openldap2/openldap2-client.spec

1454 lines
57 KiB
RPMSpec

#
# spec file for package openldap2-client (Version 2.4.12)
#
# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# norootforbuild
Name: openldap2-client
BuildRequires: cyrus-sasl-devel db-devel openslp-devel openssl-devel tcpd-devel
%if %sles_version == 9
BuildRequires: -pwdutils
%endif
%if %sles_version == 10
BuildRequires: -db-devel -pwdutils libdb-4_5-devel
%endif
Version: 2.4.12
Release: 3
Url: http://www.openldap.org
License: BSD 3-Clause
%if "%{name}" == "openldap2"
Group: Productivity/Networking/LDAP/Clients
Provides: ldap2 openldap2-back-ldap openldap2-back-monitor
Obsoletes: openldap2-back-ldap openldap2-back-monitor
Conflicts: openldap
Requires: libldap-2_4-2 = %{version}
PreReq: %insserv_prereq %fillup_prereq /usr/sbin/useradd /usr/sbin/groupadd /usr/bin/grep
Summary: OpenLDAP Client Utilities
%else
Group: Productivity/Networking/LDAP/Clients
Conflicts: openldap-client
Summary: OpenLDAP Client Utilities
%endif
AutoReqProv: on
Source: openldap-%{version}.tar.bz2
Source1: openldap-rc.tgz
Source2: addonschema.tar.gz
Source3: DB_CONFIG
Source4: sasl-slapd.conf
Source5: README.update
Source100: openldap-2.3.37.tar.bz2
Patch: openldap2.dif
Patch1: secpatch.dif
Patch2: slapd_conf.dif
Patch3: ldap_conf.dif
Patch4: ldapi_url.dif
Patch6: libldap-gethostbyname_r.dif
Patch7: pie-compile.dif
Patch9: openldap2-add-gnu-source.diff
Patch11: slapd-bconfig-del-db.dif
Patch13: slapd-bdb-stop-checkpoint.dif
Patch14: slapo-collect-include.dif
Patch15: libldap_ctrl_lderrno.dif
Patch16: slapd-privdb-config-its5736.dif
Patch17: slapo-chain-dangling-its5742.dif
Patch18: slapd-db-close-error-its5745.dif
Patch19: slapo-syncprov-skip-its5709.dif
Patch100: openldap-2.3.37.dif
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
This package contains the OpenLDAP client utilities.
Authors:
--------
The OpenLDAP Project <project@openldap.org>
%if "%{name}" == "openldap2"
%package -n openldap2-back-perl
License: BSD 3-Clause
Summary: OpenLDAP Perl Back-End
Requires: openldap2 = %{version} perl = %{perl_version}
AutoReqProv: on
Group: Productivity/Networking/LDAP/Servers
%description -n openldap2-back-perl
The OpenLDAP Perl back-end allows you to execute Perl code specific to
different LDAP operations.
Authors:
--------
The OpenLDAP Project <project@openldap.org>
%package -n openldap2-back-meta
License: BSD 3-Clause
Summary: OpenLDAP Meta Back-End
Requires: openldap2 = %{version}
AutoReqProv: on
Group: Productivity/Networking/LDAP/Servers
Provides: openldap2:/usr/share/man/man5/slapd-meta.5.gz
%description -n openldap2-back-meta
The OpenLDAP Meta back-end is able to perform basic LDAP proxying with
respect to a set of remote LDAP servers. The information contained in
these servers can be presented as belonging to a single Directory
Information Tree (DIT).
Authors:
--------
The OpenLDAP Project <project@openldap.org>
%else
%package -n openldap2-devel
License: BSD 3-Clause; openldap 2.8
Summary: Libraries, Header Files and Documentation for OpenLDAP
AutoReqProv: on
Conflicts: openldap-devel
Requires: libldap-2_4-2 = %{version} cyrus-sasl-devel openssl-devel
Group: Development/Libraries/C and C++
%description -n openldap2-devel
This package provides the OpenLDAP libraries, header files, and
documentation.
Authors:
--------
The OpenLDAP Project <project@openldap.org>
%package -n libldap-2_4-2
License: BSD 3-Clause; openldap 2.8
Summary: OpenLDAP Client Libraries
AutoReqProv: on
Group: Productivity/Networking/LDAP/Clients
%description -n libldap-2_4-2
This package contains the OpenLDAP client libraries.
Authors:
--------
The OpenLDAP Project <project@openldap.org>
%endif
%prep
%setup -q -n openldap-%{version} -a1 -a2 -b100
%patch
%patch1
%patch2
%patch3
%patch4
%patch6
%if %suse_version > 920
%patch7
%endif
%patch9 -p1
%patch11
%patch13
%patch14 -p1
%patch15
%patch16
%patch17
%patch18
%patch19
cp %{SOURCE5} .
cd ../openldap-2.3.37
%patch100
%build
%{?suse_update_config:%{suse_update_config -f build}}
libtoolize --force
autoreconf
export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -DLDAP_DEPRECATED -DLDAP_CONNECTIONLESS -DSLAP_CONFIG_DELETE"
./configure --prefix=/usr \
--exec-prefix=/usr \
--sysconfdir=%{_sysconfdir} \
--localstatedir=/var/run/slapd \
--libexecdir=/usr/lib/openldap \
--libdir=%{_libdir} \
--mandir=%{_mandir} \
--enable-wrappers \
--enable-aclgroups \
--enable-spasswd \
--enable-modules \
--enable-shared \
--enable-dynamic \
--with-tls \
--with-cyrus-sasl \
--enable-crypt \
--enable-ipv6=yes \
%if "%{name}" == "openldap2"
--enable-aci \
--enable-bdb \
--enable-hdb \
--enable-ldbm \
--enable-rewrite \
--enable-ldap=yes \
--enable-meta=mod \
--enable-monitor=yes \
--enable-perl=mod \
--enable-slp \
--enable-overlays=yes \
%else
--disable-slapd \
%endif
--enable-lmpasswd \
--with-yielding-select
make depend
make %{?jobs:-j%jobs}
%if "%{name}" == "openldap2"
# build a static slapcat binary from the OpenLDAP 2.3 release
# to be able to update existing databases
cd ../openldap-2.3.37
%{?suse_update_config:%{suse_update_config -f build}}
libtoolize --force
#aclocal -I build
autoreconf
export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -DLDAP_DEPRECATED"
./configure --prefix=/usr --exec-prefix=/usr --sysconfdir=/etc \
--localstatedir=/var/run/slapd --libexecdir=/usr/lib/openldap \
--libdir=%{_libdir} --mandir=%{_mandir} --enable-aci \
--enable-hdb --enable-bdb --enable-ldbm --enable-crypt \
--enable-ipv6=no \
--enable-ldap --enable-monitor --enable-meta --enable-rewrite \
--enable-dynamic=no --enable-shared=no
make depend
make %{?jobs:-j%jobs}
%endif
%check
# calculate the base port to be use in the test-suite
SLAPD_BASEPORT=10000
if [ -f /.buildenv ] ; then
. /.buildenv
SLAPD_BASEPORT=$(($SLAPD_BASEPORT + ${BUILD_INCARNATION:-0} * 10))
fi
export SLAPD_BASEPORT
%ifnarch %arm alpha
rm -f tests/scripts/test019-syncreplication-cascade
rm -f tests/scripts/test023-refint
rm -f tests/scripts/test022-ppolicy
rm -f tests/scripts/test033-glue-syncrepl
rm -f tests/scripts/test036-meta-concurrency
rm -f tests/scripts/test039-glue-ldap-concurrency
rm -f tests/scripts/test043-delta-syncrepl
rm -f tests/scripts/test045-syncreplication-proxied
