From 6cb5f5b7bebe0d1ef70903529ad71ec94ee46e7114ab59b892e426510c2518ec Mon Sep 17 00:00:00 2001 From: Ralf Haferkamp Date: Thu, 7 Jan 2010 15:56:53 +0000 Subject: [PATCH 1/3] - Updated to 2.4.21: - removed some obsolete RPM dependencies - Added missing tags to init script to silence rpmlint warnings OBS-URL: https://build.opensuse.org/package/show/network:ldap/openldap2?expand=0&rev=27 --- ...onfig-objectclass-inheritence-ITS-6408.dif | 55 ------ 0002-init-bindconf-TLS-settings-ITS-6419.dif | 162 ------------------ ...imit-changes-to-all-databases-ITS-6428.dif | 135 --------------- openldap-2.4.20.tar.bz2 | 3 - openldap-2.4.21.tar.bz2 | 3 + openldap-rc.tgz | 4 +- openldap2-client.changes | 18 ++ openldap2-client.spec | 14 +- openldap2.changes | 18 ++ openldap2.spec | 10 +- 10 files changed, 45 insertions(+), 377 deletions(-) delete mode 100644 0001-back-config-objectclass-inheritence-ITS-6408.dif delete mode 100644 0002-init-bindconf-TLS-settings-ITS-6419.dif delete mode 100644 0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif delete mode 100644 openldap-2.4.20.tar.bz2 create mode 100644 openldap-2.4.21.tar.bz2 diff --git a/0001-back-config-objectclass-inheritence-ITS-6408.dif b/0001-back-config-objectclass-inheritence-ITS-6408.dif deleted file mode 100644 index 775edcd..0000000 --- a/0001-back-config-objectclass-inheritence-ITS-6408.dif +++ /dev/null @@ -1,55 +0,0 @@ -From 49921a1e1a1832f9461d800eeeaee30f12864441 Mon Sep 17 00:00:00 2001 -From: Ralf Haferkamp -Date: Tue, 8 Dec 2009 12:13:39 +0100 -Subject: [PATCH 1/3] back-config objectclass inheritence (ITS#6408) - -bnc#558059 ---- - servers/slapd/bconfig.c | 12 ++++++------ - 1 files changed, 6 insertions(+), 6 deletions(-) - -diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c -index c903458..d43e927 100644 ---- a/servers/slapd/bconfig.c -+++ b/servers/slapd/bconfig.c -@@ -4932,10 +4932,10 @@ config_add_internal( CfBackInfo *cfb, Entry *e, ConfigArgs *ca, SlapReply *rs, - ok: - /* Newly added databases and overlays need to be started up */ - if ( CONFIG_ONLINE_ADD( ca )) { -- if ( colst[0]->co_type == Cft_Database ) { -+ if ( coptr->co_type == Cft_Database ) { - rc = backend_startup_one( ca->be, &ca->reply ); - -- } else if ( colst[0]->co_type == Cft_Overlay ) { -+ } else if ( coptr->co_type == Cft_Overlay ) { - if ( ca->bi->bi_db_open ) { - BackendInfo *bi_orig = ca->be->bd_info; - ca->be->bd_info = ca->bi; -@@ -4961,7 +4961,7 @@ ok: - ce->ce_parent = last; - ce->ce_entry = entry_dup( e ); - ce->ce_entry->e_private = ce; -- ce->ce_type = colst[0]->co_type; -+ ce->ce_type = coptr->co_type; - ce->ce_be = ca->be; - ce->ce_bi = ca->bi; - ce->ce_private = ca->ca_private; -@@ -5006,12 +5006,12 @@ ok: - - done: - if ( rc ) { -- if ( (colst[0]->co_type == Cft_Database) && ca->be ) { -+ if ( (coptr->co_type == Cft_Database) && ca->be ) { - if ( ca->be != frontendDB ) - backend_destroy_one( ca->be, 1 ); -- } else if ( (colst[0]->co_type == Cft_Overlay) && ca->bi ) { -+ } else if ( (coptr->co_type == Cft_Overlay) && ca->bi ) { - overlay_destroy_one( ca->be, (slap_overinst *)ca->bi ); -- } else if ( colst[0]->co_type == Cft_Schema ) { -+ } else if ( coptr->co_type == Cft_Schema ) { - schema_destroy_one( ca, colst, nocs, last ); - } - } --- -1.6.4.2 - diff --git a/0002-init-bindconf-TLS-settings-ITS-6419.dif b/0002-init-bindconf-TLS-settings-ITS-6419.dif deleted file mode 100644 index 11a8fca..0000000 --- a/0002-init-bindconf-TLS-settings-ITS-6419.dif +++ /dev/null @@ -1,162 +0,0 @@ -From d14434499207d1f0ca4686ce46787056b23b4d2c Mon Sep 17 00:00:00 2001 -From: Ralf Haferkamp -Date: Tue, 8 Dec 2009 13:36:17 +0100 -Subject: [PATCH 2/3] init bindconf TLS settings (ITS#6419) - -bnc#558397 ---- - servers/slapd/config.c | 71 +++++++++++++++++++++++++++++++++++++++++---- - servers/slapd/slap.h | 8 +++++ - servers/slapd/syncrepl.c | 4 ++ - 3 files changed, 76 insertions(+), 7 deletions(-) - -diff --git a/servers/slapd/config.c b/servers/slapd/config.c -index be5a2f7..171e968 100644 ---- a/servers/slapd/config.c -+++ b/servers/slapd/config.c -@@ -1210,8 +1210,32 @@ static slap_verbmasks versionkey[] = { - { BER_BVNULL, 0 } - }; - -+static int -+slap_sb_uri( -+ struct berval *val, -+ void *bcp, -+ slap_cf_aux_table *tab0, -+ const char *tabmsg, -+ int unparse ) -+{ -+ slap_bindconf *bc = bcp; -+ if ( unparse ) { -+ if ( bc->sb_uri.bv_len >= val->bv_len ) -+ return -1; -+ val->bv_len = bc->sb_uri.bv_len; -+ AC_MEMCPY( val->bv_val, bc->sb_uri.bv_val, val->bv_len ); -+ } else { -+ bc->sb_uri = *val; -+#ifdef HAVE_TLS -+ if ( ldap_is_ldaps_url( val->bv_val )) -+ bc->sb_tls_do_init = 1; -+#endif -+ } -+ return 0; -+} -+ - static slap_cf_aux_table bindkey[] = { -- { BER_BVC("uri="), offsetof(slap_bindconf, sb_uri), 'b', 1, NULL }, -+ { BER_BVC("uri="), 0, 'x', 1, slap_sb_uri }, - { BER_BVC("version="), offsetof(slap_bindconf, sb_version), 'i', 0, versionkey }, - { BER_BVC("bindmethod="), offsetof(slap_bindconf, sb_method), 'i', 0, methkey }, - { BER_BVC("timeout="), offsetof(slap_bindconf, sb_timeout_api), 'i', 0, NULL }, -@@ -1224,21 +1248,20 @@ static slap_cf_aux_table bindkey[] = { - { BER_BVC("authcID="), offsetof(slap_bindconf, sb_authcId), 'b', 1, NULL }, - { BER_BVC("authzID="), offsetof(slap_bindconf, sb_authzId), 'b', 1, (slap_verbmasks *)authzNormalize }, - #ifdef HAVE_TLS -- { BER_BVC("starttls="), offsetof(slap_bindconf, sb_tls), 'i', 0, tlskey }, -- - /* NOTE: replace "13" with the actual index - * of the first TLS-related line */ - #define aux_TLS (bindkey+13) /* beginning of TLS keywords */ - -+ { BER_BVC("starttls="), offsetof(slap_bindconf, sb_tls), 'i', 0, tlskey }, - { BER_BVC("tls_cert="), offsetof(slap_bindconf, sb_tls_cert), 's', 1, NULL }, - { BER_BVC("tls_key="), offsetof(slap_bindconf, sb_tls_key), 's', 1, NULL }, - { BER_BVC("tls_cacert="), offsetof(slap_bindconf, sb_tls_cacert), 's', 1, NULL }, - { BER_BVC("tls_cacertdir="), offsetof(slap_bindconf, sb_tls_cacertdir), 's', 1, NULL }, -- { BER_BVC("tls_reqcert="), offsetof(slap_bindconf, sb_tls_reqcert), 's', 1, NULL }, -- { BER_BVC("tls_cipher_suite="), offsetof(slap_bindconf, sb_tls_cipher_suite), 's', 1, NULL }, -- { BER_BVC("tls_protocol_min="), offsetof(slap_bindconf, sb_tls_protocol_min), 's', 1, NULL }, -+ { BER_BVC("tls_reqcert="), offsetof(slap_bindconf, sb_tls_reqcert), 's', 0, NULL }, -+ { BER_BVC("tls_cipher_suite="), offsetof(slap_bindconf, sb_tls_cipher_suite), 's', 0, NULL }, -+ { BER_BVC("tls_protocol_min="), offsetof(slap_bindconf, sb_tls_protocol_min), 's', 0, NULL }, - #ifdef HAVE_OPENSSL_CRL -- { BER_BVC("tls_crlcheck="), offsetof(slap_bindconf, sb_tls_crlcheck), 's', 1, NULL }, -+ { BER_BVC("tls_crlcheck="), offsetof(slap_bindconf, sb_tls_crlcheck), 's', 0, NULL }, - #endif - #endif - { BER_BVNULL, 0, 0, 0, NULL } -@@ -1330,6 +1353,20 @@ slap_cf_aux_table_parse( const char *word, void *dst, slap_cf_aux_table *tab0, L - - rc = lutil_atoulx( ulptr, val, 0 ); - break; -+ -+ case 'x': -+ if ( tab->aux != NULL ) { -+ struct berval value; -+ slap_cf_aux_table_parse_x *func = (slap_cf_aux_table_parse_x *)tab->aux; -+ -+ ber_str2bv( val, 0, 1, &value ); -+ -+ rc = func( &value, (void *)((char *)dst + tab->off), tab, tabmsg, 0 ); -+ -+ } else { -+ rc = 1; -+ } -+ break; - } - - if ( rc ) { -@@ -1420,6 +1457,26 @@ slap_cf_aux_table_unparse( void *src, struct berval *bv, slap_cf_aux_table *tab0 - ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), "%lu", *ulptr ); - break; - -+ case 'x': -+ *ptr++ = ' '; -+ ptr = lutil_strcopy( ptr, tab->key.bv_val ); -+ if ( tab->quote ) *ptr++ = '"'; -+ if ( tab->aux != NULL ) { -+ struct berval value; -+ slap_cf_aux_table_parse_x *func = (slap_cf_aux_table_parse_x *)tab->aux; -+ int rc; -+ -+ value.bv_val = ptr; -+ value.bv_len = buf + sizeof( buf ) - ptr; -+ -+ rc = func( &value, (void *)((char *)src + tab->off), tab, "(unparse)", 1 ); -+ if ( rc == 0 ) { -+ ptr += value.bv_len; -+ } -+ } -+ if ( tab->quote ) *ptr++ = '"'; -+ break; -+ - default: - assert( 0 ); - } -diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h -index 076b898..210f6ba 100644 ---- a/servers/slapd/slap.h -+++ b/servers/slapd/slap.h -@@ -1630,6 +1630,14 @@ typedef struct slap_cf_aux_table { - void *aux; - } slap_cf_aux_table; - -+typedef int -+slap_cf_aux_table_parse_x LDAP_P(( -+ struct berval *val, -+ void *bc, -+ slap_cf_aux_table *tab0, -+ const char *tabmsg, -+ int unparse )); -+ - #define SLAP_LIMIT_TIME 1 - #define SLAP_LIMIT_SIZE 2 - -diff --git a/servers/slapd/syncrepl.c b/servers/slapd/syncrepl.c -index fb1001f..bf84556 100644 ---- a/servers/slapd/syncrepl.c -+++ b/servers/slapd/syncrepl.c -@@ -4060,6 +4060,10 @@ parse_syncrepl_line( - { - val = c->argv[ i ] + STRLENOF( PROVIDERSTR "=" ); - ber_str2bv( val, 0, 1, &si->si_bindconf.sb_uri ); -+#ifdef HAVE_TLS -+ if ( ldap_is_ldaps_url( val )) -+ si->si_bindconf.sb_tls_do_init = 1; -+#endif - si->si_got |= GOT_PROVIDER; - } else if ( !strncasecmp( c->argv[ i ], SCHEMASTR "=", - STRLENOF( SCHEMASTR "=" ) ) ) --- -1.6.4.2 - diff --git a/0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif b/0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif deleted file mode 100644 index 1ccc518..0000000 --- a/0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif +++ /dev/null @@ -1,135 +0,0 @@ -From ed86ffeec8ac01f9bc8ed531e5205a924c4a2979 Mon Sep 17 00:00:00 2001 -From: ralf -Date: Thu, 10 Dec 2009 10:56:52 +0000 -Subject: [PATCH 3/3] apply global limit changes to all databases (ITS#6428) - -bnc#562184 ---- - servers/slapd/bconfig.c | 90 ++++++++++++++++++++++++++++++++++++++++------ - 1 files changed, 78 insertions(+), 12 deletions(-) - -diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c -index d43e927..ae15224 100644 ---- a/servers/slapd/bconfig.c -+++ b/servers/slapd/bconfig.c -@@ -2208,14 +2208,23 @@ config_sizelimit(ConfigArgs *c) { - rc = 1; - return rc; - } else if ( c->op == LDAP_MOD_DELETE ) { -- /* Reset to defaults */ -- lim->lms_s_soft = SLAPD_DEFAULT_SIZELIMIT; -- lim->lms_s_hard = 0; -- lim->lms_s_unchecked = -1; -- lim->lms_s_pr = 0; -- lim->lms_s_pr_hide = 0; -- lim->lms_s_pr_total = 0; -- return 0; -+ /* Reset to defaults or values from frontend */ -+ if ( c->be == frontendDB ) { -+ lim->lms_s_soft = SLAPD_DEFAULT_SIZELIMIT; -+ lim->lms_s_hard = 0; -+ lim->lms_s_unchecked = -1; -+ lim->lms_s_pr = 0; -+ lim->lms_s_pr_hide = 0; -+ lim->lms_s_pr_total = 0; -+ } else { -+ lim->lms_s_soft = frontendDB->be_def_limit.lms_s_soft; -+ lim->lms_s_hard = frontendDB->be_def_limit.lms_s_hard; -+ lim->lms_s_unchecked = frontendDB->be_def_limit.lms_s_unchecked; -+ lim->lms_s_pr = frontendDB->be_def_limit.lms_s_pr; -+ lim->lms_s_pr_hide = frontendDB->be_def_limit.lms_s_pr_hide; -+ lim->lms_s_pr_total = frontendDB->be_def_limit.lms_s_pr_total; -+ } -+ goto ok; - } - for(i = 1; i < c->argc; i++) { - if(!strncasecmp(c->argv[i], "size", 4)) { -@@ -2240,6 +2249,34 @@ config_sizelimit(ConfigArgs *c) { - lim->lms_s_hard = 0; - } - } -+ -+ok: -+ if ( ( c->be == frontendDB ) && ( c->ca_entry ) ) { -+ /* This is a modification to the global limits apply it to -+ * the other databases as needed */ -+ AttributeDescription *ad=NULL; -+ const char *text = NULL; -+ slap_str2ad(c->argv[0], &ad, &text); -+ /* if we got here... */ -+ assert( ad != NULL ); -+ -+ CfEntryInfo *ce = c->ca_entry->e_private; -+ if ( ce->ce_type == Cft_Global ){ -+ ce = ce->ce_kids; -+ } -+ for (; ce; ce=ce->ce_sibs) { -+ Entry *dbe = ce->ce_entry; -+ if ( (ce->ce_type == Cft_Database) && (ce->ce_be != frontendDB) -+ && (!attr_find(dbe->e_attrs, ad)) ) { -+ ce->ce_be->be_def_limit.lms_s_soft = lim->lms_s_soft; -+ ce->ce_be->be_def_limit.lms_s_hard = lim->lms_s_hard; -+ ce->ce_be->be_def_limit.lms_s_unchecked =lim->lms_s_unchecked; -+ ce->ce_be->be_def_limit.lms_s_pr =lim->lms_s_pr; -+ ce->ce_be->be_def_limit.lms_s_pr_hide =lim->lms_s_pr_hide; -+ ce->ce_be->be_def_limit.lms_s_pr_total =lim->lms_s_pr_total; -+ } -+ } -+ } - return(0); - } - -@@ -2259,10 +2296,15 @@ config_timelimit(ConfigArgs *c) { - rc = 1; - return rc; - } else if ( c->op == LDAP_MOD_DELETE ) { -- /* Reset to defaults */ -- lim->lms_t_soft = SLAPD_DEFAULT_TIMELIMIT; -- lim->lms_t_hard = 0; -- return 0; -+ /* Reset to defaults or values from frontend */ -+ if ( c->be == frontendDB ) { -+ lim->lms_t_soft = SLAPD_DEFAULT_TIMELIMIT; -+ lim->lms_t_hard = 0; -+ } else { -+ lim->lms_t_soft = frontendDB->be_def_limit.lms_t_soft; -+ lim->lms_t_hard = frontendDB->be_def_limit.lms_t_hard; -+ } -+ goto ok; - } - for(i = 1; i < c->argc; i++) { - if(!strncasecmp(c->argv[i], "time", 4)) { -@@ -2287,6 +2329,30 @@ config_timelimit(ConfigArgs *c) { - lim->lms_t_hard = 0; - } - } -+ -+ok: -+ if ( ( c->be == frontendDB ) && ( c->ca_entry ) ) { -+ /* This is a modification to the global limits apply it to -+ * the other databases as needed */ -+ AttributeDescription *ad=NULL; -+ const char *text = NULL; -+ slap_str2ad(c->argv[0], &ad, &text); -+ /* if we got here... */ -+ assert( ad != NULL ); -+ -+ CfEntryInfo *ce = c->ca_entry->e_private; -+ if ( ce->ce_type == Cft_Global ){ -+ ce = ce->ce_kids; -+ } -+ for (; ce; ce=ce->ce_sibs) { -+ Entry *dbe = ce->ce_entry; -+ if ( (ce->ce_type == Cft_Database) && (ce->ce_be != frontendDB) -+ && (!attr_find(dbe->e_attrs, ad)) ) { -+ ce->ce_be->be_def_limit.lms_t_soft = lim->lms_t_soft; -+ ce->ce_be->be_def_limit.lms_t_hard = lim->lms_t_hard; -+ } -+ } -+ } - return(0); - } - --- -1.6.4.2 - diff --git a/openldap-2.4.20.tar.bz2 b/openldap-2.4.20.tar.bz2 deleted file mode 100644 index b06b6c0..0000000 --- a/openldap-2.4.20.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:af0f2ceb0fbabd866bf25bc6ea2013d4bf0510d84f6d4bcde25c8f0c270b411c -size 4417900 diff --git a/openldap-2.4.21.tar.bz2 b/openldap-2.4.21.tar.bz2 new file mode 100644 index 0000000..ef5bbfc --- /dev/null +++ b/openldap-2.4.21.