diff options
Diffstat (limited to 'net-nds/openldap/files')
| -rw-r--r-- | net-nds/openldap/files/openldap-2.4.33-gnutls.patch | 60 | ||||
| -rw-r--r-- | net-nds/openldap/files/openldap-2.4.40-mdb-unbundle.patch | 136 | ||||
| -rw-r--r-- | net-nds/openldap/files/slapd-initd-2.4.28-r1 | 36 | ||||
| -rw-r--r-- | net-nds/openldap/files/slapd-initd-2.4.40 | 51 | ||||
| -rw-r--r-- | net-nds/openldap/files/slapd-initd-2.4.40-r1 | 65 |
5 files changed, 0 insertions, 348 deletions
diff --git a/net-nds/openldap/files/openldap-2.4.33-gnutls.patch b/net-nds/openldap/files/openldap-2.4.33-gnutls.patch deleted file mode 100644 index 2b07c85c04aa..000000000000 --- a/net-nds/openldap/files/openldap-2.4.33-gnutls.patch +++ /dev/null @@ -1,60 +0,0 @@ -From 98de912932732f1441300eb64ca3070ff1469fcf Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <petr.pisar@atlas.cz> -Date: Sun, 30 Dec 2012 21:11:06 +0100 -Subject: [PATCH] GnuTLS 3.0 removed gnutls_certificate_get_x509_cas() - ---- - libraries/libldap/tls_g.c | 23 +++++++++++++++++++++++ - 1 file changed, 23 insertions(+) - -diff --git a/libraries/libldap/tls_g.c b/libraries/libldap/tls_g.c -index 40616f5..374514d 100644 ---- a/libraries/libldap/tls_g.c -+++ b/libraries/libldap/tls_g.c -@@ -60,6 +60,12 @@ - #undef HAVE_GCRYPT_RAND - #endif - -+#if LIBGNUTLS_VERSION_NUMBER >= 0x030000 -+#define HAVE_GNUTLS_CERTIFICATE_GET_ISSUER 1 -+#else -+#undef HAVE_GNUTLS_CERTIFICATE_GET_ISSUER -+#endif -+ - #ifndef HAVE_CIPHERSUITES - /* Versions prior to 2.2.0 didn't handle cipher suites, so we had to - * kludge them ourselves. -@@ -368,6 +374,22 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server ) - * then we have to build the cert chain. - */ - if ( max == 1 && !gnutls_x509_crt_check_issuer( certs[0], certs[0] )) { -+#ifdef HAVE_GNUTLS_CERTIFICATE_GET_ISSUER -+ gnutls_x509_crt_t issuer; -+ unsigned int i; -+ -+ for ( i = 1; i<VERIFY_DEPTH; i++ ) { -+ /* If no CA is known, we're done */ -+ if ( gnutls_certificate_get_issuer( ctx->cred, certs[i-1], -+ &issuer, 0 ) ) -+ break; -+ certs[i] = issuer; -+ max++; -+ /* If this CA is self-signed, we're done */ -+ if ( gnutls_x509_crt_check_issuer( certs[i], certs[i] )) -+ break; -+ } -+#else - gnutls_x509_crt_t *cas; - unsigned int i, j, ncas; - -@@ -387,6 +409,7 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server ) - if ( j == ncas ) - break; - } -+#endif /* !defined HAVE_GNUTLS_CERTIFICATE_GET_ISSUER */ - } - rc = gnutls_certificate_set_x509_key( ctx->cred, certs, max, key ); - if ( rc ) return -1; --- -1.8.0.2 - diff --git a/net-nds/openldap/files/openldap-2.4.40-mdb-unbundle.patch b/net-nds/openldap/files/openldap-2.4.40-mdb-unbundle.patch deleted file mode 100644 index 9265a01701ab..000000000000 --- a/net-nds/openldap/files/openldap-2.4.40-mdb-unbundle.patch +++ /dev/null @@ -1,136 +0,0 @@ ---- ./build/top.mk.orig 2014-10-24 14:34:59.260827298 +0200 -+++ ./build/top.mk 2014-10-24 14:35:25.281168893 +0200 -@@ -160,6 +160,7 @@ - LTHREAD_LIBS = @LTHREAD_LIBS@ - - BDB_LIBS = @BDB_LIBS@ -+MDB_LIBS = @MDB_LIBS@ - SLAPD_NDB_LIBS = @SLAPD_NDB_LIBS@ - - LDAP_LIBLBER_LA = $(LDAP_LIBDIR)/liblber/liblber.la ---- ./build/openldap.m4.orig 2014-10-24 10:52:02.837221734 +0200 -+++ ./build/openldap.m4 2014-10-24 11:31:02.748087966 +0200 -@@ -563,6 +563,38 @@ - ], [ol_cv_bdb_compat=yes], [ol_cv_bdb_compat=no])]) - ]) - -+dnl -------------------------------------------------------------------- -+dnl Check for version