forked from jengelh/openldap2
Accepting request 800820 from home:stroeder:branches:network:ldap
- updated to 2.4.50 - added 0014-ITS-8650-fix-debug-usage.patch - enabled new contrib overlay pw-argon2 - replaced FTP by HTTPS download URL for source - removed 0009-Fix-ldap-host-lookup-ipv6.patch (see bsc#1171127) OBS-URL: https://build.opensuse.org/request/show/800820 OBS-URL: https://build.opensuse.org/package/show/network:ldap/openldap2?expand=0&rev=258
This commit is contained in:
parent
447aef3759
commit
7341d09271
@ -1,73 +0,0 @@
|
||||
The patch was written by Christian Kornacker on 2014-01-08 to fix an issue with unresponsive
|
||||
LDAP host lookups in IPv6 environment.
|
||||
|
||||
---
|
||||
libraries/libldap/util-int.c | 39 +++++++++++++++++++++++++++++++++++++--
|
||||
1 file changed, 37 insertions(+), 2 deletions(-)
|
||||
|
||||
Index: openldap-2.4.41/libraries/libldap/util-int.c
|
||||
===================================================================
|
||||
--- openldap-2.4.41.orig/libraries/libldap/util-int.c
|
||||
+++ openldap-2.4.41/libraries/libldap/util-int.c
|
||||
@@ -731,10 +731,16 @@ static char *safe_realloc( char **buf, i
|
||||
|
||||
char * ldap_pvt_get_fqdn( char *name )
|
||||
{
|
||||
- char *fqdn, *ha_buf;
|
||||
+ int rc;
|
||||
+ char *fqdn;
|
||||
char hostbuf[MAXHOSTNAMELEN+1];
|
||||
+#ifdef HAVE_GETADDRINFO
|
||||
+ struct addrinfo hints, *res;
|
||||
+#else
|
||||
+ char *ha_buf;
|
||||
struct hostent *hp, he_buf;
|
||||
- int rc, local_h_errno;
|
||||
+ int local_h_errno;
|
||||
+#endif
|
||||
|
||||
if( name == NULL ) {
|
||||
if( gethostname( hostbuf, MAXHOSTNAMELEN ) == 0 ) {
|
||||
@@ -745,6 +751,33 @@ char * ldap_pvt_get_fqdn( char *name )
|
||||
}
|
||||
}
|
||||
|
||||
+#ifdef HAVE_GETADDRINFO
|
||||
+ memset( &hints, '\0', sizeof( hints ) );
|
||||
+ hints.ai_family = AF_UNSPEC;
|
||||
+ hints.ai_socktype = SOCK_STREAM;
|
||||
+ hints.ai_flags |= AI_CANONNAME;
|
||||
+
|
||||
+ /* most getaddrinfo(3) use non-threadsafe resolver libraries */
|
||||
+ LDAP_MUTEX_LOCK(&ldap_int_resolv_mutex);
|
||||
+
|
||||
+ rc = getaddrinfo( name, NULL, &hints, &res );
|
||||
+
|
||||
+ LDAP_MUTEX_UNLOCK(&ldap_int_resolv_mutex);
|
||||
+
|
||||
+ if ( rc != 0 ) {
|
||||
+ fqdn = LDAP_STRDUP( name );
|
||||
+ } else {
|
||||
+ while ( res ) {
|
||||
+ if ( res->ai_canonname ) {
|
||||
+ fqdn = LDAP_STRDUP ( res->ai_canonname );
|
||||
+ break;
|
||||
+ }
|
||||
+ res = res->ai_next;
|
||||
+ }
|
||||
+ freeaddrinfo( res );
|
||||
+ }
|
||||
+#else
|
||||
+
|
||||
rc = ldap_pvt_gethostbyname_a( name,
|
||||
&he_buf, &ha_buf, &hp, &local_h_errno );
|
||||
|
||||
@@ -755,6 +788,8 @@ char * ldap_pvt_get_fqdn( char *name )
|
||||
}
|
||||
|
||||
LDAP_FREE( ha_buf );
|
||||
+#endif
|
||||
+
|
||||
return fqdn;
|
||||
}
|
||||
|
30
0014-ITS-8650-fix-debug-usage.patch
Normal file
30
0014-ITS-8650-fix-debug-usage.patch
