net-nds/openldap: Bump to 2.4.23 with sammba4

git-svn-id: https://svn.disconnected-by-peer.at/svn/linamh/trunk/linamh@2444 6952d904-891a-0410-993b-d76249ca496b
This commit is contained in:
geos_one 2010-09-30 07:59:24 +00:00
parent 53a7082acd
commit 4536a9fc4a
12 changed files with 1106 additions and 3 deletions

View File

@ -2,6 +2,16 @@
# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/ChangeLog,v 1.370 2010/04/11 15:24:10 jokey Exp $
30 Sep 2010; Mario Fetka <mario.fetka@gmail.com>
+files/openldap-2.2.6-ntlm.patch, +files/openldap-2.3.21-ppolicy.patch,
+files/openldap-2.3.24-contrib-smbk5pwd.patch,
+files/openldap-2.3.XY-gcc44.patch, +files/openldap-2.3.34-slapd-conf,
+files/openldap-2.3.37-libldap_r.patch,
+files/openldap-2.4.17-contrib-smbk5pwd.patch,
files/openldap-2.4.22.ebuild.diff, +openldap-2.4.23.ebuild,
+files/slapd-initd:
Bump to 2.4.23 with sammba4
09 Jul 2010; Mario Fetka <mario.fetka@gmail.com>
+files/openldap-2.4.22.ebuild.diff:
add new file

View File

@ -1,15 +1,25 @@
AUX DB_CONFIG.fast.example 746 RMD160 03d179d1c58d695c442eb5e3e69c245f3c2f2358 SHA1 c76a2a9f346a733ed6617d42229b434ce723c59e SHA256 69fc9aa6e4f0b888bc02d3f75642fe1ebf9345c685257a5c1236b2e79ed56e0b
AUX openldap-2.2.14-perlthreadsfix.patch 614 RMD160 6e868aa5a5cc4e80c0340af25d18d010b342ed15 SHA1 3bb05c7ed511e8464331619ce23064d236a5fe82 SHA256 bb719cc1fed47ff0f111c960f3295781ae6f0d9e98b4266a87751044b4bb3175
AUX openldap-2.2.6-ntlm.patch 5011 RMD160 317f4b6dc9589826739a14a8ad7200ed287c87be SHA1 29b8e9c4835235c976f026cd5883228b77581083 SHA256 1f7e766bcafb412ec336aad7e07295d6d62d2e2a62b6804b07b06a5056102243
AUX openldap-2.3.21-ppolicy.patch 402 RMD160 72da1c4a886a329607608f8fa07857874ea8973a SHA1 0c6fe313ad06ccee5a96402fc116cf243d37146b SHA256 97feaaff03e839aaad402024082ba62fb2cbe0c721664a85af8674ebb28d7dbd
AUX openldap-2.3.24-contrib-smbk5pwd.patch 1631 RMD160 01e394da82c2ca8493d0dc15c400675545f463bb SHA1 33781455168d2041f3ec00bbaf2da4ffbe411396 SHA256 277990c6bc9e00c29bc5123d5074e1a741a224e884f92651b301375b02edc70e
AUX openldap-2.3.34-slapd-conf 2067 RMD160 40be06ab9188480f9ae9d5e639b8f5c5787942f1 SHA1 ef8693eb4f13843261945460259ebab184f80210 SHA256 f7611233b83fa70dac313b4e734041dfe1ddac07c804bdb12a775d7cf88c36a1
AUX openldap-2.3.37-libldap_r.patch 862 RMD160 1ab42b2cdc6f3d9d412ccdfa7a7a288c29733231 SHA1 c2f997f2e28b7452a3ef981db9c6d527342ad400 SHA256 82471cc13806a9260e441aea90c8dfe9ce21b6d3edabb71766a2afcff6f80dfb
AUX openldap-2.3.XY-gcc44.patch 1169 RMD160 51be41a0a3440e00507c540171fdcc4bf2eddd57 SHA1 ac2891193493415960509083dd78dd3ea422ef75 SHA256 c799ad2adde0e0801bfd641c1a43860180121a04897b8e2a01ad000ea31e2a8d
AUX openldap-2.4.11-libldap_r.patch 515 RMD160 aa778bad59d498601bab84e215b2bcb6d125cf00 SHA1 e2c52828e719c137802966879f8da93a196cfde3 SHA256 3310a89d38bc39e6eb4333799d475411b274482b8bccab212b3edfd4385db70e
AUX openldap-2.4.15-ppolicy.patch 418 RMD160 5b32da96fbc6002a2d464ea765ad72ebf23727f5 SHA1 cdd7c2bdfb0011561965a39f99e46cbb9f266aba SHA256 98269fa1e8a1a0e62dad9acd36fd9a33614fca9a5830d6e7e606db8eb7f85de5
AUX openldap-2.4.17-contrib-smbk5pwd.patch 2046 RMD160 8e3834159767183535efa2144631e4cdfcd04a11 SHA1 6af3ca3f212414411e05c8766297b74573c103bc SHA256 81c146b2ee96ef03c169665f366ac25ebf93e2f1abb8ff41dc8741cb0927b813
