forked from jengelh/openldap2
Accepting request 26207 from network:ldap
Copy from network:ldap/openldap2 based on submit request 26207 from user rhafer OBS-URL: https://build.opensuse.org/request/show/26207 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openldap2?expand=0&rev=57
This commit is contained in:
commit
338d9e5e3d
55
0001-back-config-objectclass-inheritence-ITS-6408.dif
Normal file
55
0001-back-config-objectclass-inheritence-ITS-6408.dif
Normal file
@ -0,0 +1,55 @@
|
|||||||
|
From 49921a1e1a1832f9461d800eeeaee30f12864441 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Ralf Haferkamp <rhafer@suse.de>
|
||||||
|
Date: Tue, 8 Dec 2009 12:13:39 +0100
|
||||||
|
Subject: [PATCH 1/3] back-config objectclass inheritence (ITS#6408)
|
||||||
|
|
||||||
|
bnc#558059
|
||||||
|
---
|
||||||
|
servers/slapd/bconfig.c | 12 ++++++------
|
||||||
|
1 files changed, 6 insertions(+), 6 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c
|
||||||
|
index c903458..d43e927 100644
|
||||||
|
--- a/servers/slapd/bconfig.c
|
||||||
|
+++ b/servers/slapd/bconfig.c
|
||||||
|
@@ -4932,10 +4932,10 @@ config_add_internal( CfBackInfo *cfb, Entry *e, ConfigArgs *ca, SlapReply *rs,
|
||||||
|
ok:
|
||||||
|
/* Newly added databases and overlays need to be started up */
|
||||||
|
if ( CONFIG_ONLINE_ADD( ca )) {
|
||||||
|
- if ( colst[0]->co_type == Cft_Database ) {
|
||||||
|
+ if ( coptr->co_type == Cft_Database ) {
|
||||||
|
rc = backend_startup_one( ca->be, &ca->reply );
|
||||||
|
|
||||||
|
- } else if ( colst[0]->co_type == Cft_Overlay ) {
|
||||||
|
+ } else if ( coptr->co_type == Cft_Overlay ) {
|
||||||
|
if ( ca->bi->bi_db_open ) {
|
||||||
|
BackendInfo *bi_orig = ca->be->bd_info;
|
||||||
|
ca->be->bd_info = ca->bi;
|
||||||
|
@@ -4961,7 +4961,7 @@ ok:
|
||||||
|
ce->ce_parent = last;
|
||||||
|
ce->ce_entry = entry_dup( e );
|
||||||
|
ce->ce_entry->e_private = ce;
|
||||||
|
- ce->ce_type = colst[0]->co_type;
|
||||||
|
+ ce->ce_type = coptr->co_type;
|
||||||
|
ce->ce_be = ca->be;
|
||||||
|
ce->ce_bi = ca->bi;
|
||||||
|
ce->ce_private = ca->ca_private;
|
||||||
|
@@ -5006,12 +5006,12 @@ ok:
|
||||||
|
|
||||||
|
done:
|
||||||
|
if ( rc ) {
|
||||||
|
- if ( (colst[0]->co_type == Cft_Database) && ca->be ) {
|
||||||
|
+ if ( (coptr->co_type == Cft_Database) && ca->be ) {
|
||||||
|
if ( ca->be != frontendDB )
|
||||||
|
backend_destroy_one( ca->be, 1 );
|
||||||
|
- } else if ( (colst[0]->co_type == Cft_Overlay) && ca->bi ) {
|
||||||
|
+ } else if ( (coptr->co_type == Cft_Overlay) && ca->bi ) {
|
||||||
|
overlay_destroy_one( ca->be, (slap_overinst *)ca->bi );
|
||||||
|
- } else if ( colst[0]->co_type == Cft_Schema ) {
|
||||||
|
+ } else if ( coptr->co_type == Cft_Schema ) {
|
||||||
|
schema_destroy_one( ca, colst, nocs, last );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
--
|
||||||
|
1.6.4.2
|
||||||
|
|
162
0002-init-bindconf-TLS-settings-ITS-6419.dif
Normal file
162
0002-init-bindconf-TLS-settings-ITS-6419.dif
Normal file
@ -0,0 +1,162 @@
|
|||||||
|
From d14434499207d1f0ca4686ce46787056b23b4d2c Mon Sep 17 00:00:00 2001
|
||||||
|
From: Ralf Haferkamp <rhafer@suse.de>
|
||||||
|
Date: Tue, 8 Dec 2009 13:36:17 +0100
|
||||||
|
Subject: [PATCH 2/3] init bindconf TLS settings (ITS#6419)
|
||||||
|
|
||||||
|
bnc#558397
|
||||||
|
---
|
||||||
|
servers/slapd/config.c | 71 +++++++++++++++++++++++++++++++++++++++++----
|
||||||
|
servers/slapd/slap.h | 8 +++++
|
||||||
|
servers/slapd/syncrepl.c | 4 ++
|
||||||
|
3 files changed, 76 insertions(+), 7 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/servers/slapd/config.c b/servers/slapd/config.c
|
||||||
|
index be5a2f7..171e968 100644
|
||||||
|
--- a/servers/slapd/config.c
|
||||||
|
+++ b/servers/slapd/config.c
|
||||||
|
@@ -1210,8 +1210,32 @@ static slap_verbmasks versionkey[] = {
|
||||||
|
{ BER_BVNULL, 0 }
|
||||||
|
};
|
||||||
|
|
||||||
|
+static int
|
||||||
|
+slap_sb_uri(
|
||||||
|
+ struct berval *val,
|
||||||
|
+ void *bcp,
|
||||||
|
+ slap_cf_aux_table *tab0,
|
||||||
|
+ const char *tabmsg,
|
||||||
|
+ int unparse )
|
||||||
|
+{
|
||||||
|
+ slap_bindconf *bc = bcp;
|
||||||
|
+ if ( unparse ) {
|
||||||
|
+ if ( bc->sb_uri.bv_len >= val->bv_len )
|
||||||
|
+ return -1;
|
||||||
|
+ val->bv_len = bc->sb_uri.bv_len;
|
||||||
|
+ AC_MEMCPY( val->bv_val, bc->sb_uri.bv_val, val->bv_len );
|
||||||
|
+ } else {
|
||||||
|
+ bc->sb_uri = *val;
|
||||||
|
+#ifdef HAVE_TLS
|
||||||
|
+ if ( ldap_is_ldaps_url( val->bv_val ))
|
||||||
|
+ bc->sb_tls_do_init = 1;
|
||||||
|
+#endif
|
||||||
|
+ }
|
||||||
|
+ return 0;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
static slap_cf_aux_table bindkey[] = {
|
||||||
|
- { BER_BVC("uri="), offsetof(slap_bindconf, sb_uri), 'b', 1, NULL },
|
||||||
|
+ { BER_BVC("uri="), 0, 'x', 1, slap_sb_uri },
|
||||||
|
{ BER_BVC("version="), offsetof(slap_bindconf, sb_version), 'i', 0, versionkey },
|
||||||
|
{ BER_BVC("bindmethod="), offsetof(slap_bindconf, sb_method), 'i', 0, methkey },
|
||||||
|
{ BER_BVC("timeout="), offsetof(slap_bindconf, sb_timeout_api), 'i', 0, NULL },
|
||||||
