forked from pool/openldap2
Accepting request 95567 from home:rhafer:branches:network:ldap
update to 2.4.28 OBS-URL: https://build.opensuse.org/request/show/95567 OBS-URL: https://build.opensuse.org/package/show/network:ldap/openldap2?expand=0&rev=76
This commit is contained in:
parent
0f87dd1131
commit
5d47a20f54
@ -1,4 +1,4 @@
|
||||
From 43a8df1cab3f7bafb34b3356833779e6e2f0eaf1 Mon Sep 17 00:00:00 2001
|
||||
From ada0d25f62670b502166ce05fce29beb9d86ce96 Mon Sep 17 00:00:00 2001
|
||||
From: Ralf Haferkamp <rhafer@suse.de>
|
||||
Date: Wed, 16 Jun 2010 14:04:07 +0200
|
||||
Subject: build-adjustments
|
||||
@ -20,7 +20,7 @@ index 66ac3bf..f09e0c3 100644
|
||||
sharedstatedir = @sharedstatedir@
|
||||
sysconfdir = @sysconfdir@$(ldap_subdir)
|
||||
diff --git a/configure.in b/configure.in
|
||||
index 0872d81..225647b 100644
|
||||
index e7e5a7e..ef9d4f5 100644
|
||||
--- a/configure.in
|
||||
+++ b/configure.in
|
||||
@@ -69,7 +69,9 @@ dnl Determine host platform
|
||||
@ -35,5 +35,5 @@ index 0872d81..225647b 100644
|
||||
AC_SUBST(VERSION)dnl
|
||||
AC_DEFINE_UNQUOTED(OPENLDAP_PACKAGE,"$PACKAGE",Package)
|
||||
--
|
||||
1.7.3.4
|
||||
1.7.7
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 3a5f7ce7960e64d49ad104cc9abc7941b454d933 Mon Sep 17 00:00:00 2001
|
||||
From dc422b3d677b7bb9c0699d40623def4dc93d54f0 Mon Sep 17 00:00:00 2001
|
||||
From: Ralf Haferkamp <rhafer@suse.de>
|
||||
Date: Wed, 16 Jun 2010 14:05:49 +0200
|
||||
Subject: slapd.conf
|
||||
@ -93,5 +93,5 @@ index 4938b85..9caf292 100644
|
||||
# Indices to maintain
|
||||
index objectClass eq
|
||||
--
|
||||
1.7.3.4
|
||||
1.7.7
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
From c5b25d50557bb79a54654699d47af29342157ad9 Mon Sep 17 00:00:00 2001
|
||||
From daab8464b7e9269012c22566ff8406122cc1f19b Mon Sep 17 00:00:00 2001
|
||||
From: Ralf Haferkamp <rhafer@suse.de>
|
||||
Date: Wed, 16 Jun 2010 14:06:42 +0200
|
||||
Subject: LDAPI socket location
|
||||
@ -18,5 +18,5 @@ index 426d7f6..9a21f98 100644
|
||||
/*
|
||||
* SLAPD DEFINITIONS
|
||||
--
|
||||
1.7.3.4
|
||||
1.7.7
|
||||
|
||||
|
@ -1,11 +1,11 @@
|
||||
From 119f2c14aac61a04d98719b399266c1ed235793a Mon Sep 17 00:00:00 2001
|
||||
From ae570a81db3e070d0c449fe9eb70352c8ffcf22a Mon Sep 17 00:00:00 2001
|
||||
From: Ralf Haferkamp <rhafer@suse.de>
|
||||
Date: Wed, 16 Jun 2010 14:08:03 +0200
|
||||
Subject: libldap use gethostbyname_r
|
||||
|
||||
|
||||
diff --git a/libraries/libldap/util-int.c b/libraries/libldap/util-int.c
|
||||
index d2b4ae8..3180d74 100644
|
||||
index f0b5f72..ea5e178 100644
|
||||
--- a/libraries/libldap/util-int.c
|
||||
+++ b/libraries/libldap/util-int.c
|
||||
@@ -52,7 +52,7 @@ extern int h_errno;
|
||||
@ -27,5 +27,5 @@ index d2b4ae8..3180d74 100644
|
||||
|
||||
#if !(defined(HAVE_GETHOSTBYNAME_R) && defined(HAVE_GETHOSTBYADDR_R))
|
||||
--
|
||||
1.7.3.4
|
||||
1.7.7
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 34e2af586533bf43e2fec55e707fa4d51ca6634c Mon Sep 17 00:00:00 2001
|
||||
From ef2b8372346fd32c21a8b19864c2f29aed5e3e63 Mon Sep 17 00:00:00 2001
|
||||
From: Ralf Haferkamp <rhafer@suse.de>
|
||||
Date: Fri, 12 Nov 2010 09:39:11 +0100
|
||||
Subject: pie compile
|
||||
@ -114,5 +114,5 @@ index f93a84c..a35dd83 100644
|
||||
MOD_DEFS = $(@BUILD_RELAY@_DEFS)
|
||||
|
||||
--
|
||||
1.7.3.4
|
||||
1.7.7
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 708185d30ee5a94ca4d98707521620291c8ddd1d Mon Sep 17 00:00:00 2001
|
||||
From b0508b1d0322491955d6ed11fc8c980f6a07dd18 Mon Sep 17 00:00:00 2001
|
||||
From: Cristian Rodriguez <cristian.rodriguez@opensuse.org>
|
||||
Date: Tue, 5 Oct 2010 13:59:40 +0200
|
||||
Subject: No Build date and time in binaries
|
||||
@ -29,5 +29,5 @@ index 5c020b8..0160ab1 100755
|
||||
|
||||
__EOF__
|
||||
--
|
||||
1.7.3.4
|
||||
1.7.7
|
||||
|
@ -1,50 +0,0 @@
|
||||
From 1b23710affd68704d8fb66ba42901fa7aed1a379 Mon Sep 17 00:00:00 2001
|
||||
From: Ralf Haferkamp <rhafer@suse.de>
|
||||
Date: Wed, 16 Jun 2010 14:08:56 +0200
|
||||
Subject: assorted fixes for back-config DELETE support
|
||||
|
||||
|
||||
diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c
|
||||
index 006647b..3354c09 100644
|
||||
--- a/servers/slapd/bconfig.c
|
||||
+++ b/servers/slapd/bconfig.c
|
||||
@@ -6050,13 +6050,26 @@ config_back_delete( Operation *op, SlapReply *rs )
|
||||
rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
|
||||
} else if ( op->o_abandon ) {
|
||||
rs->sr_err = SLAPD_ABANDON;
|
||||
- } else if ( ce->ce_type == Cft_Overlay ){
|
||||
+ } else if ( ce->ce_type == Cft_Overlay || ce->ce_type == Cft_Database){
|
||||
char *iptr;
|
||||
int count, ixold;
|
||||
|
||||
ldap_pvt_thread_pool_pause( &connection_pool );
|
||||
|
||||
- overlay_remove( ce->ce_be, (slap_overinst *)ce->ce_bi );
|
||||
+ if ( ce->ce_type == Cft_Overlay ){
|
||||
+ overlay_remove( ce->ce_be, (slap_overinst *)ce->ce_bi );
|
||||
+ } else { /* Cft_Database*/
|
||||
+ if ( ce->ce_be == frontendDB || ce->ce_be == op->o_bd ){
|
||||
+ rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
|
||||
+ rs->sr_text = "Cannot delete config or frontend database";
|
||||
+ ldap_pvt_thread_pool_resume( &connection_pool );
|
||||
+ goto out;
|
||||
+ }
|
||||
+ if ( ce->ce_be->bd_info->bi_db_close ) {
|
||||
+ ce->ce_be->bd_info->bi_db_close( ce->ce_be, NULL );
|
||||
+ }
|
||||
+ backend_destroy_one( ce->ce_be, 1);
|
||||
+ }
|
||||
|
||||
/* remove CfEntryInfo from the siblings list */
|
||||
if ( ce->ce_parent->ce_kids == ce ) {
|
||||
@@ -6118,6 +6131,7 @@ config_back_delete( Operation *op, SlapReply *rs )
|
||||
#else
|
||||
rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
|
||||
#endif /* SLAP_CONFIG_DELETE */
|
||||
+out:
|
||||
send_ldap_result( op, rs );
|
||||
return rs->sr_err;
|
||||
}
|
||||
--
|
||||
1.7.3.4
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 1ae2909f2464955fde817f3c8447724e4d5035c3 Mon Sep 17 00:00:00 2001
|
||||
From e17f4d8c705ffa9080fd2ca5cf6780e30d04b0ac Mon Sep 17 00:00:00 2001
|
||||
From: Ralf Haferkamp <rhafer@suse.de>
|
||||
Date: Tue, 5 Oct 2010 14:20:22 +0200
|
||||
Subject: Recover on DB version change
|
||||
@ -25,5 +25,5 @@ index 526fee8..a9f7c5a 100644
|
||||
/* Regular open failed, probably a missing shm environment.
