Accepting request 358048 from home:stroeder:branches:network:ldap

update to 2.4.44 (successfully tested on Tumbleweed x86_64) OBS-URL: https://build.opensuse.org/request/show/358048 OBS-URL: https://build.opensuse.org/package/show/network:ldap/openldap2?expand=0&rev=150
2016-02-08 09:04:15 +00:00 · 2016-02-08 09:04:15 +00:00 · f74d513b91
commit f74d513b91
parent d3fab28acb
8 changed files with 40 additions and 92 deletions
--- a/0002-slapd.conf.dif
+++ b/0002-slapd.conf.dif
@ -1,63 +1,38 @@
 diff --git a/servers/slapd/slapd.conf b/servers/slapd/slapd.conf
-index 4938b85..b9bec75 100644
+index b225fe5..e22e7f2 100644
 --- a/servers/slapd/slapd.conf
 +++ b/servers/slapd/slapd.conf
-@@ -2,7 +2,11 @@
- # See slapd.conf(5) for details on configuration options.
+@@ -3,6 +3,10 @@
 # This file should NOT be world readable.
 #
-include		%SYSCONFDIR%/schema/core.schema
-+include		/etc/openldap/schema/core.schema
-+include		/etc/openldap/schema/cosine.schema
-+include		/etc/openldap/schema/inetorgperson.schema
-+include		/etc/openldap/schema/rfc2307bis.schema
-+include		/etc/openldap/schema/yast.schema
+ include		%SYSCONFDIR%/schema/core.schema
+include		%SYSCONFDIR%/schema/cosine.schema
+include		%SYSCONFDIR%/schema/inetorgperson.schema
+include		%SYSCONFDIR%/schema/rfc2307bis.schema
+include		%SYSCONFDIR%/schema/yast.schema
 
 # Define global ACLs to disable default read access.
 
-@@ -10,13 +14,13 @@ include		%SYSCONFDIR%/schema/core.schema
+@@ -10,12 +14,12 @@ include		%SYSCONFDIR%/schema/core.schema
 # service AND an understanding of referrals.
 #referral	ldap://root.openldap.org
 
 -pidfile		%LOCALSTATEDIR%/run/slapd.pid
 -argsfile	%LOCALSTATEDIR%/run/slapd.args
-+pidfile		/run/slapd/slapd.pid
-+argsfile	/run/slapd/slapd.args
+pidfile		%LOCALSTATEDIR%/slapd.pid
+argsfile	%LOCALSTATEDIR%/slapd.args
 
 # Load dynamic backend modules:
-# modulepath	%MODULEDIR%
-+# modulepath	/usr/lib/openldap
- # moduleload	back_bdb.la
-# moduleload	back_hdb.la
-+moduleload	back_hdb.la
+ # modulepath	%MODULEDIR%
+-# moduleload	back_mdb.la
+moduleload	back_mdb.la
 # moduleload	back_ldap.la
 
 # Sample security restrictions
-@@ -26,20 +30,30 @@ argsfile	%LOCALSTATEDIR%/run/slapd.args
- # security ssf=1 update_ssf=112 simple_bind=64
+@@ -45,6 +49,23 @@ argsfile	%LOCALSTATEDIR%/run/slapd.args
+ #
+ # rootdn can always read and write EVERYTHING!
 