|
@@ -1224,21 +1248,20 @@ static slap_cf_aux_table bindkey[] = {
|
||||||
|
{ BER_BVC("authcID="), offsetof(slap_bindconf, sb_authcId), 'b', 1, NULL },
|
||||||
|
{ BER_BVC("authzID="), offsetof(slap_bindconf, sb_authzId), 'b', 1, (slap_verbmasks *)authzNormalize },
|
||||||
|
#ifdef HAVE_TLS
|
||||||
|
- { BER_BVC("starttls="), offsetof(slap_bindconf, sb_tls), 'i', 0, tlskey },
|
||||||
|
-
|
||||||
|
/* NOTE: replace "13" with the actual index
|
||||||
|
* of the first TLS-related line */
|
||||||
|
#define aux_TLS (bindkey+13) /* beginning of TLS keywords */
|
||||||
|
|
||||||
|
+ { BER_BVC("starttls="), offsetof(slap_bindconf, sb_tls), 'i', 0, tlskey },
|
||||||
|
{ BER_BVC("tls_cert="), offsetof(slap_bindconf, sb_tls_cert), 's', 1, NULL },
|
||||||
|
{ BER_BVC("tls_key="), offsetof(slap_bindconf, sb_tls_key), 's', 1, NULL },
|
||||||
|
{ BER_BVC("tls_cacert="), offsetof(slap_bindconf, sb_tls_cacert), 's', 1, NULL },
|
||||||
|
{ BER_BVC("tls_cacertdir="), offsetof(slap_bindconf, sb_tls_cacertdir), 's', 1, NULL },
|
||||||
|
- { BER_BVC("tls_reqcert="), offsetof(slap_bindconf, sb_tls_reqcert), 's', 1, NULL },
|
||||||
|
- { BER_BVC("tls_cipher_suite="), offsetof(slap_bindconf, sb_tls_cipher_suite), 's', 1, NULL },
|
||||||
|
- { BER_BVC("tls_protocol_min="), offsetof(slap_bindconf, sb_tls_protocol_min), 's', 1, NULL },
|
||||||
|
+ { BER_BVC("tls_reqcert="), offsetof(slap_bindconf, sb_tls_reqcert), 's', 0, NULL },
|
||||||
|
+ { BER_BVC("tls_cipher_suite="), offsetof(slap_bindconf, sb_tls_cipher_suite), 's', 0, NULL },
|
||||||
|
+ { BER_BVC("tls_protocol_min="), offsetof(slap_bindconf, sb_tls_protocol_min), 's', 0, NULL },
|
||||||
|
#ifdef HAVE_OPENSSL_CRL
|
||||||
|
- { BER_BVC("tls_crlcheck="), offsetof(slap_bindconf, sb_tls_crlcheck), 's', 1, NULL },
|
||||||
|
+ { BER_BVC("tls_crlcheck="), offsetof(slap_bindconf, sb_tls_crlcheck), 's', 0, NULL },
|
||||||
|
#endif
|
||||||
|
#endif
|
||||||
|
{ BER_BVNULL, 0, 0, 0, NULL }
|
||||||
|
@@ -1330,6 +1353,20 @@ slap_cf_aux_table_parse( const char *word, void *dst, slap_cf_aux_table *tab0, L
|
||||||
|
|
||||||
|
rc = lutil_atoulx( ulptr, val, 0 );
|
||||||
|
break;
|
||||||
|
+
|
||||||
|
+ case 'x':
|
||||||
|
+ if ( tab->aux != NULL ) {
|
||||||
|
+ struct berval value;
|
||||||
|
+ slap_cf_aux_table_parse_x *func = (slap_cf_aux_table_parse_x *)tab->aux;
|
||||||
|
+
|
||||||
|
+ ber_str2bv( val, 0, 1, &value );
|
||||||
|
+
|
||||||
|
+ rc = func( &value, (void *)((char *)dst + tab->off), tab, tabmsg, 0 );
|
||||||
|
+
|
||||||
|
+ } else {
|
||||||
|
+ rc = 1;
|
||||||
|
+ }
|
||||||
|
+ break;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( rc ) {
|
||||||
|
@@ -1420,6 +1457,26 @@ slap_cf_aux_table_unparse( void *src, struct berval *bv, slap_cf_aux_table *tab0
|
||||||
|
ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ), "%lu", *ulptr );
|
||||||
|
break;
|
||||||
|
|
||||||
|
+ case 'x':
|
||||||
|
+ *ptr++ = ' ';
|
||||||
|
+ ptr = lutil_strcopy( ptr, tab->key.bv_val );
|
||||||
|
+ if ( tab->quote ) *ptr++ = '"';
|
||||||
|
+ if ( tab->aux != NULL ) {
|
||||||
|
+ struct berval value;
|
||||||
|
+ slap_cf_aux_table_parse_x *func = (slap_cf_aux_table_parse_x *)tab->aux;
|
||||||
|
+ int rc;
|
||||||
|
+
|
||||||
|
+ value.bv_val = ptr;
|
||||||
|
+ value.bv_len = buf + sizeof( buf ) - ptr;
|
||||||
|
+
|
||||||
|
+ rc = func( &value, (void *)((char *)src + tab->off), tab, "(unparse)", 1 );
|
||||||
|
+ if ( rc == 0 ) {
|
||||||
|
+ ptr += value.bv_len;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ if ( tab->quote ) *ptr++ = '"';
|
||||||
|
+ break;
|
||||||
|
+
|
||||||
|
default:
|
||||||
|
assert( 0 );
|
||||||
|
}
|
||||||
|
diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h
|
||||||
|
index 076b898..210f6ba 100644
|
||||||
|
--- a/servers/slapd/slap.h
|
||||||
|
+++ b/servers/slapd/slap.h
|
||||||
|
@@ -1630,6 +1630,14 @@ typedef struct slap_cf_aux_table {
|
||||||
|
void *aux;
|
||||||
|
} slap_cf_aux_table;
|
||||||
|
|
||||||
|
+typedef int
|
||||||
|
+slap_cf_aux_table_parse_x LDAP_P((
|
||||||
|
+ struct berval *val,
|
||||||
|
+ void *bc,
|
||||||
|
+ slap_cf_aux_table *tab0,
|
||||||
|
+ const char *tabmsg,
|
||||||
|
+ int unparse ));
|
||||||
|
+
|
||||||
|
#define SLAP_LIMIT_TIME 1
|
||||||
|
#define SLAP_LIMIT_SIZE 2
|
||||||
|
|
||||||
|
diff --git a/servers/slapd/syncrepl.c b/servers/slapd/syncrepl.c
|
||||||
|
index fb1001f..bf84556 100644
|
||||||
|
--- a/servers/slapd/syncrepl.c
|
||||||
|
+++ b/servers/slapd/syncrepl.c
|
||||||
|
@@ -4060,6 +4060,10 @@ parse_syncrepl_line(
|
||||||
|
{
|
||||||
|
val = c->argv[ i ] + STRLENOF( PROVIDERSTR "=" );
|
||||||
|
ber_str2bv( val, 0, 1, &si->si_bindconf.sb_uri );
|
||||||
|
+#ifdef HAVE_TLS
|
||||||
|
+ if ( ldap_is_ldaps_url( val ))
|
||||||
|
+ si->si_bindconf.sb_tls_do_init = 1;
|
||||||
|
+#endif
|
||||||
|
si->si_got |= GOT_PROVIDER;
|
||||||
|
} else if ( !strncasecmp( c->argv[ i ], SCHEMASTR "=",
|
||||||
|
STRLENOF( SCHEMASTR "=" ) ) )
|
||||||
|
--
|
||||||
|
1.6.4.2
|
||||||
|
|
135
0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif
Normal file
135