|
||||
* Start over, do a recovery.
|
||||
--
|
||||
1.7.3.4
|
||||
1.7.7
|
||||
|
@ -1,141 +0,0 @@
|
||||
From 601cde61e0ad14e804a4f1bf54b6fac934aaad4b Mon Sep 17 00:00:00 2001
|
||||
From: ralf <ralf>
|
||||
Date: Wed, 30 Jun 2010 10:38:01 +0000
|
||||
Subject: unregister_supported_control() backport
|
||||
|
||||
The fix for bnc#648479/ITS#6647 makes use of this call
|
||||
|
||||
Original log-message:
|
||||
new call unregister_supported_control(), will be
|
||||
needed for cn=config delete support
|
||||
|
||||
Also included: use be_ctrls[cid] for counting the number of overlay
|
||||
instances that have registered the control for a specific BackendDB to make
|
||||
sure that the control is unregistered only after the last instance calls
|
||||
overlay_unregister_control().
|
||||
|
||||
diff --git a/servers/slapd/backover.c b/servers/slapd/backover.c
|
||||
index cad81ab..56bcf65 100644
|
||||
--- a/servers/slapd/backover.c
|
||||
+++ b/servers/slapd/backover.c
|
||||
@@ -1076,14 +1076,22 @@ overlay_register_control( BackendDB *be, const char *oid )
|
||||
gotit = 1;
|
||||
}
|
||||
|
||||
- bd->be_ctrls[ cid ] = 1;
|
||||
+ /* overlays can be instanciated multiple times, use
|
||||
+ * be_ctrls[ cid ] as an instance counter, so that the
|
||||
+ * overlay's controls are only really disabled after the
|
||||
+ * last instance called overlay_register_control() */
|
||||
+ bd->be_ctrls[ cid ]++;
|
||||
bd->be_ctrls[ SLAP_MAX_CIDS ] = 1;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
if ( !gotit ) {
|
||||
- be->bd_self->be_ctrls[ cid ] = 1;
|
||||
+ /* overlays can be instanciated multiple times, use
|
||||
+ * be_ctrls[ cid ] as an instance counter, so that the
|
||||
+ * overlay's controls are only really unregistered after the
|
||||
+ * last instance called overlay_register_control() */
|
||||
+ be->bd_self->be_ctrls[ cid ]++;
|
||||
be->bd_self->be_ctrls[ SLAP_MAX_CIDS ] = 1;
|
||||
}
|
||||
|
||||
@@ -1091,6 +1099,34 @@ overlay_register_control( BackendDB *be, const char *oid )
|
||||
}
|
||||
|
||||
void
|
||||
+overlay_unregister_control( BackendDB *be, const char *oid )
|
||||
+{
|
||||
+ int gotit = 0;
|
||||
+ int cid;
|
||||
+
|
||||
+ if ( slap_find_control_id( oid, &cid ) == LDAP_CONTROL_NOT_FOUND ) {
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ if ( SLAP_ISGLOBALOVERLAY( be ) ) {
|
||||
+ BackendDB *bd;
|
||||
+
|
||||
+ /* remove from all backends... */
|
||||
+ LDAP_STAILQ_FOREACH( bd, &backendDB, be_next ) {
|
||||
+ if ( bd == be->bd_self ) {
|
||||
+ gotit = 1;
|
||||
+ }
|
||||
+
|
||||
+ bd->be_ctrls[ cid ]--;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ if ( !gotit ) {
|
||||
+ be->bd_self->be_ctrls[ cid ]--;
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+void
|
||||
overlay_destroy_one( BackendDB *be, slap_overinst *on )
|
||||
{
|
||||
slap_overinfo *oi = on->on_info;
|
||||
diff --git a/servers/slapd/controls.c b/servers/slapd/controls.c
|
||||
index 96df34e..8d079c5 100644
|
||||
--- a/servers/slapd/controls.c
|
||||
+++ b/servers/slapd/controls.c
|
||||
@@ -344,6 +344,38 @@ register_supported_control2(const char *controloid,
|
||||
return LDAP_SUCCESS;
|
||||
}
|
||||
|
||||
+#ifdef SLAP_CONFIG_DELETE
|
||||
+int
|
||||
+unregister_supported_control( const char *controloid )
|
||||
+{
|
||||
+ struct slap_control *sc;
|
||||
+ int i;
|
||||
+
|
||||
+ if ( controloid == NULL || (sc = find_ctrl( controloid )) == NULL ){
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ for ( i = 0; slap_known_controls[ i ]; i++ ) {
|
||||
+ if ( strcmp( controloid, slap_known_controls[ i ] ) == 0 ) {
|
||||
+ do {
|
||||
+ slap_known_controls[ i ] = slap_known_controls[ i+1 ];
|
||||
+ } while ( slap_known_controls[ i++ ] );
|
||||
+ num_known_controls--;
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ LDAP_SLIST_REMOVE(&controls_list, sc, slap_control, sc_next);
|
||||
+ ch_free( sc->sc_oid );
|
||||
+ if ( sc->sc_extendedopsbv != NULL ) {
|
||||
+ ber_bvarray_free( sc->sc_extendedopsbv );
|
||||
+ }
|
||||
+ ch_free( sc );
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+#endif /* SLAP_CONFIG_DELETE */
|
||||
+
|
||||
/*
|
||||
* One-time initialization of internal controls.