rm -f tests/scripts/test048-syncrepl-multiproxy
rm -f tests/scripts/test050-syncrepl-multimaster
make SLAPD_DEBUG=0 test
%endif
%install
mkdir -p $RPM_BUILD_ROOT/etc/init.d
mkdir -p $RPM_BUILD_ROOT/usr/sbin
make DESTDIR=$RPM_BUILD_ROOT install
install -m 755 rc.ldap $RPM_BUILD_ROOT/etc/init.d/ldap
ln -sf ../../etc/init.d/ldap $RPM_BUILD_ROOT/usr/sbin/rcldap
mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/openldap/slapd.d
mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/sasl2
install -m 644 %{SOURCE4} $RPM_BUILD_ROOT/%{_sysconfdir}/sasl2/slapd.conf
install -m 755 -d $RPM_BUILD_ROOT/var/lib/ldap
chmod a+x $RPM_BUILD_ROOT/%{_libdir}/liblber.so*
chmod a+x $RPM_BUILD_ROOT/%{_libdir}/libldap_r.so*
chmod a+x $RPM_BUILD_ROOT/%{_libdir}/libldap.so*
%if "%{name}" == "openldap2"
mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates
install -m 644 sysconfig.openldap $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.openldap
install -m 644 *.schema $RPM_BUILD_ROOT/etc/openldap/schema
install -m 644 %{SOURCE3} $RPM_BUILD_ROOT/var/lib/ldap/DB_CONFIG
install -m 644 $RPM_BUILD_ROOT/etc/openldap/DB_CONFIG.example $RPM_BUILD_ROOT/var/lib/ldap/DB_CONFIG.example
install -d $RPM_BUILD_ROOT/etc/sysconfig/SuSEfirewall2.d/services/
install -m 644 SuSEfirewall2.openldap $RPM_BUILD_ROOT/etc/sysconfig/SuSEfirewall2.d/services/openldap
rm -f `find doc/guide ! -name *.html -a ! -name *.gif -a ! -name *.png -a ! -type d`
rm -rf doc/guide/release
rm -f $RPM_BUILD_ROOT/etc/openldap/DB_CONFIG.example
rm -f $RPM_BUILD_ROOT/etc/openldap/schema/README
rm -f $RPM_BUILD_ROOT/var/run/slapd/openldap-data/DB_CONFIG.example
# install 2.3 slapcat
install -m 755 ../openldap-2.3.37/servers/slapd/slapcat $RPM_BUILD_ROOT/usr/sbin/openldap-2.3-slapcat
%endif
rm -f $RPM_BUILD_ROOT/usr/lib/openldap/modules/*.a
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-dnssrv.5
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-ndb.5
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-null.5
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-passwd.5
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-shell.5
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-sock.5
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-sql.5
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-tcl.5
# Remove *.la files, libtool does not handle this correct
rm -f $RPM_BUILD_ROOT%{_libdir}/lib*.la
#put filelists into files
cat >openldap2.filelist <<EOF
/var/adm/fillup-templates/sysconfig.openldap
%config /etc/init.d/ldap
%config /etc/sysconfig/SuSEfirewall2.d/services/openldap
/usr/sbin/rcldap
/usr/sbin/slap*
/usr/sbin/openldap-2.3-slapcat
%dir /etc/openldap
%dir %attr(0770, ldap, ldap) /etc/openldap/slapd.d
%dir /etc/openldap/schema
%config /etc/openldap/schema/*.schema
%config /etc/openldap/schema/*.ldif
%config(noreplace) %attr(640, root, ldap) /etc/openldap/slapd.conf
%config(noreplace) %attr(640, ldap, ldap) /var/lib/ldap/DB_CONFIG
%config /var/lib/ldap/DB_CONFIG.example
%attr(640, root, ldap) /%{_sysconfdir}/openldap/slapd.conf.default
%config(noreplace) /etc/sasl2/slapd.conf
%dir /usr/lib/openldap
%dir /usr/lib/openldap/modules
/usr/lib/openldap/slapd
%dir %attr(0700, ldap, ldap) /var/lib/ldap
%dir %attr(0700, ldap, ldap) /var/run/slapd
%doc %{_mandir}/man8/sl*
%doc %{_mandir}/man5/slapd.*
%doc %{_mandir}/man5/slapd-bdb.*
%doc %{_mandir}/man5/slapd-config.*
%doc %{_mandir}/man5/slapd-hdb.*
%doc %{_mandir}/man5/slapd-ldbm.*
%doc %{_mandir}/man5/slapd-ldap.*
%doc %{_mandir}/man5/slapd-ldif.*
%doc %{_mandir}/man5/slapd-monitor.*
%doc %{_mandir}/man5/slapd-relay.*
%doc %{_mandir}/man5/slapo-*
%doc ANNOUNCEMENT COPYRIGHT INSTALL LICENSE README CHANGES
%doc doc/drafts doc/guide
%doc README.update
EOF
#
cat > openldap2-client.filelist <<EOF
%dir /etc/openldap
%config(noreplace) /etc/openldap/ldap.conf
/etc/openldap/ldap.conf.default
/usr/bin/ldapadd
/usr/bin/ldapcompare
/usr/bin/ldapdelete
/usr/bin/ldapexop
/usr/bin/ldapmodify
/usr/bin/ldapmodrdn
/usr/bin/ldapsearch
/usr/bin/ldappasswd
/usr/bin/ldapwhoami
%doc %{_mandir}/man1/ldap*
%doc %{_mandir}/man5/ldap.conf*
%doc %{_mandir}/man5/ldif.*
EOF
cat > libldap.filelist <<EOF
%{_libdir}/liblber*.so.*
%{_libdir}/libldap*.so.*
EOF
cat > openldap2-devel.filelist <<EOF
/usr/include/lber.h
/usr/include/lber_types.h
/usr/include/ldap*.h
/usr/include/slapi-plugin.h
%{_libdir}/liblber.a
%{_libdir}/liblber.so
%{_libdir}/libldap*.a
%{_libdir}/libldap*.so
%doc %{_mandir}/man3/ber*
%doc %{_mandir}/man3/lber*
%doc %{_mandir}/man3/ld_errno*
%doc %{_mandir}/man3/ldap*
EOF
cat > openldap2-back-perl.filelist <<EOF
/usr/lib/openldap/modules/back_perl*
%doc %{_mandir}/man5/slapd-perl.*
EOF
cat > openldap2-back-meta.filelist <<EOF
/usr/lib/openldap/modules/back_meta*
%doc %{_mandir}/man5/slapd-meta.*
EOF
#remove files from other spec file
%if "%{name}" == "openldap2"
cat openldap2-client.filelist libldap.filelist openldap2-devel.filelist |
%else
cat openldap2.filelist openldap2-back-perl.filelist openldap2-back-meta.filelist |
%endif
grep -v "%dir " |sed -e "s|^.* ||" |grep "^/" |while read name ; do
rm -rf $RPM_BUILD_ROOT$name
done
%if "%{name}" == "openldap2"
%pre
/usr/sbin/groupadd -g 70 -o -r ldap 2> /dev/null || :
/usr/sbin/useradd -r -o -g ldap -u 76 -s /bin/bash -c "User for OpenLDAP" -d \
/var/lib/ldap ldap 2> /dev/null || :
# try to figure out if a db update is needed
if [ ${1:-0} -gt 1 ] && [ -f /usr/lib/openldap/slapd ] &&
/usr/bin/strings /usr/lib/openldap/slapd | \
grep "slapd 2.3" 2>&1 > /dev/null;
then
# create a backup of the schema shipped with 2.3
# at least core.schema changed between 2.3 and 2.4
TEMPDIR=`mktemp -d /etc/openldap/schema.backup.XXXXXX`
echo "Schema backup created in $TEMPDIR"
cp -p --remove-destination /etc/openldap/schema/* $TEMPDIR
echo $TEMPDIR > /etc/openldap/UPDATE_NEEDED ;
fi
%post
if [ ${1:-0} -gt 1 ] && [ -f %{_libdir}/sasl2/slapd.conf ] ; then
cp /etc/sasl2/slapd.conf /etc/sasl2/slapd.conf.rpmnew
cp %{_libdir}/sasl2/slapd.conf /etc/sasl2/slapd.conf
fi
%{fillup_and_insserv -n openldap ldap}
%{remove_and_set -n openldap OPENLDAP_RUN_DB_RECOVER}
# convert database if needed
if [ -f /etc/openldap/UPDATE_NEEDED ] ; then