- # Sample access control policy:
-#	Root DSE: allow anyone to read it
-#	Subschema (sub)entry DSE: allow anyone to read it
-#	Other DSEs:
-#		Allow self write access
-#		Allow authenticated users read access
-#		Allow anonymous users to authenticate
-#	Directives needed to implement policy:
-# access to dn.base="" by * read
-# access to dn.base="cn=Subschema" by * read
-# access to *
-#	by self write
-#	by users read
-#	by anonymous auth
-#
-+#       Root DSE: allow anyone to read it
-+#       Subschema (sub)entry DSE: allow anyone to read it
-+#       Other DSEs:
-+#               Allow self write access to user password
-+#               Allow anonymous users to authenticate
-+#               Allow read access to everything else
-+#       Directives needed to implement policy:
 +access to dn.base=""
 +        by * read
 +
@ -75,22 +50,10 @@ index 4938b85..b9bec75 100644
 +access to *
 +        by * read
 +
- # if no access controls are present, the default policy
- # allows anyone and everyone to read anything but restricts
- # updates to rootdn.  (e.g., "access to * by * read")
-@@ -50,8 +64,10 @@ argsfile	%LOCALSTATEDIR%/run/slapd.args
- # BDB database definitions
 #######################################################################
- 
-database	bdb
-+database	hdb
- suffix		"dc=my-domain,dc=com"
-+checkpoint      1024    5
-+cachesize       10000
- rootdn		"cn=Manager,dc=my-domain,dc=com"
- # Cleartext passwords, especially for the rootdn, should
- # be avoid.  See slappasswd(8) and slapd.conf(5) for details.
-@@ -60,6 +76,6 @@ rootpw		secret
+ # MDB database definitions
+ #######################################################################
+@@ -60,6 +81,6 @@ rootpw		secret
 # The database directory MUST exist prior to running slapd AND 
 # should only be accessible by the slapd and slap tools.
 # Mode 700 recommended.
--- a/0012-openldap-re24-its8336.patch
+++ b/0012-openldap-re24-its8336.patch
@ -1,25 +0,0 @@
-From fd7bfbc0df0ade534bea84914d385ecf2a73f678 Mon Sep 17 00:00:00 2001
-From: Howard Chu <hyc@openldap.org>
-Date: Tue, 8 Dec 2015 18:17:24 +0000
-Subject: ITS#8336 fix page_search_root assert on FreeDB
-
-Let "illegal" branch pages thru on the FreeDB - the condition
-is only temporary and will be fixed by the time rebalance finishes.
-
-diff --git a/libraries/liblmdb/mdb.c b/libraries/liblmdb/mdb.c
-index fa0c9e5..a624cba 100644
--- a/libraries/liblmdb/mdb.c
-+++ b/libraries/liblmdb/mdb.c
-@@ -5279,7 +5279,11 @@ mdb_page_search_root(MDB_cursor *mc, MDB_val *key, int flags)
- 		indx_t		i;
- 
- 		DPRINTF(("branch page %"Z"u has %u keys", mp->mp_pgno, NUMKEYS(mp)));
-		mdb_cassert(mc, NUMKEYS(mp) > 1);
-+		/* Don't assert on branch pages in the FreeDB. We can get here
-+		 * while in the process of rebalancing a FreeDB branch page; we must
-+		 * let that proceed. ITS#8336
-+		 */
-+		mdb_cassert(mc, !mc->mc_dbi || NUMKEYS(mp) > 1);
- 		DPRINTF(("found index 0 to page %"Z"u", NODEPGNO(NODEPTR(mp, 0))));
- 
- 		if (flags & (MDB_PS_FIRST|MDB_PS_LAST)) {
--- a/openldap-2.4.43.tgz
+++ b/openldap-2.4.43.tgz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:34d78e5598a2b0360d26a9050fcdbbe198c65493b013bb607839d5598b6978c8
-size 5654057
--- a/openldap-2.4.44.tgz
+++ b/openldap-2.4.44.tgz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d7de6bf3c67009c95525dde3a0212cc110d0a70b92af2af8e3ee800e81b88400
+size 5658830
--- a/openldap2-client.changes
+++ b/openldap2-client.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Sat Feb  6 12:10:53 UTC 2016 - michael@stroeder.com
+
+- Upgrade to upstream 2.4.44 release with accumulated bug fixes.
+- Specify source with FTP URL
+- Removed obsolete 0012-openldap-re24-its8336.patch
+
 -------------------------------------------------------------------
 Mon Jan 25 14:10:12 UTC 2016 - hguo@suse.com

--- a/openldap2-client.spec
+++ b/openldap2-client.spec
@ -17,7 +17,7 @@


 %define run_test_suite 0
-%define version_main 2.4.43
+%define version_main 2.4.44

 %if %{suse_version} >= 1310 && %{suse_version} != 1315
 %define  _rundir /run/slapd
@ -32,7 +32,7 @@ Group:          Productivity/Networking/LDAP/Clients
 Version:        %{version_main}
 Release:        0
 Url:            http://www.openldap.org
-Source:         openldap-%{version_main}.tgz
+Source:         ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-%{version_main}.tgz
 Source3:        DB_CONFIG
 Source4:        sasl-slapd.conf
 Source5:        README.module-loading
@ -55,7 +55,6 @@ Patch8:         0008-In-monitor-backend-do-not-return-Connection0-entries.patch
 Patch9:         0009-Fix-ldap-host-lookup-ipv6.patch
 Patch10:        0010-Enforce-minimum-DH-size-of-1024.patch
 Patch11:        0011-openldap-re24-its7796.patch
-Patch12:        0012-openldap-re24-its8336.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  cyrus-sasl-devel
 BuildRequires:  groff
@ -219,7 +218,6 @@ This package contains the OpenLDAP client libraries.
 %patch9 -p1
 %patch10 -p1
 %patch11 -p1
-%patch12 -p1
 cp %{SOURCE5} .

 %build
--- a/openldap2.changes
+++ b/openldap2.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Sat Feb  6 12:10:53 UTC 2016 - michael@stroeder.com
+
+- Upgrade to upstream 2.4.44 release with accumulated bug fixes.
+- Specify source with FTP URL
+- Removed obsolete 0012-openldap-re24-its8336.patch
+
 -------------------------------------------------------------------
 Mon Jan 25 14:10:12 UTC 2016 - hguo@suse.com

--- a/openldap2.spec
+++ b/openldap2.spec
@ -17,7 +17,7 @@


 %define run_test_suite 0
-%define version_main 2.4.43
+%define version_main 2.4.44

 %if %{suse_version} >= 1310 && %{suse_version} != 1315
 %define  _rundir /run/slapd
@ -32,7 +32,7 @@ Group:          Productivity/Networking/LDAP/Clients
 Version:        %{version_main}
 Release:        0
 Url:            http://www.openldap.org
-Source:         openldap-%{version_main}.tgz
+Source:         ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-%{version_main}.tgz
 Source3:        DB_CONFIG
 Source4:        sasl-slapd.conf
 Source5:        README.module-loading
@ -55,7 +55,6 @@ Patch8:         0008-In-monitor-backend-do-not-return-Connection0-entries.patch
 Patch9:         0009-Fix-ldap-host-lookup-ipv6.patch
 Patch10:        0010-Enforce-minimum-DH-size-of-1024.patch
 Patch11:        0011-openldap-re24-its7796.patch
-Patch12:        0012-openldap-re24-its8336.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  cyrus-sasl-devel
 BuildRequires:  groff
@ -219,7 +218,6 @@ This package contains the OpenLDAP client libraries.
 %patch9 -p1
 %patch10 -p1
 %patch11 -p1
-%patch12 -p1
 cp %{SOURCE5} .

 %build