|
||||
*/
|
||||
diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h
|
||||
index 4d0e1bb..1aebece 100644
|
||||
--- a/servers/slapd/proto-slap.h
|
||||
+++ b/servers/slapd/proto-slap.h
|
||||
@@ -657,6 +657,10 @@ LDAP_SLAPD_F (int) register_supported_control2 LDAP_P((
|
||||
int *controlcid ));
|
||||
#define register_supported_control(oid, mask, exops, fn, cid) \
|
||||
register_supported_control2((oid), (mask), (exops), (fn), 0, (cid))
|
||||
+#ifdef SLAP_CONFIG_DELETE
|
||||
+LDAP_SLAPD_F (int) unregister_supported_control LDAP_P((
|
||||
+ const char* controloid ));
|
||||
+#endif /* SLAP_CONFIG_DELETE */
|
||||
LDAP_SLAPD_F (int) slap_controls_init LDAP_P ((void));
|
||||
LDAP_SLAPD_F (void) controls_destroy LDAP_P ((void));
|
||||
LDAP_SLAPD_F (int) controls_root_dse_info LDAP_P ((Entry *e));
|
||||
--
|
||||
1.7.3.4
|
||||
|
@ -1,46 +0,0 @@
|
||||
From b5ddeac919d767a390d7d9e3c2dac092cc4232e1 Mon Sep 17 00:00:00 2001
|
||||
From: ralf <ralf>
|
||||
Date: Fri, 22 Jan 2010 17:01:25 +0000
|
||||
Subject: Fix exposure of SSS/VLV controls (ITS#6647)
|
||||
|
||||
Fixes bnc#648479
|
||||
|
||||
Contains the following upstream commits:
|
||||
|
||||
- Unregister VLV control as well when last overlay instance
|
||||
is removed (additional fix for ITS#6647)
|
||||
|
||||
diff --git a/servers/slapd/overlays/sssvlv.c b/servers/slapd/overlays/sssvlv.c
|
||||
index ce3da34..7ffed1b 100644
|
||||
--- a/servers/slapd/overlays/sssvlv.c
|
||||
+++ b/servers/slapd/overlays/sssvlv.c
|
||||
@@ -1295,6 +1295,10 @@ static int sssvlv_db_init(
|
||||
if ( rc != LDAP_SUCCESS ) {
|
||||
Debug( LDAP_DEBUG_ANY, "Failed to register VLV Request control '%s' (%d)\n",
|
||||
LDAP_CONTROL_VLVREQUEST, rc, 0 );
|
||||
+#ifdef SLAP_CONFIG_DELETE
|
||||
+ overlay_unregister_control( be, LDAP_CONTROL_SORTREQUEST );
|
||||
+ unregister_supported_control( LDAP_CONTROL_SORTREQUEST );
|
||||
+#endif /* SLAP_CONFIG_DELETE */
|
||||
return rc;
|
||||
}
|
||||
}
|
||||
@@ -1330,6 +1334,15 @@ static int sssvlv_db_destroy(
|
||||
ldap_pvt_thread_mutex_destroy( &sort_conns_mutex );
|
||||
}
|
||||
|
||||
+#ifdef SLAP_CONFIG_DELETE
|
||||
+ overlay_unregister_control( be, LDAP_CONTROL_SORTREQUEST );
|
||||
+ overlay_unregister_control( be, LDAP_CONTROL_VLVREQUEST );
|
||||
+ if ( ov_count == 0 ) {
|
||||
+ unregister_supported_control( LDAP_CONTROL_SORTREQUEST );
|
||||
+ unregister_supported_control( LDAP_CONTROL_VLVREQUEST );
|
||||
+ }
|
||||
+#endif /* SLAP_CONFIG_DELETE */
|
||||
+
|
||||
if ( si ) {
|
||||
ch_free( si );
|
||||
on->on_bi.bi_private = NULL;
|
||||
--
|
||||
1.7.3.4
|
||||
|
@ -1,110 +0,0 @@
|
||||
From 0ca1fbc64f2f02cbdff0827e4ca1bbe312bebc2f Mon Sep 17 00:00:00 2001
|
||||
From: Ralf Haferkamp <rhafer@suse.de>
|
||||
Date: Fri, 22 Jan 2010 11:18:46 +0100
|
||||
Subject: config-delete overlay fixes
|
||||
|
||||
- unregister controls when removing overlays from cn=config (syncprov,
|
||||
ppolicy, valsort, chain and sssvlv)
|
||||
- Send error to active psearches upon syncprov overlay removal
|
||||
- syncprov: reset BackendInfo to original value after checkpoint. Leaks memory
|
||||
otherwise (with -DSLAP_CONFIG_DELETE)
|
||||
|
||||
bnc#548773
|
||||
|
||||
diff --git a/servers/slapd/back-ldap/chain.c b/servers/slapd/back-ldap/chain.c
|
||||
index 41bb6ef..8f37efb 100644
|
||||
--- a/servers/slapd/back-ldap/chain.c
|
||||
+++ b/servers/slapd/back-ldap/chain.c
|
||||
@@ -1979,6 +1979,11 @@ ldap_chain_db_close(
|
||||
BackendDB *be,
|
||||
ConfigReply *cr )
|
||||
{
|
||||
+#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
|
||||
+#ifdef SLAP_CONFIG_DELETE
|
||||
+ overlay_unregister_control( be, LDAP_CONTROL_X_CHAINING_BEHAVIOR );
|
||||
+#endif /* SLAP_CONFIG_DELETE */
|
||||
+#endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
|
||||
return ldap_chain_db_func( be, db_close );
|
||||
}
|
||||
|
||||
diff --git a/servers/slapd/overlays/ppolicy.c b/servers/slapd/overlays/ppolicy.c
|
||||
index 43cc345..048bf89 100644
|
||||
--- a/servers/slapd/overlays/ppolicy.c
|
||||
+++ b/servers/slapd/overlays/ppolicy.c
|
||||
@@ -2308,6 +2308,11 @@ ppolicy_close(
|
||||
slap_overinst *on = (slap_overinst *) be->bd_info;
|
||||
pp_info *pi = on->on_bi.bi_private;
|
||||
|
||||
+
|
||||
+#ifdef SLAP_CONFIG_DELETE
|
||||
+ overlay_unregister_control( be, LDAP_CONTROL_PASSWORDPOLICYREQUEST );
|
||||
+#endif /* SLAP_CONFIG_DELETE */
|
||||
+
|
||||
/* Perhaps backover should provide bi_destroy hooks... */
|
||||
ov_count--;
|
||||
if ( ov_count <=0 && pwcons ) {
|
||||
diff --git a/servers/slapd/overlays/syncprov.c b/servers/slapd/overlays/syncprov.c
|
||||
index 1100de7..814f95e 100644
|
||||
--- a/servers/slapd/overlays/syncprov.c
|
||||
+++ b/servers/slapd/overlays/syncprov.c
|
||||
@@ -3143,6 +3143,7 @@ syncprov_db_close(
|
||||
{
|
||||
slap_overinst *on = (slap_overinst *) be->bd_info;
|
||||
syncprov_info_t *si = (syncprov_info_t *)on->on_bi.bi_private;
|
||||
+ syncops *so, *sonext;
|
||||
|
||||
if ( slapMode & SLAP_TOOL_MODE ) {
|
||||
return 0;
|
||||
@@ -3162,6 +3163,20 @@ syncprov_db_close(
|
||||
syncprov_checkpoint( op, on );
|
||||
}
|
||||
|
||||
+#ifdef SLAP_CONFIG_DELETE
|
||||
+ ldap_pvt_thread_mutex_lock( &si->si_ops_mutex );
|
||||
+ for ( so=si->si_ops, sonext=so; so; so=sonext ) {
|
||||
+ SlapReply rs = {REP_RESULT};
|
||||
+ rs.sr_err = LDAP_UNAVAILABLE;
|
||||
+ send_ldap_result( so->s_op, &rs );
|
||||
+ sonext=so->s_next;
|
||||
+ syncprov_drop_psearch( so, 0);
|
||||
+ }
|
||||
+ si->si_ops=NULL;
|
||||
+ ldap_pvt_thread_mutex_unlock( &si->si_ops_mutex );
|
||||
+ overlay_unregister_control( be, LDAP_CONTROL_SYNC );
|
||||
+#endif /* SLAP_CONFIG_DELETE */
|
||||
+
|
||||
return 0;
|
||||
}
|
||||
|
||||
diff --git a/servers/slapd/overlays/valsort.c b/servers/slapd/overlays/valsort.c
|
||||
index 80d9382..033cbf6 100644
|
||||
--- a/servers/slapd/overlays/valsort.c
|
||||
+++ b/servers/slapd/overlays/valsort.c
|
||||
@@ -490,6 +490,10 @@ valsort_destroy(
|
||||
slap_overinst *on = (slap_overinst *)be->bd_info;
|
||||
valsort_info *vi = on->on_bi.bi_private, *next;
|
||||
|
||||
+#ifdef SLAP_CONFIG_DELETE
|
||||
+ overlay_unregister_control( be, LDAP_CONTROL_VALSORT );
|
||||
+#endif /* SLAP_CONFIG_DELETE */
|
||||
+
|
||||
for (; vi; vi = next) {
|
||||
next = vi->vi_next;
|
||||
ch_free( vi->vi_dn.bv_val );
|
||||
diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h
|
||||
index 1aebece..bb0dd63 100644
|
||||
--- a/servers/slapd/proto-slap.h
|
||||
+++ b/servers/slapd/proto-slap.h
|
||||
@@ -484,6 +484,9 @@ LDAP_SLAPD_F (void) overlay_move LDAP_P((
|
||||
#ifdef SLAP_CONFIG_DELETE
|
||||
LDAP_SLAPD_F (void) overlay_remove LDAP_P((
|
||||
BackendDB *be, slap_overinst *on ));
|
||||
+LDAP_SLAPD_F (void) overlay_unregister_control LDAP_P((
|
||||
+ BackendDB *be,
|
||||
+ const char *oid ));
|
||||
#endif /* SLAP_CONFIG_DELETE */
|
||||
LDAP_SLAPD_F (int) overlay_callback_after_backover LDAP_P((
|
||||