read SCHEMA_BACKUP < /etc/openldap/UPDATE_NEEDED
SLAPD_CONF=/etc/openldap/slapd.conf
sed -e "s;/etc/openldap/schema/;$SCHEMA_BACKUP/;g" \
< $SLAPD_CONF > $SCHEMA_BACKUP/slapd.conf.update
LOGFILE="slaptool.log"
BACKENDS=`grep ^database $SLAPD_CONF | awk '{print $2}'`
DIRECTORIES=(`grep ^directory $SLAPD_CONF | awk '{print $2}'`)
MSG=""
db_num=0
dir_num=0
restart=""
/etc/init.d/ldap status 2&>1 > /dev/null
if [ "$?" = "0" ]; then
/etc/init.d/ldap stop
restart="1"
fi
for i in $BACKENDS; do
db_num=$((db_num+1));
if [ "x$i" = "xbdb" ] || [ "x$i" = "xhdb" ] || [ "x$i" = "xldbm" ] ; then
db_dir=${DIRECTORIES[$dir_num]};
if [ -f $db_dir/id2entry.bdb ] || [ -f $db_dir/id2entry.dbb ] ; then
rm $db_dir/__db* ;
mkdir $db_dir/db_bak ;
echo "Dumping database to: $db_dir/ldapbak.ldif.$db_num" ;
/usr/sbin/openldap-2.3-slapcat -T c \
-f $SCHEMA_BACKUP/slapd.conf.update \
-n $db_num -l $db_dir/ldapbak.ldif.$db_num 2>> $db_dir/$LOGFILE;
if [ "x$i" = "xldbm" ] ; then
mv $db_dir/*.dbb $db_dir/db_bak/ ;
else
mv $db_dir/*.bdb $db_dir/db_bak/ ;
mv $db_dir/log.* $db_dir/db_bak/ ;
fi
mv $db_dir/alock $db_dir/db_bak/ ;
rm -f $db_dir/__db* ;
fi
dir_num=$((dir_num+1));
fi
done
db_num=0
dir_num=0
sed -i -e "s;ldbm;bdb;g" $SLAPD_CONF
for i in $BACKENDS; do
db_num=$((db_num+1));
if [ "x$i" = "xbdb" ] || [ "x$i" = "xhdb" ] || [ "x$i" = "xldbm" ] ; then
db_dir=${DIRECTORIES[$dir_num]};
if [ -s $db_dir/ldapbak.ldif.$db_num ] ; then
if [ `wc -l $db_dir/ldapbak.ldif.$db_num | awk '{print $1}'` -lt 2500000 ]; then
if [ "x$i" = "xldbm" ] ; then
echo "Converting $i database to bdb in $db_dir" ;
# Create default DB_CONFIG for better performance
echo "set_cachesize 0 15000000 1" > $db_dir/DB_CONFIG
echo "set_lg_regionmax 262144" >> $db_dir/DB_CONFIG
echo "set_lg_bsize 2097152" >> $db_dir/DB_CONFIG
echo "set_flags DB_LOG_AUTOREMOVE" >> $db_dir/DB_CONFIG
else
echo "Restoring $i database in $db_dir" ;
fi
slapadd -q -n $db_num -f $SLAPD_CONF -l $db_dir/ldapbak.ldif.$db_num 2>> $db_dir/$LOGFILE ;
if [ $? -ne 0 ]; then
MSG="$MSG\nFailed to restore database in $db_dir";
MSG="$MSG\nPlease restore manually from the LDIF dump $db_dir/ldapbak.ldif.$db_num\n";
else
rm -f $db_dir/ldapbak.ldif.$db_num
rm -rf $db_dir/db_bak/
fi
else
MSG="$MSG\nPlease restore the database in $db_dir manually by using";
MSG="$MSG\nslapadd with the LDIF dump $db_dir/ldapbak.ldif.$db_num\n";
fi
fi
dir_num=$((dir_num+1));
fi
done
if [ "$MSG" ] ; then
echo -e "$MSG";
else
rm -f /etc/openldap/UPDATE_NEEDED ;
if [ $restart ]; then
/etc/init.d/ldap start
fi
fi
fi
%preun
%stop_on_removal ldap
%postun
%restart_on_update ldap
%insserv_cleanup
%files -f openldap2.filelist
%defattr(-,root,root)
%files -n openldap2-back-perl -f openldap2-back-perl.filelist
%defattr(-,root,root)
%files -n openldap2-back-meta -f openldap2-back-meta.filelist
%defattr(-,root,root)
%else
%post -n libldap-2_4-2 -p /sbin/ldconfig
%postun -n libldap-2_4-2 -p /sbin/ldconfig
%files -f openldap2-client.filelist
%defattr(-,root,root)
%files -n libldap-2_4-2 -f libldap.filelist
%defattr(-,root,root)
%files -n openldap2-devel -f openldap2-devel.filelist
%defattr(-,root,root)
%endif
%changelog
* Wed Nov 05 2008 rhafer@suse.de
- Fixed database shutdown sequence (bnc#441774, ITS#5745)
* Tue Nov 04 2008 rhafer@suse.de
- Handle ldbm databases in updates from 2.3 release (bnc#440589)
* Thu Oct 23 2008 rhafer@suse.de
- the helper function to create various LDAP controls returned
wrong error codes under certain circumstances
(bnc#429064, ITS#5762)
- Fixed referral chasing in chain-overlay (bnc#438088, ITS#5742)
- Fixed back-config integration of overlays with private instances
of databases (translucent, chain, ...) (bnc#438094, ITS#5736)
* Mon Oct 13 2008 rhafer@suse.de
- Added missing #include to slapo-collect
* Sun Oct 12 2008 rhafer@suse.de
- Update to 2.4.12. Most important changes:
* Fixed libldap ldap_utf8_strchar arguments (ITS#5720)
* Fixed libldap TLS_CRLFILE (ITS#5677)
* Fixed librewrite memory handling (ITS#5691)
* Fixed slapd attribute leak (ITS#5683)
* Fixed slapd config backend with index greater than sibs (ITS#5684)
* Fixed slapd custom attribute inheritance (ITS#5642)
* Fixed slapd firstComponentMatch normalization (ITS#5634)
* Fixed slapd connection events enabled twice (ITS#5725)
* Fixed slapd memory handling (ITS#5691)
* Fixed slapd objectClass canonicalization (ITS#5681)
* Fixed slapd objectClass termination (ITS#5682)
* Fixed slapd overlay control registration (ITS#5649)
* Fixed slapd runqueue checking (ITS#5726)
* Fixed slapd sortvals comparison (ITS#5578)
* Fixed slapd syncrepl contextCSN detection (ITS#5675)
* Fixed slapd syncrepl error logging (ITS#5618)
* Fixed slapd syncrepl runqueue interval (ITS#5719)
* Fixed slapd-bdb entry return if attr not present (ITS#5650)
* Fixed slapd-bdb/hdb release search entries earlier (ITS#5728,ITS#5730)
* Fixed slapd-bdb/hdb subtree search with empty suffix (ITS#5729)
* Fixed slapo-memberof internal operations DN (ITS#5622)
* Fixed slapo-pcache attrset crash (ITS#5665)
* Fixed slapo-pcache caching with invalid schema (ITS#5680)
* Fixed slapo-ppolicy control return on password modify exop (ITS#5711)
- removed obsolete patches
* Mon Oct 06 2008 rhafer@suse.de
- remove some problematic test-cases, that cause a lot of
unreproducable buildfailures
- check for exisitence of /etc/openldap/slapd.conf in init-script
assume back-config usage if it isn't present (bnc#428168)
* Wed Sep 24 2008 rhafer@suse.de
- Mark Schema and SuSEfirewall files as %%config
- openldap2-back-perl requires perl
- Give more meaningful error messages when index configuration
fails (bnc#429150)
* Fri Sep 19 2008 rhafer@suse.de
- Reduced debug-level during "make test" to reduce required disk
space and buildtime
* Thu Sep 18 2008 rhafer@suse.de
- Fixed init-script dependencies (bnc#426214)
* Fri Sep 12 2008 rhafer@suse.de
- Backported fix for a crash in back-config when adding entries with
a too large index (ITS#5684)
- Backported fix for a crash when adding an invalid olcBdbConfig
Entry to back-config (ITS#5698)
* Tue Sep 09 2008 rhafer@suse.de
- Removed getaddrinfo workaround. Recent glibc doesn't need it
anymore (bnc#288879, ITS#5251)
- Server requires libldap of the same version.