0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif
Normal file
@ -0,0 +1,135 @@
|
|||||||
|
From ed86ffeec8ac01f9bc8ed531e5205a924c4a2979 Mon Sep 17 00:00:00 2001
|
||||||
|
From: ralf <ralf>
|
||||||
|
Date: Thu, 10 Dec 2009 10:56:52 +0000
|
||||||
|
Subject: [PATCH 3/3] apply global limit changes to all databases (ITS#6428)
|
||||||
|
|
||||||
|
bnc#562184
|
||||||
|
---
|
||||||
|
servers/slapd/bconfig.c | 90 ++++++++++++++++++++++++++++++++++++++++------
|
||||||
|
1 files changed, 78 insertions(+), 12 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c
|
||||||
|
index d43e927..ae15224 100644
|
||||||
|
--- a/servers/slapd/bconfig.c
|
||||||
|
+++ b/servers/slapd/bconfig.c
|
||||||
|
@@ -2208,14 +2208,23 @@ config_sizelimit(ConfigArgs *c) {
|
||||||
|
rc = 1;
|
||||||
|
return rc;
|
||||||
|
} else if ( c->op == LDAP_MOD_DELETE ) {
|
||||||
|
- /* Reset to defaults */
|
||||||
|
- lim->lms_s_soft = SLAPD_DEFAULT_SIZELIMIT;
|
||||||
|
- lim->lms_s_hard = 0;
|
||||||
|
- lim->lms_s_unchecked = -1;
|
||||||
|
- lim->lms_s_pr = 0;
|
||||||
|
- lim->lms_s_pr_hide = 0;
|
||||||
|
- lim->lms_s_pr_total = 0;
|
||||||
|
- return 0;
|
||||||
|
+ /* Reset to defaults or values from frontend */
|
||||||
|
+ if ( c->be == frontendDB ) {
|
||||||
|
+ lim->lms_s_soft = SLAPD_DEFAULT_SIZELIMIT;
|
||||||
|
+ lim->lms_s_hard = 0;
|
||||||
|
+ lim->lms_s_unchecked = -1;
|
||||||
|
+ lim->lms_s_pr = 0;
|
||||||
|
+ lim->lms_s_pr_hide = 0;
|
||||||
|
+ lim->lms_s_pr_total = 0;
|
||||||
|
+ } else {
|
||||||
|
+ lim->lms_s_soft = frontendDB->be_def_limit.lms_s_soft;
|
||||||
|
+ lim->lms_s_hard = frontendDB->be_def_limit.lms_s_hard;
|
||||||
|
+ lim->lms_s_unchecked = frontendDB->be_def_limit.lms_s_unchecked;
|
||||||
|
+ lim->lms_s_pr = frontendDB->be_def_limit.lms_s_pr;
|
||||||
|
+ lim->lms_s_pr_hide = frontendDB->be_def_limit.lms_s_pr_hide;
|
||||||
|
+ lim->lms_s_pr_total = frontendDB->be_def_limit.lms_s_pr_total;
|
||||||
|
+ }
|
||||||
|
+ goto ok;
|
||||||
|
}
|
||||||
|
for(i = 1; i < c->argc; i++) {
|
||||||
|
if(!strncasecmp(c->argv[i], "size", 4)) {
|
||||||
|
@@ -2240,6 +2249,34 @@ config_sizelimit(ConfigArgs *c) {
|
||||||
|
lim->lms_s_hard = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+ok:
|
||||||
|
+ if ( ( c->be == frontendDB ) && ( c->ca_entry ) ) {
|
||||||
|
+ /* This is a modification to the global limits apply it to
|
||||||
|
+ * the other databases as needed */
|
||||||
|
+ AttributeDescription *ad=NULL;
|
||||||
|
+ const char *text = NULL;
|
||||||
|
+ slap_str2ad(c->argv[0], &ad, &text);
|
||||||
|
+ /* if we got here... */
|
||||||
|
+ assert( ad != NULL );
|
||||||
|
+
|
||||||
|
+ CfEntryInfo *ce = c->ca_entry->e_private;
|
||||||
|
+ if ( ce->ce_type == Cft_Global ){
|
||||||
|
+ ce = ce->ce_kids;
|
||||||
|
+ }
|
||||||
|
+ for (; ce; ce=ce->ce_sibs) {
|
||||||
|
+ Entry *dbe = ce->ce_entry;
|
||||||
|
+ if ( (ce->ce_type == Cft_Database) && (ce->ce_be != frontendDB)
|
||||||
|
+ && (!attr_find(dbe->e_attrs, ad)) ) {
|
||||||
|
+ ce->ce_be->be_def_limit.lms_s_soft = lim->lms_s_soft;
|
||||||
|
+ ce->ce_be->be_def_limit.lms_s_hard = lim->lms_s_hard;
|
||||||
|
+ ce->ce_be->be_def_limit.lms_s_unchecked =lim->lms_s_unchecked;
|
||||||
|
+ ce->ce_be->be_def_limit.lms_s_pr =lim->lms_s_pr;
|
||||||
|
+ ce->ce_be->be_def_limit.lms_s_pr_hide =lim->lms_s_pr_hide;
|
||||||
|
+ ce->ce_be->be_def_limit.lms_s_pr_total =lim->lms_s_pr_total;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -2259,10 +2296,15 @@ config_timelimit(ConfigArgs *c) {
|
||||||
|
rc = 1;
|
||||||
|
return rc;
|
||||||
|
} else if ( c->op == LDAP_MOD_DELETE ) {
|
||||||
|
- /* Reset to defaults */
|
||||||
|
- lim->lms_t_soft = SLAPD_DEFAULT_TIMELIMIT;
|
||||||
|
- lim->lms_t_hard = 0;
|
||||||
|
- return 0;
|
||||||
|
+ /* Reset to defaults or values from frontend */
|
||||||
|
+ if ( c->be == frontendDB ) {
|
||||||
|
+ lim->lms_t_soft = SLAPD_DEFAULT_TIMELIMIT;
|
||||||
|
+ lim->lms_t_hard = 0;
|
||||||
|
+ } else {
|
||||||
|
+ lim->lms_t_soft = frontendDB->be_def_limit.lms_t_soft;
|
||||||
|
+ lim->lms_t_hard = frontendDB->be_def_limit.lms_t_hard;
|
||||||
|
+ }
|
||||||
|
+ goto ok;
|
||||||
|
}
|
||||||
|
for(i = 1; i < c->argc; i++) {
|
||||||
|
if(!strncasecmp(c->argv[i], "time", 4)) {
|
||||||
|
@@ -2287,6 +2329,30 @@ config_timelimit(ConfigArgs *c) {
|
||||||
|
lim->lms_t_hard = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+ok:
|
||||||
|
+ if ( ( c->be == frontendDB ) && ( c->ca_entry ) ) {
|
||||||
|
+ /* This is a modification to the global limits apply it to
|
||||||
|
+ * the other databases as needed */
|
||||||
|
+ AttributeDescription *ad=NULL;
|
||||||
|
+ const char *text = NULL;
|
||||||
|
+ slap_str2ad(c->argv[0], &ad, &text);
|
||||||
|
+ /* if we got here... */
|
||||||
|
+ assert( ad != NULL );
|
||||||
|
+
|
||||||
|
+ CfEntryInfo *ce = c->ca_entry->e_private;
|
||||||
|
+ if ( ce->ce_type == Cft_Global ){
|
||||||
|
+ ce = ce->ce_kids;
|
||||||
|
+ }
|
||||||
|
+ for (; ce; ce=ce->ce_sibs) {
|
||||||
|
+ Entry *dbe = ce->ce_entry;
|
||||||
|
+ if ( (ce->ce_type == Cft_Database) && (ce->ce_be != frontendDB)