Operation *op, slap_callback *sc, int append ));
|
||||
--
|
||||
1.7.3.4
|
||||
|
@ -1,115 +0,0 @@
|
||||
From e9c58d8eb653e2e1fa8d84f8631dcc3fa5965db2 Mon Sep 17 00:00:00 2001
|
||||
From: Ralf Haferkamp <ralf@openldap.org>
|
||||
Date: Tue, 15 Mar 2011 16:57:41 +0000
|
||||
Subject: backport ConfigLDAPdel callback from current master
|
||||
|
||||
bnc#704398
|
||||
|
||||
diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c
|
||||
index 3354c09..309668e 100644
|
||||
--- a/servers/slapd/bconfig.c
|
||||
+++ b/servers/slapd/bconfig.c
|
||||
@@ -6047,10 +6047,12 @@ config_back_delete( Operation *op, SlapReply *rs )
|
||||
rs->sr_matched = last->ce_entry->e_name.bv_val;
|
||||
rs->sr_err = LDAP_NO_SUCH_OBJECT;
|
||||
} else if ( ce->ce_kids ) {
|
||||
- rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
|
||||
+ rs->sr_err = LDAP_NOT_ALLOWED_ON_NONLEAF;
|
||||
} else if ( op->o_abandon ) {
|
||||
rs->sr_err = SLAPD_ABANDON;
|
||||
- } else if ( ce->ce_type == Cft_Overlay || ce->ce_type == Cft_Database){
|
||||
+ } else if ( ce->ce_type == Cft_Overlay ||
|
||||
+ ce->ce_type == Cft_Database ||
|
||||
+ ce->ce_type == Cft_Misc ){
|
||||
char *iptr;
|
||||
int count, ixold;
|
||||
|
||||
@@ -6058,7 +6060,46 @@ config_back_delete( Operation *op, SlapReply *rs )
|
||||
|
||||
if ( ce->ce_type == Cft_Overlay ){
|
||||
overlay_remove( ce->ce_be, (slap_overinst *)ce->ce_bi );
|
||||
- } else { /* Cft_Database*/
|
||||
+ } else if ( ce->ce_type == Cft_Misc ) {
|
||||
+ /*
|
||||
+ * only Cft_Misc objects that have a co_lddel handler set in
|
||||
+ * the ConfigOCs struct can be deleted. This code also
|
||||
+ * assumes that the entry can be only have one objectclass
|
||||
+ * with co_type == Cft_Misc
|
||||
+ */
|
||||
+ ConfigOCs co, *coptr;
|
||||
+ Attribute *oc_at;
|
||||
+ int i;
|
||||
+
|
||||
+ oc_at = attr_find( ce->ce_entry->e_attrs,
|
||||
+ slap_schema.si_ad_objectClass );
|
||||
+ if ( !oc_at ) {
|
||||
+ rs->sr_err = LDAP_OTHER;
|
||||
+ rs->sr_text = "objectclass not found";
|
||||
+ ldap_pvt_thread_pool_resume( &connection_pool );
|
||||
+ goto out;
|
||||
+ }
|
||||
+ for ( i=0; !BER_BVISNULL(&oc_at->a_nvals[i]); i++ ) {
|
||||
+ co.co_name = &oc_at->a_nvals[i];
|
||||
+ coptr = avl_find( CfOcTree, &co, CfOc_cmp );
|
||||
+ if ( coptr == NULL || coptr->co_type != Cft_Misc ) {
|
||||
+ continue;
|
||||
+ }
|
||||
+ if ( ! coptr->co_lddel || coptr->co_lddel( ce, op ) ){
|
||||
+ rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
|
||||
+ if ( ! coptr->co_lddel ) {
|
||||
+ rs->sr_text = "No delete handler found";
|
||||
+ } else {
|
||||
+ rs->sr_err = LDAP_OTHER;
|
||||
+ /* FIXME: We should return a helpful error message
|
||||
+ * here */
|
||||
+ }
|
||||
+ ldap_pvt_thread_pool_resume( &connection_pool );
|
||||
+ goto out;
|
||||
+ }
|
||||
+ break;
|
||||
+ }
|
||||
+ } else if (ce->ce_type == Cft_Database ) {
|
||||
if ( ce->ce_be == frontendDB || ce->ce_be == op->o_bd ){
|
||||
rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
|
||||
rs->sr_text = "Cannot delete config or frontend database";
|
||||
@@ -6128,10 +6169,10 @@ config_back_delete( Operation *op, SlapReply *rs )
|
||||
} else {
|
||||
rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
|
||||
}
|
||||
+out:
|
||||
#else
|
||||
rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
|
||||
#endif /* SLAP_CONFIG_DELETE */
|
||||
-out:
|
||||
send_ldap_result( op, rs );
|
||||
return rs->sr_err;
|
||||
}
|
||||
diff --git a/servers/slapd/config.h b/servers/slapd/config.h
|
||||
index 9c037d4..d79ae74 100644
|
||||
--- a/servers/slapd/config.h
|
||||
+++ b/servers/slapd/config.h
|
||||
@@ -100,12 +100,21 @@ typedef int (ConfigLDAPadd)(
|
||||
typedef int (ConfigCfAdd)(
|
||||
Operation *op, SlapReply *rs, Entry *parent, struct config_args_s *ca );
|
||||
|
||||
+#ifdef SLAP_CONFIG_DELETE
|
||||
+/* Called when deleting a Cft_Misc Child object from cn=config */
|
||||
+typedef int (ConfigLDAPdel)(
|
||||
+ CfEntryInfo *ce, Operation *op );
|
||||
+#endif
|
||||
+
|
||||
typedef struct ConfigOCs {
|
||||
const char *co_def;
|
||||
ConfigType co_type;
|
||||
ConfigTable *co_table;
|
||||
ConfigLDAPadd *co_ldadd;
|
||||
ConfigCfAdd *co_cfadd;
|
||||
+#ifdef SLAP_CONFIG_DELETE
|
||||
+ ConfigLDAPdel *co_lddel;
|
||||
+#endif
|
||||
ObjectClass *co_oc;
|
||||
struct berval *co_name;
|
||||
} ConfigOCs;
|
||||
--
|
||||
1.7.3.4
|
||||
|
@ -1,59 +0,0 @@
|
||||
From 48e44e993656a08424a020347a458148169196ce Mon Sep 17 00:00:00 2001
|
||||
From: Howard Chu <hyc@openldap.org>
|
||||
Date: Thu, 6 Oct 2011 14:05:31 -0700
|
||||
Subject: UTF8StringNormalize overrun on zero-length string (ITS#7059)
|
||||
|
||||
Detected by valgrind
|
||||
|
||||
diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c
|
||||
index 67508fc..65a7e2e 100644
|
||||
--- a/servers/slapd/schema_init.c
|
||||
+++ b/servers/slapd/schema_init.c
|
||||
@@ -1852,12 +1852,12 @@ UTF8StringNormalize(
|
||||
}
|
||||
nvalue.bv_val[nvalue.bv_len] = '\0';
|
||||
|
||||
- } else {
|
||||
+ } else if ( tmp.bv_len ) {
|
||||
/* string of all spaces is treated as one space */
|
||||
nvalue.bv_val[0] = ' ';
|
||||
nvalue.bv_val[1] = '\0';
|
||||
nvalue.bv_len = 1;
|
||||
- }
|
||||
+ } /* should never be entered with 0-length val */
|
||||
|
||||
*normalized = nvalue;
|
||||
return LDAP_SUCCESS;
|
||||
@@ -2331,13 +2331,18 @@ postalAddressNormalize(
|
||||
}
|
||||
lines[l].bv_len = &val->bv_val[c] - lines[l].bv_val;
|
||||
|
||||
- normalized->bv_len = l;
|
||||
+ normalized->bv_len = c = l;
|
||||
|
||||
- for ( l = 0; !BER_BVISNULL( &lines[l] ); l++ ) {
|
||||
+ for ( l = 0; l <= c; l++ ) {
|
||||
/* NOTE: we directly normalize each line,
|
||||
* without unescaping the values, since the special
|
||||
* values '\24' ('$') and '\5C' ('\') are not affected
|
||||
* by normalization */
|
||||
+ if ( !lines[l].bv_len ) {
|
||||
+ nlines[l].bv_len = 0;
|
||||
+ nlines[l].bv_val = NULL;
|
||||
+ continue;
|
||||
+ }
|
||||
rc = UTF8StringNormalize( usage, NULL, xmr, &lines[l], &nlines[l], ctx );
|
||||
if ( rc != LDAP_SUCCESS ) {
|
||||
rc = LDAP_INVALID_SYNTAX;
|
||||
@@ -2350,7 +2355,7 @@ postalAddressNormalize(
|
||||
normalized->bv_val = slap_sl_malloc( normalized->bv_len + 1, ctx );
|
||||
|
||||
p = normalized->bv_val;
|
||||
- for ( l = 0; !BER_BVISNULL( &nlines[l] ); l++ ) {
|
||||
+ for ( l = 0; l <= c ; l++ ) {
|
||||
p = lutil_strbvcopy( p, &nlines[l] );
|
||||
*p++ = '$';
|
||||
}
|
||||
--
|
||||
1.7.6.4
|
||||
|
@ -1,95 +0,0 @@
|
||||
From 5d9026cf3f93f95dd6f80ad209013e30bbb0d8e6 Mon Sep 17 00:00:00 2001
|
||||
From: Ralf Haferkamp <ralf@openldap.org>
|
||||
Date: Tue, 18 Oct 2011 17:08:05 +0200
|
||||
Subject: ITS#7066 reworked default deny ACL for cn=config
|
||||
|
||||
Dynamically adding ACL for cn=config didn't work correctly, when no
|
||||
ACLs where present for that database upon startup. Delete the last
|
||||
ACL from the DB could also lead to unexpected results.