Normal file
@ -0,0 +1,30 @@
|
||||
From 85fc8974f5c32a9a052baafaa9499c8484e043c2 Mon Sep 17 00:00:00 2001
|
||||
From: Quanah Gibson-Mount <quanah@openldap.org>
|
||||
Date: Tue, 28 Apr 2020 20:49:53 +0000
|
||||
Subject: ITS#8650 - Fix Debug usage to follow RE24 format
|
||||
|
||||
|
||||
diff --git a/libraries/libldap/tls2.c b/libraries/libldap/tls2.c
|
||||
index c1f15cbc1..ebe5bf125 100644
|
||||
--- a/libraries/libldap/tls2.c
|
||||
+++ b/libraries/libldap/tls2.c
|
||||
@@ -907,8 +907,8 @@ ldap_int_tls_start ( LDAP *ld, LDAPConn *conn, LDAPURLDesc *srv )
|
||||
} else if ( sb->sb_trans_needs_write ) {
|
||||
wr=1;
|
||||
}
|
||||
- Debug1( LDAP_DEBUG_TRACE, "ldap_int_tls_start: ldap_int_tls_connect needs %s\n",
|
||||
- wr ? "write": "read" );
|
||||
+ Debug( LDAP_DEBUG_TRACE, "ldap_int_tls_start: ldap_int_tls_connect needs %s\n",
|
||||
+ wr ? "write": "read", 0, 0 );
|
||||
|
||||
/* This is mostly copied from result.c:wait4msg(), should
|
||||
* probably be moved into a separate function */
|
||||
@@ -946,7 +946,7 @@ ldap_int_tls_start ( LDAP *ld, LDAPConn *conn, LDAPURLDesc *srv )
|
||||
start_time_tv.tv_sec = curr_time_tv.tv_sec;
|
||||
start_time_tv.tv_usec = curr_time_tv.tv_usec;
|
||||
tv = tv0;
|
||||
- Debug3( LDAP_DEBUG_TRACE, "ldap_int_tls_start: ld %p %ld s %ld us to go\n",
|
||||
+ Debug( LDAP_DEBUG_TRACE, "ldap_int_tls_start: ld %p %ld s %ld us to go\n",
|
||||
(void *)ld, (long) tv.tv_sec, (long) tv.tv_usec );
|
||||
ret = ldap_int_poll( ld, sd, &tv, wr);
|
||||
if ( ret < 0 ) {
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:e3b117944b4180f23befe87d0dcf47f29de775befbc469dcf4ac3dab3311e56e
|
||||
size 5704723
|
3
openldap-2.4.50.tgz
Normal file
3
openldap-2.4.50.tgz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:5cb57d958bf5c55a678c6a0f06821e0e5504d5a92e6a33240841fbca1db586b8
|
||||
size 5712635
|
@ -1,3 +1,35 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed May 6 17:59:58 UTC 2020 - Michael Ströder <michael@stroeder.com>
|
||||
|
||||
- updated to 2.4.50
|
||||
- added 0014-ITS-8650-fix-debug-usage.patch
|
||||
- enabled new contrib overlay pw-argon2
|
||||
- replaced FTP by HTTPS download URL for source
|
||||
- removed 0009-Fix-ldap-host-lookup-ipv6.patch (see bsc#1171127)
|
||||
|
||||
OpenLDAP 2.4.50 Release (2020/04/28)
|
||||
Fixed client benign typos (ITS#8890)
|
||||
Fixed libldap type cast (ITS#9175)
|
||||
Fixed libldap retry loop in ldap_int_tls_connect (ITS#8650)
|
||||
Fixed libldap_r race on Windows mutex initialization (ITS#9181)
|
||||
Fixed liblunicode memory leak (ITS#9198)
|
||||
Fixed slapd benign typos (ITS#8890)
|
||||
Fixed slapd to limit depth of nested filters (ITS#9202)
|
||||
Fixed slapd-mdb memory leak in dnSuperiorMatch (ITS#9214)
|
||||
Fixed slapo-pcache database initialization (ITS#9182)
|
||||
Fixed slapo-ppolicy callback (ITS#9171)
|
||||
Build
|
||||