|
||||||
|
+ && (!attr_find(dbe->e_attrs, ad)) ) {
|
||||||
|
+ ce->ce_be->be_def_limit.lms_t_soft = lim->lms_t_soft;
|
||||||
|
+ ce->ce_be->be_def_limit.lms_t_hard = lim->lms_t_hard;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
return(0);
|
||||||
|
}
|
||||||
|
|
||||||
|
--
|
||||||
|
1.6.4.2
|
||||||
|
|
@ -1,125 +0,0 @@
|
|||||||
Index: libraries/libldap/tls_o.c
|
|
||||||
===================================================================
|
|
||||||
RCS file: /repo/OpenLDAP/pkg/ldap/libraries/libldap/tls_o.c,v
|
|
||||||
retrieving revision 1.5.2.4
|
|
||||||
retrieving revision 1.5.2.6
|
|
||||||
diff -u -r1.5.2.4 -r1.5.2.6
|
|
||||||
--- libraries/libldap/tls_o.c 1 Jul 2009 23:04:49 -0000 1.5.2.4
|
|
||||||
+++ libraries/libldap/tls_o.c 13 Aug 2009 00:52:04 -0000 1.5.2.6
|
|
||||||
@@ -466,7 +466,7 @@
|
|
||||||
X509 *x;
|
|
||||||
const char *name;
|
|
||||||
char *ptr;
|
|
||||||
- int ntype = IS_DNS;
|
|
||||||
+ int ntype = IS_DNS, nlen;
|
|
||||||
#ifdef LDAP_PF_INET6
|
|
||||||
struct in6_addr addr;
|
|
||||||
#else
|
|
||||||
@@ -480,6 +480,7 @@
|
|
||||||
} else {
|
|
||||||
name = name_in;
|
|
||||||
}
|
|
||||||
+ nlen = strlen(name);
|
|
||||||
|
|
||||||
x = tlso_get_cert(s);
|
|
||||||
if (!x) {
|
|
||||||
@@ -513,15 +514,14 @@
|
|
||||||
ex = X509_get_ext(x, i);
|
|
||||||
alt = X509V3_EXT_d2i(ex);
|
|
||||||
if (alt) {
|
|
||||||
- int n, len1 = 0, len2 = 0;
|
|
||||||
+ int n, len2 = 0;
|
|
||||||
char *domain = NULL;
|
|
||||||
GENERAL_NAME *gn;
|
|
||||||
|
|
||||||
if (ntype == IS_DNS) {
|
|
||||||
- len1 = strlen(name);
|
|
||||||
domain = strchr(name, '.');
|
|
||||||
if (domain) {
|
|
||||||
- len2 = len1 - (domain-name);
|
|
||||||
+ len2 = nlen - (domain-name);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
n = sk_GENERAL_NAME_num(alt);
|
|
||||||
@@ -539,7 +539,7 @@
|
|
||||||
if (sl == 0) continue;
|
|
||||||
|
|
||||||
/* Is this an exact match? */
|
|
||||||
- if ((len1 == sl) && !strncasecmp(name, sn, len1)) {
|
|
||||||
+ if ((nlen == sl) && !strncasecmp(name, sn, nlen)) {
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -579,13 +579,28 @@
|
|
||||||
|
|
||||||
if (ret != LDAP_SUCCESS) {
|
|
||||||
X509_NAME *xn;
|
|
||||||
- char buf[2048];
|
|
||||||
- buf[0] = '\0';
|
|
||||||
+ X509_NAME_ENTRY *ne;
|
|
||||||
+ ASN1_OBJECT *obj;
|
|
||||||
+ ASN1_STRING *cn = NULL;
|
|
||||||
+ int navas;
|
|
||||||
+
|
|
||||||
+ /* find the last CN */
|
|
||||||
+ obj = OBJ_nid2obj( NID_commonName );
|
|
||||||
+ if ( !obj ) goto no_cn; /* should never happen */
|
|
||||||
|
|
||||||
xn = X509_get_subject_name(x);
|
|
||||||
- if( X509_NAME_get_text_by_NID( xn, NID_commonName,
|
|
||||||
- buf, sizeof(buf)) == -1)
|
|
||||||
+ navas = X509_NAME_entry_count( xn );
|
|
||||||
+ for ( i=navas-1; i>=0; i-- ) {
|
|
||||||
+ ne = X509_NAME_get_entry( xn, i );
|
|
||||||
+ if ( !OBJ_cmp( ne->object, obj )) {
|
|
||||||
+ cn = X509_NAME_ENTRY_get_data( ne );
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ if( !cn )
|
|
||||||
{
|
|
||||||
+no_cn:
|
|
||||||
Debug( LDAP_DEBUG_ANY,
|
|
||||||
"TLS: unable to get common name from peer certificate.\n",
|
|
||||||
0, 0, 0 );
|
|
||||||
@@ -596,21 +611,20 @@
|
|
||||||
ld->ld_error = LDAP_STRDUP(
|
|
||||||
_("TLS: unable to get CN from peer certificate"));
|
|
||||||
|
|
||||||
- } else if (strcasecmp(name, buf) == 0 ) {
|
|
||||||
+ } else if ( cn->length == nlen &&
|
|
||||||
+ strncasecmp( name, (char *) cn->data, nlen ) == 0 ) {
|
|
||||||
ret = LDAP_SUCCESS;
|
|
||||||
|
|
||||||
- } else if (( buf[0] == '*' ) && ( buf[1] == '.' )) {
|
|
||||||
+ } else if (( cn->data[0] == '*' ) && ( cn->data[1] == '.' )) {
|
|
||||||
char *domain = strchr(name, '.');
|
|
||||||
if( domain ) {
|
|
||||||
- size_t dlen = 0;
|
|
||||||
- size_t sl;
|
|
||||||
+ size_t dlen;
|
|
||||||
|
|
||||||
- sl = strlen(name);
|
|
||||||
- dlen = sl - (domain-name);
|
|
||||||
- sl = strlen(buf);
|
|
||||||
+ dlen = nlen - (domain-name);
|
|
||||||
|
|
||||||
/* Is this a wildcard match? */
|
|
||||||
- if ((dlen == sl-1) && !strncasecmp(domain, &buf[1], dlen)) {
|
|
||||||
+ if ((dlen == cn->length-1) &&
|
|
||||||
+ !strncasecmp(domain, (char *) &cn->data[1], dlen)) {
|
|
||||||
ret = LDAP_SUCCESS;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -618,8 +632,8 @@
|
|
||||||
|
|
||||||
if( ret == LDAP_LOCAL_ERROR ) {
|
|
||||||
Debug( LDAP_DEBUG_ANY, "TLS: hostname (%s) does not match "
|
|
||||||
- "common name in certificate (%s).\n",
|
|
||||||
- name, buf, 0 );
|
|
||||||
+ "common name in certificate (%.*s).\n",
|
|
||||||
+ name, cn->length, cn->data );
|
|
||||||
ret = LDAP_CONNECT_ERROR;
|
|
||||||
if ( ld->ld_error ) {
|
|
||||||
LDAP_FREE( ld->ld_error );
|
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:9420647e50819d5b21ce271f827a00e76ac60a06712ec5fa948aaeca160543b6
|
|
||||||
size 4372683
|
|
3
openldap-2.4.20.tar.bz2
Normal file
3
openldap-2.4.20.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:af0f2ceb0fbabd866bf25bc6ea2013d4bf0510d84f6d4bcde25c8f0c270b411c
|
||||||
|
size 4417900
|