|
||||
|
||||
diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c
|
||||
index 309668e..7097d72 100644
|
||||
--- a/servers/slapd/bconfig.c
|
||||
+++ b/servers/slapd/bconfig.c
|
||||
@@ -84,6 +84,7 @@ static char *logfileName;
|
||||
#ifdef SLAP_AUTH_REWRITE
|
||||
static BerVarray authz_rewrites;
|
||||
#endif
|
||||
+static AccessControl *defacl_parsed = NULL;
|
||||
|
||||
static struct berval cfdir;
|
||||
|
||||
@@ -1297,6 +1298,12 @@ config_generic(ConfigArgs *c) {
|
||||
*prev = a->acl_next;
|
||||
acl_free( a );
|
||||
}
|
||||
+ if ( SLAP_CONFIG( c->be ) && !c->be->be_acl ) {
|
||||
+ Debug( LDAP_DEBUG_CONFIG, "config_generic (CFG_ACL): "
|
||||
+ "Last explicit ACL for back-config removed. "
|
||||
+ "Using hardcoded default\n", 0, 0, 0 );
|
||||
+ c->be->be_acl = defacl_parsed;
|
||||
+ }
|
||||
break;
|
||||
|
||||
case CFG_OC: {
|
||||
@@ -1792,6 +1799,9 @@ sortval_reject:
|
||||
break;
|
||||
|
||||
case CFG_ACL:
|
||||
+ if ( SLAP_CONFIG( c->be ) && c->be->be_acl == defacl_parsed) {
|
||||
+ c->be->be_acl = NULL;
|
||||
+ }
|
||||
/* Don't append to the global ACL if we're on a specific DB */
|
||||
i = c->valx;
|
||||
if ( c->valx == -1 ) {
|
||||
@@ -1801,6 +1811,9 @@ sortval_reject:
|
||||
i++;
|
||||
}
|
||||
if ( parse_acl(c->be, c->fname, c->lineno, c->argc, c->argv, i ) ) {
|
||||
+ if ( SLAP_CONFIG( c->be ) && !c->be->be_acl) {
|
||||
+ c->be->be_acl = defacl_parsed;
|
||||
+ }
|
||||
return 1;
|
||||
}
|
||||
break;
|
||||
@@ -6637,14 +6650,23 @@ config_back_db_open( BackendDB *be, ConfigReply *cr )
|
||||
slap_callback cb = { NULL, slap_null_cb, NULL, NULL };
|
||||
SlapReply rs = {REP_RESULT};
|
||||
void *thrctx = NULL;
|
||||
+ AccessControl *save_access;
|
||||
|
||||
Debug( LDAP_DEBUG_TRACE, "config_back_db_open\n", 0, 0, 0);
|
||||
|
||||
/* If we have no explicitly configured ACLs, don't just use
|
||||
* the global ACLs. Explicitly deny access to everything.
|
||||
*/
|
||||
- if ( !be->bd_self->be_acl ) {
|
||||
- parse_acl(be->bd_self, "config_back_db_open", 0, 6, (char **)defacl, 0 );
|
||||
+ save_access = be->bd_self->be_acl;
|
||||
+ be->bd_self->be_acl = NULL;
|
||||
+ parse_acl(be->bd_self, "config_back_db_open", 0, 6, (char **)defacl, 0 );
|
||||
+ defacl_parsed = be->bd_self->be_acl;
|
||||
+ if ( save_access ) {
|
||||
+ be->bd_self->be_acl = save_access;
|
||||
+ } else {
|
||||
+ Debug( LDAP_DEBUG_CONFIG, "config_back_db_open: "
|
||||
+ "No explicit ACL for back-config configured. "
|
||||
+ "Using hardcoded default\n", 0, 0, 0 );
|
||||
}
|
||||
|
||||
thrctx = ldap_pvt_thread_pool_context();
|
||||
@@ -6889,6 +6911,11 @@ config_back_db_close( BackendDB *be, ConfigReply *cr )
|
||||
backend_shutdown( &cfb->cb_db );
|
||||
}
|
||||
|
||||
+ if ( defacl_parsed && be->be_acl != defacl_parsed ) {
|
||||
+ acl_free( defacl_parsed );
|
||||
+ defacl_parsed = NULL;
|
||||
+ }
|
||||
+
|
||||
return 0;
|
||||
}
|
||||
|
||||
--
|
||||
1.7.6.4
|
||||
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:1f42048cebbcd8647c9c566f8f070946103a15717345915ecd5fccfbe19a7c3d
|
||||
size 5250064
|
3
openldap-2.4.28.tgz
Normal file
3
openldap-2.4.28.tgz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:332ab5b13dbc0f85b1112d7a6f3485069108bfbd4d2603c8b548adbfa9bbc371
|
||||
size 5436340
|
@ -1,3 +1,56 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Dec 2 16:11:01 UTC 2011 - rhafer@suse.de
|
||||
|
||||
- Update to 2.4.28
|
||||
* Fixed back-mdb out of order slapadd (ITS#7090)
|
||||
changes in OpenLDAP 2.4.27 Release (2011/11/24):
|
||||
* Added slapd delta-syncrepl MMR (ITS#6734,ITS#7029,ITS#7031)
|
||||
* Fixed ldapmodify crash with LDIF controls (ITS#7039)
|
||||
* Fixed ldapsearch to honor timeout and timelimit (ITS#7009)
|
||||
* Fixed libldap endless looping (ITS#7035)
|
||||
* Fixed libldap TLS to not check hostname when using 'allow'
|
||||
(ITS#7014)
|
||||
* Fixed slapadd common code into slapcommon (ITS#6737)
|
||||
* Fixed slapd backend connection initialization (ITS#6993)
|
||||
* Fixed slapd frontend DB parsing in cn=config (ITS#7016)
|
||||
* Fixed slapd hang with {numbered} overlay insertion (ITS#7030)
|
||||
* Fixed slapd inet_ntop usage (ITS#6925)
|
||||
* Fixed slapd cn=config deletion of bitmasks (ITS#7083)
|
||||
* Fixed slapd cn=config modify replace/delete crash (ITS#7065)
|
||||
* Fixed slapd schema UTF8StringNormalize with 0 length values
|
||||
(ITS#7059)
|
||||
* Fixed slapd with dynamic acls for cn=config (ITS#7066)
|
||||
* Fixed slapd response callbacks (ITS#6059,ITS#7062)
|
||||
* Fixed slapd no_connection warnings with ldapi
|
||||
(ITS#6548,ITS#7092)
|
||||
* Fixed slapd return code processing (ITS#7060)
|
||||
* Fixed slapd sl_malloc various issues (ITS#6437)
|
||||
* Fixed slapd startup behavior (ITS#6848)
|
||||
* Fixed slapd syncrepl crash with non-replicated ops (ITS#6892)
|
||||
* Fixed slapd syncrepl with modrdn (ITS#7000,ITS#6472)
|
||||
* Fixed slapd syncrepl timeout when using refreshAndPersist
|
||||
(ITS#6999)
|
||||
* Fixed slapd syncrepl deletes need a non-empty CSN (ITS#7052)
|
||||
* Fixed slapd syncrepl glue for empty suffix (ITS#7037)
|
||||
* Fixed slapd results cleanup (ITS#6763,ITS#7053)
|
||||
* Fixed slapd validation of args for TLSCertificateFile
|
||||
(ITS#7012)
|
||||