* Mon Sep 08 2008 rhafer@suse.de
- Import back-config support for deleting databases from CVS HEAD
* Tue Sep 02 2008 rhafer@suse.de
- Dropped evolution specific ntlm-bind Patch (Fate#303480)
* Thu Aug 28 2008 rhafer@suse.de
- added ldapns.schema , to allow to use pam_ldap's "check_host_attr"
and "check_service_attr" features (bnc#419984)
- backport overlay_register_control fix from HEAD (bnc#420016,
ITS#5649)
* Mon Aug 18 2008 mrueckert@suse.de
- remove outdated options in the fillup_and_insserv call
* Mon Aug 18 2008 rhafer@suse.de
- fixed LSB-Headers in init-script
* Wed Aug 13 2008 ro@suse.de
- try to fix build for buildservice
(BUILD_INCARNATION can be empty)
* Mon Aug 11 2008 rhafer@suse.de
- /usr/lib/sasl2/slapd.conf was moved to /etc/sasl2/slapd.conf
(bnc#412652)
- adjust ownerships of database directories even when using
back-config
* Thu Jul 31 2008 rhafer@suse.de
- Enable back-config delete support
* Tue Jul 29 2008 rhafer@suse.de
- Update to Version 2.4.11. Most important changes:
* Fixed liblber ber_get_next length decoding (ITS#5580)
* Added libldap assertion control (ITS#5560)
* Fixed liblutil missing return code (ITS#5615)
* Fixed slapd cert serial number parsing (ITS#5588)
* Fixed slapd check for structural_class failures (ITS#5540)
* Fixed slapd config backend renumbering (ITS#5571)
* Fixed slapd configContext OID (ITS#5383)
* Fixed slapd crash with no listeners (ITS#5563)
* Fixed slapd sets memory leak (ITS#5557)
* Fixed slapd sortvals binary search (ITS#5578)
* Fixed slapd syncrepl updates with multiple masters (ITS#5597)
* Fixed slapd syncrepl superior objectClass delete/add (ITS#5600)
* Fixed slapd syncrepl/slapo-syncprov contextCSN updates as internal ops (ITS#5596)
* Fixed slapo-memberof replace handling (ITS#5584)
* Added slapo-nssov contrib module
* Fixed slapo-pcache handling of negative search caches (ITS#5546)
* Fixed slapo-ppolicy DNs with whitespaces (ITS#5552)
* Fixed slapo-ppolicy modify with internal ops (ITS#5569)
* Fixed slapo-syncprov ACL evaluation (ITS#5548)
* Fixed slapo-syncprov crash with delcsn (ITS#5589)
* Fixed slapo-syncprov full reload (ITS#5564)
* Fixed slapo-syncprov missing olcSpReloadHint attr(ITS#5591)
* Fixed slapo-unique filter normalization (ITS#5581)
* Mon Jun 30 2008 rhafer@suse.de
- Only apply -fPIE patch to recent Distributions
- removed -fPIE from the slapcat-2.3 build
- Adjust BuildRequires for older Distributions
* Fri Jun 27 2008 coolo@suse.de
- make sure the subpacks are only in one spec file declared
* Tue Jun 24 2008 rhafer@suse.de
- branched off libldap-2_4-2 package to support the shared library
packaging policy
* Wed Jun 11 2008 rhafer@suse.de
- Update to Version 2.4.10. Most important changes:
* Fixed libldap ld_defconn cleanup if it was freed (ITS#5518,
ITS#5525)
* Fixed libldap msgid handling (ITS#5318)
* Fixed libldap t61 infinite loop (ITS#5542)
* Fixed libldap_r missing stubs (ITS#5519)
* Fixed slapd initialization of sr_msgid, rs->sr_tag (ITS#5461)
* Fixed slapd missing termination of integerFilter keys
(ITS#5503)
* Fixed slapd multiple attrs in URI (ITS#5516)
* Fixed slapd sasl_ssf retrieval (ITS#5403)
* Fixed slapd socket assert (ITS#5489)
* Fixed slapd syncrepl cookie (ITS#5536)
* Fixed slapd-bdb/hdb MAXPATHLEN (ITS#5531)
* Fixed slapd-bdb indexing in single ADD/MOD (ITS#5521)
* Fixed slapd-ldap entry_get() op-dependent behavior (ITS#5513)
* Fixed slapd-meta quarantine crasher (ITS#5522)
* Fixed slapo-refint to allow setting modifiers name (ITS#5505)
* Fixed slapo-syncprov contextCSN passing on syncprov consumers
(ITS#5488)
* Fixed slapo-syncprov csn update with delta-syncrepl (ITS#5493)
* Fixed slapo-syncprov op2.o_extra reset (ITS#5501, #5506)
* Fixed slapo-syncprov searching wrong backend (ITS#5487)
* Fixed slapo-syncprov sending ops without queued CSNs (ITS#5465)
* Fixed slapo-syncprov max csn search on startup (ITS#5537)
* Fixed slapo-unique config structs (ITS#5526)
* Fixed slapo-unique filter terminator (ITS#5511)
* Fri May 16 2008 rhafer@suse.de
- Support update from 2.3 releases (bnc#390247)
* Thu May 08 2008 rhafer@suse.de
- Update to Version 2.4.9. Most important changes:
* Fixed libldap to use unsigned port (ITS#5436)
* Fixed libldap error message for missing close paren (ITS#5458)
* Fixed libldap_r tpool pause checks (ITS#5364, #5407)
* Fixed slapcat error checking (ITS#5387)
* Fixed slapd abstract objectClass inheritance check (ITS#5474)
* Fixed slapd add operations requiring naming attrs (ITS#5412)
* Fixed slapd connection handling (ITS#5469)
* Fixed slapd frontendDB backend selection (ITS#5419)
* Fixed slapd pagedresults stale state (ITS#5409)
* Fixed slapd pointer dereference (ITS#5388)
* Fixed slapd null argument dereference (ITS#5435)
* Fixed slapd REP_ENTRY flags (ITS#5340)
* Fixed slapd value list termination (ITS#5450)
* Fixed slapd-bdb ID_NOCACHE handling (ITS#5439)
* Fixed slapd-bdb entryinfo state if db_lock fails (ITS#5455)
* Fixed slapd-bdb referral rewrite (ITS#5339)
* Fixed slapd-config overlay stacking (ITS#5346)
* Fixed slapd-config attribute publishing (ITS#5383)
* Fixed slapd-ldap connection handler (ITS#5404)
* Fixed slapd-ldif file name handling & multi-suffix/dir catch
(ITS#5408)
* Fixed slapd-meta connections on error (ITS#5440)
* Fixed slapd-meta crash on search (ITS#5481)
* Various syncrepl fixes (ITS#5407, ITS#5413, ITS#5426, ITS#5430,
ITS#5432, ITS#5454, ITS#5397, ITS#5470)
* Various slapo-syncprov fixes (ITS#5401, ITS#5405, ITS#5418,
ITS#5486, ITS#5433, ITS#5434, ITS#5437, ITS#5444, ITS#5445,
ITS#5484, ITS#5451)
* Fri Apr 25 2008 rhafer@suse.de
- Adjust ownership of DB_CONFIG to ldap:ldap (bnc#376204)
* Thu Apr 10 2008 matz@suse.de
- Compile with glibc 2.8.
* Thu Apr 10 2008 ro@suse.de
- added baselibs.conf file to build xxbit packages
for multilib support
* Thu Apr 03 2008 rhafer@suse.de
- removed apparmor profile
* Mon Mar 03 2008 rhafer@suse.de
- revert last change and make libldap_r available again as some
packages seem to directly rely on libldap_r. Assume they know
of the libldap_r's limitations.
* Wed Feb 27 2008 rhafer@suse.de
- Moved libldap_r from -client subpackage to the main server
package as it is only meant to be used by slapd.
- Removed static libldap_r.a library and libldap_r.so link from
-devel subpackage. External programs should only use the "normal"
libldap library.
* Wed Feb 20 2008 rhafer@suse.de
- Update to Version 2.4.8. Most important changes:
* Fixed libldap extended decoding (ITS#5304)
* Fixed libldap filter abort (ITS#5300)
* Fixed libldap ldap_parse_sasl_bind_result (ITS#5263)
* Fixed libldap result codes for open (ITS#5338)
* Fixed libldap search timeout crash (ITS#5291)
* Fixed libldap paged results crash (ITS#5315)
* Fixed slapd support for 2.1 CSN (ITS#5348)
* Fixed slapd include handling (ITS#5276)
* Fixed slapd modrdn check for valid new DN (ITS#5344)
* Fixed slapd multi-step SASL binds (ITS#5298)
* Fixed slapd overlay ordering when moving to slapd.d (ITS#5284)
* Fixed slapd NULL printf (ITS#5264)
* Fixed slapd NULL set values (ITS#5286)
* Fixed slapd timestamp race condition (ITS#5370)
* Fixed slapd cn=config crash on delete (ITS#5343)
* Fixed slapd cn=config global acls (ITS#5352)
* Fixed slapd truncated cookie (ITS#5362)
* Fixed slapd str2entry with no attrs (ITS#5308)
* Fixed slapd TLSVerifyClient default (ITS#5360)
* Fixed slapd delta-syncrepl refresh mode (ITS#5376)
* Fixed slapd ACL sets URI attrs (ITS#5384)
* Fixed slapd invalid entryUUID filter (ITS#5386)
* Fixed slapd-bdb idlcache on adds (ITS#5086)
* Fixed slapd-bdb crash with modrdn (ITS#5358)
* Fixed slapd-bdb modrdn to same dn (ITS#5319)
* Fixed slapd-bdb MMR (ITS#5332)
* Fixed slapd-meta setting of sm_nvalues (ITS#5375)
* Fixed slapd-monitor crash (ITS#5311)
* Fixed slapo-ppolicy only password check with policy (ITS#5285)
* Fixed slapo-ppolicy del/replace password without new one (ITS#5373)
* Fixed slapo-syncprov hang on checkpoint (ITS#5261)
* Thu Jan 10 2008 rhafer@suse.de
- Removed bogus debugging output from slapd_getaddrinfo_dupl.dif
* Wed Jan 09 2008 rhafer@suse.de
- Fixed allocation for paged results cookie (Bug #352255, ITS#5315)
* Fri Dec 14 2007 rhafer@suse.de
- Update to Version 2.4.7. Most important changes:
* Added slapd ordered indexing of integer attributes (ITS#5239)
* Fixed slapd paged results control handling (ITS#5191)
* Fixed slapd sasl-host parsing (ITS#5209)
* Fixed slapd filter normalization (ITS#5212)
* Fixed slapd multiple suffix checking (ITS#5186)
* Fixed slapd paged results handling when using rootdn (ITS#5230)
* Fixed slapd syncrepl presentlist handling (ITS#5231)
* Fixed slapd core schema 'c' definition for RFC4519 (ITS#5236)
* Fixed slapd 3-way Multi-Master Replication (ITS#5238)
* Fixed slapd hash collisions in index slots (ITS#5183)
* Fixed slapd replication of dSAOperation attributes (ITS#5268)
* Fixed slapadd contextCSN updating (ITS#5225)
* Fixed slapd-bdb/hdb to report and fail on internal errors (ITS#5232)
* Fixed slapd-bdb/hdb dn2entry lock bug (ITS#5257)
* Fixed slapd-bdb/hdb dn2id lock bug (ITS#5262)
* Fixed slapd-hdb caching on rename ops (ITS#5221)
* Fixed slapo-accesslog abandoned op cleanup (ITS#5161)
* Fixed slapo-dds deleting from nonexistent db (ITS#5267)
* Fixed slapo-memberOf deleted values saving (ITS#5258)
* Fixed slapo-pcache op->o_abandon handling (ITS#5187)
* Fixed slapo-ppolicy single password check on modify (ITS#5146)
* Fixed slapo-ppolicy internal search (ITS#5235)
* Fixed slapo-syncprov refresh and persist cookie sending (ITS#5210)
* Fixed slapo-syncprov ignore invalid cookies (ITS#5211)
* Fixed slapo-translucent interaction with slapo-rwm (ITS#4889)
* Thu Nov 29 2007 rhafer@suse.de
- check for duplicates in getaddrinfo results and ignore them.