AUX openldap-2.4.17-fix-lmpasswd-gnutls-symbols.patch 3542 RMD160 7e17304b2b85e2dec12e0bc49b82e35443cc703e SHA1 7a25d0002581ae6f78ffe498c3e05eef0119f7a6 SHA256 31e816eb9f3b52f5f9d183f82adebff75892e45e764187e579a92204c90889cb
AUX openldap-2.4.17-gcc44.patch 509 RMD160 07c1b8400e1b24cb8f20f2647b1354d2b28f653d SHA1 5df5a165acec74667f5989f291aedd958be56358 SHA256 33345882f601050ecaa6bb3dd7458e6b5f8e3684345847f7a53d4a1b0f514bda
AUX openldap-2.4.19-contrib-smbk5pwd.patch 1555 RMD160 ce8f5caafa4b3d89dc11537f0045335b25c59404 SHA1 372906228b2ab6be13a689f895e173abb4862f2e SHA256 8e08af4235529cbc0c4541a28d5cf7e8cf3f41f7504af41527e993e1399fee92
AUX openldap-2.4.22.ebuild.diff 1335 RMD160 e35bc9777cbd605811b0dbaf969a9132bf87067e SHA1 f8445cc3f1228e08e3f9998cafe94e81d8611636 SHA256 d7dc94585a1dfa96bfb7c758da1237438c385b5821873cb18c19df69a67da398
AUX openldap-2.4.22.ebuild.diff 1335 RMD160 354600fa5dfae4768777d3b806bcdef609dcc248 SHA1 73d46065a1e55c94074da950a383c69f8082f517 SHA256 afdbeb2746ce606465ccc581f0a05a134c71857a153748b08efd88a958399268
AUX slapd-confd 436 RMD160 764d5e2915d9af33fd1db2489ceac6d953750984 SHA1 a16b4674b45ac1e1c8a8f9e84ad0de519c81aa11 SHA256 1ccb8a3b78b65b125b24779dd065cf8000e2d5e4da267bb0a892e730edd2055d
AUX slapd-initd 609 RMD160 3e1daa2bbbbec78aad265a1c4190098730a4234d SHA1 56d5f1d1f59e37bbcef2399847328c7963694f0a SHA256 840f984031b1fc84d4c6ba59c5ba0de5794be596215f0089c7739dba88d610d5
AUX slapd-initd2 622 RMD160 750d7c59d1b7e47b0b21b96d301244c3ec3e28bf SHA1 a438adef50bfb925cc7550156b6dbefd68dcb856 SHA256 abd3ab5c58b18845f6946bbf93c987d833c8a94b88841c587ce453faf738cefa
AUX slurpd-initd 494 RMD160 9f3a06bcab2e4ce8e66783af506d26595bbbdcd2 SHA1 8ab66a984510fa91755cbcbac29883cea1435db7 SHA256 b23e010f701620ec34c39cd215891c7c0afc773341392a1e762e84166d9863ff
DIST openldap-2.4.22.tgz 5179727 RMD160 4edf1a822fcb34a06d18a28ce2f50cd040946453 SHA1 dd506b461c1fccd55dfff123b87aa6d07c899136 SHA256 c29b34031305616cf2c847d30706e2d2cdfc2cf91431e0bddab5d483395a40c1
DIST openldap-2.4.23.tgz 5182440 RMD160 d2268e8fb894680d1d9926fedca736f195e0a0be SHA1 26027e7020256c5f47e17787f17ee8b31af42378 SHA256 5a5ede91d5e8ab3c7f637620aa29a3b96eb34318a8b26c8eef2d2c789fc055e3
EBUILD openldap-2.4.22.ebuild 20379 RMD160 b7c7defdfcf7aa14b80064219326af823c7b7631 SHA1 4d331c21e40fea26fab163c50843fac897f5f64c SHA256 b2e5bb9586925bb1dc8bff7a9a8850812639bcaa4f2fb89c6efa03882f5e7644
MISC ChangeLog 64578 RMD160 ecf192d0e9c93ab6bcce286bae0c0fe8cd880dd7 SHA1 72e2abc34f23641f816421f04dd137e7dc3417b6 SHA256 cecbba9735ba348340542e0c862e88aa1657849f4db458e93dc9223c8cf54daf
EBUILD openldap-2.4.23.ebuild 20369 RMD160 d52fe7a2dc476bb341279fc921e562ce3081569c SHA1 ddc1dc5da8f444bc0e535cc23170e196b6de6008 SHA256 e7afb0b3fbd8c14288d22f4349cff9d40c78fa12f3dd8d9211df6f78dd3624e9
MISC ChangeLog 65031 RMD160 226c0839b737b5fe17b7ffb09fe45090de031169 SHA1 48e1d342fd7c65ec7a29246e5f8ed0c087a82985 SHA256 9615e2738bc3672e72d00cd44e85da7e8d3ce2b39a502736cec51f70f8256659
MISC metadata.xml 556 RMD160 14eae07812da4eecd05e467d1dccf841e6e16be6 SHA1 fa4c8d1aa03dd6bb9c27a7758fbaba5355cfe590 SHA256 405d4cd6f15d8495d0c7365f7b7d6bda9b82775d7e157339f3a6e92d46eed2c8

