diff options
| author |   Robin H. Johnson <robbat2@gentoo.org> | 2009-05-24 21:00:10 +0000 |
|---|---|---|
| committer | Robin H. Johnson <robbat2@gentoo.org> | 2009-05-24 21:00:10 +0000 |
| commit | 21cbd63145e4e86a4d87d884373ea9cab1ce39c0 (patch) | |
| tree | 5a28375dbb7d3664c30f832689177f8579a2bd10 /net-nds | |
| parent | stable sparc, security bug 270671 (diff) | |
| download | gentoo-2-21cbd63145e4e86a4d87d884373ea9cab1ce39c0.tar.gz gentoo-2-21cbd63145e4e86a4d87d884373ea9cab1ce39c0.tar.bz2 gentoo-2-21cbd63145e4e86a4d87d884373ea9cab1ce39c0.zip | |
Fix to offer new option for STARTTLS if required, as needed by Gentoo infrastructure.
(Portage version: 2.2_rc33/cvs/Linux x86_64)
Diffstat (limited to 'net-nds')
| -rw-r--r-- | net-nds/nsscache/ChangeLog | 10 | ||||
| -rw-r--r-- | net-nds/nsscache/files/nsscache-0.8.3-starttls.patch | 44 | ||||
| -rw-r--r-- | net-nds/nsscache/files/nsscache.conf | 2 | ||||
| -rw-r--r-- | net-nds/nsscache/nsscache-0.8.3-r1.ebuild | 32 |
4 files changed, 87 insertions, 1 deletions
diff --git a/net-nds/nsscache/ChangeLog b/net-nds/nsscache/ChangeLog index aa3a5436d45b..59ecdfd65f2a 100644 --- a/net-nds/nsscache/ChangeLog +++ b/net-nds/nsscache/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for net-nds/nsscache # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-nds/nsscache/ChangeLog,v 1.3 2009/05/22 04:23:17 robbat2 Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-nds/nsscache/ChangeLog,v 1.4 2009/05/24 21:00:10 robbat2 Exp $ + +*nsscache-0.8.3-r1 (24 May 2009) + + 24 May 2009; Robin H. Johnson <robbat2@gentoo.org> + +nsscache-0.8.3-r1.ebuild, +files/nsscache-0.8.3-starttls.patch, + files/nsscache.conf: + Fix to offer new option for STARTTLS if required, as needed by Gentoo + infrastructure. 22 May 2009; Robin H. Johnson <robbat2@gentoo.org> metadata.xml: Taking over maintenance of this as we use it heavily in infra. diff --git a/net-nds/nsscache/files/nsscache-0.8.3-starttls.patch b/net-nds/nsscache/files/nsscache-0.8.3-starttls.patch new file mode 100644 index 000000000000..c345c958f137 --- /dev/null +++ b/net-nds/nsscache/files/nsscache-0.8.3-starttls.patch @@ -0,0 +1,44 @@ +Some LDAP configurations require STARTTLS, like the Gentoo infrastructure one. +Add a new configuration file to do it. + +Signed-off-by: Robin H. Johnson <robbat2@gentoo.org> + +diff -Nuar ../nsscache-0.8.3.orig/nss_cache/sources/ldapsource.py ../nsscache-0.8.3/nss_cache/sources/ldapsource.py +--- ../nsscache-0.8.3.orig/nss_cache/sources/ldapsource.py 2008-09-08 18:31:58.000000000 -0700 ++++ ../nsscache-0.8.3/nss_cache/sources/ldapsource.py 2009-05-24 13:56:14.009240803 -0700 +@@ -76,6 +76,8 @@ + self.conn = rlo(uri=conf['uri'], + retry_max=conf['retry_max'], + retry_delay=conf['retry_delay']) ++ if configuration['ldap_tls_starttls'] == 1: ++ self.conn.start_tls_s() + else: + self.conn = conn + +@@ -120,6 +122,13 @@ + elif configuration['tls_require_cert'] == 'try': + configuration['tls_require_cert'] = ldap.OPT_X_TLS_TRY + ++ # Should we issue STARTTLS? ++ if configuration['ldap_tls_starttls'] in (1, '1', 'on', 'yes', 'true'): ++ configuration['ldap_tls_starttls'] = 1 ++ #if not configuration['ldap_tls_starttls']: ++ else: ++ configuration['ldap_tls_starttls'] = 0 ++ + # Setting global ldap defaults. + ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, + configuration['tls_require_cert']) +diff -Nuar ../nsscache-0.8.3.orig/nsscache.conf ../nsscache-0.8.3/nsscache.conf +--- ../nsscache-0.8.3.orig/nsscache.conf 2008-09-08 18:31:58.000000000 -0700 ++++ ../nsscache-0.8.3/nsscache.conf 2009-05-24 13:56:18.182858446 -0700 +@@ -70,6 +70,9 @@ + # Default filename for trusted CAs + #ldap_tls_cacertfile = '/usr/share/ssl/cert.pem' + ++# Should we issue STARTTLS? ++# ldap_tls_starttls = 1 ++ + + ## + # nssdb module defaults diff --git a/net-nds/nsscache/files/nsscache.conf b/net-nds/nsscache/files/nsscache.conf index 5f54fe8353d1..c17f4a2df9c8 100644 --- a/net-nds/nsscache/files/nsscache.conf +++ b/net-nds/nsscache/files/nsscache.conf @@ -70,6 +70,8 @@ ldap_filter = (objectclass=posixAccount) # Default filename for trusted CAs #ldap_tls_cacertfile = '/usr/share/ssl/cert.pem' +# Should we issue STARTTLS? +# ldap_tls_starttls = 1 ## # nssdb module defaults diff --git a/net-nds/nsscache/nsscache-0.8.3-r1.ebuild b/net-nds/nsscache/nsscache-0.8.3-r1.ebuild new file mode 100644 index 000000000000..c97e9bcb62f8 --- /dev/null +++ b/net-nds/nsscache/nsscache-0.8.3-r1.ebuild @@ -0,0 +1,32 @@ +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-nds/nsscache/nsscache-0.8.3-r1.ebuild,v 1.1 2009/05/24 21:00:10 robbat2 Exp $ + +inherit distutils + +DESCRIPTION="commandline tool to sync directory services to local cache." +HOMEPAGE="http://code.google.com/p/nsscache/" +SRC_URI="http://nsscache.googlecode.com/files/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="nssdb nsscache" + +RDEPEND="dev-python/python-ldap + nssdb? ( sys-libs/nss-db ) + nsscache? ( sys-auth/libnss-cache )" +DEPEND="$RDEPEND" + +src_unpack() { + distutils_src_unpack + epatch "${FILESDIR}"/${PN}-0.8.3-starttls.patch +} + +src_install() { + distutils_src_install + insinto /etc + doins "$FILESDIR/nsscache.conf" # overwrite default with working config. + doman *.[1-8] + dodoc THANKS nsscache.cron +} |