(Bug #288879)
* Tue Nov 27 2007 rhafer@suse.de
- The init-script removed directory access on /etc/openldap/slapd.d
(Bug #344091)
* Mon Nov 26 2007 rhafer@suse.de
- Update to Version 2.4.6. Initial 2.4 release for "general use".
New features:
* Usability/Manageability:
- More complete Documentation (manual pages and Admin Guide)
- dynamic configuration and monitoring improvments
* More functionality
- New overlays (dds, memberof, constraint)
- Multimaster syncrepl replication
* Performance improvments:
- Further optimized frontend
- Reduced locking contention in backend
- back-config support through new sysconfig option
"OPENLDAP_CONFIG_BACKEND"
- Install admin guide from the main tarball, to get rid of the
admin-guide tarball
- New sysconfig options:
* OPENLDAP_START_LDAP to allow to disable the ldap:// listener
* OPENLDAP_LDAPI_INTERFACES to specify the paths for the ldapi:///
listeners
* Mon Oct 29 2007 rhafer@suse.de
- Update to Version 2.3.39. Most important changes:
* Fixed slapd database/overlay config conflict (ITS#4848)
* Fixed slapd password_hash config order (ITS#5082)
* Fixed slapd slap_mods_check bug (ITS#5119)
* Fixed slapd ACL sets memory handling (ITS#4860,ITS#4873)
* Fixed slapd ordered values add normalization issue (ITS#5136)
* Fixed slapd-bdb DB_CONFIG conversion bug (ITS#5118)
* Fixed slapd-ldap search control parsing (ITS#5138)
* Fixed slapd-ldap SASL idassert w/o authcId
* Fixed slapd-ldif directory separators in DN (ITS#5172)
* Fixed slapd-meta conn caching on bind failure (ITS#5154)
* Fixed slapd-meta bind timeout assertion (ITS#5185)
* Fixed slapd-sql concurrency issue (ITS#5095)
* Fixed slapo-chain double-free (ITS#5137)
* Fixed slapo-pcache and -rwm interaction fix (ITS#4991)
* Fixed slapo-pcache non-null terminated array crasher (ITS#5163)
* Fixed slapo-rwm modlist handling (ITS#5124)
* Fixed slapo-rwm UUID in filter (ITS#5168)
* Fixed sasl SASL_SSF_EXTERNAL type (ITS#3864)
* Fixed liblber Windows x64 portability (ITS#5105)
* Fixed libldap ppolicy control creation (ITS#5103)
- Silenced some rpmlint warnings
* Wed Aug 22 2007 rhafer@suse.de
- Call "ldconfig" from %%post and %%postun in openldap2-client
(Bug #298297)
* Tue Jul 24 2007 rhafer@suse.de
- Update to Version 2.3.37. Most important changes:
* Fixed slapd-glue/syncprov interaction (ITS#4623)
* Fixed slapd-ldap search reference crash (ITS#5025)
* Fixed slapd-ldbm crash on Compare op (ITS#5044)
* Fixed slapo-rwm searchFilter double free (ITS#5043)
- Most important changes in 2.3.36:
* Fixed slapd mutex bug after failed startup (ITS#4957)
* Fixed slapd sasl failed Bind bug (ITS#4954)
* Fixed slapd sasl ssf logging (ITS#5001)
* Fixed slapd tool op init (ITS#4911)
* Fixed slapd-bdb no-op crasher (ITS#4925)
* Fixed slapd-relay crash when no database can be selected (ITS#4958)
* Fixed slapo-chain RFC3062 passwd exop handling (ITS#4964)
* Fixed slapo-dynlist multiple group/url[/member] config (ITS#4989)
* Fixed slapo-pcache handling of abandoned Operations (#5015)
* Fixed slapo-pcache and -rwm interaction (ITS#4991)
* Fixed slapo-ppolicy pwdReset/pwdMinAge (ITS#4970)
* Fixed slapo-ppolicy control cleanup from ITS#4665
* Fixed slapo-syncprov cookie parsing error (ITS#4977)
* Fixed slapo-valsort crash on delete op (ITS#4966)
* Fixed libldap referral chasing loop (ITS#4955)
* Fixed libldap response code handling on rebind (ITS#4924)
* Fixed libldap SASL_MAX_BUFF_SIZE (ITS#4935)
* Wed Jun 13 2007 dmueller@suse.de
- remove binutils prereq
* Mon May 21 2007 dmueller@suse.de
- reduce duplicated buildrequires against db42 and db45
* Tue May 15 2007 rhafer@suse.de
- imported apparmor profile from apparmor (this profile is not
enabled by default)
* Fri May 04 2007 rhafer@suse.de
- Update to Version 2.3.35. Most important changes:
* Fixed ldapmodify to use correct memory free functions (ITS#4901)
* Fixed slapd acl set minor typo (ITS#4874)
* Fixed slapd entry consistency check in str2entry2 (ITS#4852)
* Fixed slapd ldapi:// credential issue (ITS#4893)
* Fixed slapd str2anlist handling of undefined attrs/OCs (ITS#4854)
* Fixed slapd syncrepl delta-sync modlist free (ITS#4904)
* Added slapd syncrepl retry logging (ITS#4915)
* Fixed slapd zero-length IA5string handling (ITS#4823)
* Fixed slapd-bdb/hdb startup with missing shm env (ITS#4851)
* Fixed slapd-ldap/meta consistency in referral proxying (ITS#4861)
* Fixed slapd-ldap bind cleanup in case of unauthorized idassert
* Fixed slapd-meta search cleanup
* Fixed slapd-meta/slapo-rwm filter mapping
* Fixed slapd-sql subtree shortcut (ITS#4856)
* Fixed slapo-dynlist crasher (ITS#4891)
* Fixed slapo-refint config message (ITS#4853)
* Fixed libldap time_t signedness (ITS#4872)
* Fixed libldap_r tpool reset (ITS#4855,#4899)
* Wed May 02 2007 dmueller@suse.de
- Fix comparison with string literal
* Wed Apr 18 2007 schwab@suse.de
- Fix generation of debuginfo packages.