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:7140bb913a95765134daf5ee17254d938f54c981790d328e6cd3ca7ad6cea915 +size 4421498 diff --git a/openldap-rc.tgz b/openldap-rc.tgz index 23ac3a6..8bf11d9 100644 --- a/openldap-rc.tgz +++ b/openldap-rc.tgz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:a60bf6d97e216bb27fa522cc1cb68e2954e8da05c6ddcf86b5e938ad311a279d -size 4461 +oid sha256:c44c098dd07e2d1a8cc01559d61373af59d226225f27716e933052a80a39ee97 +size 4487 diff --git a/openldap2-client.changes b/openldap2-client.changes index df58381..3608616 100644 --- a/openldap2-client.changes +++ b/openldap2-client.changes @@ -1,3 +1,21 @@ +------------------------------------------------------------------- +Thu Jan 7 15:47:20 UTC 2010 - rhafer@novell.com + +- Updated to 2.4.21: + * Fixed liblutil for negative microsecond offsets (ITS#6405) + * Fixed slapd global settings to work without restart (ITS#6428) + * Fixed slapd looping with SSL/TLS connections (ITS#6412) + * Fixed slapd syncrepl freeing tasks from queue (ITS#6413) + * Fixed slapd syncrepl parsing of tls defaults (ITS#6419) + * Fixed slapd syncrepl uninitialized variables (ITS#6425) + * Fixed slapd-config Adds with Abstract classes (ITS#6408) + * Fixed slapo-dynlist behavior with simple filters (ITS#6421) + * Fixed slapd-ldif access outside database directory (ITS#6414) + * Fixed slapo-translucent with back-null (ITS#6403) + * Fixed slapo-unique criteria checking (ITS#6270) +- removed some obsolete RPM dependencies +- Added missing tags to init script to silence rpmlint warnings + ------------------------------------------------------------------- Thu Dec 10 15:41:11 UTC 2009 - rhafer@novell.com diff --git a/openldap2-client.spec b/openldap2-client.spec index 7afb3ef..1b6a641 100644 --- a/openldap2-client.spec +++ b/openldap2-client.spec @@ -1,5 +1,5 @@ # -# spec file for package openldap2-client (Version 2.4.20) +# spec file for package openldap2 (Version 2.4.20) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -19,7 +19,7 @@ %define run_test_suite 1 -Name: openldap2-client +Name: openldap2-client BuildRequires: cyrus-sasl-devel db-devel libopenssl-devel openslp-devel tcpd-devel %if %sles_version == 9 BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-devel @@ -27,14 +27,12 @@ BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-de %if %sles_version == 10 BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-devel %endif -Version: 2.4.20 +Version: 2.4.21 Release: 1 Url: http://www.openldap.org License: BSD3c(or similar) ; openldap 2.8 %if "%{name}" == "openldap2" Group: Productivity/Networking/LDAP/Clients -Provides: ldap2 openldap2-back-ldap openldap2-back-monitor -Obsoletes: openldap2-back-ldap openldap2-back-monitor Conflicts: openldap Requires: libldap-2_4-2 = %{version} PreReq: %insserv_prereq %fillup_prereq /usr/sbin/useradd /usr/sbin/groupadd /usr/bin/grep @@ -61,9 +59,6 @@ Patch4: ldapi_url.dif Patch6: libldap-gethostbyname_r.dif Patch7: pie-compile.dif Patch11: slapd-bconfig-del-db.dif -Patch12: 0001-back-config-objectclass-inheritence-ITS-6408.dif -Patch13: 0002-init-bindconf-TLS-settings-ITS-6419.dif -Patch14: 0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif Patch100: openldap-2.3.37.dif Patch200: slapd_getaddrinfo_dupl.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -184,9 +179,6 @@ Authors: %patch7 %endif %patch11 -%patch12 -p1 -%patch13 -p1 -%patch14 -p1 %if %suse_version == 1100 %patch200 -p1 %endif diff --git a/openldap2.changes b/openldap2.changes index df58381..3608616 100644 --- a/openldap2.changes +++ b/openldap2.changes @@ -1,3 +1,21 @@ +------------------------------------------------------------------- +Thu Jan 7 15:47:20 UTC 2010 - rhafer@novell.com + +- Updated to 2.4.21: + * Fixed liblutil for negative microsecond offsets (ITS#6405) + * Fixed slapd global settings to work without restart (ITS#6428) + * Fixed slapd looping with SSL/TLS connections (ITS#6412) + * Fixed slapd syncrepl freeing tasks from queue (ITS#6413) + * Fixed slapd syncrepl parsing of tls defaults (ITS#6419) + * Fixed slapd syncrepl uninitialized variables (ITS#6425) + * Fixed slapd-config Adds with Abstract classes (ITS#6408) + * Fixed slapo-dynlist behavior with simple filters (ITS#6421) + * Fixed slapd-ldif access outside database directory (ITS#6414) + * Fixed slapo-translucent with back-null (ITS#6403) + * Fixed slapo-unique criteria checking (ITS#6270) +- removed some obsolete RPM dependencies +- Added missing tags to init script to silence rpmlint warnings + ------------------------------------------------------------------- Thu Dec 10 15:41:11 UTC 2009 - rhafer@novell.com diff --git a/openldap2.spec b/openldap2.spec index a7c1181..aa12b23 100644 --- a/openldap2.spec +++ b/openldap2.spec @@ -27,14 +27,12 @@ BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-de %if %sles_version == 10 BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-devel %endif -Version: 2.4.20 +Version: 2.4.21 Release: 1 Url: http://www.openldap.org License: BSD3c(or similar) ; openldap 2.8 %if "%{name}" == "openldap2" Group: Productivity/Networking/LDAP/Clients -Provides: ldap2 openldap2-back-ldap openldap2-back-monitor -Obsoletes: openldap2-back-ldap openldap2-back-monitor Conflicts: openldap Requires: libldap-2_4-2 = %{version} PreReq: %insserv_prereq %fillup_prereq /usr/sbin/useradd /usr/sbin/groupadd /usr/bin/grep @@ -61,9 +59,6 @@ Patch4: ldapi_url.dif Patch6: libldap-gethostbyname_r.dif Patch7: pie-compile.dif Patch11: slapd-bconfig-del-db.dif -Patch12: 0001-back-config-objectclass-inheritence-ITS-6408.dif -Patch13: 0002-init-bindconf-TLS-settings-ITS-6419.dif -Patch14: 0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif Patch100: openldap-2.3.37.dif Patch200: slapd_getaddrinfo_dupl.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -184,9 +179,6 @@ Authors: %patch7 %endif %patch11 -%patch12 -p1 -%patch13 -p1 -%patch14 -p1 %if %suse_version == 1100 %patch200 -p1 %endif From a399962770de757221a1782b80b91cdc63e53e7d283e421f3e5c2b3c52a7e3ef Mon Sep 17 00:00:00 2001 From: OBS User autobuild Date: Thu, 21 Jan 2010 09:23:33 +0000 Subject: [PATCH 2/3] checked in (request 29994) OBS-URL: https://build.opensuse.org/package/show/network:ldap/openldap2?expand=0&rev=28 --- ...onfig-objectclass-inheritence-ITS-6408.dif | 55 ++++++ 0002-init-bindconf-TLS-settings-ITS-6419.dif | 162 ++++++++++++++++++ ...imit-changes-to-all-databases-ITS-6428.dif | 135 +++++++++++++++ openldap-2.4.20.tar.bz2 | 3 + openldap-2.4.21.tar.bz2 | 3 - openldap-rc.tgz | 4 +- openldap2-client.changes | 18 -- openldap2-client.spec | 14 +- openldap2.changes | 18 -- openldap2.spec | 10 +- 10 files changed, 377 insertions(+), 45 deletions(-) create mode 100644 0001-back-config-objectclass-inheritence-ITS-6408.dif create mode 100644 0002-init-bindconf-TLS-settings-ITS-6419.dif create mode 100644 0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif create mode 100644 openldap-2.4.20.tar.bz2 delete mode 100644 openldap-2.4.21.tar.bz2 diff --git a/0001-back-config-objectclass-inheritence-ITS-6408.dif b/0001-back-config-objectclass-inheritence-ITS-6408.dif new file mode 100644 index 0000000..775edcd --- /dev/null +++ b/0001-back-config-objectclass-inheritence-ITS-6408.dif @@ -0,0 +1,55 @@ +From 49921a1e1a1832f9461d800eeeaee30f12864441 Mon Sep 17 00:00:00 2001 +From: Ralf Haferkamp +Date: Tue, 8 Dec 2009 12:13:39 +0100 +Subject: [PATCH 1/3] back-config objectclass inheritence (ITS#6408) + +bnc#558059 +--- + servers/slapd/bconfig.c | 12 ++++++------ + 1 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c +index c903458..d43e927 100644 +--- a/servers/slapd/bconfig.c ++++ b/servers/slapd/bconfig.c +@@ -4932,10 +4932,10 @@ config_add_internal( CfBackInfo *cfb, Entry *e, ConfigArgs *ca, SlapReply *rs, + ok: + /* Newly added databases and overlays need to be started up */ + if ( CONFIG_ONLINE_ADD( ca )) { +- if ( colst[0]->co_type == Cft_Database ) { ++ if ( coptr->co_type == Cft_Database ) { + rc = backend_startup_one( ca->be, &ca->reply ); + +- } else if ( colst[0]->co_type == Cft_Overlay ) { ++ } else if ( coptr->co_type == Cft_Overlay ) { + if ( ca->bi->bi_db_open ) { + BackendInfo *bi_orig = ca->be->bd_info; + ca->be->bd_info = ca->bi; +@@ -4961,7 +4961,7 @@ ok: + ce->ce_parent = last; + ce->ce_entry = entry_dup( e ); + ce->ce_entry->e_private = ce; +- ce->ce_type = colst[0]->co_type; ++ ce->ce_type = coptr->co_type; + ce->ce_be = ca->be; + ce->ce_bi = ca->bi; + ce->ce_private = ca->ca_private; +@@ -5006,12 +5006,12 @@ ok: + + done: + if ( rc ) { +- if ( (colst[0]->co_type == Cft_Database) && ca->be ) { ++ if ( (coptr->co_type == Cft_Database) && ca->be ) { + if ( ca->be != frontendDB ) + backend_destroy_one( ca->be, 1 ); +- } else if ( (colst[0]->co_type == Cft_Overlay) && ca->bi ) { ++ } else if ( (coptr->co_type == Cft_Overlay) && ca->bi ) { + overlay_destroy_one( ca->be, (slap_overinst *)ca->bi ); +- } else if ( colst[0]->co_type == Cft_Schema ) { ++ } else if ( coptr->co_type == Cft_Schema ) { + schema_destroy_one( ca, colst, nocs, last ); + } + } +-- +1.6.4.2 + diff --git a/0002-init-bindconf-TLS-settings-ITS-6419.dif b/0002-init-bindconf-TLS-settings-ITS-6419.dif new file mode 100644 index 0000000..11a8fca --- /dev/null +++ b/0002-init-bindconf-TLS-settings-ITS-6419.dif @@ -0,0 +1,162 @@ +From d14434499207d1f0ca4686ce46787056b23b4d2c Mon Sep 17 00:00:00 2001 +From: Ralf Haferkamp +Date: Tue, 8 Dec 2009 13:36:17 +0100 +Subject: [PATCH 2/3] init bindconf TLS settings (ITS#6419) + +bnc#558397 +--- + servers/slapd/config.c | 71 +++++++++++++++++++++++++++++++++++++++++---- + servers/slapd/slap.h | 8 +++++ + servers/slapd/syncrepl.c | 4 ++ + 3 files changed, 76 insertions(+), 7 deletions(-) + +diff --git a/servers/slapd/config.c b/servers/slapd/config.c +index be5a2f7..171e968 100644 +--- a/servers/slapd/config.c ++++ b/servers/slapd/config.c +@@ -1210,8 +1210,32 @@ static slap_verbmasks versionkey[] = { + { BER_BVNULL, 0 } + }; + ++static int ++slap_sb_uri( ++ struct berval *val, ++ void *bcp, ++ slap_cf_aux_table *tab0, ++ const char *tabmsg, ++ int unparse ) ++{ ++ slap_bindconf *bc = bcp; ++ if ( unparse ) { ++ if ( bc->sb_uri.bv_len >= val->bv_len ) ++ return -1; ++ val->bv_len = bc->sb_uri.bv_len; ++ AC_MEMCPY( val->bv_val, bc->sb_uri.bv_val, val->bv_len ); ++ } else { ++ bc->sb_uri = *val; ++#ifdef HAVE_TLS ++ if ( ldap_is_ldaps_url( val->bv_val )) ++ bc->sb_tls_do_init = 1; ++#endif ++ } ++ return 0; ++} ++ + static slap_cf_aux_table bindkey[] = { +- { BER_BVC("uri="), offsetof(slap_bindconf, sb_uri), 'b', 1, NULL }, ++ { BER_BVC("uri="), 0, 'x', 1, slap_sb_uri }, + { BER_BVC("version="), offsetof(slap_bindconf, sb_version), 'i', 0, versionkey }, + { BER_BVC("bindmethod="), offsetof(slap_bindconf, sb_method), 'i', 0, methkey }, + { BER_BVC("timeout="), offsetof(slap_bindconf, sb_timeout_api), 'i', 0, NULL }, +@@ -1224,21 +1248,20 @@ static slap_cf_aux_table bindkey[] = { + { BER_BVC("authcID="), offsetof(slap_bindconf, sb_authcId), 'b', 1, NULL }, + { BER_BVC("authzID="), offsetof(slap_bindconf, sb_authzId), 'b', 1, (slap_verbmasks *)authzNormalize }, + #ifdef HAVE_TLS +- { BER_BVC("starttls="), offsetof(slap_bindconf, sb_tls), 'i', 0, tlskey }, +- + /* NOTE: replace "13" with the actual index + * of the first TLS-related line */ + #define aux_TLS (bindkey+13) /* beginning of TLS keywords */ + ++ { BER_BVC("starttls="), offsetof(slap_bindconf, sb_tls), 'i', 0, tlskey }, + { BER_BVC("tls_cert="), offsetof(slap_bindconf, sb_tls_cert), 's', 1, NULL }, + { BER_BVC("tls_key="), offsetof(slap_bindconf, sb_tls_key), 's', 1, NULL }, + { BER_BVC("tls_cacert="), offsetof(slap_bindconf, sb_tls_cacert), 's', 1, NULL }, + { BER_BVC("tls_cacertdir="), offsetof(slap_bindconf, sb_tls_cacertdir), 's', 1, NULL }, +- { BER_BVC("tls_reqcert="), offsetof(slap_bindconf, sb_tls_reqcert), 's', 1, NULL }, +- { BER_BVC("tls_cipher_suite="), offsetof(slap_bindconf, sb_tls_cipher_suite), 's', 1, NULL }, +- { BER_BVC("tls_protocol_min="), offsetof(slap_bindconf, sb_tls_protocol_min), 's', 1, NULL }, ++ { BER_BVC("tls_reqcert="), offsetof(slap_bindconf, sb_tls_reqcert), 's', 0, NULL }, ++ { BER_BVC("tls_cipher_suite="), offsetof(slap_bindconf, sb_tls_cipher_suite), 's', 0, NULL }, ++ { BER_BVC("tls_protocol_min="), offsetof(slap_bindconf, sb_tls_protocol_min), 's', 0, NULL }, + #ifdef HAVE_OPENSSL_CRL +- { BER_BVC("tls_crlcheck="), offsetof(slap_bindconf, sb_tls_crlcheck), 's', 1, NULL }, ++ { BER_BVC("tls_crlcheck="), offsetof(slap_bindconf, sb_tls_crlcheck), 's', 0, NULL }, + #endif + #endif + { BER_BVNULL, 0, 0, 0, NULL } +@@ -1330,6 +1353,20 @@ slap_cf_aux_table_parse( const char *word, void *dst, slap_cf_aux_table *tab0, L + + rc = lutil_atoulx( ulptr, val, 0 ); + break; ++ ++ case 'x': ++ if ( tab->aux != NULL ) { ++ struct berval value; ++ slap_cf_aux_table_parse_x *func = (slap_cf_aux_table_parse_x *)tab->aux; ++ ++ ber_str2bv( val, 0, 1, &value ); ++ ++ rc = func( &value, (void *)((char *)dst + tab->off), tab, tabmsg, 0 ); ++ ++ } else { ++ rc = 1; ++ } ++ break; + } + + if ( rc ) { +@@ -1420,6 +1457,26 @@ slap_cf_aux_table_unparse( void *src, struct berval *bv, slap_cf_aux_table *tab0 + ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), "%lu", *ulptr ); + break; + ++ case 'x': ++ *ptr++ = ' '; ++ ptr = lutil_strcopy( ptr, tab->key.bv_val ); ++ if ( tab->quote ) *ptr++ = '"'; ++ if ( tab->aux != NULL ) { ++ struct berval value; ++ slap_cf_aux_table_parse_x *func = (slap_cf_aux_table_parse_x *)tab->aux; ++ int rc; ++ ++ value.bv_val = ptr; ++ value.bv_len = buf + sizeof( buf ) - ptr; ++ ++ rc = func( &value, (void *)((char *)src + tab->off), tab, "(unparse)", 1 ); ++ if ( rc == 0 ) { ++ ptr += value.bv_len; ++ } ++ } ++ if ( tab->quote ) *ptr++ = '"'; ++ break; ++ + default: + assert( 0 ); + } +diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h +index 076b898..210f6ba 100644 +--- a/servers/slapd/slap.h ++++ b/servers/slapd/slap.h +@@ -1630,6 +1630,14 @@ typedef struct slap_cf_aux_table { + void *aux; + } slap_cf_aux_table; + ++typedef int ++slap_cf_aux_table_parse_x LDAP_P(( ++ struct berval *val, ++ void *bc, ++ slap_cf_aux_table *tab0, ++ const char *tabmsg, ++ int unparse )); ++ + #define SLAP_LIMIT_TIME 1 + #define SLAP_LIMIT_SIZE 2 + +diff --git a/servers/slapd/syncrepl.c b/servers/slapd/syncrepl.c +index fb1001f..bf84556 100644 +--- a/servers/slapd/syncrepl.c ++++ b/servers/slapd/syncrepl.c +@@ -4060,6 +4060,10 @@ parse_syncrepl_line( + { + val = c->argv[ i ] + STRLENOF( PROVIDERSTR "=" ); + ber_str2bv( val, 0, 1, &si->si_bindconf.sb_uri ); ++#ifdef HAVE_TLS ++ if ( ldap_is_ldaps_url( val )) ++ si->si_bindconf.sb_tls_do_init = 1; ++#endif + si->si_got |= GOT_PROVIDER; + } else if ( !strncasecmp( c->argv[ i ], SCHEMASTR "=", + STRLENOF( SCHEMASTR "=" ) ) ) +-- +1.6.4.2 + diff --git a/0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif b/0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif new file mode 100644 index 0000000..1ccc518 --- /dev/null +++ b/0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif @@ -0,0 +1,135 @@ +From ed86ffeec8ac01f9bc8ed531e5205a924c4a2979 Mon Sep 17 00:00:00 2001 +From: ralf +Date: Thu, 10 Dec 2009 10:56:52 +0000 +Subject: [PATCH 3/3] apply global limit changes to all databases (ITS#6428) + +bnc#562184 +--- + servers/slapd/bconfig.c | 90 ++++++++++++++++++++++++++++++++++++++++------ + 1 files changed, 78 insertions(+), 12 deletions(-) + +diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c +index d43e927..ae15224 100644 +--- a/servers/slapd/bconfig.c ++++ b/servers/slapd/bconfig.c +@@ -2208,14 +2208,23 @@ config_sizelimit(ConfigArgs *c) { + rc = 1; + return rc; + } else if ( c->op == LDAP_MOD_DELETE ) { +- /* Reset to defaults */ +- lim->lms_s_soft = SLAPD_DEFAULT_SIZELIMIT; +- lim->lms_s_hard = 0; +- lim->lms_s_unchecked = -1; +- lim->lms_s_pr = 0; +- lim->lms_s_pr_hide = 0; +- lim->lms_s_pr_total = 0; +- return 0; ++ /* Reset to defaults or values from frontend */ ++ if ( c->be == frontendDB ) { ++ lim->lms_s_soft = SLAPD_DEFAULT_SIZELIMIT; ++ lim->lms_s_hard = 0; ++ lim->lms_s_unchecked = -1; ++ lim->lms_s_pr = 0; ++ lim->lms_s_pr_hide = 0; ++ lim->lms_s_pr_total = 0; ++ } else { ++ lim->lms_s_soft = frontendDB->be_def_limit.lms_s_soft; ++ lim->lms_s_hard = frontendDB->be_def_limit.lms_s_hard; ++ lim->lms_s_unchecked = frontendDB->be_def_limit.lms_s_unchecked; ++ lim->lms_s_pr = frontendDB->be_def_limit.lms_s_pr; ++ lim->lms_s_pr_hide = frontendDB->be_def_limit.lms_s_pr_hide; ++ lim->lms_s_pr_total = frontendDB->be_def_limit.lms_s_pr_total; ++ } ++ goto ok; + } + for(i = 1; i < c->argc; i++) { + if(!strncasecmp(c->argv[i], "size", 4)) { +@@ -2240,6 +2249,34 @@ config_sizelimit(ConfigArgs *c) { + lim->lms_s_hard = 0; + } + } ++ ++ok: ++ if ( ( c->be == frontendDB ) && ( c->ca_entry ) ) { ++ /* This is a modification to the global limits apply it to ++ * the other databases as needed */ ++ AttributeDescription *ad=NULL; ++ const char *text = NULL; ++ slap_str2ad(c->argv[0], &ad, &text); ++ /* if we got here... */ ++ assert( ad != NULL ); ++ ++ CfEntryInfo *ce = c->ca_entry->e_private; ++ if ( ce->ce_type == Cft_Global ){ ++ ce = ce->ce_kids; ++ } ++ for (; ce; ce=ce->ce_sibs) { ++ Entry *dbe = ce->ce_entry; ++ if ( (ce->ce_type == Cft_Database) && (ce->ce_be != frontendDB) ++ && (!attr_find(dbe->e_attrs, ad)) ) { ++ ce->ce_be->be_def_limit.lms_s_soft = lim->lms_s_soft; ++ ce->ce_be->be_def_limit.lms_s_hard = lim->lms_s_hard; ++ ce->ce_be->be_def_limit.lms_s_unchecked =lim->lms_s_unchecked; ++ ce->ce_be->be_def_limit.lms_s_pr =lim->lms_s_pr; ++ ce->ce_be->be_def_limit.lms_s_pr_hide =lim->lms_s_pr_hide; ++ ce->ce_be->be_def_limit.lms_s_pr_total =lim->lms_s_pr_total; ++ } ++ } ++ } + return(0); + } + +@@ -2259,10 +2296,15 @@ config_timelimit(ConfigArgs *c) { + rc = 1; + return rc; + } else if ( c->op == LDAP_MOD_DELETE ) { +- /* Reset to defaults */ +- lim->lms_t_soft = SLAPD_DEFAULT_TIMELIMIT; +- lim->lms_t_hard = 0; +- return 0; ++ /* Reset to defaults or values from frontend */ ++ if ( c->be == frontendDB ) { ++ lim->lms_t_soft = SLAPD_DEFAULT_TIMELIMIT; ++ lim->lms_t_hard = 0; ++ } else { ++ lim->lms_t_soft = frontendDB->be_def_limit.lms_t_soft; ++ lim->lms_t_hard = frontendDB->be_def_limit.lms_t_hard; ++ } ++ goto ok; + } + for(i = 1; i < c->argc; i++) { + if(!strncasecmp(c->argv[i], "time", 4)) { +@@ -2287,6 +2329,30 @@ config_timelimit(ConfigArgs *c) { + lim->lms_t_hard = 0; + } + } ++ ++ok: ++ if ( ( c->be == frontendDB ) && ( c->ca_entry ) ) { ++ /* This is a modification to the global limits apply it to ++ * the other databases as needed */ ++ AttributeDescription *ad=NULL; ++ const char *text = NULL; ++ slap_str2ad(c->argv[0], &ad, &text); ++ /* if we got here... */ ++ assert( ad != NULL ); ++ ++ CfEntryInfo *ce = c->ca_entry->e_private; ++ if ( ce->ce_type == Cft_Global ){ ++ ce = ce->ce_kids; ++ } ++ for (; ce; ce=ce->ce_sibs) { ++ Entry *dbe = ce->ce_entry; ++ if ( (ce->ce_type == Cft_Database) && (ce->ce_be != frontendDB) ++ && (!attr_find(dbe->e_attrs, ad)) ) { ++ ce->ce_be->be_def_limit.lms_t_soft = lim->lms_t_soft; ++ ce->ce_be->be_def_limit.lms_t_hard = lim->lms_t_hard; ++ } ++ } ++ } + return(0); + } + +-- +1.6.4.2 + diff --git a/openldap-2.4.20.tar.bz2 b/openldap-2.4.20.tar.bz2 new file mode 100644 index 0000000..b06b6c0 --- /dev/null +++ b/openldap-2.4.20.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:af0f2ceb0fbabd866bf25bc6ea2013d4bf0510d84f6d4bcde25c8f0c270b411c +size 4417900 diff --git a/openldap-2.4.21.tar.bz2 b/openldap-2.4.21.tar.bz2 deleted file mode 100644 index ef5bbfc..0000000 --- a/openldap-2.4.21.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7140bb913a95765134daf5ee17254d938f54c981790d328e6cd3ca7ad6cea915 -size 4421498 diff --git a/openldap-rc.tgz b/openldap-rc.tgz index 8bf11d9..23ac3a6 100644 --- a/openldap-rc.tgz +++ b/openldap-rc.tgz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:c44c098dd07e2d1a8cc01559d61373af59d226225f27716e933052a80a39ee97 -size 4487 +oid sha256:a60bf6d97e216bb27fa522cc1cb68e2954e8da05c6ddcf86b5e938ad311a279d +size 4461 diff --git a/openldap2-client.changes b/openldap2-client.changes index 3608616..df58381 100644 --- a/openldap2-client.changes +++ b/openldap2-client.changes @@ -1,21 +1,3 @@ -------------------------------------------------------------------- -Thu Jan 7 15:47:20 UTC 2010 - rhafer@novell.com - -- Updated to 2.4.21: - * Fixed liblutil for negative microsecond offsets (ITS#6405) - * Fixed slapd global settings to work without restart (ITS#6428) - * Fixed slapd looping with SSL/TLS connections (ITS#6412) - * Fixed slapd syncrepl freeing tasks from queue (ITS#6413) - * Fixed slapd syncrepl parsing of tls defaults (ITS#6419) - * Fixed slapd syncrepl uninitialized variables (ITS#6425) - * Fixed slapd-config Adds with Abstract classes (ITS#6408) - * Fixed slapo-dynlist behavior with simple filters (ITS#6421) - * Fixed slapd-ldif access outside database directory (ITS#6414) - * Fixed slapo-translucent with back-null (ITS#6403) - * Fixed slapo-unique criteria checking (ITS#6270) -- removed some obsolete RPM dependencies -- Added missing tags to init script to silence rpmlint warnings - ------------------------------------------------------------------- Thu Dec 10 15:41:11 UTC 2009 - rhafer@novell.com diff --git a/openldap2-client.spec b/openldap2-client.spec index 1b6a641..7afb3ef 100644 --- a/openldap2-client.spec +++ b/openldap2-client.spec @@ -1,5 +1,5 @@ # -# spec file for package openldap2 (Version 2.4.20) +# spec file for package openldap2-client (Version 2.4.20) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -19,7 +19,7 @@ %define run_test_suite 1 -Name: openldap2-client +Name: openldap2-client BuildRequires: cyrus-sasl-devel db-devel libopenssl-devel openslp-devel tcpd-devel %if %sles_version == 9 BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-devel @@ -27,12 +27,14 @@ BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-de %if %sles_version == 10 BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-devel %endif -Version: 2.4.21 +Version: 2.4.20 Release: 1 Url: http://www.openldap.org License: BSD3c(or similar) ; openldap 2.8 %if "%{name}" == "openldap2" Group: Productivity/Networking/LDAP/Clients +Provides: ldap2 openldap2-back-ldap openldap2-back-monitor +Obsoletes: openldap2-back-ldap openldap2-back-monitor Conflicts: openldap Requires: libldap-2_4-2 = %{version} PreReq: %insserv_prereq %fillup_prereq /usr/sbin/useradd /usr/sbin/groupadd /usr/bin/grep @@ -59,6 +61,9 @@ Patch4: ldapi_url.dif Patch6: libldap-gethostbyname_r.dif Patch7: pie-compile.dif Patch11: slapd-bconfig-del-db.dif +Patch12: 0001-back-config-objectclass-inheritence-ITS-6408.dif +Patch13: 0002-init-bindconf-TLS-settings-ITS-6419.dif +Patch14: 0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif Patch100: openldap-2.3.37.dif Patch200: slapd_getaddrinfo_dupl.