@ -1,3 +1,40 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Dec 10 15:41:11 UTC 2009 - rhafer@novell.com
|
||||||
|
|
||||||
|
- Fixed an issue in back-config's objectclass inheritence code that
|
||||||
|
could cause the server to fail to start or to spin in an endless
|
||||||
|
loop (bnc#558059,ITS#6408)
|
||||||
|
- default the tls_reqcert parameter of a syncrepl config to
|
||||||
|
"demand" as documented even if other tls_ options are absent
|
||||||
|
(bnc#558397, ITS#6319)
|
||||||
|
- apply changes to the global size and timelimits to all database
|
||||||
|
that don't specify limits themself. (bnc#562184, ITS#6428)
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Nov 30 16:09:22 UTC 2009 - rhafer@novell.com
|
||||||
|
|
||||||
|
- Update to 2.4.20 (fate#306593), most important fixes since 2.4.19
|
||||||
|
* Fixed liblber embedded NUL values in BerValues (ITS#6353)
|
||||||
|
* Fixed libldap sasl buffer sizing (ITS#6327,ITS#6334)
|
||||||
|
* Fixed libldap uninitialized return value (ITS#6355)
|
||||||
|
* Fixed libldap unlimited timeout (ITS#6388)
|
||||||
|
* Added slapd handling of hex server IDs (ITS#6297)
|
||||||
|
* Fixed slapd checks of str2filter (ITS#6391)
|
||||||
|
* Fixed slapd configArgs initialization (ITS#6363)
|
||||||
|
* Fixed slapd db_open with connection_fake_init (ITS#6381)
|
||||||
|
* Fixed slapd with embedded \0 in bervals (ITS#6378,ITS#6379)
|
||||||
|
* Fixed slapd inclusion of ac/unistd.h (ITS#6342)
|
||||||
|
* Fixed slapd sl_free to better reclaim memory (ITS#6380)
|
||||||
|
* Fixed slapd syncrepl deletes in MirrorMode (ITS#6368)
|
||||||
|
* Fixed slapd syncrepl to use correct SID (ITS#6367)
|
||||||
|
* Fixed slapd tls_accept to retry in certain cases (ITS#6304)
|
||||||
|
* Fixed slapd-bdb/hdb cache corruption (ITS#6341)
|
||||||
|
* Fixed slapd-bdb/hdb entry cache (ITS#6360)
|
||||||
|
* Fixed slapo-syncprov checkpoint conversion (ITS#6370)
|
||||||
|
* Fixed slapo-syncprov deadlock (ITS#6335)
|
||||||
|
* Fixed slapo-syncprov out of order changes (ITS#6346)
|
||||||
|
- Added switch to enable/disable testsuite (%run_test_suite)
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Tue Nov 3 19:13:32 UTC 2009 - coolo@novell.com
|
Tue Nov 3 19:13:32 UTC 2009 - coolo@novell.com
|
||||||
|
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
#
|
#
|
||||||
# spec file for package openldap2-client (Version 2.4.17)
|
# spec file for package openldap2-client (Version 2.4.20)
|
||||||
#
|
#
|
||||||
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
||||||
#
|
#
|
||||||
@ -17,6 +17,7 @@
|
|||||||
|
|
||||||
# norootforbuild
|
# norootforbuild
|
||||||
|
|
||||||
|
%define run_test_suite 1
|
||||||
|
|
||||||
Name: openldap2-client
|
Name: openldap2-client
|
||||||
BuildRequires: cyrus-sasl-devel db-devel libopenssl-devel openslp-devel tcpd-devel
|
BuildRequires: cyrus-sasl-devel db-devel libopenssl-devel openslp-devel tcpd-devel
|
||||||
@ -26,10 +27,10 @@ BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-de
|
|||||||
%if %sles_version == 10
|
%if %sles_version == 10
|
||||||
BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-devel
|
BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-devel
|
||||||
%endif
|
%endif
|
||||||
Version: 2.4.17
|
Version: 2.4.20
|
||||||
Release: 5
|
Release: 1
|
||||||
Url: http://www.openldap.org
|
Url: http://www.openldap.org
|
||||||
License: BSD 3-clause (or similar) ; openldap 2.8
|
License: BSD3c(or similar) ; openldap 2.8
|
||||||
%if "%{name}" == "openldap2"
|
%if "%{name}" == "openldap2"
|
||||||
Group: Productivity/Networking/LDAP/Clients
|
Group: Productivity/Networking/LDAP/Clients
|
||||||
Provides: ldap2 openldap2-back-ldap openldap2-back-monitor
|
Provides: ldap2 openldap2-back-ldap openldap2-back-monitor
|
||||||
@ -41,6 +42,7 @@ Summary: The OpenLDAP commandline client tools
|
|||||||
%else
|
%else
|
||||||
Group: Productivity/Networking/LDAP/Clients
|
Group: Productivity/Networking/LDAP/Clients
|
||||||
Conflicts: openldap-client
|
Conflicts: openldap-client
|
||||||
|
Requires: libldap-2_4-2 = %{version}
|
||||||
Summary: The OpenLDAP commandline client tools
|
Summary: The OpenLDAP commandline client tools
|
||||||
%endif
|
%endif
|
||||||
AutoReqProv: on
|
AutoReqProv: on
|
||||||
@ -52,16 +54,16 @@ Source4: sasl-slapd.conf
|
|||||||
Source5: README.update
|
Source5: README.update
|
||||||
Source6: schema2ldif
|
Source6: schema2ldif
|
||||||
Source100: openldap-2.3.37.tar.bz2
|
Source100: openldap-2.3.37.tar.bz2
|
||||||
Patch: openldap2.dif
|
Patch1: openldap2.dif
|
||||||
Patch2: slapd_conf.dif
|
Patch2: slapd_conf.dif
|
||||||
Patch3: ldap_conf.dif
|
Patch3: ldap_conf.dif
|
||||||
Patch4: ldapi_url.dif
|
Patch4: ldapi_url.dif
|
||||||
Patch5: test056-monitor-its6213.dif
|
|
||||||
Patch6: libldap-gethostbyname_r.dif
|
Patch6: libldap-gethostbyname_r.dif
|
||||||
Patch7: pie-compile.dif
|
Patch7: pie-compile.dif
|
||||||
Patch11: slapd-bconfig-del-db.dif
|
Patch11: slapd-bconfig-del-db.dif
|
||||||
Patch14: slapo-collect-include.dif
|
Patch12: 0001-back-config-objectclass-inheritence-ITS-6408.dif
|
||||||