* Fixed slapd-bdb/hdb to build entry DN based on parent DN
|
||||
(ITS#5326)
|
||||
* Fixed slapd-hdb with zero-length entries (ITS#7073)
|
||||
* Fixed slapd-hdb duplicate entries in subtree IDL cache
|
||||
(ITS#6983)
|
||||
* Fixed slapo-pcache response cleanup (ITS#6981)
|
||||
* Fixed slapo-ppolicy pwdAllowUserChange behavior (ITS#7021)
|
||||
* Fixed slapo-sssvlv issue with greaterThanorEqual (ITS#6985)
|
||||
* Fixed slapo-sssvlv to only return requested attrs (ITS#7061)
|
||||
* Fixed slapo-syncprov DSA attribute filtering for Persist mode
|
||||
(ITS#7019)
|
||||
* Fixed slapo-syncprov when consumer has newer state of our SID
|
||||
(ITS#7040)
|
||||
* Fixed slapo-syncprov crash (ITS#7025)
|
||||
* Added missing LDIF form of schema files (ITS#7063)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Nov 25 10:42:39 UTC 2011 - coolo@suse.com
|
||||
|
||||
|
@ -24,10 +24,10 @@ BuildRequires: cyrus-sasl-devel libopenssl-devel libtool
|
||||
%if %sles_version == 9 || %sles_version == 10
|
||||
BuildRequires: -libopenssl-devel -pwdutils openssl-devel
|
||||
%endif
|
||||
Version: 2.4.26
|
||||
Version: 2.4.28
|
||||
Release: 1
|
||||
Url: http://www.openldap.org
|
||||
License: BSD3c(or similar) ; openldap 2.8
|
||||
License: OpenLDAP 2.8
|
||||
%if "%{name}" == "openldap2"
|
||||
BuildRequires: db-devel openslp-devel tcpd-devel unixODBC-devel
|
||||
%if %sles_version == 9 || %sles_version == 10
|
||||
@ -44,7 +44,6 @@ Conflicts: openldap-client
|
||||
Requires: libldap-2_4-2 = %{version}
|
||||
Summary: The OpenLDAP commandline client tools
|
||||
%endif
|
||||
AutoReqProv: on
|
||||
Source: openldap-%{version}.tgz
|
||||
Source1: openldap-rc.tgz
|
||||
Source2: addonschema.tar.gz
|
||||
@ -59,15 +58,8 @@ Patch2: 0002-slapd.conf.dif
|
||||
Patch3: 0003-LDAPI-socket-location.dif
|
||||
Patch4: 0004-libldap-use-gethostbyname_r.dif
|
||||
Patch5: 0005-pie-compile.dif
|
||||
Patch6: 0006-assorted-fixes-for-back-config-DELETE-support.dif
|
||||
Patch7: 0007-No-Build-date-and-time-in-binaries.dif
|
||||
Patch8: 0008-Recover-on-DB-version-change.dif
|
||||
Patch9: 0009-unregister_supported_control-backport.dif
|
||||
Patch10: 0010-Fix-exposure-of-SSS-VLV-controls-ITS-6647.dif
|
||||
Patch11: 0011-config-delete-overlay-fixes.dif
|
||||
Patch12: 0012-backport-ConfigLDAPdel-callback-from-current-master.dif
|
||||
Patch13: 0013-UTF8StringNormalize-overrun-on-zero-length-string-ITS-.dif
|
||||
Patch14: 0014-ITS-7066-reworked-default-deny-ACL-for-cn-config.dif
|
||||
Patch6: 0006-No-Build-date-and-time-in-binaries.dif
|
||||
Patch7: 0007-Recover-on-DB-version-change.dif
|
||||
Patch100: openldap-2.3.37.dif
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
%if "%{name}" == "openldap2"
|
||||
@ -81,10 +73,8 @@ service that has an X.500 back-end.
|
||||
This package contains the OpenLDAP client utilities.
|
||||
|
||||
%package -n openldap2-back-perl
|
||||
License: BSD3c(or similar) ; openldap 2.8
|
||||
Summary: OpenLDAP Perl Back-End
|
||||
Requires: openldap2 = %{version} perl = %{perl_version}
|
||||
AutoReqProv: on
|
||||
Group: Productivity/Networking/LDAP/Servers
|
||||
|
||||
%description -n openldap2-back-perl
|
||||
@ -92,10 +82,8 @@ The OpenLDAP Perl back-end allows you to execute Perl code specific to
|
||||
different LDAP operations.
|
||||
|
||||
%package -n openldap2-back-meta
|
||||
License: BSD3c(or similar) ; openldap 2.8
|
||||
Summary: OpenLDAP Meta Back-End
|
||||
Requires: openldap2 = %{version}
|
||||
AutoReqProv: on
|
||||
Group: Productivity/Networking/LDAP/Servers
|
||||
Provides: openldap2:/usr/share/man/man5/slapd-meta.5.gz
|
||||
|
||||
@ -106,10 +94,8 @@ these servers can be presented as belonging to a single Directory
|
||||
Information Tree (DIT).
|
||||
|
||||
%package -n openldap2-back-sql
|
||||
License: BSD3c(or similar) ; openldap 2.8
|
||||
Summary: OpenLDAP SQL Back-End
|
||||
Requires: openldap2 = %{version}
|
||||
AutoReqProv: on
|
||||
Group: Productivity/Networking/LDAP/Servers
|
||||
|
||||
%description -n openldap2-back-sql
|
||||
@ -118,10 +104,8 @@ stored in a Relational (SQL) Database as an LDAP subtree without the need
|
||||
to do any programming.
|
||||
|
||||
%package -n openldap2-doc
|
||||
License: BSD3c(or similar) ; openldap 2.8
|
||||
Summary: OpenLDAP Documentation
|
||||
Group: Documentation/Other
|
||||
AutoReqProv: on
|
||||
Provides: openldap2:/usr/share/doc/packages/openldap2/drafts/README
|
||||
%if 0%{?suse_version} > 1110
|
||||
BuildArch: noarch
|
||||
@ -141,9 +125,7 @@ service that has an X.500 back-end.
|
||||
This package contains the OpenLDAP client utilities.
|
||||
|
||||
%package -n openldap2-devel
|
||||
License: BSD3c(or similar) ; openldap 2.8
|
||||
Summary: Libraries, Header Files and Documentation for OpenLDAP
|
||||
AutoReqProv: on
|
||||
# bug437293
|
||||
%ifarch ppc64
|
||||
Obsoletes: openldap2-devel-64bit
|
||||
@ -162,9 +144,7 @@ This package provides the OpenLDAP libraries, header files, and
|
||||
documentation.
|
||||
|
||||
%package -n libldap-2_4-2
|
||||
License: BSD3c(or similar) ; openldap 2.8
|
||||
Summary: OpenLDAP Client Libraries
|
||||
AutoReqProv: on
|
||||
Group: Productivity/Networking/LDAP/Clients
|
||||
|
||||
%description -n libldap-2_4-2
|
||||
@ -178,18 +158,9 @@ This package contains the OpenLDAP client libraries.