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -179,6 +184,9 @@ Authors: %patch7 %endif %patch11 +%patch12 -p1 +%patch13 -p1 +%patch14 -p1 %if %suse_version == 1100 %patch200 -p1 %endif diff --git a/openldap2.changes b/openldap2.changes index 3608616..df58381 100644 --- a/openldap2.changes +++ b/openldap2.changes @@ -1,21 +1,3 @@ -------------------------------------------------------------------- -Thu Jan 7 15:47:20 UTC 2010 - rhafer@novell.com - -- Updated to 2.4.21: - * Fixed liblutil for negative microsecond offsets (ITS#6405) - * Fixed slapd global settings to work without restart (ITS#6428) - * Fixed slapd looping with SSL/TLS connections (ITS#6412) - * Fixed slapd syncrepl freeing tasks from queue (ITS#6413) - * Fixed slapd syncrepl parsing of tls defaults (ITS#6419) - * Fixed slapd syncrepl uninitialized variables (ITS#6425) - * Fixed slapd-config Adds with Abstract classes (ITS#6408) - * Fixed slapo-dynlist behavior with simple filters (ITS#6421) - * Fixed slapd-ldif access outside database directory (ITS#6414) - * Fixed slapo-translucent with back-null (ITS#6403) - * Fixed slapo-unique criteria checking (ITS#6270) -- removed some obsolete RPM dependencies -- Added missing tags to init script to silence rpmlint warnings - ------------------------------------------------------------------- Thu Dec 10 15:41:11 UTC 2009 - rhafer@novell.com diff --git a/openldap2.spec b/openldap2.spec index aa12b23..a7c1181 100644 --- a/openldap2.spec +++ b/openldap2.spec @@ -27,12 +27,14 @@ BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-de %if %sles_version == 10 BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-devel %endif -Version: 2.4.21 +Version: 2.4.20 Release: 1 Url: http://www.openldap.org License: BSD3c(or similar) ; openldap 2.8 %if "%{name}" == "openldap2" Group: Productivity/Networking/LDAP/Clients +Provides: ldap2 openldap2-back-ldap openldap2-back-monitor +Obsoletes: openldap2-back-ldap openldap2-back-monitor Conflicts: openldap Requires: libldap-2_4-2 = %{version} PreReq: %insserv_prereq %fillup_prereq /usr/sbin/useradd /usr/sbin/groupadd /usr/bin/grep @@ -59,6 +61,9 @@ Patch4: ldapi_url.dif Patch6: libldap-gethostbyname_r.dif Patch7: pie-compile.dif Patch11: slapd-bconfig-del-db.dif +Patch12: 0001-back-config-objectclass-inheritence-ITS-6408.dif +Patch13: 0002-init-bindconf-TLS-settings-ITS-6419.dif +Patch14: 0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif Patch100: openldap-2.3.37.dif Patch200: slapd_getaddrinfo_dupl.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -179,6 +184,9 @@ Authors: %patch7 %endif %patch11 +%patch12 -p1 +%patch13 -p1 +%patch14 -p1 %if %suse_version == 1100 %patch200 -p1 %endif From 3d204ad35665bd10922c490316b8c6c7bc87f5860922fe6207c9405f4881777b Mon Sep 17 00:00:00 2001 From: OBS User buildservice-autocommit Date: Thu, 21 Jan 2010 09:23:34 +0000 Subject: [PATCH 3/3] Updating link to change in openSUSE:Factory/openldap2 revision 58.0 OBS-URL: https://build.opensuse.org/package/show/network:ldap/openldap2?expand=0&rev=c84e3a07a1965871448e99f9013fb8a7 --- ...onfig-objectclass-inheritence-ITS-6408.dif | 55 ------ 0002-init-bindconf-TLS-settings-ITS-6419.dif | 162 ------------------ ...imit-changes-to-all-databases-ITS-6428.dif | 135 --------------- openldap-2.4.20.tar.bz2 | 3 - openldap-2.4.21.tar.bz2 | 3 + openldap-rc.tgz | 4 +- openldap2-client.changes | 18 ++ openldap2-client.spec | 14 +- openldap2.changes | 18 ++ openldap2.spec | 14 +- 10 files changed, 47 insertions(+), 379 deletions(-) delete mode 100644 0001-back-config-objectclass-inheritence-ITS-6408.dif delete mode 100644 0002-init-bindconf-TLS-settings-ITS-6419.dif delete mode 100644 0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif delete mode 100644 openldap-2.4.20.tar.bz2 create mode 100644 openldap-2.4.21.tar.bz2 diff --git a/0001-back-config-objectclass-inheritence-ITS-6408.dif b/0001-back-config-objectclass-inheritence-ITS-6408.dif deleted file mode 100644 index 775edcd..0000000 --- a/0001-back-config-objectclass-inheritence-ITS-6408.dif +++ /dev/null @@ -1,55 +0,0 @@ -From 49921a1e1a1832f9461d800eeeaee30f12864441 Mon Sep 17 00:00:00 2001 -From: Ralf Haferkamp -Date: Tue, 8 Dec 2009 12:13:39 +0100 -Subject: [PATCH 1/3] back-config objectclass inheritence (ITS#6408) - -bnc#558059 ---- - servers/slapd/bconfig.c | 12 ++++++------ - 1 files changed, 6 insertions(+), 6 deletions(-) - -diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c -index c903458..d43e927 100644 ---- a/servers/slapd/bconfig.c -+++ b/servers/slapd/bconfig.c -@@ -4932,10 +4932,10 @@ config_add_internal( CfBackInfo *cfb, Entry *e, ConfigArgs *ca, SlapReply *rs, - ok: - /* Newly added databases and overlays need to be started up */ - if ( CONFIG_ONLINE_ADD( ca )) { -- if ( colst[0]->co_type == Cft_Database ) { -+ if ( coptr->co_type == Cft_Database ) { - rc = backend_startup_one( ca->be, &ca->reply ); - -- } else if ( colst[0]->co_type == Cft_Overlay ) { -+ } else if ( coptr->co_type == Cft_Overlay ) { - if ( ca->bi->bi_db_open ) { - BackendInfo *bi_orig = ca->be->bd_info; - ca->be->bd_info = ca->bi; -@@ -4961,7 +4961,7 @@ ok: - ce->ce_parent = last; - ce->ce_entry = entry_dup( e ); - ce->ce_entry->e_private = ce; -- ce->ce_type = colst[0]->co_type; -+ ce->ce_type = coptr->co_type; - ce->ce_be = ca->be; - ce->ce_bi = ca->bi; - ce->ce_private = ca->ca_private; -@@ -5006,12 +5006,12 @@ ok: - - done: - if ( rc ) { -- if ( (colst[0]->co_type == Cft_Database) && ca->be ) { -+ if ( (coptr->co_type == Cft_Database) && ca->be ) { - if ( ca->be != frontendDB ) - backend_destroy_one( ca->be, 1 ); -- } else if ( (colst[0]->co_type == Cft_Overlay) && ca->bi ) { -+ } else if ( (coptr->co_type == Cft_Overlay) && ca->bi ) { - overlay_destroy_one( ca->be, (slap_overinst *)ca->bi ); -- } else if ( colst[0]->co_type == Cft_Schema ) { -+ } else if ( coptr->co_type == Cft_Schema ) { - schema_destroy_one( ca, colst, nocs, last ); - } - } --- -1.6.4.2 - diff --git a/0002-init-bindconf-TLS-settings-ITS-6419.dif b/0002-init-bindconf-TLS-settings-ITS-6419.dif deleted file mode 100644 index 11a8fca..0000000 --- a/0002-init-bindconf-TLS-settings-ITS-6419.dif +++ /dev/null @@ -1,162 +0,0 @@ -From d14434499207d1f0ca4686ce46787056b23b4d2c Mon Sep 17 00:00:00 2001 -From: Ralf Haferkamp -Date: Tue, 8 Dec 2009 13:36:17 +0100 -Subject: [PATCH 2/3] init bindconf TLS settings (ITS#6419) - -bnc#558397 ---- - servers/slapd/config.c | 71 +++++++++++++++++++++++++++++++++++++++++---- - servers/slapd/slap.h | 8 +++++ - servers/slapd/syncrepl.c | 4 ++ - 3 files changed, 76 insertions(+), 7 deletions(-) - -diff --git a/servers/slapd/config.c b/servers/slapd/config.c -index be5a2f7..171e968 100644 ---- a/servers/slapd/config.c -+++ b/servers/slapd/config.c -@@ -1210,8 +1210,32 @@ static slap_verbmasks versionkey[] = { - { BER_BVNULL, 0 } - }; - -+static int -+slap_sb_uri( -+ struct berval *val, -+ void *bcp, -+ slap_cf_aux_table *tab0, -+ const char *tabmsg, -+ int unparse ) -+{ -+ slap_bindconf *bc = bcp; -+ if ( unparse ) { -+ if ( bc->sb_uri.bv_len >= val->bv_len ) -+ return -1; -+ val->bv_len = bc->sb_uri.bv_len; -+ AC_MEMCPY( val->bv_val, bc->sb_uri.bv_val, val->bv_len ); -+ } else { -+ bc->sb_uri = *val; -+#ifdef HAVE_TLS -+ if ( ldap_is_ldaps_url( val->bv_val )) -+ bc->sb_tls_do_init = 1; -+#endif -+ } -+ return 0; -+} -+ - static slap_cf_aux_table bindkey[] = { -- { BER_BVC("uri="), offsetof(slap_bindconf, sb_uri), 'b', 1, NULL }, -+ { BER_BVC("uri="), 0, 'x', 1, slap_sb_uri }, - { BER_BVC("version="), offsetof(slap_bindconf, sb_version), 'i', 0, versionkey }, - { BER_BVC("bindmethod="), offsetof(slap_bindconf, sb_method), 