View File

@ -0,0 +1,199 @@
(Note that this patch is not useful on its own... it just adds some
hooks to work with the LDAP authentication process at a lower level
than the API otherwise allows. The code that calls these hooks and
actually drives the NTLM authentication process is in
lib/e2k-global-catalog.c, and the code that actually implements the
NTLM algorithms is in xntlm/.)
This is a patch against OpenLDAP 2.2.6. Apply with -p0
--- include/ldap.h.orig 2004-01-01 13:16:28.000000000 -0500
+++ include/ldap.h 2004-07-14 11:58:49.000000000 -0400
@@ -1753,5 +1753,26 @@
LDAPControl **cctrls ));
+/*
+ * hacks for NTLM
+ */
+#define LDAP_AUTH_NTLM_REQUEST ((ber_tag_t) 0x8aU)
+#define LDAP_AUTH_NTLM_RESPONSE ((ber_tag_t) 0x8bU)
+LDAP_F( int )
+ldap_ntlm_bind LDAP_P((
+ LDAP *ld,
+ LDAP_CONST char *dn,
+ ber_tag_t tag,
+ struct berval *cred,
+ LDAPControl **sctrls,
+ LDAPControl **cctrls,
+ int *msgidp ));
+LDAP_F( int )
+ldap_parse_ntlm_bind_result LDAP_P((
+ LDAP *ld,
+ LDAPMessage *res,
+ struct berval *challenge));
+
+
LDAP_END_DECL
#endif /* _LDAP_H */
--- libraries/libldap/Makefile.in.orig 2004-01-01 13:16:29.000000000 -0500
+++ libraries/libldap/Makefile.in 2004-07-14 13:37:23.000000000 -0400
@@ -20,7 +20,7 @@
SRCS = bind.c open.c result.c error.c compare.c search.c \
controls.c messages.c references.c extended.c cyrus.c \
modify.c add.c modrdn.c delete.c abandon.c \
- sasl.c sbind.c kbind.c unbind.c cancel.c \
+ sasl.c ntlm.c sbind.c kbind.c unbind.c cancel.c \
filter.c free.c sort.c passwd.c whoami.c \
getdn.c getentry.c getattr.c getvalues.c addentry.c \
request.c os-ip.c url.c sortctrl.c vlvctrl.c \
@@ -29,7 +29,7 @@
OBJS = bind.lo open.lo result.lo error.lo compare.lo search.lo \
controls.lo messages.lo references.lo extended.lo cyrus.lo \
modify.lo add.lo modrdn.lo delete.lo abandon.lo \
- sasl.lo sbind.lo kbind.lo unbind.lo cancel.lo \
+ sasl.lo ntlm.lo sbind.lo kbind.lo unbind.lo cancel.lo \
filter.lo free.lo sort.lo passwd.lo whoami.lo \
getdn.lo getentry.lo getattr.lo getvalues.lo addentry.lo \
request.lo os-ip.lo url.lo sortctrl.lo vlvctrl.lo \
--- /dev/null 2004-06-30 15:04:37.000000000 -0400
+++ libraries/libldap/ntlm.c 2004-07-14 13:44:18.000000000 -0400
@@ -0,0 +1,137 @@
+/* $OpenLDAP: pkg/ldap/libraries/libldap/ntlm.c,v 1.1.4.10 2002/01/04 20:38:21 kurt Exp $ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+/* Mostly copied from sasl.c */
+
+#include "portable.h"
+
+#include <stdlib.h>
+#include <stdio.h>
+
+#include <ac/socket.h>
+#include <ac/string.h>
+#include <ac/time.h>
+#include <ac/errno.h>
+
+#include "ldap-int.h"
+
+int
+ldap_ntlm_bind(
+ LDAP *ld,
+ LDAP_CONST char *dn,
+ ber_tag_t tag,
+ struct berval *cred,
+ LDAPControl **sctrls,
+ LDAPControl **cctrls,
+ int *msgidp )
+{
+ BerElement *ber;
+ int rc;
+ ber_int_t id;
+
+ Debug( LDAP_DEBUG_TRACE, "ldap_ntlm_bind\n", 0, 0, 0 );
+
+ assert( ld != NULL );
+ assert( LDAP_VALID( ld ) );
+ assert( msgidp != NULL );
+
+ if( msgidp == NULL ) {
+ ld->ld_errno = LDAP_PARAM_ERROR;
+ return ld->ld_errno;
+ }
+
+ /* create a message to send */
+ if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
+ ld->ld_errno = LDAP_NO_MEMORY;
+ return ld->ld_errno;
+ }
+
+ assert( LBER_VALID( ber ) );
+
+ LDAP_NEXT_MSGID( ld, id );
+ rc = ber_printf( ber, "{it{istON}" /*}*/,
+ id, LDAP_REQ_BIND,
+ ld->ld_version, dn, tag,
+ cred );
+
+ /* Put Server Controls */
+ if( ldap_int_put_controls( ld, sctrls, ber ) != LDAP_SUCCESS ) {
+ ber_free( ber, 1 );
+ return ld->ld_errno;
+ }
+
+ if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) {
+ ld->ld_errno = LDAP_ENCODING_ERROR;
+ ber_free( ber, 1 );
+ return ld->ld_errno;
+ }
+
+ /* send the message */
+ *msgidp = ldap_send_initial_request( ld, LDAP_REQ_BIND, dn, ber, id );
+
+ if(*msgidp < 0)
+ return ld->ld_errno;
+
+ return LDAP_SUCCESS;
+}
+
+int
+ldap_parse_ntlm_bind_result(
+ LDAP *ld,
+ LDAPMessage *res,
+ struct berval *challenge)
+{
+ ber_int_t errcode;
+ ber_tag_t tag;
+ BerElement *ber;
+ ber_len_t len;
+
+ Debug( LDAP_DEBUG_TRACE, "ldap_parse_ntlm_bind_result\n", 0, 0, 0 );
+
+ assert( ld != NULL );
+ assert( LDAP_VALID( ld ) );
+ assert( res != NULL );
+
+ if ( ld == NULL || res == NULL ) {
+ return LDAP_PARAM_ERROR;
+ }
+
+ if( res->lm_msgtype != LDAP_RES_BIND ) {
+ ld->ld_errno = LDAP_PARAM_ERROR;
+ return ld->ld_errno;
+ }
+
+ if ( ld->ld_error ) {
+ LDAP_FREE( ld->ld_error );
+ ld->ld_error = NULL;
+ }
+ if ( ld->ld_matched ) {
+ LDAP_FREE( ld->ld_matched );
+ ld->ld_matched = NULL;
+ }
+
+ /* parse results */
+
+ ber = ber_dup( res->lm_ber );
+
+ if( ber == NULL ) {
+ ld->ld_errno = LDAP_NO_MEMORY;
+ return ld->ld_errno;
+ }
+
+ tag = ber_scanf( ber, "{ioa" /*}*/,
+ &errcode, challenge, &ld->ld_error );
+ ber_free( ber, 0 );
+
+ if( tag == LBER_ERROR ) {
+ ld->ld_errno = LDAP_DECODING_ERROR;
+ return ld->ld_errno;
+ }
+
+ ld->ld_errno = errcode;
+
+ return( ld->ld_errno );
+}

View File

@ -0,0 +1,13 @@
--- clients.orig/tools/common.c 2006-05-05 00:24:01.000000000 -0700
+++ clients/tools/common.c 2006-05-05 00:24:13.000000000 -0700
@@ -904,8 +904,8 @@
tool_bind( LDAP *ld )
{
#ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST
- if ( ppolicy ) {
LDAPControl *ctrls[2], c;
+ if ( ppolicy ) {
c.ldctl_oid = LDAP_CONTROL_PASSWORDPOLICYREQUEST;
c.ldctl_value.bv_val = NULL;
c.ldctl_value.bv_len = 0;