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
%patch4 -p1
|
||||
%if %suse_version > 920
|
||||
%patch5 -p1
|
||||
%endif
|
||||
%patch6 -p1
|
||||
%patch7 -p1
|
||||
%patch8 -p1
|
||||
%patch9 -p1
|
||||
%patch10 -p1
|
||||
%patch11 -p1
|
||||
%patch12 -p1
|
||||
%patch13 -p1
|
||||
%patch14 -p1
|
||||
cp %{SOURCE5} .
|
||||
cp %{SOURCE6} .
|
||||
cd ../openldap-2.3.37
|
||||
@ -223,6 +194,7 @@ export STRIP=""
|
||||
--enable-monitor=yes \
|
||||
--enable-perl=mod \
|
||||
--enable-sql=mod \
|
||||
--enable-mdb=no \
|
||||
--enable-slp \
|
||||
--enable-overlays=mod \
|
||||
--enable-syncprov=yes \
|
||||
@ -315,15 +287,17 @@ install -m 644 doc/guide/images/*.gif $RPM_BUILD_ROOT/%{DOCDIR}/images
|
||||
install -m 644 doc/drafts/* $RPM_BUILD_ROOT/%{DOCDIR}/drafts
|
||||
install -m 644 ANNOUNCEMENT \
|
||||
COPYRIGHT \
|
||||
INSTALL \
|
||||
LICENSE \
|
||||
README \
|
||||
CHANGES \
|
||||
%{SOURCE5} \
|
||||
%{SOURCE6} \
|
||||
$RPM_BUILD_ROOT/%{DOCDIR}
|
||||
install -m 644 servers/slapd/slapd.ldif \
|
||||
$RPM_BUILD_ROOT/%{DOCDIR}/slapd.ldif.default
|
||||
rm -f $RPM_BUILD_ROOT/etc/openldap/DB_CONFIG.example
|
||||
rm -f $RPM_BUILD_ROOT/etc/openldap/schema/README
|
||||
rm -f $RPM_BUILD_ROOT/etc/openldap/slapd.ldif*
|
||||
rm -f $RPM_BUILD_ROOT/var/run/slapd/openldap-data/DB_CONFIG.example
|
||||
mv servers/slapd/back-sql/rdbms_depend servers/slapd/back-sql/examples
|
||||
%if %suse_version < 1130
|
||||
@ -333,6 +307,7 @@ install -m 755 ../openldap-2.3.37/servers/slapd/slapcat $RPM_BUILD_ROOT/usr/sbin
|
||||
%endif
|
||||
rm -f $RPM_BUILD_ROOT/usr/lib/openldap/modules/*.a
|
||||
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-dnssrv.5
|
||||
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-mdb.5
|
||||
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-ndb.5
|
||||
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-null.5
|
||||
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-passwd.5
|
||||
@ -396,10 +371,10 @@ cat >openldap2.filelist <<EOF
|
||||
%dir %{DOCDIR}
|
||||
%doc %{DOCDIR}/ANNOUNCEMENT
|
||||
%doc %{DOCDIR}/COPYRIGHT
|
||||
%doc %{DOCDIR}/INSTALL
|
||||
%doc %{DOCDIR}/LICENSE
|
||||
%doc %{DOCDIR}/README*
|
||||
%doc %{DOCDIR}/CHANGES
|
||||
%doc %{DOCDIR}/slapd.ldif.default
|
||||
EOF
|
||||
%if %suse_version < 1130
|
||||
cat >>openldap2.filelist <<EOF
|
||||
|
@ -1,3 +1,56 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Dec 2 16:11:01 UTC 2011 - rhafer@suse.de
|
||||
|
||||
- Update to 2.4.28
|
||||
* Fixed back-mdb out of order slapadd (ITS#7090)
|
||||
changes in OpenLDAP 2.4.27 Release (2011/11/24):
|
||||
* Added slapd delta-syncrepl MMR (ITS#6734,ITS#7029,ITS#7031)
|
||||
* Fixed ldapmodify crash with LDIF controls (ITS#7039)
|
||||
* Fixed ldapsearch to honor timeout and timelimit (ITS#7009)
|
||||
* Fixed libldap endless looping (ITS#7035)
|
||||
* Fixed libldap TLS to not check hostname when using 'allow'
|
||||
(ITS#7014)
|
||||
* Fixed slapadd common code into slapcommon (ITS#6737)
|
||||
* Fixed slapd backend connection initialization (ITS#6993)
|
||||
* Fixed slapd frontend DB parsing in cn=config (ITS#7016)
|
||||
* Fixed slapd hang with {numbered} overlay insertion (ITS#7030)
|
||||
* Fixed slapd inet_ntop usage (ITS#6925)
|
||||
* Fixed slapd cn=config deletion of bitmasks (ITS#7083)
|
||||
* Fixed slapd cn=config modify replace/delete crash (ITS#7065)
|
||||
* Fixed slapd schema UTF8StringNormalize with 0 length values
|
||||
(ITS#7059)
|
||||
* Fixed slapd with dynamic acls for cn=config (ITS#7066)
|
||||
* Fixed slapd response callbacks (ITS#6059,ITS#7062)
|
||||
* Fixed slapd no_connection warnings with ldapi
|
||||
(ITS#6548,ITS#7092)
|
||||
* Fixed slapd return code processing (ITS#7060)
|
||||
* Fixed slapd sl_malloc various issues (ITS#6437)
|
||||
* Fixed slapd startup behavior (ITS#6848)
|
||||
* Fixed slapd syncrepl crash with non-replicated ops (ITS#6892)
|
||||
* Fixed slapd syncrepl with modrdn (ITS#7000,ITS#6472)
|
||||
* Fixed slapd syncrepl timeout when using refreshAndPersist
|
||||
(ITS#6999)
|
||||
* Fixed slapd syncrepl deletes need a non-empty CSN (ITS#7052)
|
||||
* Fixed slapd syncrepl glue for empty suffix (ITS#7037)
|
||||
* Fixed slapd results cleanup (ITS#6763,ITS#7053)
|
||||
* Fixed slapd validation of args for TLSCertificateFile
|
||||
(ITS#7012)
|
||||
* Fixed slapd-bdb/hdb to build entry DN based on parent DN
|
||||
(ITS#5326)
|
||||
* Fixed slapd-hdb with zero-length entries (ITS#7073)
|
||||
* Fixed slapd-hdb duplicate entries in subtree IDL cache
|
||||
(ITS#6983)
|
||||
* Fixed slapo-pcache response cleanup (ITS#6981)
|
||||
* Fixed slapo-ppolicy pwdAllowUserChange behavior (ITS#7021)
|
||||
* Fixed slapo-sssvlv issue with greaterThanorEqual (ITS#6985)
|
||||
* Fixed slapo-sssvlv to only return requested attrs (ITS#7061)
|
||||
* Fixed slapo-syncprov DSA attribute filtering for Persist mode
|
||||
(ITS#7019)
|
||||
* Fixed slapo-syncprov when consumer has newer state of our SID
|
||||
(ITS#7040)
|
||||
* Fixed slapo-syncprov crash (ITS#7025)
|
||||
* Added missing LDIF form of schema files (ITS#7063)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Nov 25 10:42:39 UTC 2011 - coolo@suse.com
|
||||
|
||||
|
@ -24,10 +24,10 @@ BuildRequires: cyrus-sasl-devel libopenssl-devel libtool
|
||||
%if %sles_version == 9 || %sles_version == 10
|
||||
BuildRequires: -libopenssl-devel -pwdutils openssl-devel
|
||||
%endif
|
||||
Version: 2.4.26
|
||||
Version: 2.4.28
|
||||
Release: 1
|
||||
Url: http://www.openldap.org
|
||||
License: BSD3c(or similar) ; openldap 2.8
|
||||
License: OpenLDAP 2.8
|
||||
%if "%{name}" == "openldap2"
|
||||
BuildRequires: db-devel openslp-devel tcpd-devel unixODBC-devel
|
||||
%if %sles_version == 9 || %sles_version == 10
|
||||
@ -44,7 +44,6 @@ Conflicts: openldap-client
|
||||
Requires: libldap-2_4-2 = %{version}
|
||||
Summary: The OpenLDAP commandline client tools
|
||||
%endif
|
||||
AutoReqProv: on
|
||||
Source: openldap-%{version}.tgz
|
||||
Source1: openldap-rc.tgz
|
||||
Source2: addonschema.tar.gz
|
||||
@ -59,15 +58,8 @@ Patch2: 0002-slapd.conf.dif
|
||||
Patch3: 0003-LDAPI-socket-location.dif
|
||||
Patch4: 0004-libldap-use-gethostbyname_r.dif
|
||||
Patch5: 0005-pie-compile.dif
|
||||
Patch6: 0006-assorted-fixes-for-back-config-DELETE-support.dif
|
||||
Patch7: 0007-No-Build-date-and-time-in-binaries.dif
|
||||
Patch8: 0008-Recover-on-DB-version-change.dif
|
||||
Patch9: 0009-unregister_supported_control-backport.dif
|
||||
Patch10: 0010-Fix-exposure-of-SSS-VLV-controls-ITS-6647.dif
|
||||
Patch11: 0011-config-delete-overlay-fixes.dif
|
||||
Patch12: 0012-backport-ConfigLDAPdel-callback-from-current-master.dif
|
||||
Patch13: 0013-UTF8StringNormalize-overrun-on-zero-length-string-ITS-.dif
|
||||
Patch14: 0014-ITS-7066-reworked-default-deny-ACL-for-cn-config.dif
|
||||
Patch6: 0006-No-Build-date-and-time-in-binaries.dif
|
||||
Patch7: 0007-Recover-on-DB-version-change.dif
|
||||
Patch100: openldap-2.3.37.dif
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
%if "%{name}" == "openldap2"
|
||||
@ -79,10 +71,8 @@ access a stand-alone LDAP directory service or to access a directory
|
||||
service that has an X.500 back-end.