Patch15: libldap-tls_chkhost-its6239.dif
|
Patch13: 0002-init-bindconf-TLS-settings-ITS-6419.dif
|
||||||
|
Patch14: 0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif
|
||||||
Patch100: openldap-2.3.37.dif
|
Patch100: openldap-2.3.37.dif
|
||||||
Patch200: slapd_getaddrinfo_dupl.dif
|
Patch200: slapd_getaddrinfo_dupl.dif
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||||
@ -80,7 +82,7 @@ Authors:
|
|||||||
The OpenLDAP Project <project@openldap.org>
|
The OpenLDAP Project <project@openldap.org>
|
||||||
|
|
||||||
%package -n openldap2-back-perl
|
%package -n openldap2-back-perl
|
||||||
License: BSD 3-clause (or similar)
|
License: BSD3c(or similar)
|
||||||
Summary: OpenLDAP Perl Back-End
|
Summary: OpenLDAP Perl Back-End
|
||||||
Requires: openldap2 = %{version} perl = %{perl_version}
|
Requires: openldap2 = %{version} perl = %{perl_version}
|
||||||
AutoReqProv: on
|
AutoReqProv: on
|
||||||
@ -97,7 +99,7 @@ Authors:
|
|||||||
The OpenLDAP Project <project@openldap.org>
|
The OpenLDAP Project <project@openldap.org>
|
||||||
|
|
||||||
%package -n openldap2-back-meta
|
%package -n openldap2-back-meta
|
||||||
License: BSD 3-clause (or similar)
|
License: BSD3c(or similar)
|
||||||
Summary: OpenLDAP Meta Back-End
|
Summary: OpenLDAP Meta Back-End
|
||||||
Requires: openldap2 = %{version}
|
Requires: openldap2 = %{version}
|
||||||
AutoReqProv: on
|
AutoReqProv: on
|
||||||
@ -128,7 +130,7 @@ Authors:
|
|||||||
|
|
||||||
|
|
||||||
%package -n openldap2-devel
|
%package -n openldap2-devel
|
||||||
License: BSD 3-clause (or similar) ; openldap 2.8
|
License: BSD3c(or similar) ; openldap 2.8
|
||||||
Summary: Libraries, Header Files and Documentation for OpenLDAP
|
Summary: Libraries, Header Files and Documentation for OpenLDAP
|
||||||
AutoReqProv: on
|
AutoReqProv: on
|
||||||
# bug437293
|
# bug437293
|
||||||
@ -155,7 +157,7 @@ Authors:
|
|||||||
The OpenLDAP Project <project@openldap.org>
|
The OpenLDAP Project <project@openldap.org>
|
||||||
|
|
||||||
%package -n libldap-2_4-2
|
%package -n libldap-2_4-2
|
||||||
License: BSD 3-clause (or similar) ; openldap 2.8
|
License: BSD3c(or similar) ; openldap 2.8
|
||||||
Summary: OpenLDAP Client Libraries
|
Summary: OpenLDAP Client Libraries
|
||||||
AutoReqProv: on
|
AutoReqProv: on
|
||||||
Group: Productivity/Networking/LDAP/Clients
|
Group: Productivity/Networking/LDAP/Clients
|
||||||
@ -173,18 +175,18 @@ Authors:
|
|||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q -n openldap-%{version} -a1 -a2 -b100
|
%setup -q -n openldap-%{version} -a1 -a2 -b100
|
||||||
%patch
|
%patch1
|
||||||
%patch2
|
%patch2
|
||||||
%patch3
|
%patch3
|
||||||
%patch4
|
%patch4
|
||||||
%patch5
|
|
||||||
%patch6
|
%patch6
|
||||||
%if %suse_version > 920
|
%if %suse_version > 920
|
||||||
%patch7
|
%patch7
|
||||||
%endif
|
%endif
|
||||||
%patch11
|
%patch11
|
||||||
|
%patch12 -p1
|
||||||
|
%patch13 -p1
|
||||||
%patch14 -p1
|
%patch14 -p1
|
||||||
%patch15
|
|
||||||
%if %suse_version == 1100
|
%if %suse_version == 1100
|
||||||
%patch200 -p1
|
%patch200 -p1
|
||||||
%endif
|
%endif
|
||||||
@ -253,6 +255,7 @@ make %{?jobs:-j%jobs}
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%check
|
%check
|
||||||
|
%if %run_test_suite
|
||||||
# calculate the base port to be use in the test-suite
|
# calculate the base port to be use in the test-suite
|
||||||
SLAPD_BASEPORT=10000
|
SLAPD_BASEPORT=10000
|
||||||
if [ -f /.buildenv ] ; then
|
if [ -f /.buildenv ] ; then
|
||||||
@ -274,6 +277,7 @@ rm -f tests/scripts/test050-syncrepl-multimaster
|
|||||||
rm -f tests/scripts/test058-syncrepl-asymmetric
|
rm -f tests/scripts/test058-syncrepl-asymmetric
|
||||||
make SLAPD_DEBUG=0 test
|
make SLAPD_DEBUG=0 test
|
||||||
%endif
|
%endif
|
||||||
|
%endif
|
||||||
|
|
||||||
%install
|
%install
|
||||||
mkdir -p $RPM_BUILD_ROOT/etc/init.d
|
mkdir -p $RPM_BUILD_ROOT/etc/init.d
|
||||||
|
@ -1,3 +1,40 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Dec 10 15:41:11 UTC 2009 - rhafer@novell.com
|
||||||
|
|
||||||
|
- Fixed an issue in back-config's objectclass inheritence code that
|
||||||
|
could cause the server to fail to start or to spin in an endless
|
||||||
|
loop (bnc#558059,ITS#6408)
|
||||||
|
- default the tls_reqcert parameter of a syncrepl config to
|
||||||
|
"demand" as documented even if other tls_ options are absent
|
||||||
|
(bnc#558397, ITS#6319)
|
||||||
|
- apply changes to the global size and timelimits to all database
|
||||||
|
that don't specify limits themself. (bnc#562184, ITS#6428)
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Nov 30 16:09:22 UTC 2009 - rhafer@novell.com
|
||||||
|
|
||||||
|
- Update to 2.4.20 (fate#306593), most important fixes since 2.4.19
|
||||||
|
* Fixed liblber embedded NUL values in BerValues (ITS#6353)
|
||||||
|
* Fixed libldap sasl buffer sizing (ITS#6327,ITS#6334)
|
||||||
|
* Fixed libldap uninitialized return value (ITS#6355)
|
||||||
|
* Fixed libldap unlimited timeout (ITS#6388)
|
||||||
|
* Added slapd handling of hex server IDs (ITS#6297)
|
||||||
|
* Fixed slapd checks of str2filter (ITS#6391)
|
||||||
|