View File

@ -0,0 +1,53 @@
--- contrib/slapd-modules/smbk5pwd/Makefile.ORIG 2006-05-17 13:11:57.194660019 +0300
+++ contrib/slapd-modules/smbk5pwd/Makefile 2006-05-17 13:11:14.503082288 +0300
@@ -9,29 +9,39 @@
# top-level directory of the distribution or, alternatively, at
# <http://www.OpenLDAP.org/license.html>.
+#libexecdir=/usr/lib/openldap
+moduledir=$(libexecdir)/openldap
LIBTOOL=../../../libtool
-OPT=-g -O2
+#OPT=
CC=gcc
# Omit DO_KRB5 or DO_SAMBA if you don't want to support it.
-DEFS=-DDO_KRB5 -DDO_SAMBA
+#DEFS=
-HEIMDAL_INC=-I/usr/heimdal/include
+#KRB5_INC=
SSL_INC=
LDAP_INC=-I../../../include -I../../../servers/slapd
-INCS=$(LDAP_INC) $(HEIMDAL_INC) $(SSL_INC)
+INCS=$(LDAP_INC) $(SSL_INC) $(KRB5_INC)
-HEIMDAL_LIB=-L/usr/heimdal/lib -lkrb5 -lkadm5srv
+KRB5_LIB=-lkrb5 -lkadm5srv
SSL_LIB=-lcrypto
-LDAP_LIB=-lldap_r -llber
-LIBS=$(LDAP_LIB) $(HEIMDAL_LIB) $(SSL_LIB)
-
+LDAP_LIB=-L../../../libraries/libldap_r -lldap_r -llber
+ifneq (DDO_KRB5,$(findstring DDO_KRB5,$(DEFS)))
+ LIBS=$(LDAP_LIB) $(SSL_LIB)
+else
+ LIBS=$(LDAP_LIB) $(KRB5_LIB) $(SSL_LIB)
+endif
+
all: smbk5pwd.la
smbk5pwd.lo: smbk5pwd.c
- $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $?
+ $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(DEFS) $(INCS) -c $?
smbk5pwd.la: smbk5pwd.lo
- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info 0:0:0 \
- -rpath /usr/local/libexec/openldap -module -o $@ $? $(LIBS)
+ $(LIBTOOL) --mode=link $(CC) $(CFLAGS) -version-info 0:0:0 \
+ -rpath $(moduledir) -module -o $@ $? $(LIBS)
+
+install-mod:
+ $(LIBTOOL) --mode=install ../../../build/shtool install -c \
+ -m 755 smbk5pwd.la $(DESTDIR)$(moduledir)

View File

@ -0,0 +1,64 @@
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
# Define global ACLs to disable default read access.
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
# Load dynamic backend modules:
###INSERTDYNAMICMODULESHERE###
# Sample security restrictions
# Require integrity protection (prevent hijacking)
# Require 112-bit (3DES or better) encryption for updates
# Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64
# Sample access control policy:
# Root DSE: allow anyone to read it
# Subschema (sub)entry DSE: allow anyone to read it
# Other DSEs:
# Allow self write access
# Allow authenticated users read access
# Allow anonymous users to authenticate
# Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
# by self write
# by users read
# by anonymous auth
#
# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn. (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!
#######################################################################
# BDB database definitions
#######################################################################
database hdb
suffix "dc=my-domain,dc=com"
# <kbyte> <min>
checkpoint 32 30
rootdn "cn=Manager,dc=my-domain,dc=com"
# Cleartext passwords, especially for the rootdn, should
# be avoid. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw secret
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory /var/lib/openldap-data
# Indices to maintain
index objectClass eq

View File

@ -0,0 +1,21 @@
--- libraries/libldap_r/Makefile.in.old 2007-01-02 22:43:50.000000000 +0100
+++ libraries/libldap_r/Makefile.in 2007-08-22 13:32:20.000000000 +0200
@@ -56,7 +56,7 @@
XXLIBS = $(SECURITY_LIBS) $(LUTIL_LIBS)
XXXLIBS = $(LTHREAD_LIBS)
NT_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS)
-UNIX_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS)
+UNIX_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS) $(LTHREAD_LIBS)
.links : Makefile
@for i in $(XXSRCS); do \
--- servers/slapd/slapi/Makefile.in.old 2007-01-02 22:44:10.000000000 +0100
+++ servers/slapd/slapi/Makefile.in 2007-08-22 14:58:51.000000000 +0200
@@ -37,6 +37,7 @@
XLIBS = $(LIBRARY)
XXLIBS =
NT_LINK_LIBS = $(AC_LIBS)
+UNIX_LINK_LIBS = ../../../libraries/libldap_r/libldap_r.la $(LTHREAD_LIBS)
XINCPATH = -I$(srcdir)/.. -I$(srcdir)
XDEFS = $(MODULES_CPPFLAGS)

View File

@ -0,0 +1,30 @@
--- include/ldap_pvt_thread.h 2009-04-03 08:51:30.000000000 -0400
+++ include/ldap_pvt_thread.h 2009-04-03 08:56:36.000000000 -0400
@@ -57,12 +57,12 @@
#ifndef LDAP_PVT_THREAD_H_DONE
#define LDAP_PVT_THREAD_SET_STACK_SIZE
-#ifndef LDAP_PVT_THREAD_STACK_SIZE
- /* LARGE stack. Will be twice as large on 64 bit machine. */
-#define LDAP_PVT_THREAD_STACK_SIZE ( 1 * 1024 * 1024 * sizeof(void *) )
/* May be explicitly defined to zero to disable it */
-#elif LDAP_PVT_THREAD_STACK_SIZE == 0
+#if defined( LDAP_PVT_THREAD_STACK_SIZE ) && LDAP_PVT_THREAD_STACK_SIZE == 0
#undef LDAP_PVT_THREAD_SET_STACK_SIZE
+#elif !defined(LDAP_PVT_THREAD_STACK_SIZE)
+ /* LARGE stack. Will be twice as large on 64 bit machine. */
+#define LDAP_PVT_THREAD_STACK_SIZE ( 1 * 1024 * 1024 * sizeof(void *) )
#endif
#endif /* !LDAP_PVT_THREAD_H_DONE */
--- libraries/libldap/os-ip.c 2009-04-03 08:51:30.000000000 -0400
+++ libraries/libldap/os-ip.c 2009-04-03 08:54:47.000000000 -0400
@@ -652,7 +652,7 @@
char *herr;
#ifdef NI_MAXHOST
char hbuf[NI_MAXHOST];
-#elif defined( MAXHOSTNAMELEN
+#elif defined( MAXHOSTNAMELEN )
char hbuf[MAXHOSTNAMELEN];
#else
char hbuf[256];