* Tue Mar 20 2007 rguenther@suse.de
- removed krb5-devel BuildRequires (support via cyrus-sasl)
* Thu Mar 15 2007 rhafer@suse.de
- added Service definitions for SuSEfirewall2 (Bug #251654)
* Thu Feb 22 2007 rhafer@suse.de
- Updated to Version 2.3.34. Most important changes:
* Fixed libldap missing get_option(TLS CipherSuite) (ITS#4815)
* Fixed ldapmodify printing error from ldap_result() (ITS#4812)
* Fixed slapadd LDIF parsing (ITS#4817)
* Fixed slapd libltdl link ordering (ITS#4830)
* Fixed slapd syncrepl memory leaks (ITS#4805)
* Fixed slapd dynacl/ACI compatibility with 2.1
* Fixed slapd-bdb/hdb be_entry_get with aliases/referrals
(ITS#4810)
* Fixed slapd-ldap more response handling bugs (ITS#4782)
* Fixed slapd-ldap C-API code tests (ITS#4808)
* Fixed slapd-monitor NULL printf (ITS#4811)
* Fixed slapo-chain spurious additional info in response
(ITS#4828)
* Fixed slapo-syncprov presence list (ITS#4813)
* Fixed slapo-syncprov contextCSN checkpoint again (ITS#4720)
* Added slapo-ppolicy cn=config support (ITS#4836)
* Added slapo-auditlog cn=config support
* Fri Jan 26 2007 rhafer@suse.de
- Updated to Version 2.3.33. Most important changes:
* Fixed slapd-ldap chase-referrals switch (ITS#4557)
* Fixed slapd-ldap bind behavior when idassert is always used
(ITS#4781)
* Fixed slapd-ldap response handling bugs (ITS#4782)
* Fixed slapd-ldap idassert mode=self anonymous ops (ITS#4798)
* Fixed slapd-ldap/meta privileged connections handling
(ITS#4791)
* Fixed slapd-meta retrying (ITS#4594, 4762)
* Fixed slapo-chain referral DN use (ITS#4776)
* Fixed slapo-dynlist dangling pointer after entry free
(ITS#4801)
* Fixed libldap ldap_pvt_put_filter syntax checks (ITS#4648)
* Fri Jan 12 2007 rhafer@suse.de
- Updated to Version 2.3.32. Most important changes:
* Fixed libldap unchased referral leak (ITS#4545)
* Fixed libldap tls callback (ITS#4723)
* Fixed slapd memleak on failed bind (ITS#4771)
* Fixed slapd connections_shutdown assert
* Fixed slapd add redundant duplicate value check (ITS#4600)
* Fixed slapd ACL set memleak (ITS#4780)
* Fixed slapd syncrepl shutdown hang (ITS#4790)
* Fri Nov 17 2006 rhafer@suse.de
- Fix for a flaw in libldap's strval2strlen() function when processing the
authcid string of certain Bind Requests, which could allow attackers to
cause an affected application to crash (especially the OpenLDAP Server),
creating a denial of service condition (Bug#221154,ITS#4740)
* Tue Nov 14 2006 rhafer@suse.de
- Additional back-perl fixes from CVS. The first revision of the
patch did not fix the problem completely (Bug#207618, ITS#4751)
* Fri Oct 27 2006 rhafer@suse.de
- cyrus-sasl configuration moved from %%{_libdir}/sasl2 to
/etc/sasl2/ (Bug: #206414)
* Wed Oct 04 2006 rhafer@suse.de
- Add $network to Should-Start/Should-Stop in init scripts
(Bug: #206823)
- Imported latest back-perl changes from CVS, to fix back-perl
initialization (Bug: #207618)
* Tue Aug 22 2006 rhafer@suse.de
- Updated to Version 2.3.27
* Fixed libldap dnssrv bug with "not present" positive statement
(ITS#4610)
* Fixed libldap dangling pointer issue (ITS#4405)
* Fixed slapd incorrect rebuilding of replica URI (ITS#4633)
* Fixed slapd DN X.509 normalization crash (ITS#4644)
* Fixed slapd-monitor operations order via callbacks (ITS#4631)
* Fixed slapo-accesslog purge task during shutdown
* Fixed slapo-ppolicy handling of default policy (ITS#4634)
* Fixed slapo-ppolicy logging verbosity when using default policy
* Fixed slapo-syncprov incomplete sync on restart issues (ITS#4622)
* Wed Aug 02 2006 rhafer@suse.de
- Updated to Version 2.3.25
* Add libldap_r TLS concurrency workaround (ITS#4583)
* Fixed slapd acl selfwrite bug (ITS#4587)
* Fixed various syncrepl and slapo-syncprov bugs (ITS#4582, 4622,
4534,4613, 4589)
* Fixed slapd-bdb/hdb lock bug with virtual root (ITS#4572)
* Fixed slapd-bdb/hdb modrdn new entry disappearing bug (ITS#4616)
* Fixed slapd-bdb/hdb cache job issue
* Fixed slapo-ppolicy password hashing bug (ITS#4575)
* Fixed slapo-ppolicy password modify pwdMustChange reset bug (ITS#4576)
* Fixed slapo-ppolicy control can be critical (ITS#4596)
- Enabled CLDAP (LDAP over UDP) support
* Mon Jun 26 2006 rhafer@suse.de
- Updated to Version 2.3.24
* Fixed slapd syncrepl timestamp bug (delta-sync/cascade)
(ITS#4567)
* Fixed slapd-bdb/hdb non-root users adding suffix/root entries
(ITS#4552)
* Re-fixed slapd-ldap improper free bug in exop (ITS#4550)
* Fixed slapd-ldif assert bug (ITS#4568)
* Fixed slapo-syncprov crash under glued database (ITS#4562)
- cleaned up SLES10 update specific stuff
- added "chain-return-error" feature from HEAD to chain overlay
(ITS#4570)
* Thu Jun 22 2006 schwab@suse.de
- Don't use automake macros without using automake.
* Wed May 24 2006 rhafer@suse.de
- Updated to Version 2.3.23
* obsoletes the patches: libldap_ads-sasl-gssapi.dif,
slapd-epollerr.dif
* Fixed slapd-ldap improper free bug (ITS#4550)
* Fixed libldap referral input destroy issue (ITS#4533)
* Fixed libldap ldap_sort_entries tail bug (ITS#4536)
* Fixed slapd runqueue use of freed memory (ITS#4517)
* Fixed slapd thread pool init issue (ITS#4513)
* Fixed slapd-bdb/hdb pre/post-read freeing (ITS#4532)
* Fixed slapd-bdb/hdb pre/post-read unavailable issue (ITS#4538)
* Fixed slapd-bdb/hdb referral issue (ITS#4548)
* Fixed slapo-ppolicy BER tags issue (ITS#4528)
* Fixed slapo-ppolicy rebind bug (ITS#4516)
* For more details see the CHANGES file
- Install CHANGES file to /usr/share/doc/packages/openldap2
* Wed May 10 2006 rhafer@suse.de
- Really apply the patch for Bug#160566
- slapd could crash while processing queries with pre-/postread
controls (Bug#173877, ITS#4532)
* Fri Mar 24 2006 rhafer@suse.de
- Backported fix from CVS for occasional crashes in referral
chasing code (as used in e.g. back-meta/back-ldap).
(Bug: #160566, ITS: #4448)
* Mon Mar 13 2006 rhafer@suse.de
- openldap2 must obsolete -back-monitor and -back-ldap to have them
removed during update (Bug: #157576)
* Fri Feb 17 2006 rhafer@suse.de
- Add "external" to the list of supported SASL mechanisms
(Bug: #151771)
* Thu Feb 16 2006 rhafer@suse.de
- Error out when conversion from old configfile to config database
fails (Bug: #135484,#135490 ITS: #4407)
* Mon Feb 13 2006 rhafer@suse.de
- Don't ignore non-read/write epoll events (Bug: #149993,
ITS: #4395)
- Added update message to /usr/share/update-messages/en/ and enable
it, when update did not succeed.
* Thu Feb 09 2006 rhafer@suse.de
- OPENLDAP_CHOWN_DIRS honors databases defined in include files
(Bug: #135473)
- Fixed version numbers in README.update
- Fixed GSSAPI binds against Active Directory (Bug: #149390)
* Fri Feb 03 2006 rhafer@suse.de
- Cleaned up update procedure
- man-pages updates and fixes (Fate: #6365)
* Fri Jan 27 2006 rhafer@suse.de
- Updated to 2.3.19 (Bug #144371)
* Fri Jan 27 2006 mls@suse.de
- converted neededforbuild to BuildRequires
* Wed Jan 25 2006 rhafer@suse.de
- Updated Admin Guide to latest version
- build slapcat from openldap-2.2.24 and install it to
/usr/sbin/openldap-2.2-slapcat to be able to migrate from
OpenLDAP 2.2.
- removed slapd-backbdb-dbupgrade which is no longer needed
- attempt to dump/reload bdb databases in %%{post}
- Update notes in README.update
* Fri Jan 13 2006 rhafer@suse.de
- New sysconfig variable OPENLDAP_KRB5_KEYTAB
- Cleanup in default configuration and init scripts
* Wed Jan 11 2006 rhafer@suse.de
- Updated to 2.3.17
- Remove OPENLDAP_RUN_DB_RECOVER from sysconfig file in %%post
slapd does now automatically recover the database if needed
- Removed unneeded README.SuSE
- Small adjustments to the default DB_CONFIG file
* Mon Jan 09 2006 rhafer@suse.de
- Updated to 2.3.16
* Mon Dec 19 2005 rhafer@suse.de
- Fixed filelist (slapd-hdb man-page was missing)
* Fri Dec 09 2005 rhafer@suse.de
- Fixed build on x86_64
* Wed Dec 07 2005 rhafer@suse.de
- Merged -back-ldap and -back-monitor subpackages into the main
package and don't build them as dynamic modules anymore.