Fix olcDatabaseDummy initialization for windows (ITS#7074)
|
||||
Fix detection for ws2tcpip.h for windows (ITS#8383)
|
||||
Fix back-mdb types for windows (ITS#7878)
|
||||
Contrib
|
||||
Update ldapc++ config.guess and config.sub to support newer architectures (ITS#7855)
|
||||
Added pw-argon2 module (ITS#9233, ITS#8575, ITS#9203, ITS#9206)
|
||||
Documentation
|
||||
slapd-ldap(5) - Clarify idassert-authzfrom behavior (ITS#9003)
|
||||
slapd-meta(5) - Remove client-pr option (ITS#8683)
|
||||
slapdinex(8) - Fix truncate option information for back-mdb (ITS#9230)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jan 30 20:57:33 UTC 2020 - Michael Ströder <michael@stroeder.com>
|
||||
|
||||
|
@ -22,7 +22,7 @@
|
||||
%endif
|
||||
|
||||
%define run_test_suite 0
|
||||
%define version_main 2.4.49
|
||||
%define version_main 2.4.50
|
||||
|
||||
%if %{suse_version} >= 1310 && %{suse_version} != 1315
|
||||
%define _rundir /run/slapd
|
||||
@ -40,8 +40,8 @@ License: OLDAP-2.8
|
||||
Group: Productivity/Networking/LDAP/Servers
|
||||
Version: %{version_main}
|
||||
Release: 0
|
||||
Url: http://www.openldap.org
|
||||
Source: ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-%{version_main}.tgz
|
||||
Url: https://www.openldap.org
|
||||
Source: https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-%{version_main}.tgz
|
||||
Source1: slapd.conf
|
||||
Source2: slapd.conf.olctemplate
|
||||
Source3: DB_CONFIG
|
||||
@ -61,8 +61,8 @@ Patch3: 0003-LDAPI-socket-location.dif
|
||||
Patch5: 0005-pie-compile.dif
|
||||
Patch7: 0007-Recover-on-DB-version-change.dif
|
||||
Patch8: 0008-In-monitor-backend-do-not-return-Connection0-entries.patch
|
||||
Patch9: 0009-Fix-ldap-host-lookup-ipv6.patch
|
||||
Patch11: 0011-openldap-re24-its7796.patch
|
||||
Patch14: 0014-ITS-8650-fix-debug-usage.patch
|
||||
Patch15: openldap-r-only.dif
|
||||
Patch16: 0016-Clear-shared-key-only-in-close-function.patch
|
||||
Source200: %{name_ppolicy_check_module}-%{version_ppolicy_check_module}.tar.gz
|
||||
@ -76,6 +76,7 @@ BuildRequires: cyrus-sasl-devel
|
||||
BuildRequires: db-devel
|
||||
BuildRequires: groff
|
||||
BuildRequires: libopenssl-devel
|
||||
BuildRequires: libsodium-devel
|
||||
BuildRequires: libtool
|
||||
BuildRequires: openslp-devel
|
||||
BuildRequires: unixODBC-devel
|
||||
@ -166,6 +167,7 @@ cloak
|
||||
denyop
|
||||
lastbind writes last bind timestamp to entry
|
||||
noopsrch handles no-op search control
|
||||
pw-argon2 generates/validates Argon2 password hashes
|
||||
pw-sha2 generates/validates SHA-2 password hashes
|
||||
pw-pbkdf2 generates/validates PBKDF2 password hashes
|
||||
smbk5pwd generates Samba3 password hashes (heimdal krb disabled)
|
||||
@ -256,8 +258,8 @@ gzip -k %{S:203}
|
||||
%patch5 -p1
|
||||
%patch7 -p1
|
||||
%patch8 -p1
|
||||
%patch9 -p1
|
||||
%patch11 -p1
|
||||
%patch14 -p1
|
||||
%patch15 -p1
|
||||
%patch16 -p1
|
||||
cp %{SOURCE5} .