View File

@ -0,0 +1,61 @@
diff -Nuar --exclude 'openldap-2.4*' --exclude p -I '$OpenLDAP' openldap-2.4.17.orig/contrib/slapd-modules/smbk5pwd/Makefile openldap-2.4.17/contrib/slapd-modules/smbk5pwd/Makefile
--- openldap-2.4.17.orig/contrib/slapd-modules/smbk5pwd/Makefile 2009-04-27 16:36:57.000000000 -0700
+++ openldap-2.4.17/contrib/slapd-modules/smbk5pwd/Makefile 2009-07-27 15:00:37.097428029 -0700
@@ -9,37 +9,43 @@
# top-level directory of the distribution or, alternatively, at
# <http://www.OpenLDAP.org/license.html>.
+#libexecdir=/usr/lib/openldap
+moduledir=$(libexecdir)
LIBTOOL=../../../libtool
-OPT=-g -O2
+#OPT=
CC=gcc
# Omit DO_KRB5 or DO_SAMBA if you don't want to support it.
-DEFS=-DDO_KRB5 -DDO_SAMBA
+#DEFS=
-HEIMDAL_INC=-I/usr/heimdal/include
+#KRB5_INC=
SSL_INC=
LDAP_INC=-I../../../include -I../../../servers/slapd
-INCS=$(LDAP_INC) $(HEIMDAL_INC) $(SSL_INC)
+INCS=$(LDAP_INC) $(SSL_INC) $(KRB5_INC)
-HEIMDAL_LIB=-L/usr/heimdal/lib -lkrb5 -lkadm5srv
+KRB5_LIB=-lkrb5 -lkadm5srv
SSL_LIB=-lcrypto
-LDAP_LIB=-lldap_r -llber
-LIBS=$(LDAP_LIB) $(HEIMDAL_LIB) $(SSL_LIB)
-
+LDAP_LIB=-L../../../libraries/libldap_r -lldap_r -llber
+ifneq (DDO_KRB5,$(findstring DDO_KRB5,$(DEFS)))
+ LIBS=$(LDAP_LIB) $(SSL_LIB)
+else
+ LIBS=$(LDAP_LIB) $(KRB5_LIB) $(SSL_LIB)
+endif
+
all: smbk5pwd.la
smbk5pwd.lo: smbk5pwd.c
- $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $?
+ $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(DEFS) $(INCS) -c $?
smbk5pwd.la: smbk5pwd.lo
- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info 0:0:0 \
- -rpath $(PREFIX)/lib -module -o $@ $? $(LIBS)
+ $(LIBTOOL) --mode=link $(CC) $(CFLAGS) -version-info 0:0:0 \
+ -rpath $(moduledir) -module -o $@ $? $(LIBS)
clean:
rm -f smbk5pwd.lo smbk5pwd.la
install: smbk5pwd.la
- mkdir -p $(PREFIX)/lib/openldap
- $(LIBTOOL) --mode=install cp smbk5pwd.la $(PREFIX)/lib/openldap
- $(LIBTOOL) --finish $(PREFIX)/lib
+ mkdir -p $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --mode=install cp smbk5pwd.la $(DESTDIR)$(moduledir)
+ $(LIBTOOL) --finish $(DESTDIR)$(libexecdir)

View File

@ -1,5 +1,5 @@
--- /usr/portage/net-nds/openldap/openldap-2.4.21.ebuild 2010-04-11 17:14:48.000000000 +0200
+++ openldap-2.4.22.ebuild 2010-06-03 05:27:07.963282627 +0200
+++ openldap-2.4.23.ebuild 2010-06-03 05:27:07.963282627 +0200
@@ -17,7 +17,7 @@
IUSE_BACKEND="+berkdb"
IUSE_OVERLAY="overlays perl"

View File

@ -0,0 +1,21 @@
#!/sbin/runscript
# Copyright 1999-2004 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/files/slapd-initd,v 1.3 2009/07/28 21:28:25 robbat2 Exp $
depend() {
need net
before dbus hald avahi-daemon
}
start() {
ebegin "Starting ldap-server"
eval start-stop-daemon --start --pidfile /var/run/openldap/slapd.pid --exec /usr/lib/openldap/slapd -- -u ldap -g ldap "${OPTS}"
eend $?
}
stop() {
ebegin "Stopping ldap-server"
start-stop-daemon --stop --signal 2 --quiet --pidfile /var/run/openldap/slapd.pid
eend $?
}