* Fixed slapd configArgs initialization (ITS#6363)
|
||||||
|
* Fixed slapd db_open with connection_fake_init (ITS#6381)
|
||||||
|
* Fixed slapd with embedded \0 in bervals (ITS#6378,ITS#6379)
|
||||||
|
* Fixed slapd inclusion of ac/unistd.h (ITS#6342)
|
||||||
|
* Fixed slapd sl_free to better reclaim memory (ITS#6380)
|
||||||
|
* Fixed slapd syncrepl deletes in MirrorMode (ITS#6368)
|
||||||
|
* Fixed slapd syncrepl to use correct SID (ITS#6367)
|
||||||
|
* Fixed slapd tls_accept to retry in certain cases (ITS#6304)
|
||||||
|
* Fixed slapd-bdb/hdb cache corruption (ITS#6341)
|
||||||
|
* Fixed slapd-bdb/hdb entry cache (ITS#6360)
|
||||||
|
* Fixed slapo-syncprov checkpoint conversion (ITS#6370)
|
||||||
|
* Fixed slapo-syncprov deadlock (ITS#6335)
|
||||||
|
* Fixed slapo-syncprov out of order changes (ITS#6346)
|
||||||
|
- Added switch to enable/disable testsuite (%run_test_suite)
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Tue Nov 3 19:13:32 UTC 2009 - coolo@novell.com
|
Tue Nov 3 19:13:32 UTC 2009 - coolo@novell.com
|
||||||
|
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
#
|
#
|
||||||
# spec file for package openldap2 (Version 2.4.17)
|
# spec file for package openldap2 (Version 2.4.20)
|
||||||
#
|
#
|
||||||
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
||||||
#
|
#
|
||||||
@ -17,6 +17,7 @@
|
|||||||
|
|
||||||
# norootforbuild
|
# norootforbuild
|
||||||
|
|
||||||
|
%define run_test_suite 1
|
||||||
|
|
||||||
Name: openldap2
|
Name: openldap2
|
||||||
BuildRequires: cyrus-sasl-devel db-devel libopenssl-devel openslp-devel tcpd-devel
|
BuildRequires: cyrus-sasl-devel db-devel libopenssl-devel openslp-devel tcpd-devel
|
||||||
@ -26,10 +27,10 @@ BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-de
|
|||||||
%if %sles_version == 10
|
%if %sles_version == 10
|
||||||
BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-devel
|
BuildRequires: -db-devel -libopenssl-devel -pwdutils libdb-4_5-devel openssl-devel
|
||||||
%endif
|
%endif
|
||||||
Version: 2.4.17
|
Version: 2.4.20
|
||||||
Release: 5
|
Release: 1
|
||||||
Url: http://www.openldap.org
|
Url: http://www.openldap.org
|
||||||
License: BSD 3-clause (or similar) ; openldap 2.8
|
License: BSD3c(or similar) ; openldap 2.8
|
||||||
%if "%{name}" == "openldap2"
|
%if "%{name}" == "openldap2"
|
||||||
Group: Productivity/Networking/LDAP/Clients
|
Group: Productivity/Networking/LDAP/Clients
|
||||||
Provides: ldap2 openldap2-back-ldap openldap2-back-monitor
|
Provides: ldap2 openldap2-back-ldap openldap2-back-monitor
|
||||||
@ -41,6 +42,7 @@ Summary: The OpenLDAP commandline client tools
|
|||||||
%else
|
%else
|
||||||
Group: Productivity/Networking/LDAP/Clients
|
Group: Productivity/Networking/LDAP/Clients
|
||||||
Conflicts: openldap-client
|
Conflicts: openldap-client
|
||||||
|
Requires: libldap-2_4-2 = %{version}
|
||||||
Summary: The OpenLDAP commandline client tools
|
Summary: The OpenLDAP commandline client tools
|
||||||
%endif
|
%endif
|
||||||
AutoReqProv: on
|
AutoReqProv: on
|
||||||
@ -52,16 +54,16 @@ Source4: sasl-slapd.conf
|
|||||||
Source5: README.update
|
Source5: README.update
|
||||||
Source6: schema2ldif
|
Source6: schema2ldif
|
||||||
Source100: openldap-2.3.37.tar.bz2
|
Source100: openldap-2.3.37.tar.bz2
|
||||||
Patch: openldap2.dif
|
Patch1: openldap2.dif
|
||||||
Patch2: slapd_conf.dif
|
Patch2: slapd_conf.dif
|
||||||
Patch3: ldap_conf.dif
|
Patch3: ldap_conf.dif
|
||||||
Patch4: ldapi_url.dif
|
Patch4: ldapi_url.dif
|
||||||
Patch5: test056-monitor-its6213.dif
|
|
||||||
Patch6: libldap-gethostbyname_r.dif
|
Patch6: libldap-gethostbyname_r.dif
|
||||||
Patch7: pie-compile.dif
|
Patch7: pie-compile.dif
|
||||||
Patch11: slapd-bconfig-del-db.dif
|
Patch11: slapd-bconfig-del-db.dif
|
||||||
Patch14: slapo-collect-include.dif
|
Patch12: 0001-back-config-objectclass-inheritence-ITS-6408.dif
|
||||||
Patch15: libldap-tls_chkhost-its6239.dif
|
Patch13: 0002-init-bindconf-TLS-settings-ITS-6419.dif
|
||||||
|
Patch14: 0003-apply-global-limit-changes-to-all-databases-ITS-6428.dif
|
||||||
Patch100: openldap-2.3.37.dif
|
Patch100: openldap-2.3.37.dif
|
||||||
Patch200: slapd_getaddrinfo_dupl.dif
|
Patch200: slapd_getaddrinfo_dupl.dif
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||||
@ -80,7 +82,7 @@ Authors:
|
|||||||
The OpenLDAP Project <project@openldap.org>
|
The OpenLDAP Project <project@openldap.org>
|
||||||
|
|
||||||
%package -n openldap2-back-perl
|
%package -n openldap2-back-perl
|
||||||
License: BSD 3-clause (or similar)
|
License: BSD3c(or similar)
|
||||||
Summary: OpenLDAP Perl Back-End
|
Summary: OpenLDAP Perl Back-End
|
||||||
Requires: openldap2 = %{version} perl = %{perl_version}
|
Requires: openldap2 = %{version} perl = %{perl_version}
|
||||||
AutoReqProv: on
|
AutoReqProv: on
|
||||||
@ -97,7 +99,7 @@ Authors:
|
|||||||
The OpenLDAP Project <project@openldap.org>
|
The OpenLDAP Project <project@openldap.org>
|
||||||
|
|
||||||
%package -n openldap2-back-meta
|
%package -n openldap2-back-meta
|
||||||
License: BSD 3-clause (or similar)
|
License: BSD3c(or similar)
|
||||||