'i', 0, methkey }, - { BER_BVC("timeout="), offsetof(slap_bindconf, sb_timeout_api), 'i', 0, NULL }, -@@ -1224,21 +1248,20 @@ static slap_cf_aux_table bindkey[] = { - { BER_BVC("authcID="), offsetof(slap_bindconf, sb_authcId), 'b', 1, NULL }, - { BER_BVC("authzID="), offsetof(slap_bindconf, sb_authzId), 'b', 1, (slap_verbmasks *)authzNormalize }, - #ifdef HAVE_TLS -- { BER_BVC("starttls="), offsetof(slap_bindconf, sb_tls), 'i', 0, tlskey }, -- - /* NOTE: replace "13" with the actual index - * of the first TLS-related line */ - #define aux_TLS (bindkey+13) /* beginning of TLS keywords */ - -+ { BER_BVC("starttls="), offsetof(slap_bindconf, sb_tls), 'i', 0, tlskey }, - { BER_BVC("tls_cert="), offsetof(slap_bindconf, sb_tls_cert), 's', 1, NULL }, - { BER_BVC("tls_key="), offsetof(slap_bindconf, sb_tls_key), 's', 1, NULL }, - { BER_BVC("tls_cacert="), offsetof(slap_bindconf, sb_tls_cacert), 's', 1, NULL }, - { BER_BVC("tls_cacertdir="), offsetof(slap_bindconf, sb_tls_cacertdir), 's', 1, NULL }, -- { BER_BVC("tls_reqcert="), offsetof(slap_bindconf, sb_tls_reqcert), 's', 1, NULL }, -- { BER_BVC("tls_cipher_suite="), offsetof(slap_bindconf, sb_tls_cipher_suite), 's', 1, NULL }, -- { BER_BVC("tls_protocol_min="), offsetof(slap_bindconf, sb_tls_protocol_min), 's', 1, NULL }, -+ { BER_BVC("tls_reqcert="), offsetof(slap_bindconf, sb_tls_reqcert), 's', 0, NULL }, -+ { BER_BVC("tls_cipher_suite="), offsetof(slap_bindconf, sb_tls_cipher_suite), 's', 0, NULL }, -+ { BER_BVC("tls_protocol_min="), offsetof(slap_bindconf, sb_tls_protocol_min), 's', 0, NULL }, - #ifdef HAVE_OPENSSL_CRL -- { BER_BVC("tls_crlcheck="), offsetof(slap_bindconf, sb_tls_crlcheck), 's', 1, NULL }, -+ { BER_BVC("tls_crlcheck="), offsetof(slap_bindconf, sb_tls_crlcheck), 's', 0, NULL }, - #endif - #endif - { BER_BVNULL, 0, 0, 0, NULL } -@@ -1330,6 +1353,20 @@ slap_cf_aux_table_parse( const char *word, void *dst, slap_cf_aux_table *tab0, L - - rc = lutil_atoulx( ulptr, val, 0 ); - break; -+ -+ case 'x': -+ if ( tab->aux != NULL ) { -+ struct berval value; -+ slap_cf_aux_table_parse_x *func = (slap_cf_aux_table_parse_x *)tab->aux; -+ -+ ber_str2bv( val, 0, 1, &value ); -+ -+ rc = func( &value, (void *)((char *)dst + tab->off), tab, tabmsg, 0 ); -+ -+ } else { -+ rc = 1; -+ } -+ break; - } - - if ( rc ) { -@@ -1420,6 +1457,26 @@ slap_cf_aux_table_unparse( void *src, struct berval *bv, slap_cf_aux_table *tab0 - ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), "%lu", *ulptr ); - break; - -+ case 'x': -+ *ptr++ = ' '; -+ ptr = lutil_strcopy( ptr, tab->key.bv_val ); -+ if ( tab->quote ) *ptr++ = '"'; -+ if ( tab->aux != NULL ) { -+ struct berval value; -+ slap_cf_aux_table_parse_x *func = (slap_cf_aux_table_parse_x *)tab->aux; -+ int rc; -+ -+ value.bv_val = ptr; -+ value.bv_len = buf + sizeof( buf ) - ptr; -+ -+ rc = func( &value, (void *)((char *)src + tab->off), tab, "(unparse)", 1 ); -+ if ( rc == 0 ) { -+ ptr += value.bv_len; -+ } -+ } -+ if ( tab->quote ) *ptr++ = '"'; -+ break; -+ - default: - assert( 0 ); - } -diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h -index 076b898..210f6ba 100644 ---- a/servers/slapd/slap.h -+++ b/servers/slapd/slap.h -@@ -1630,6 +1630,14 @@ typedef struct slap_cf_aux_table { - void *aux; - } slap_cf_aux_table; - -+typedef int -+slap_cf_aux_table_parse_x LDAP_P(( -+ struct berval *val, -+ void *bc, -+ slap_cf_aux_table *tab0, -+ const char *tabmsg, -+ int unparse )); -+ - #define SLAP_LIMIT_TIME 1 - #define SLAP_LIMIT_SIZE 2 - -diff --git a/servers/slapd/syncrepl.c b/servers/slapd/syncrepl.c -index fb1001f..bf84556 100644 ---- a/servers/slapd/syncrepl.c -+++ b/servers/slapd/syncrepl.c -@@ -4060,6 +4060,10 @@ parse_syncrepl_line( - { - val = c->argv[ i ] + STRLENOF( PROVIDERSTR "=" ); - ber_str2bv( val, 0, 1, &si->si_bindconf.sb_uri ); -+#ifdef HAVE_TLS -+ if ( ldap_is_ldaps_url( val )) -+ si->si_bindconf.sb_tls_do_init = 1; -+#endif - si->si_got |= GOT_PROVIDER; - } else if ( !strncasecmp( c->argv[ i ], SCHEMASTR "=", - STRLENOF( SCHEMASTR "=" ) ) ) --- -1.6.4.2 - diff --git a/0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif b/0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif deleted file mode 100644 index 1ccc518..0000000 --- a/0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif +++ /dev/null @@ -1,135 +0,0 @@ -From ed86ffeec8ac01f9bc8ed531e5205a924c4a2979 Mon Sep 17 00:00:00 2001 -From: ralf -Date: Thu, 10 Dec 2009 10:56:52 +0000 -Subject: [PATCH 3/3] apply global limit changes to all databases (ITS#6428) - -bnc#562184 ---- - servers/slapd/bconfig.c | 90 ++++++++++++++++++++++++++++++++++++++++------ - 1 files changed, 78 insertions(+), 12 deletions(-) - -diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c -index d43e927..ae15224 100644 ---- a/servers/slapd/bconfig.c -+++ b/servers/slapd/bconfig.c -@@ -2208,14 +2208,23 @@ config_sizelimit(ConfigArgs *c) { - rc = 1; - return rc; - } else if ( c->op == LDAP_MOD_DELETE ) { -- /* Reset to defaults */ -- lim->lms_s_soft = SLAPD_DEFAULT_SIZELIMIT; -- lim->lms_s_hard = 0; -- lim->lms_s_unchecked = -1; -- lim->lms_s_pr = 0; -- lim->lms_s_pr_hide = 0; -- lim->lms_s_pr_total = 0; -- return 0; -+ /* Reset to defaults or values from frontend */ -+ if ( c->be == frontendDB ) { -+ lim->lms_s_soft = SLAPD_DEFAULT_SIZELIMIT; -+ lim->lms_s_hard = 0; -+ lim->lms_s_unchecked = -1; -+ lim->lms_s_pr = 0; -+ lim->lms_s_pr_hide = 0; -+ lim->lms_s_pr_total = 0; -+ } else { -+ lim->lms_s_soft = frontendDB->be_def_limit.lms_s_soft; -+ lim->lms_s_hard = frontendDB->be_def_limit.lms_s_hard; -+ lim->lms_s_unchecked = frontendDB->be_def_limit.lms_s_unchecked; -+ lim->lms_s_pr = frontendDB->be_def_limit.lms_s_pr; -+ lim->lms_s_pr_hide = frontendDB->be_def_limit.lms_s_pr_hide; -+ lim->lms_s_pr_total = frontendDB->be_def_limit.lms_s_pr_total; -+ } -+ goto ok; - } - for(i = 1; i < c->argc; i++) { - if(!strncasecmp(c->argv[i], "size", 4)) { -@@ -2240,6 +2249,34 @@ config_sizelimit(ConfigArgs *c) { - lim->lms_s_hard = 0; - } - } -+ -+ok: -+ if ( ( c->be == frontendDB ) && ( c->ca_entry ) ) { -+ /* This is a modification to the global limits apply it to -+ * the other databases as needed */ -+ AttributeDescription *ad=NULL; -+ const char *text = NULL; -+ slap_str2ad(c->argv[0], &ad, &text); -+ /* if we got here... */ -+ assert( ad != NULL ); -+ -+ CfEntryInfo *ce = c->ca_entry->e_private; -+ if ( ce->ce_type == Cft_Global ){ -+ ce = ce->ce_kids; -+ } -+ for (; ce; ce=ce->ce_sibs) { -+ Entry *dbe = ce->ce_entry; -+ if ( (ce->ce_type == Cft_Database) && (ce->ce_be != frontendDB) -+ && (!attr_find(dbe->e_attrs, ad)) ) { -+ ce->ce_be->be_def_limit.lms_s_soft = lim->lms_s_soft; -+ ce->ce_be->be_def_limit.lms_s_hard = lim->lms_s_hard; -+ ce->ce_be->be_def_limit.lms_s_unchecked =lim->lms_s_unchecked; -+ ce->ce_be->be_def_limit.lms_s_pr =lim->lms_s_pr; -+ ce->ce_be->be_def_limit.lms_s_pr_hide =lim->lms_s_pr_hide; -+ ce->ce_be->be_def_limit.lms_s_pr_total =lim->lms_s_pr_total; -+ } -+ } -+ } - return(0); - } - -@@ -2259,10 +2296,15 @@ config_timelimit(ConfigArgs *c) { - rc = 1; - return rc; - } else if ( c->op == LDAP_MOD_DELETE ) { -- /* Reset to defaults */ -- lim->lms_t_soft = SLAPD_DEFAULT_TIMELIMIT; -- lim->lms_t_hard = 0; -- return 0; -+ /* Reset to defaults or values from frontend */ -+ if ( c->be == frontendDB ) { -+ lim->lms_t_soft = SLAPD_DEFAULT_TIMELIMIT; -+ lim->lms_t_hard = 0; -+ } else { -+ lim->lms_t_soft = frontendDB->be_def_limit.lms_t_soft; -+ lim->lms_t_hard = frontendDB->be_def_limit.lms_t_hard; -+ } -+ goto ok; - } - for(i = 1; i < c->argc; i++) { - if(!strncasecmp(c->argv[i], "time", 4)) { -@@ -2287,6 +2329,30 @@ config_timelimit(ConfigArgs *c) { - lim->lms_t_hard = 0; - } - } -+ -+ok: -+ if ( ( c->be == frontendDB ) && ( c->ca_entry ) ) { -+ /* This is a modification to the global limits apply it to -+ * the other databases as needed */ -+ AttributeDescription *ad=NULL; -+ const char *text = NULL; -+ slap_str2ad(c->argv[0], &ad, &text); -+ /* if we got here... */ -+ assert( ad != NULL ); -+ -+ CfEntryInfo *ce = c->ca_entry->e_private; -+ if ( ce->ce_type == Cft_Global ){ -+ ce = ce->ce_kids; -+ } -+ for (; ce; ce=ce->ce_sibs) { -+ Entry *dbe = ce->ce_entry; -+ if ( (ce->ce_type == Cft_Database) && (ce->ce_be != frontendDB) -+ && (!attr_find(dbe->e_attrs, ad)) ) { -+ ce->ce_be->be_def_limit.lms_t_soft = lim->lms_t_soft; -+ ce->ce_be->be_def_limit.lms_t_hard = lim->lms_t_hard; -+ } -+ } -+ } - return(0); - } - --- -1.6.4.2 - diff --git a/openldap-2.4.20.tar.bz2 b/openldap-2.4.20.tar.bz2 deleted file mode 100644 index b06b6c0..0000000 --- a/openldap-2.4.20.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:af0f2ceb0fbabd866bf25bc6ea2013d4bf0510d84f6d4bcde25c8f0c270b411c -size 4417900 diff --git a/openldap-2.4.21.tar.bz2 b/openldap-2.4.21.tar.bz2 new file mode 100644 index 0000000..ef5bbfc --- /dev/null +++ b/openldap-2.4.21.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:7140bb913a95765134daf5ee17254d938f54c981790d328e6cd3ca7ad6cea915 +size 4421498 diff --git a/openldap-rc.tgz b/openldap-rc.tgz index 23ac3a6..8bf11d9 100644 --- a/openldap-rc.tgz +++ b/openldap-rc.tgz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:a60bf6d97e216bb27fa522cc1cb68e2954e8da05c6ddcf86b5e938ad311a279d -size 4461 +oid sha256:c44c098dd07e2d1a8cc01559d61373af59d226225f27716e933052a80a39ee97 +size 4487 diff --git a/openldap2-client.changes b/openldap2-client.changes index df58381..3608616 100644 --- a/openldap2-client.changes +++ b/openldap2-client.changes @@ -1,3 +1,21 @@ +------------------------------------------------------------------- +Thu Jan 7 15:47:20 UTC 2010 - rhafer@novell.com + +- Updated to 2.4.21: + * Fixed liblutil for negative microsecond offsets (ITS#6405) + * Fixed slapd global settings to work without restart (ITS#6428) + * Fixed slapd looping with SSL/TLS connections (ITS#6412) + * Fixed slapd syncrepl freeing tasks from queue (ITS#6413) + * Fixed slapd syncrepl parsing of tls defaults (ITS#6419) + * Fixed slapd syncrepl uninitialized variables (ITS#6425) + * Fixed slapd-config Adds with Abstract classes (ITS#6408) + * Fixed slapo-dynlist behavior with simple filters (ITS#6421) + * Fixed slapd-ldif access outside database directory (ITS#6414) + * Fixed slapo-translucent with back-null (ITS#6403) + * Fixed slapo-unique criteria checking (ITS#6270) +- removed some obsolete RPM dependencies +- Added missing tags to init script to silence rpmlint warnings + ------------------------------------------------------------------- Thu Dec 10 15:41:11 UTC 2009 - rhafer@novell.com diff --git a/openldap2-client.spec b/openldap2-client.spec index 7afb3ef..469b0bc 100644 --- a/openldap2-client.spec +++ b/openldap2-client.spec @@ -1,7 +1,7 @@ # -# spec file for package openldap2-client (Version 2.4.20) +# spec file for package openldap2-client (Version 2.4.21) # -# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -27,14 +27,12 @@ BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-de %if %sles_version == 10 BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-devel %endif -Version: 2.4.20 +Version: 2.4.21 Release: 1 Url: http://www.openldap.org License: BSD3c(or similar) ; openldap 2.8 %if "%{name}" == "openldap2" Group: Productivity/Networking/LDAP/Clients -Provides: ldap2 openldap2-back-ldap openldap2-back-monitor -Obsoletes: openldap2-back-ldap openldap2-back-monitor Conflicts: openldap Requires: libldap-2_4-2 = %{version} PreReq: %insserv_prereq %fillup_prereq /usr/sbin/useradd /usr/sbin/groupadd /usr/bin/grep @@ -61,9 +59,6 @@ Patch4: ldapi_url.dif Patch6: libldap-gethostbyname_r.dif Patch7: pie-compile.dif Patch11: slapd-bconfig-del-db.dif -Patch12: 0001-back-config-objectclass-inheritence-ITS-6408.dif -Patch13: 0002-init-bindconf-TLS-settings-ITS-6419.dif -Patch14: 0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif Patch100: openldap-2.3.37.dif Patch200: slapd_getaddrinfo_dupl.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -184,9 +179,6 @@ Authors: %patch7 %endif %patch11 -%patch12 -p1 -%patch13 -p1 -%patch14 -p1 %if %suse_version == 1100 %patch200 -p1 %endif diff --git a/openldap2.changes b/openldap2.changes index df58381..3608616 100644 --- a/openldap2.changes +++ b/openldap2.changes @@ -1,3 +1,21 @@ +------------------------------------------------------------------- +Thu Jan 7 15:47:20 UTC 2010 - rhafer@novell.com + +- Updated to 2.4.21: + * Fixed liblutil for negative microsecond offsets (ITS#6405) + * Fixed slapd global settings to work without restart (ITS#6428) + * Fixed slapd looping with SSL/TLS connections (ITS#6412) + * Fixed slapd syncrepl freeing tasks from queue (ITS#6413) + * Fixed slapd syncrepl parsing of tls defaults (ITS#6419) + * Fixed slapd syncrepl uninitialized variables (ITS#6425) + * Fixed slapd-config Adds with Abstract classes (ITS#6408) + * Fixed slapo-dynlist behavior with simple filters (ITS#6421) + * Fixed slapd-ldif access outside database directory (ITS#6414) + * Fixed slapo-translucent with back-null (ITS#6403) + * Fixed slapo-unique criteria checking (ITS#6270) +- removed some obsolete RPM dependencies +- Added missing tags to init script to silence rpmlint warnings + ------------------------------------------------------------------- Thu Dec 10 15:41:11 UTC 2009 - rhafer@novell.com diff --git a/openldap2.spec b/openldap2.spec index a7c1181..c7a86e9 100644 --- a/openldap2.spec +++ b/openldap2.spec @@ -1,7 +1,7 @@ # -# spec file for package openldap2 (Version 2.4.20) +# spec file for package openldap2 (Version 2.4.21) # -# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -27,14 +27,12 @@ BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-de %if %sles_version == 10 BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-devel %endif -Version: 2.4.20 +Version: 2.4.21 Release: 1 Url: http://www.openldap.org License: BSD3c(or similar) ; openldap 2.8 %if "%{name}" == "openldap2" Group: Productivity/Networking/LDAP/Clients -Provides: ldap2 openldap2-back-ldap openldap2-back-monitor -Obsoletes: openldap2-back-ldap openldap2-back-monitor Conflicts: openldap Requires: libldap-2_4-2 = %{version} PreReq: %insserv_prereq %fillup_prereq /usr/sbin/useradd /usr/sbin/groupadd /usr/bin/grep @@ -61,9 +59,6 @@ Patch4: ldapi_url.dif Patch6: libldap-gethostbyname_r.dif Patch7: pie-compile.dif Patch11: slapd-bconfig-del-db.dif -Patch12: 0001-back-config-objectclass-inheritence-ITS-6408.dif -Patch13: 0002-init-bindconf-TLS-settings-ITS-6419.dif -Patch14: 0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif Patch100: openldap-2.3.37.dif Patch200: slapd_getaddrinfo_dupl.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -184,9 +179,6 @@ Authors: %patch7 %endif %patch11 -%patch12 -p1 -%patch13 -p1 -%patch14 -p1 %if %suse_version == 1100 %patch200 -p1 %endif