View File

@ -0,0 +1,621 @@
# Copyright 1999-2010 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/openldap-2.4.23.ebuild,v 1.7 2010/09/12 04:34:43 josejx Exp $
EAPI="2"
inherit db-use eutils flag-o-matic multilib ssl-cert versionator toolchain-funcs
DESCRIPTION="LDAP suite of application and development tools"
HOMEPAGE="http://www.OpenLDAP.org/"
SRC_URI="mirror://openldap/openldap-release/${P}.tgz"
LICENSE="OPENLDAP"
SLOT="0"
KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd ~x86-fbsd"
IUSE_DAEMON="crypt icu samba slp tcpd experimental minimal"
IUSE_BACKEND="+berkdb"
IUSE_OVERLAY="overlays perl"
IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 syslog selinux"
IUSE_CONTRIB="smbkrb5passwd kerberos samba4"
IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
# openssl is needed to generate lanman-passwords required by samba
RDEPEND="sys-libs/ncurses
icu? ( dev-libs/icu )
tcpd? ( sys-apps/tcp-wrappers )
ssl? ( !gnutls? ( dev-libs/openssl )
gnutls? ( net-libs/gnutls ) )
sasl? ( dev-libs/cyrus-sasl )
!minimal? (
odbc? ( !iodbc? ( dev-db/unixODBC )
iodbc? ( dev-db/libiodbc ) )
slp? ( net-libs/openslp )
perl? ( dev-lang/perl[-build] )
samba? ( dev-libs/openssl )
berkdb? ( sys-libs/db )
smbkrb5passwd? (
dev-libs/openssl
app-crypt/heimdal )
kerberos? ( virtual/krb5 )
cxx? ( dev-libs/cyrus-sasl )
)
selinux? ( sec-policy/selinux-openldap )"
DEPEND="${RDEPEND}"
# for tracking versions
OPENLDAP_VERSIONTAG=".version-tag"
OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
openldap_filecount() {
local dir="$1"
find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG.example' | wc -l
}
openldap_find_versiontags() {
# scan for all datadirs
openldap_datadirs=""
if [ -f "${ROOT}"/etc/openldap/slapd.conf ]; then
openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${ROOT}/etc/openldap/slapd.conf)"
fi
openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
einfo
einfo "Scanning datadir(s) from slapd.conf and"
einfo "the default installdir for Versiontags"
einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
einfo
# scan datadirs if we have a version tag
openldap_found_tag=0
have_files=0
for each in ${openldap_datadirs}; do
CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
einfo "- Checking ${each}..."
if [ -r ${CURRENT_TAG} ] ; then
# yey, we have one :)
einfo " Found Versiontag in ${each}"
source ${CURRENT_TAG}
if [ "${OLDPF}" == "" ] ; then
eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
eerror "Please delete it"
eerror
die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
fi
OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
[ $(openldap_filecount ${CURRENT_TAGDIR}) -gt 0 ] && have_files=1
# are we on the same branch?
if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
ewarn " Versiontag doesn't match current major release!"
if [[ "${have_files}" == "1" ]] ; then
eerror " Versiontag says other major and you (probably) have datafiles!"
echo
openldap_upgrade_howto
else
einfo " No real problem, seems there's no database."
fi
else
einfo " Versiontag is fine here :)"
fi
else
einfo " Non-tagged dir ${each}"
[ $(openldap_filecount ${each}) -gt 0 ] && have_files=1
if [[ "${have_files}" == "1" ]] ; then
einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
echo
eerror
eerror "Your OpenLDAP Installation has a non tagged datadir that"
eerror "possibly contains a database at ${CURRENT_TAGDIR}"
eerror
eerror "Please export data if any entered and empty or remove"
eerror "the directory, installation has been stopped so you"
eerror "can take required action"
eerror
eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
eerror
die "Please move the datadir ${CURRENT_TAGDIR} away"
fi
fi
einfo
fi
done
[ "${have_files}" == "1" ] && einfo "DB files present" || einfo "No DB files present"
# Now we must check for the major version of sys-libs/db linked against.
SLAPD_PATH=${ROOT}/usr/$(get_libdir)/openldap/slapd
if [ "${have_files}" == "1" -a -f "${SLAPD_PATH}" ]; then
OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
| awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
NEWVER="$(use berkdb && db_findver sys-libs/db)"
local fail=0
if [ -z "${OLDVER}" -a -z "${NEWVER}" ]; then
:
# Nothing wrong here.
elif [ -z "${OLDVER}" -a -n "${NEWVER}" ]; then
eerror " Your existing version of OpenLDAP was not built against"
eerror " any version of sys-libs/db, but the new one will build"
eerror " against ${NEWVER} and your database may be inaccessible."
echo
fail=1
elif [ -n "${OLDVER}" -a -z "${NEWVER}" ]; then
eerror " Your existing version of OpenLDAP was built against"
eerror " sys-libs/db:${OLDVER}, but the new one will not be"
eerror " built against any version and your database may be"
eerror " inaccessible."
echo
fail=1
elif [ "${OLDVER}" != "${NEWVER}" ]; then
eerror " Your existing version of OpenLDAP was built against"
eerror " sys-libs/db:${OLDVER}, but the new one will build against"
eerror " ${NEWVER} and your database would be inaccessible."
echo
fail=1
fi
[ "${fail}" == "1" ] && openldap_upgrade_howto
fi
echo
einfo
einfo "All datadirs are fine, proceeding with merge now..."
einfo
}
openldap_upgrade_howto() {
eerror
eerror "A (possible old) installation of OpenLDAP was detected,"
eerror "installation will not proceed for now."
eerror
eerror "As major version upgrades can corrupt your database,"
eerror "you need to dump your database and re-create it afterwards."
eerror
eerror "Additionally, rebuilding against different major versions of the"
eerror "sys-libs/db libraries will cause your database to be inaccessible."
eerror ""
d="$(date -u +%s)"
l="/root/ldapdump.${d}"
i="${l}.raw"
eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
eerror " 2. slapcat -l ${i}"
eerror " 3. egrep -v '^entryCSN:' <${i} >${l}"
eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
eerror " 5. emerge --update \=net-nds/${PF}"
eerror " 6. etc-update, and ensure that you apply the changes"
eerror " 7. slapadd -l ${l}"
eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
eerror " 9. /etc/init.d/slapd start"
eerror "10. check that your data is intact."
eerror "11. set up the new replication system."
eerror
if [ "${FORCE_UPGRADE}" != "1" ]; then