Summary: OpenLDAP Meta Back-End
|
Summary: OpenLDAP Meta Back-End
|
||||||
Requires: openldap2 = %{version}
|
Requires: openldap2 = %{version}
|
||||||
AutoReqProv: on
|
AutoReqProv: on
|
||||||
@ -128,7 +130,7 @@ Authors:
|
|||||||
|
|
||||||
|
|
||||||
%package -n openldap2-devel
|
%package -n openldap2-devel
|
||||||
License: BSD 3-clause (or similar) ; openldap 2.8
|
License: BSD3c(or similar) ; openldap 2.8
|
||||||
Summary: Libraries, Header Files and Documentation for OpenLDAP
|
Summary: Libraries, Header Files and Documentation for OpenLDAP
|
||||||
AutoReqProv: on
|
AutoReqProv: on
|
||||||
# bug437293
|
# bug437293
|
||||||
@ -155,7 +157,7 @@ Authors:
|
|||||||
The OpenLDAP Project <project@openldap.org>
|
The OpenLDAP Project <project@openldap.org>
|
||||||
|
|
||||||
%package -n libldap-2_4-2
|
%package -n libldap-2_4-2
|
||||||
License: BSD 3-clause (or similar) ; openldap 2.8
|
License: BSD3c(or similar) ; openldap 2.8
|
||||||
Summary: OpenLDAP Client Libraries
|
Summary: OpenLDAP Client Libraries
|
||||||
AutoReqProv: on
|
AutoReqProv: on
|
||||||
Group: Productivity/Networking/LDAP/Clients
|
Group: Productivity/Networking/LDAP/Clients
|
||||||
@ -173,18 +175,18 @@ Authors:
|
|||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q -n openldap-%{version} -a1 -a2 -b100
|
%setup -q -n openldap-%{version} -a1 -a2 -b100
|
||||||
%patch
|
%patch1
|
||||||
%patch2
|
%patch2
|
||||||
%patch3
|
%patch3
|
||||||
%patch4
|
%patch4
|
||||||
%patch5
|
|
||||||
%patch6
|
%patch6
|
||||||
%if %suse_version > 920
|
%if %suse_version > 920
|
||||||
%patch7
|
%patch7
|
||||||
%endif
|
%endif
|
||||||
%patch11
|
%patch11
|
||||||
|
%patch12 -p1
|
||||||
|
%patch13 -p1
|
||||||
%patch14 -p1
|
%patch14 -p1
|
||||||
%patch15
|
|
||||||
%if %suse_version == 1100
|
%if %suse_version == 1100
|
||||||
%patch200 -p1
|
%patch200 -p1
|
||||||
%endif
|
%endif
|
||||||
@ -253,6 +255,7 @@ make %{?jobs:-j%jobs}
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%check
|
%check
|
||||||
|
%if %run_test_suite
|
||||||
# calculate the base port to be use in the test-suite
|
# calculate the base port to be use in the test-suite
|
||||||
SLAPD_BASEPORT=10000
|
SLAPD_BASEPORT=10000
|
||||||
if [ -f /.buildenv ] ; then
|
if [ -f /.buildenv ] ; then
|
||||||
@ -274,6 +277,7 @@ rm -f tests/scripts/test050-syncrepl-multimaster
|
|||||||
rm -f tests/scripts/test058-syncrepl-asymmetric
|
rm -f tests/scripts/test058-syncrepl-asymmetric
|
||||||
make SLAPD_DEBUG=0 test
|
make SLAPD_DEBUG=0 test
|
||||||
%endif
|
%endif
|
||||||
|
%endif
|
||||||
|
|
||||||
%install
|
%install
|
||||||
mkdir -p $RPM_BUILD_ROOT/etc/init.d
|
mkdir -p $RPM_BUILD_ROOT/etc/init.d
|
||||||
|
@ -1,12 +0,0 @@
|
|||||||
Index: openldap-2.4.17/servers/slapd/overlays/collect.c
|
|
||||||
===================================================================
|
|
||||||
--- openldap-2.4.17.orig/servers/slapd/overlays/collect.c
|
|
||||||
+++ openldap-2.4.17/servers/slapd/overlays/collect.c
|
|
||||||
@@ -30,6 +30,7 @@
|
|
||||||
|
|
||||||
#include "slap.h"
|
|
||||||
#include "config.h"
|
|
||||||
+#include "lutil.h"
|
|
||||||
|
|
||||||
#include "lutil.h"
|
|
||||||
|
|
@ -1,36 +0,0 @@
|
|||||||
Index: tests/scripts/test056-monitor
|
|
||||||
===================================================================
|
|
||||||
RCS file: /repo/OpenLDAP/pkg/ldap/tests/scripts/test056-monitor,v
|
|
||||||
retrieving revision 1.3
|
|
||||||
retrieving revision 1.4
|
|
||||||
diff -u -r1.3 -r1.4
|
|
||||||
--- tests/scripts/test056-monitor 2 Jul 2009 13:26:52 -0000 1.3
|
|
||||||
+++ tests/scripts/test056-monitor 14 Jul 2009 11:35:56 -0000 1.4
|
|
||||||
@@ -66,7 +66,7 @@
|
|
||||||
echo "Filtering ldapsearch results..."
|
|
||||||
sed -e "$localrewrite" < $SEARCHOUT | . $LDIFFILTER > $SEARCHFLT
|
|
||||||
echo "Filtering expected data..."
|
|
||||||
-sed -e "$localrewrite" < $MONITOROUT1 | . $LDIFFILTER > $LDIFFLT
|
|
||||||
+. $CONFFILTER < $MONITOROUT1 | sed -e "$localrewrite" | . $LDIFFILTER > $LDIFFLT
|
|
||||||
echo "Comparing filter output..."
|
|
||||||
$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
|
|
||||||
|
|
||||||
Index: tests/data/monitor1.out
|
|
||||||
===================================================================
|
|
||||||
RCS file: /repo/OpenLDAP/pkg/ldap/tests/data/monitor1.out,v
|
|
||||||
retrieving revision 1.1
|
|
||||||
retrieving revision 1.2
|
|
||||||
diff -u -r1.1 -r1.2
|
|
||||||
--- tests/data/monitor1.out 27 Jan 2009 09:09:51 -0000 1.1
|
|
||||||
+++ tests/data/monitor1.out 14 Jul 2009 11:35:56 -0000 1.2
|
|
||||||
@@ -9,8 +9,8 @@
|
|
||||||
monitorConnectionRead: 2
|
|
||||||
monitorConnectionWrite: 0
|
|
||||||
monitorConnectionMask: rx
|
|
||||||
-monitorConnectionListener: ldap://localhost:9011/
|
|
||||||
-monitorConnectionLocalAddress: IP=127.0.0.1:9011
|
|
||||||
+monitorConnectionListener: ldap://localhost:@PORT1@/
|
|
||||||
+monitorConnectionLocalAddress: IP=127.0.0.1:@PORT1@
|
|
||||||
entryDN: cn=Connection 1,cn=Connections,cn=Monitor
|
|
||||||
|
|
||||||
dn: cn=Connections,cn=Monitor
|
|
Loading…
Reference in New Issue
Block a user