- updated to OpenLDAP 2.3.13
* Mon Nov 28 2005 rhafer@suse.de
- updated to OpenLDAP 2.3.12
* Wed Oct 26 2005 rhafer@suse.de
- updated to OpenLDAP 2.3.11
- removed the "LDAP_DEPRECATED" workaround
* Mon Sep 26 2005 rhafer@suse.de
- Add "LDAP_DEPRECATED" to ldap.h for now
* Fri Sep 23 2005 rhafer@suse.de
- updated to OpenLDAP 2.3.7
* Tue Aug 16 2005 rhafer@suse.de
- allow start_tls while chasing referrals (Bug #94355, ITS #3791)
* Mon Jul 04 2005 rhafer@suse.de
- devel-subpackage requires openldap2-client of the same version
(Bugzilla: #93579)
* Thu Jun 30 2005 uli@suse.de
- build with -fPIE (not -fpie) to avoid GOT overflow on s390*
* Wed Jun 22 2005 rhafer@suse.de
- build the server packages with -fpie/-pie
* Wed Jun 15 2005 rhafer@suse.de
- updated to 2.2.27
* Wed May 25 2005 rhafer@suse.de
- libldap-gethostbyname_r.dif: Use gethostbyname_r instead of
gethostbyname in libldap. Should fix host lookups through
nss_ldap (Bugzilla: #76173)
* Fri May 13 2005 rhafer@suse.de
- Updated to 2.2.26
- made /%%{_libdir}]/sasl2/slapd.conf %%config(noreplace)
* Thu Apr 28 2005 rhafer@suse.de
- Added /%%{_libdir}]/sasl2/slapd.conf to avoid warnings about
unconfigured OTP mechanism (Bugzilla: #80588)
* Tue Apr 12 2005 rhafer@suse.de
- added minimal timeout to startproc in init-script to let it
report the "failed" status correctly in case of misconfiguration
(Bugzilla: #76393)
* Mon Apr 04 2005 rhafer@suse.de
- crl-check.dif: Implements CRL checking on client and server side
- use different base ports for differnt values of BUILD_INCARNATION
(/.buildenv) to allow parallel runs of the test-suite on a single
machine
* Mon Apr 04 2005 uli@suse.de
- force yielding-select test to yes (test occasionally hangs QEMU)
* Fri Apr 01 2005 uli@suse.de
- disable test suite on ARM (hangs QEMU)
* Tue Mar 29 2005 rhafer@suse.de
- updated to 2.2.24
- enabled back-hdb
* Wed Mar 02 2005 rhafer@suse.de
- syncrepl.dif: merged latest syncrepl fixes (Bugzilla: #65928)
- libldap-reinit-fdset.dif: Re-init fd_sets when select is
interupted (Bugzilla #50076, ITS: #3524)
* Thu Feb 17 2005 rhafer@suse.de
- checkproc_before_recover.dif: Check if slapd is stopped before
running db_recover from the init script. (Bugzilla: #50962)
* Tue Feb 01 2005 rhafer@suse.de
- Cleanup back-bdb databases in %%post, db-4.3 changed the
transaction log format again.
- cosmetic fixes in init script
* Tue Jan 25 2005 rhafer@suse.de
- updated to 2.2.23
- cleaned up #neededforbuild
- package should also build on older SuSE Linux releases now
- increased killproc timeout in init-script (Bugzilla: #47227)
* Thu Jan 13 2005 rhafer@suse.de
- updated to 2.2.20
- Removed unneeded dependencies
* Fri Dec 10 2004 kukuk@suse.de
- don't install *.la files
* Wed Nov 10 2004 rhafer@suse.de
- updated to 2.2.18
- use kerberos-devel-packages in neededforbuild
* Fri Sep 24 2004 ro@suse.de
- re-arranged specfile to sequence (header (package/descr)* rest)
so the checking parser is not confused ...
* Fri Sep 24 2004 rhafer@suse.de
- Added pre_checkin.sh to generate a separate openldap2-client
spec-file from which the openldap2-client and openldap2-devel
subpackages are built. Should reduce build time for libldap as
the test-suite is only executed in openldap2.spec.
* Fri Sep 10 2004 rhafer@suse.de
- libldap-result.dif: ldapsearch was hanging in select() when
retrieving results from eDirectory through a StartTLS protected
connection (Bugzilla #44942)
* Mon Aug 09 2004 dobey@suse.de
- added ntlm support
* Tue Aug 03 2004 rhafer@suse.de
- updated to 2.2.16
- Updated ACLs in slapd_conf.dif to disable default read access
to the "userPKCS12" Attribute
- rc-check-conn.diff: When starting slapd wait until is accepts
connections, or 10 seconds at maximum (Bugzilla #41354)
- Backported -o slp={on|off} feature from OpenLDAP Head and added
new sysconfig variable (OPENLDAP_REGISTER_SLP) to be able
to switch SLP registration on and off. (Bugzilla #39865)
- removed unneeded README.update
* Fri Apr 30 2004 rhafer@suse.de
- updated to 2.2.11
- remove SLES8 update specific stuff
- Bugzilla #39652: Updated slapd_conf.dif to contain basic access
control
- Bugzilla #39468: Added missing items to yast.schema
- fixed strict-aliasing compiler warnings (strict-aliasing.dif)
* Thu Apr 29 2004 coolo@suse.de
- build with several jobs if available
* Mon Apr 19 2004 rhafer@suse.de
- ldapi_url.dif: Fixed paths for LDAPI-socket, pid-file and
args-file (Bugzilla #38790)
- ldbm_modrdn.dif: Fixed back-ldbm modrdn indexing bug (ITS #3059,
Bugzilla #38915)
- modify_check_duplicates.dif: check for duplicate attribute
values in modify requests (ITS #3066/#3097, Bugzilla #38607)
- updated and renamed yast2userconfig.schema to yast.schema as it
contains more that only user configuration now
- syncrepl.dif: addtional fixes for syncrepl (ITS #3055, #3056)
- test_syncrepl_timeout: increased sleep timeout in syncrepl
testsuite
* Thu Apr 01 2004 rhafer@suse.de
- added "TLS_REQCERT allow" to /etc/openldap/ldap.conf, to make
START_TLS work without access to the CA Certificate.
(Bugzilla: #37393)
* Fri Mar 26 2004 rhafer@suse.de
- fixed filelist
- check-build.sh (build on kernel >= 2.6.4 hosts only)
- yast2user.schema / slapd.conf fixed (#37076)
- don't check for TLS-options is init-script anymore (#33560)
- fixed various typos in README.update
* Wed Mar 17 2004 rhafer@suse.de
- fixed build of openldap-2.1-slapcat (using correct db41 include
files, build backends as on sles8)
- attempt to update bdb database and reindex ldbm database in %%{post}
- Update notes in README.update
- better default configuration (including default DB_CONFIG file)
- misc updates for the YaST schema
- fixed crasher in syncrepl-code (syncrepl.dif)
* Tue Mar 16 2004 schwab@suse.de
- Fix type mismatch.
* Tue Mar 02 2004 rhafer@suse.de
- updated to 2.2.6
- build a openldap-2.1-slapcat from 2.1.25 sources to be able to
migrate from SLES8 and SL 9.0
* Thu Feb 19 2004 ro@suse.de
- added check-build.sh (build on 2.6 hosts only)
* Thu Feb 05 2004 rhafer@suse.de
- updated to 2.2.5
- adjusted rfc2307bis.schema to support UTF-8 values in most
attributes
- enabled proxycache-overlay (wiht fix to work with back-ldbm)
* Tue Jan 13 2004 rhafer@suse.de
- updated to 2.2.4
- updated Admin Guide to most recent version
* Sat Jan 10 2004 adrian@suse.de
- add %%defattr
- fix build as user
* Mon Dec 08 2003 rhafer@suse.de
- updated to 2.1.25
- small fixes for the YaST user schema
* Tue Nov 11 2003 rhafer@suse.de
- enabled SLP-support
* Fri Oct 17 2003 kukuk@suse.de
- Remove unused des from neededforbuild
* Tue Sep 02 2003 mt@suse.de
- Bugzilla #29859: fixed typo in sysconfig metadata,
usage of OPENLDAP_LDAPS_INTERFACES in init script
- added /usr/lib/sasl2/slapd.conf permissions handling
- added sysconfig variable OPENLDAP_SLAPD_PARAMS=""
to support additional slapd start parameters
- added sysconfig variable OPENLDAP_START_LDAPI=NO/yes
for ldapi:/// (LDAP over IPC) URLs
* Thu Aug 14 2003 rhafer@suse.de
- added activation metadata to sysconfig template (Bugzilla #28911)
- removed lint from specfile
* Thu Aug 07 2003 rhafer@suse.de
- added %%stop_on_removal and %%restart_on_update calls
- bdb_addcnt.dif fixes a possible endless loop in id2entry()
- addonschema.tar.gz: some extra Schema files (YaST, RFC2307bis)
* Wed Jul 16 2003 rhafer@suse.de
- removed fillup_only and call fillup_and_insserv correctly
- new Options in sysconfig.openldap: OPENLDAP_LDAP_INTERFACES,
OPENLDAP_LDAPS_INTERFACES and OPENLDAP_RUN_DB_RECOVER
* Tue Jul 01 2003 rhafer@suse.de
- updated to 2.1.22
- updated Admin Guide to most recent version
- build librewrite with -fPIC
* Mon Jun 16 2003 rhafer@suse.de
- updated to 2.1.21
* Wed Jun 11 2003 ro@suse.de
- fixed requires lines
* Mon May 26 2003 rhafer@suse.de
- don't link back-ldap against librewrite.a, it's already linked
into slapd (package should build on non-i386 Archs again)
* Fri May 23 2003 rhafer@suse.de
- fixed dynamic build of back-ldap
- new subpackage back-ldap
* Tue May 20 2003 rhafer@suse.de
- updated to version 2.1.20
- enabled dynamic backend modules
- new subpackages back-perl, back-meta and back-monitor
- remove unpacked files from BuildRoot
* Fri May 09 2003 rhafer@suse.de
- updated to version 2.1.19
* Tue Apr 15 2003 ro@suse.de
- fixed requires for devel-package ...