die "You need to upgrade your database first"
else
eerror "You have the magical FORCE_UPGRADE=1 in place."
eerror "Don't say you weren't warned about data loss."
fi
}
pkg_setup() {
if ! use sasl && use cxx ; then
die "To build the ldapc++ library you must emerge openldap with sasl support"
fi
if use minimal && has_version "net-nds/openldap" && built_with_use net-nds/openldap minimal ; then
einfo
einfo "Skipping scan for previous datadirs as requested by minimal useflag"
einfo
else
openldap_find_versiontags
fi
enewgroup ldap 439
enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
}
src_prepare() {
# ensure correct SLAPI path by default
sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "/var/run/openldap/slapd.sock",' \
"${S}"/include/ldap_defaults.h
epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
epatch \
"${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \
"${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
# bug #116045 - still present in 2.4.19
epatch "${FILESDIR}"/${PN}-2.4.19-contrib-smbk5pwd.patch
# bug #189817
epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
# bug #233633
epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch
cd "${S}"/build
einfo "Making sure upstream build strip does not do stripping too early"
sed -i.orig \
-e '/^STRIP/s,-s,,g' \
top.mk || die "Failed to block stripping"
# wrong assumption that /bin/sh is /bin/bash
sed -i \
-e 's|/bin/sh|/bin/bash|g' \
"${S}"/tests/scripts/* || die "sed failed"
}
build_contrib_module() {
lt="${S}/libtool"
# <dir> <sources> <outputname>
cd "${S}/contrib/slapd-modules/$1"
einfo "Compiling contrib-module: $3"
# Make sure it's uppercase
local define_name="$(echo "SLAPD_OVER_${1}" | LC_ALL=C tr '[:lower:]' '[:upper:]')"
"${lt}" --mode=compile --tag=CC \
"${CC}" \
-D${define_name}=SLAPD_MOD_DYNAMIC \
-I../../../include -I../../../servers/slapd ${CFLAGS} \
-o ${2%.c}.lo -c $2 || die "compiling $3 failed"
einfo "Linking contrib-module: $3"
"${lt}" --mode=link --tag=CC \
"${CC}" -module \
${CFLAGS} \
${LDFLAGS} \
-rpath /usr/$(get_libdir)/openldap/openldap \
-o $3.la ${2%.c}.lo || die "linking $3 failed"
}
src_configure() {
local myconf
#Fix for glibc-2.8 and ucred. Bug 228457.
append-flags -D_GNU_SOURCE
use debug && myconf="${myconf} $(use_enable debug)"
# ICU usage is not configurable
export ac_cv_header_unicode_utypes_h="$(use icu && echo yes || echo no)"
if ! use minimal ; then
# re-enable serverside overlay chains per bug #296567
# see ldap docs chaper 12.3.1 for details
myconf="${myconf} --enable-ldap"
# backends
myconf="${myconf} --enable-slapd"
if use berkdb ; then
einfo "Using Berkeley DB for local backend"
myconf="${myconf} --enable-bdb --enable-hdb"
# We need to include the slotted db.h dir for FreeBSD
append-cppflags -I$(db_includedir)
else
ewarn
ewarn "Note: if you disable berkdb, you can only use remote-backends!"
ewarn
ebeep 5
myconf="${myconf} --disable-bdb --disable-hdb"
fi
for backend in dnssrv ldap meta monitor null passwd relay shell sock; do
myconf="${myconf} --enable-${backend}=mod"
done
myconf="${myconf} $(use_enable perl perl mod)"
myconf="${myconf} $(use_enable odbc sql mod)"
if use odbc ; then
local odbc_lib="unixodbc"
if use iodbc ; then
odbc_lib="iodbc"
append-cppflags -I/usr/include/iodbc
fi
myconf="${myconf} --with-odbc=${odbc_lib}"
fi
# slapd options
myconf="${myconf} $(use_enable crypt) $(use_enable slp)"
myconf="${myconf} $(use_enable samba lmpasswd) $(use_enable syslog)"
if use experimental ; then
myconf="${myconf} --enable-dynacl"
myconf="${myconf} --enable-aci=mod"
fi
for option in aci cleartext modules rewrite rlookups slapi; do
myconf="${myconf} --enable-${option}"
done
# slapd overlay options
# Compile-in the syncprov, the others as module
myconf="${myconf} --enable-syncprov=yes"
use overlays && myconf="${myconf} --enable-overlays=mod"
else
myconf="${myconf} --disable-slapd --disable-bdb --disable-hdb"
myconf="${myconf} --disable-overlays --disable-syslog"
fi
# basic functionality stuff
myconf="${myconf} $(use_enable ipv6)"
myconf="${myconf} $(use_with sasl cyrus-sasl) $(use_enable sasl spasswd)"
myconf="${myconf} $(use_enable tcpd wrappers)"
local ssl_lib="no"
if use ssl || ( use ! minimal && use samba ) ; then
ssl_lib="openssl"
use gnutls && ssl_lib="gnutls"
fi
myconf="${myconf} --with-tls=${ssl_lib}"
for basicflag in dynamic local proctitle shared static; do
myconf="${myconf} --enable-${basicflag}"
done
tc-export CC AR CXX
STRIP=/bin/true \
econf \
--libexecdir=/usr/$(get_libdir)/openldap \
${myconf} || die "econf failed"
}
src_configure_cxx() {
# This needs the libraries built by the first build run.
# So we have to run it AFTER the main build, not just after the main
# configure.
if ! use minimal ; then
if use cxx ; then
local myconf_ldapcpp
myconf_ldapcpp="${myconf_ldapcpp} --with-ldap-includes=../../include"
cd "${S}/contrib/ldapc++"
OLD_LDFLAGS="$LDFLAGS"
OLD_CPPFLAGS="$CPPFLAGS"
append-ldflags -L../../libraries/liblber/.libs -L../../libraries/libldap/.libs
append-ldflags -L../../../libraries/liblber/.libs -L../../../libraries/libldap/.libs
append-cppflags -I../../../include
econf ${myconf_ldapcpp} \
CC="${CC}" \
CXX="${CXX}" \
|| die "econf ldapc++ failed"
CPPFLAGS="$OLD_CPPFLAGS"
LDFLAGS="${OLD_LDFLAGS}"
fi
fi
}
src_compile() {
emake depend || die "emake depend failed"
emake CC="${CC}" AR="${AR}" || die "emake failed"
lt="${S}/libtool"
export echo="echo"
if ! use minimal ; then
if use cxx ; then
einfo "Building contrib library: ldapc++"
src_configure_cxx
cd "${S}/contrib/ldapc++"
emake \
CC="${CC}" CXX="${CXX}" \
|| die "emake ldapc++ failed"
fi
if use smbkrb5passwd ; then
einfo "Building contrib-module: smbk5pwd"
cd "${S}/contrib/slapd-modules/smbk5pwd"
emake \
DEFS="-DDO_SAMBA -DDO_KRB5" \
KRB5_INC="$(krb5-config --cflags)" \
CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap" \
|| die "emake smbk5pwd failed"
fi
if use samba4 ; then
einfo "Building contrib-module: samba4"
cd "${S}/contrib/slapd-modules/samba4"
emake \
CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap" \
|| die "emake samba4 failed"
fi
if use kerberos ; then
cd "${S}/contrib/slapd-modules/passwd"
einfo "Compiling contrib-module: pw-kerberos"