|
||||
@ -307,7 +309,7 @@ export STRIP=""
|
||||
make depend
|
||||
make %{?_smp_mflags}
|
||||
# Build selected contrib overlays
|
||||
for SLAPO_NAME in addpartial allowed allop autogroup lastbind denyop cloak noopsrch passwd/sha2 passwd/pbkdf2 trace
|
||||
for SLAPO_NAME in addpartial allowed allop autogroup lastbind denyop cloak noopsrch passwd/argon2 passwd/sha2 passwd/pbkdf2 trace
|
||||
do
|
||||
make -C contrib/slapd-modules/${SLAPO_NAME} %{?_smp_mflags} "sysconfdir=%{_sysconfdir}/openldap" "libdir=%{_libdir}" "libexecdir=%{_libdir}"
|
||||
done
|
||||
@ -351,9 +353,9 @@ make STRIP="" DESTDIR="%{buildroot}" "sysconfdir=%{_sysconfdir}/openldap" "libdi
|
||||
# Additional symbolic link to slapd executable in /usr/sbin/
|
||||
ln -s %{_libdir}/slapd %{buildroot}/usr/sbin/slapd
|
||||
# Install selected contrib overlays
|
||||
for SLAPO_NAME in addpartial allowed allop autogroup lastbind denyop cloak noopsrch passwd/sha2 passwd/pbkdf2 trace
|
||||
for SLAPO_NAME in addpartial allowed allop autogroup lastbind denyop cloak noopsrch passwd/argon2 passwd/sha2 passwd/pbkdf2 trace
|
||||
do
|
||||
make -C contrib/slapd-modules/${SLAPO_NAME} STRIP="" DESTDIR="%{buildroot}" "sysconfdir=%{_sysconfdir}/openldap" "libdir=%{_libdir}" "libexecdir=%{_libdir}" install
|
||||
make -C contrib/slapd-modules/${SLAPO_NAME} STRIP="" DESTDIR="%{buildroot}" "mandir=%{_mandir}" "sysconfdir=%{_sysconfdir}/openldap" "libdir=%{_libdir}" "libexecdir=%{_libdir}" install
|
||||
done
|
||||
# slapo-smbk5pwd only for Samba password hashes
|
||||
make -C contrib/slapd-modules/smbk5pwd STRIP="" DESTDIR="%{buildroot}" "sysconfdir=%{_sysconfdir}/openldap" "libdir=%{_libdir}" "libexecdir=%{_libdir}" install
|
||||
@ -581,12 +583,14 @@ fi
|
||||
%{_libdir}/openldap/autogroup.*
|
||||
%{_libdir}/openldap/lastbind.*
|
||||
%{_libdir}/openldap/noopsrch.*
|
||||
%{_libdir}/openldap/pw-argon2.*
|
||||
%{_libdir}/openldap/pw-sha2.*
|
||||
%{_libdir}/openldap/pw-pbkdf2.*
|
||||
%{_libdir}/openldap/denyop.*
|
||||
%{_libdir}/openldap/cloak.*
|
||||
%{_libdir}/openldap/smbk5pwd.*
|
||||
%{_libdir}/openldap/trace.*
|
||||
%doc %{_mandir}/man5/slapd-pw-argon2.*
|
||||
|
||||
%files client
|
||||
%defattr(-,root,root)
|
||||
|
Loading…
Reference in New Issue
Block a user