd3ca7ad6cea915
size 4421498

View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:a60bf6d97e216bb27fa522cc1cb68e2954e8da05c6ddcf86b5e938ad311a279d
size 4461
oid sha256:c44c098dd07e2d1a8cc01559d61373af59d226225f27716e933052a80a39ee97
size 4487

View File

@ -1,3 +1,21 @@
-------------------------------------------------------------------
Thu Jan 7 15:47:20 UTC 2010 - rhafer@novell.com
- Updated to 2.4.21:
* Fixed liblutil for negative microsecond offsets (ITS#6405)
* Fixed slapd global settings to work without restart (ITS#6428)
* Fixed slapd looping with SSL/TLS connections (ITS#6412)
* Fixed slapd syncrepl freeing tasks from queue (ITS#6413)
* Fixed slapd syncrepl parsing of tls defaults (ITS#6419)
* Fixed slapd syncrepl uninitialized variables (ITS#6425)
* Fixed slapd-config Adds with Abstract classes (ITS#6408)
* Fixed slapo-dynlist behavior with simple filters (ITS#6421)
* Fixed slapd-ldif access outside database directory (ITS#6414)
* Fixed slapo-translucent with back-null (ITS#6403)
* Fixed slapo-unique criteria checking (ITS#6270)
- removed some obsolete RPM dependencies
- Added missing tags to init script to silence rpmlint warnings
-------------------------------------------------------------------
Thu Dec 10 15:41:11 UTC 2009 - rhafer@novell.com

View File

@ -1,5 +1,5 @@
#
# spec file for package openldap2-client (Version 2.4.20)
# spec file for package openldap2 (Version 2.4.20)
#
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@ -19,7 +19,7 @@
%define run_test_suite 1
Name: openldap2-client
Name: openldap2-client
BuildRequires: cyrus-sasl-devel db-devel libopenssl-devel openslp-devel tcpd-devel
%if %sles_version == 9
BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-devel
@ -27,14 +27,12 @@ BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-de
%if %sles_version == 10
BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-devel
%endif
Version: 2.4.20
Version: 2.4.21
Release: 1
Url: http://www.openldap.org
License: BSD3c(or similar) ; openldap 2.8
%if "%{name}" == "openldap2"
Group: Productivity/Networking/LDAP/Clients
Provides: ldap2 openldap2-back-ldap openldap2-back-monitor
Obsoletes: openldap2-back-ldap openldap2-back-monitor
Conflicts: openldap
Requires: libldap-2_4-2 = %{version}
PreReq: %insserv_prereq %fillup_prereq /usr/sbin/useradd /usr/sbin/groupadd /usr/bin/grep
@ -61,9 +59,6 @@ Patch4: ldapi_url.dif
Patch6: libldap-gethostbyname_r.dif
Patch7: pie-compile.dif
Patch11: slapd-bconfig-del-db.dif
Patch12: 0001-back-config-objectclass-inheritence-ITS-6408.dif
Patch13: 0002-init-bindconf-TLS-settings-ITS-6419.dif
Patch14: 0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif
Patch100: openldap-2.3.37.dif
Patch200: slapd_getaddrinfo_dupl.dif
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@ -184,9 +179,6 @@ Authors:
%patch7
%endif
%patch11
%patch12 -p1
%patch13 -p1
%patch14 -p1
%if %suse_version == 1100
%patch200 -p1
%endif

View File

@ -1,3 +1,21 @@
-------------------------------------------------------------------
Thu Jan 7 15:47:20 UTC 2010 - rhafer@novell.com
- Updated to 2.4.21:
* Fixed liblutil for negative microsecond offsets (ITS#6405)
* Fixed slapd global settings to work without restart (ITS#6428)
* Fixed slapd looping with SSL/TLS connections (ITS#6412)
* Fixed slapd syncrepl freeing tasks from queue (ITS#6413)
* Fixed slapd syncrepl parsing of tls defaults (ITS#6419)
* Fixed slapd syncrepl uninitialized variables (ITS#6425)
* Fixed slapd-config Adds with Abstract classes (ITS#6408)
* Fixed slapo-dynlist behavior with simple filters (ITS#6421)
* Fixed slapd-ldif access outside database directory (ITS#6414)
* Fixed slapo-translucent with back-null (ITS#6403)
* Fixed slapo-unique criteria checking (ITS#6270)
- removed some obsolete RPM dependencies
- Added missing tags to init script to silence rpmlint warnings
-------------------------------------------------------------------
Thu Dec 10 15:41:11 UTC 2009 - rhafer@novell.com

View File

@ -27,14 +27,12 @@ BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-de
%if %sles_version == 10
BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-devel
%endif
Version: 2.4.20
Version: 2.4.21
Release: 1
Url: http://www.openldap.org
License: BSD3c(or similar) ; openldap 2.8
%if "%{name}" == "openldap2"
Group: Productivity/Networking/LDAP/Clients
Provides: ldap2 openldap2-back-ldap openldap2-back-monitor
Obsoletes: openldap2-back-ldap openldap2-back-monitor
Conflicts: openldap
Requires: libldap-2_4-2 = %{version}
PreReq: %insserv_prereq %fillup_prereq /usr/sbin/useradd /usr/sbin/groupadd /usr/bin/grep
@ -61,9 +59,6 @@ Patch4: ldapi_url.dif
Patch6: libldap-gethostbyname_r.dif
Patch7: pie-compile.dif
Patch11: slapd-bconfig-del-db.dif
Patch12: 0001-back-config-objectclass-inheritence-ITS-6408.dif
Patch13: 0002-init-bindconf-TLS-settings-ITS-6419.dif
Patch14: 0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif
Patch100: openldap-2.3.37.dif
Patch200: slapd_getaddrinfo_dupl.dif
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@ -184,9 +179,6 @@ Authors:
%patch7
%endif
%patch11
%patch12 -p1
%patch13 -p1
%patch14 -p1
%if %suse_version == 1100
%patch200 -p1
%endif