"${lt}" --mode=compile --tag=CC \
"${CC}" \
-I../../../include \
${CFLAGS} \
$(krb5-config --cflags) \
-DHAVE_KRB5 \
-o kerberos.lo \
-c kerberos.c || die "compiling pw-kerberos failed"
einfo "Linking contrib-module: pw-kerberos"
"${lt}" --mode=link --tag=CC \
"${CC}" -module \
${CFLAGS} \
${LDFLAGS} \
-rpath /usr/$(get_libdir)/openldap/openldap \
-o pw-kerberos.la \
kerberos.lo || die "linking pw-kerberos failed"
fi
# We could build pw-radius if GNURadius would install radlib.h
cd "${S}/contrib/slapd-modules/passwd"
einfo "Compiling contrib-module: pw-netscape"
"${lt}" --mode=compile --tag=CC \
"${CC}" \
-I../../../include \
${CFLAGS} \
-o netscape.lo \
-c netscape.c || die "compiling pw-netscape failed"
einfo "Linking contrib-module: pw-netscape"
"${lt}" --mode=link --tag=CC \
"${CC}" -module \
${CFLAGS} \
${LDFLAGS} \
-rpath /usr/$(get_libdir)/openldap/openldap \
-o pw-netscape.la \
netscape.lo || die "linking pw-netscape failed"
build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
build_contrib_module "allop" "allop.c" "overlay-allop"
build_contrib_module "allowed" "allowed.c" "allowed"
build_contrib_module "autogroup" "autogroup.c" "autogroup"
build_contrib_module "denyop" "denyop.c" "denyop-overlay"
build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
# lastmod may not play well with other overlays
build_contrib_module "lastmod" "lastmod.c" "lastmod"
build_contrib_module "nops" "nops.c" "nops-overlay"
build_contrib_module "trace" "trace.c" "trace"
# build slapi-plugins
cd "${S}/contrib/slapi-plugins/addrdnvalues"
einfo "Building contrib-module: addrdnvalues plugin"
"${CC}" -shared \
-I../../../include \
${CFLAGS} \
-fPIC \
${LDFLAGS} \
-o libaddrdnvalues-plugin.so \
addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
fi
}
src_test() {
cd tests ; make tests || die "make tests failed"
}
src_install() {
lt="${S}/libtool"
emake DESTDIR="${D}" install || die "make install failed"
dodoc ANNOUNCEMENT CHANGES COPYRIGHT README "${FILESDIR}"/DB_CONFIG.fast.example
docinto rfc ; dodoc doc/rfc/*.txt
# openldap modules go here
# TODO: write some code to populate slapd.conf with moduleload statements
keepdir /usr/$(get_libdir)/openldap/openldap/
# initial data storage dir
keepdir /var/lib/openldap-data
fowners ldap:ldap /var/lib/openldap-data
fperms 0700 /var/lib/openldap-data
echo "OLDPF='${PF}'" > "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
echo "# do NOT delete this. it is used" >> "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
echo "# to track versions for upgrading." >> "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
# change slapd.pid location in configuration file
keepdir /var/run/openldap
fowners ldap:ldap /var/run/openldap
fperms 0755 /var/run/openldap
if ! use minimal; then
# use our config
rm "${D}"etc/openldap/slapd.conf
insinto /etc/openldap
newins "${FILESDIR}"/${PN}-2.3.34-slapd-conf slapd.conf
configfile="${D}"etc/openldap/slapd.conf
# populate with built backends
ebegin "populate config with built backends"
for x in "${D}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
elog "Adding $(basename ${x})"
sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
done
sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
fowners root:ldap /etc/openldap/slapd.conf
fperms 0640 /etc/openldap/slapd.conf
cp "${configfile}" "${configfile}".default
eend
# install our own init scripts
newinitd "${FILESDIR}"/slapd-initd2 slapd
newconfd "${FILESDIR}"/slapd-confd slapd
if [ $(get_libdir) != lib ]; then
sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i "${D}"etc/init.d/slapd
fi
if use cxx ; then
einfo "Install the ldapc++ library"
cd "${S}/contrib/ldapc++"
emake DESTDIR="${D}" libexecdir="/usr/$(get_libdir)/openldap" install || die "emake install ldapc++ failed"
newdoc README ldapc++-README
fi
if use smbkrb5passwd ; then
einfo "Install the smbk5pwd module"
cd "${S}/contrib/slapd-modules/smbk5pwd"
emake DESTDIR="${D}" libexecdir="/usr/$(get_libdir)/openldap" install || die "emake install smbk5pwd failed"
newdoc README smbk5pwd-README
fi
if use samba4 ; then
einfo "Install the samba4 module"
cd "${S}/contrib/slapd-modules/samba4"
emake DESTDIR="${D}" libexecdir="/usr/$(get_libdir)/openldap" install || die "emake install samba4 failed"
newdoc README samba4-README
fi
einfo "Installing contrib modules"
cd "${S}/contrib/slapd-modules"
for l in */*.la; do
"${lt}" --mode=install cp ${l} \
"${D}"usr/$(get_libdir)/openldap/openldap || \
die "installing ${l} failed"
done
docinto contrib
newdoc addpartial/README addpartial-README
newdoc allop/README allop-README
doman allop/slapo-allop.5
newdoc autogroup/README autogroup-README
newdoc denyop/denyop.c denyop-denyop.c
newdoc dsaschema/README dsaschema-README
doman lastmod/slapo-lastmod.5
doman nops/slapo-nops.5
newdoc passwd/README passwd-README
cd "${S}/contrib/slapi-plugins"
insinto /usr/$(get_libdir)/openldap/openldap
doins */*.so
docinto contrib
newdoc addrdnvalues/README addrdnvalues-README
fi
}
pkg_preinst() {
# keep old libs if any
preserve_old_lib usr/$(get_libdir)/{libldap,libldap_r,liblber}-2.3.so.0
}
pkg_postinst() {
if ! use minimal ; then
# You cannot build SSL certificates during src_install that will make
# binary packages containing your SSL key, which is both a security risk
# and a misconfiguration if multiple machines use the same key and cert.
if use ssl; then
install_cert /etc/openldap/ssl/ldap
chown ldap:ldap "${ROOT}"etc/openldap/ssl/ldap.*
ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
ewarn "add 'TLS_REQCERT never' if you want to use them."
fi
# These lines force the permissions of various content to be correct
chown ldap:ldap "${ROOT}"var/run/openldap
chmod 0755 "${ROOT}"var/run/openldap
chown root:ldap "${ROOT}"etc/openldap/slapd.conf{,.default}
chmod 0640 "${ROOT}"etc/openldap/slapd.conf{,.default}
chown ldap:ldap "${ROOT}"var/lib/openldap-{data,ldbm}
fi
elog "Getting started using OpenLDAP? There is some documentation available:"
elog "Gentoo Guide to OpenLDAP Authentication"
elog "(http://www.gentoo.org/doc/en/ldap-howto.xml)"
elog "---"
elog "An example file for tuning BDB backends with openldap is"
elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3.so.0
}