|
||||
|
||||
%package -n openldap2-back-perl
|
||||
License: BSD3c(or similar) ; openldap 2.8
|
||||
Summary: OpenLDAP Perl Back-End
|
||||
Requires: openldap2 = %{version} perl = %{perl_version}
|
||||
AutoReqProv: on
|
||||
Group: Productivity/Networking/LDAP/Servers
|
||||
|
||||
%description -n openldap2-back-perl
|
||||
@ -90,10 +80,8 @@ The OpenLDAP Perl back-end allows you to execute Perl code specific to
|
||||
different LDAP operations.
|
||||
|
||||
%package -n openldap2-back-meta
|
||||
License: BSD3c(or similar) ; openldap 2.8
|
||||
Summary: OpenLDAP Meta Back-End
|
||||
Requires: openldap2 = %{version}
|
||||
AutoReqProv: on
|
||||
Group: Productivity/Networking/LDAP/Servers
|
||||
Provides: openldap2:/usr/share/man/man5/slapd-meta.5.gz
|
||||
|
||||
@ -104,10 +92,8 @@ these servers can be presented as belonging to a single Directory
|
||||
Information Tree (DIT).
|
||||
|
||||
%package -n openldap2-back-sql
|
||||
License: BSD3c(or similar) ; openldap 2.8
|
||||
Summary: OpenLDAP SQL Back-End
|
||||
Requires: openldap2 = %{version}
|
||||
AutoReqProv: on
|
||||
Group: Productivity/Networking/LDAP/Servers
|
||||
|
||||
%description -n openldap2-back-sql
|
||||
@ -116,10 +102,8 @@ stored in a Relational (SQL) Database as an LDAP subtree without the need
|
||||
to do any programming.
|
||||
|
||||
%package -n openldap2-doc
|
||||
License: BSD3c(or similar) ; openldap 2.8
|
||||
Summary: OpenLDAP Documentation
|
||||
Group: Documentation/Other
|
||||
AutoReqProv: on
|
||||
Provides: openldap2:/usr/share/doc/packages/openldap2/drafts/README
|
||||
%if 0%{?suse_version} > 1110
|
||||
BuildArch: noarch
|
||||
@ -134,9 +118,7 @@ The OpenLDAP Admin Guide plus a set of OpenLDAP related IETF internet drafts
|
||||
This package contains the OpenLDAP client utilities.
|
||||
|
||||
%package -n openldap2-devel
|
||||
License: BSD3c(or similar) ; openldap 2.8
|
||||
Summary: Libraries, Header Files and Documentation for OpenLDAP
|
||||
AutoReqProv: on
|
||||
# bug437293
|
||||
%ifarch ppc64
|
||||
Obsoletes: openldap2-devel-64bit
|
||||
@ -155,9 +137,7 @@ This package provides the OpenLDAP libraries, header files, and
|
||||
documentation.
|
||||
|
||||
%package -n libldap-2_4-2
|
||||
License: BSD3c(or similar) ; openldap 2.8
|
||||
Summary: OpenLDAP Client Libraries
|
||||
AutoReqProv: on
|
||||
Group: Productivity/Networking/LDAP/Clients
|
||||
|
||||
%description -n libldap-2_4-2
|
||||
@ -171,18 +151,9 @@ This package contains the OpenLDAP client libraries.
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
%patch4 -p1
|
||||
%if %suse_version > 920
|
||||
%patch5 -p1
|
||||
%endif
|
||||
%patch6 -p1
|
||||
%patch7 -p1
|
||||
%patch8 -p1
|
||||
%patch9 -p1
|
||||
%patch10 -p1
|
||||
%patch11 -p1
|
||||
%patch12 -p1
|
||||
%patch13 -p1
|
||||
%patch14 -p1
|
||||
cp %{SOURCE5} .
|
||||
cp %{SOURCE6} .
|
||||
cd ../openldap-2.3.37
|
||||
@ -216,6 +187,7 @@ export STRIP=""
|
||||
--enable-monitor=yes \
|
||||
--enable-perl=mod \
|
||||
--enable-sql=mod \
|
||||
--enable-mdb=no \
|
||||
--enable-slp \
|
||||
--enable-overlays=mod \
|
||||
--enable-syncprov=yes \
|
||||
@ -308,15 +280,17 @@ install -m 644 doc/guide/images/*.gif $RPM_BUILD_ROOT/%{DOCDIR}/images
|
||||
install -m 644 doc/drafts/* $RPM_BUILD_ROOT/%{DOCDIR}/drafts
|
||||
install -m 644 ANNOUNCEMENT \
|
||||
COPYRIGHT \
|
||||
INSTALL \
|
||||
LICENSE \
|
||||
README \
|
||||
CHANGES \
|
||||
%{SOURCE5} \
|
||||
%{SOURCE6} \
|
||||
$RPM_BUILD_ROOT/%{DOCDIR}
|
||||
install -m 644 servers/slapd/slapd.ldif \
|
||||
$RPM_BUILD_ROOT/%{DOCDIR}/slapd.ldif.default
|
||||
rm -f $RPM_BUILD_ROOT/etc/openldap/DB_CONFIG.example
|
||||
rm -f $RPM_BUILD_ROOT/etc/openldap/schema/README
|
||||
rm -f $RPM_BUILD_ROOT/etc/openldap/slapd.ldif*
|
||||
rm -f $RPM_BUILD_ROOT/var/run/slapd/openldap-data/DB_CONFIG.example
|
||||
mv servers/slapd/back-sql/rdbms_depend servers/slapd/back-sql/examples
|
||||
%if %suse_version < 1130
|
||||
@ -326,6 +300,7 @@ install -m 755 ../openldap-2.3.37/servers/slapd/slapcat $RPM_BUILD_ROOT/usr/sbin
|
||||
%endif
|
||||
rm -f $RPM_BUILD_ROOT/usr/lib/openldap/modules/*.a
|
||||
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-dnssrv.5
|
||||
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-mdb.5
|
||||
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-ndb.5
|
||||
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-null.5
|
||||
rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-passwd.5
|
||||
@ -389,10 +364,10 @@ cat >openldap2.filelist <<EOF
|
||||
%dir %{DOCDIR}
|
||||
%doc %{DOCDIR}/ANNOUNCEMENT
|
||||
%doc %{DOCDIR}/COPYRIGHT
|
||||
%doc %{DOCDIR}/INSTALL
|
||||
%doc %{DOCDIR}/LICENSE
|
||||
%doc %{DOCDIR}/README*
|
||||
%doc %{DOCDIR}/CHANGES
|
||||
%doc %{DOCDIR}/slapd.ldif.default
|
||||
EOF
|
||||
%if %suse_version < 1130
|
||||
cat >>openldap2.filelist <<EOF
|
||||
|
Loading…
Reference in New Issue
Block a user