* Tue Apr 15 2003 ro@suse.de
- fixed neededforbuild
* Thu Feb 13 2003 kukuk@suse.de
- Enable IPv6 again
* Tue Feb 11 2003 rhafer@suse.de
- added /etc/openldap to filelist
* Mon Feb 03 2003 rhafer@suse.de
- switch default backend to ldbm
* Sun Feb 02 2003 ro@suse.de
- fixed requires for devel package (cyrus-sasl2-devel)
* Fri Jan 31 2003 rhafer@suse.de
- liblber.dif: Fixes two bugs in liblber by which remote attackers
could crash the LDAP server (Bugzilla #22469, OpenLDAP ITS #2275
and #2280)
* Tue Jan 14 2003 choeger@suse.de
- build using sasl2
* Mon Jan 13 2003 rhafer@suse.de
- updated to version 2.1.12
- added metadata to sysconfig template (Bug: #22666)
* Thu Nov 28 2002 rhafer@suse.de
- updated to version 2.1.8
- added additional fix of 64bit archs
- added secpatch.dif to fix setuid issues in libldap
* Fri Sep 06 2002 rhafer@suse.de
- fix for Bugzilla ID #18981, chown to OPENLDAP_USER didn't work
with multiple database backend directories
* Mon Sep 02 2002 rhafer@suse.de
- removed damoenstart_ipv6.diff and disabled IPv6 support due to
massive problems with nss_ldap
* Mon Aug 26 2002 rhafer@suse.de
- ldap_user.dif: slapd is now run a the user/group ldap (Bugzilla
ID#17697)
* Fri Aug 23 2002 rhafer@suse.de
- updated to version 2.1.4, which fixes tons of bugs
- added damoenstart_ipv6.diff (slapd was not starting when
configured to listen on IPv4 and IPv6 interfaces, as done by the
start script)
- added README.SuSE with some hints about the bdb-backend
- updated filelist to include only the man pages of the backends,
that were built
* Thu Aug 15 2002 rhafer@suse.de
- removed termcap and readline from neededforbuild
* Thu Aug 08 2002 rhafer@suse.de
- enabled {CRYPT} passwords
- update filelist (added new manpages)
* Thu Jul 25 2002 rhafer@suse.de
- patches for 64 bit architectures
* Fri Jul 19 2002 rhafer@suse.de
- update to 2.1.3
* Fri Jul 05 2002 kukuk@suse.de
- fix openldap2-devel requires
* Thu Jul 04 2002 rhafer@suse.de
- switched back from cyrus-sasl2 to cyrus-sasl
* Wed Jul 03 2002 rhafer@suse.de
- updated to OpenLDAP 2.1.2
- added the OpenLDAP Administration Guide
- enabled additional backends (ldap, meta, monitor)
* Mon Jun 10 2002 olh@suse.de
- hack build/ltconfig to build shared libs on ppc64
* Wed Jun 05 2002 rhafer@suse.de
- created /etc/sysconfig/openldap and OPENLDAP_START_LDAPS variable
to enable ldap over ssl support
* Thu Mar 07 2002 rhafer@suse.de
- Fix for Bugzilla ID#14569 (added cyrus-sasl-devel openssl-devel
to the "Requires" Section of the -devel subpackage)
* Mon Feb 18 2002 rhafer@suse.de
- updated to the latest STABLE release (2.0.23) which fixes some
nasty bugs see ITS #1562,#1582,#1577,#1578
* Thu Feb 07 2002 rhafer@suse.de
- updated to the latest release (which fixes a index corruption
bug)
- cleanup in neededforbuild
- small fixes for the init-scripts
* Thu Jan 17 2002 rhafer@suse.de
- updated to the latest stable release (2.0.21)
* Wed Jan 16 2002 egmont@suselinux.hu
- removed periods and colons from startup/shutdown messages
* Tue Jan 15 2002 rhafer@suse.de
- updated to v2.0.20 (which fixes a security hole in ACL
processing)
* Fri Jan 11 2002 rhafer@suse.de
- converted archive to bzip2
- makes use of %%{_libdir} now
- set CFLAGS to -O0 for archs ia64, s390(x) and alpha otherwise
the test suite fails on these archs
- changed slapd.conf to store the database under /var/lib/ldap
(this patch was missing in the last versions by accident)
* Mon Jan 07 2002 rhafer@suse.de
- update to v2.0.19
* Thu Dec 06 2001 rhafer@suse.de
- eliminated START_LDAP, START_SLURPD variables in rc.config
- created separate init script for slurpd
- moved init scripts from dif to separate source tgz
* Fri Oct 26 2001 choeger@suse.de
- update to v2.0.18
* Mon Oct 15 2001 choeger@suse.de
- update to v2.0.17
added a sleep to the restart section
moved some manpages to the client package
* Mon Oct 01 2001 choeger@suse.de
- update to v2.0.15
* Wed Sep 12 2001 choeger@suse.de
- backported the full bugfix from openldap-2.0.14
* Tue Sep 11 2001 choeger@suse.de
- Bugfix for slurpd millionth second bug (ITS#1323)
* Mon Sep 10 2001 choeger@suse.de
- moved ldapfilter.conf ldaptemplates.conf ldapsearchprefs.conf
to openldap2-client package
* Mon Sep 03 2001 choeger@suse.de
- update to version 2.0.12
* Mon Jul 02 2001 choeger@suse.de
- bugfix: init script was not LSB compliant, Bugzilla ID#9072
* Tue Jun 19 2001 ro@suse.de
- fixed for autoconf again
* Fri Jun 15 2001 choeger@suse.de
- update to 2.0.11
- removed autoconf in specfile, because it doesn't work
* Wed May 23 2001 choeger@suse.de
- update to version 2.0.10 (minor fixes)
* Tue May 22 2001 choeger@suse.de
- update to version 2.0.9
* Mon Apr 23 2001 choeger@suse.de
- removed kerberos support
- added aci support
* Fri Apr 20 2001 choeger@suse.de
- added kerberos support
* Thu Apr 05 2001 choeger@suse.de
- moved section 5 and 8 manpages to the server part of package
* Wed Mar 14 2001 kukuk@suse.de
- Move *.so links into -devel package
- -devel requires -client
* Thu Mar 08 2001 choeger@suse.de
- split up into openldap2-client and -devel
* Tue Feb 27 2001 ro@suse.de
- changed neededforbuild <cyrus-sasl> to <cyrus-sasl cyrus-sasl-devel>
* Fri Feb 23 2001 ro@suse.de
- added readline/readline-devel to neededforbuild (split from bash)
* Thu Jan 04 2001 choeger@suse.de
- bugfix: slapd.conf rename /var/lib/openldap-ldbm to
/var/lib/ldap
init script: use $remote_fs
* Tue Jan 02 2001 olh@suse.de
- use script name in %%post
* Thu Dec 07 2000 choeger@suse.de
- bugfix from Andreas Jaeger:
workaround for glibc2.2, detach
* Fri Dec 01 2000 ro@suse.de
- hacked configure for apparently broken pthread
* Fri Dec 01 2000 ro@suse.de
- fixed spec
* Thu Nov 23 2000 choeger@suse.de
- made configs %%config(noreplace) (Bug 4112)
- fixed neededforbuild
* Wed Nov 22 2000 choeger@suse.de
- adopted new init scheme
* Wed Nov 15 2000 choeger@suse.de
- fixed neededforbuild
* Fri Nov 10 2000 choeger@suse.de
- added buildroot
* Tue Nov 07 2000 choeger@suse.de
- long package name
- new version, 2.0.7
* Fri Oct 06 2000 choeger@suse.de
- first package of openldap2 (v2.0.6)