compatility with back-mdb -+AC_DEFUN([OL_MDB_COMPAT], -+[AC_CACHE_CHECK([if LMDB version supported by MDB backends], [ol_cv_mdb_compat],[ -+ AC_EGREP_CPP(__mdb_version_compat,[ -+#include <lmdb.h> -+ -+/* require 0.9.14 or later */ -+#if MDB_VERSION_FULL >= 0x00000009000E -+ __mdb_version_compat -+#endif -+ ], [ol_cv_mdb_compat=yes], [ol_cv_mdb_compat=no])]) -+]) -+ -+dnl -+dnl -------------------------------------------------------------------- -+dnl Find any MDB -+AC_DEFUN([OL_MDB], -+[ol_cv_mdb=no -+AC_CHECK_HEADERS(lmdb.h) -+if test $ac_cv_header_lmdb_h = yes; then -+ OL_MDB_COMPAT -+ -+ if test $ol_cv_mdb_compat != yes ; then -+ AC_MSG_ERROR([LMDB version incompatible with MDB backends]) -+ fi -+ -+ ol_cv_lib_mdb=-llmdb -+ ol_cv_mdb=yes -+fi -+]) -+ - dnl - dnl ==================================================================== - dnl Check POSIX Thread version ---- ./servers/slapd/back-mdb/Makefile.in.orig 2014-10-24 10:31:30.860931076 +0200 -+++ ./servers/slapd/back-mdb/Makefile.in 2014-10-24 14:33:33.803705424 +0200 -@@ -25,11 +25,10 @@ - extended.lo operational.lo \ - attr.lo index.lo key.lo filterindex.lo \ - dn2entry.lo dn2id.lo id2entry.lo idl.lo \ -- nextid.lo monitor.lo mdb.lo midl.lo -+ nextid.lo monitor.lo - - LDAP_INCDIR= ../../../include - LDAP_LIBDIR= ../../../libraries --MDB_SUBDIR = $(srcdir)/$(LDAP_LIBDIR)/liblmdb - - BUILD_OPT = "--enable-mdb" - BUILD_MOD = @BUILD_MDB@ -@@ -44,7 +43,7 @@ - - LIBBASE = back_mdb - --XINCPATH = -I.. -I$(srcdir)/.. -I$(MDB_SUBDIR) -+XINCPATH = -I.. -I$(srcdir)/.. - XDEFS = $(MODULES_CPPFLAGS) - - all-local-lib: ../.backend -@@ -52,11 +51,5 @@ - ../.backend: lib$(LIBBASE).a - @touch $@ - --mdb.lo: $(MDB_SUBDIR)/mdb.c -- $(LTCOMPILE_MOD) $(MDB_SUBDIR)/mdb.c -- --midl.lo: $(MDB_SUBDIR)/midl.c -- $(LTCOMPILE_MOD) $(MDB_SUBDIR)/midl.c -- - veryclean-local-lib: FORCE - $(RM) $(XXHEADERS) $(XXSRCS) .links ---- ./configure.in.orig 2014-10-24 10:46:53.289139847 +0200 -+++ ./configure.in 2014-10-24 10:51:34.372846374 +0200 -@@ -519,6 +519,7 @@ - dnl Initialize vars - LDAP_LIBS= - BDB_LIBS= -+MDB_LIBS= - SLAPD_NDB_LIBS= - SLAPD_NDB_INCS= - LTHREAD_LIBS= -@@ -1905,6 +1906,30 @@ - fi - - dnl ---------------------------------------------------------------- -+ol_link_mdb=no -+ -+if test $ol_enable_mdb != no; then -+ OL_MDB -+ -+ if test $ol_cv_mdb = no ; then -+ AC_MSG_ERROR(MDB: LMDB not available) -+ fi -+ -+ AC_DEFINE(HAVE_MDB,1, -+ [define this if LMDB is available]) -+ -+ dnl $ol_cv_lib_mdb should be yes or -llmdb -+ dnl (it could be no, but that would be an error -+ if test $ol_cv_lib_mdb != yes ; then -+ MDB_LIBS="$MDB_LIBS $ol_cv_lib_mdb" -+ fi -+ -+ SLAPD_LIBS="$SLAPD_LIBS \$(MDB_LIBS)" -+ -+ ol_link_mdb=yes -+fi -+ -+dnl ---------------------------------------------------------------- - - if test $ol_enable_dynamic = yes && test $enable_shared = yes ; then - BUILD_LIBS_DYNAMIC=shared -@@ -3133,6 +3158,7 @@ - AC_SUBST(LDAP_LIBS) - AC_SUBST(SLAPD_LIBS) - AC_SUBST(BDB_LIBS) -+AC_SUBST(MDB_LIBS) - AC_SUBST(SLAPD_NDB_LIBS) - AC_SUBST(SLAPD_NDB_INCS) - AC_SUBST(LTHREAD_LIBS) diff --git a/net-nds/openldap/files/slapd-initd-2.4.28-r1 b/net-nds/openldap/files/slapd-initd-2.4.28-r1 deleted file mode 100644 index 0bb8c81cbcda..000000000000 --- a/net-nds/openldap/files/slapd-initd-2.4.28-r1 +++ /dev/null @@ -1,36 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2012 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -extra_commands="checkconfig" - -[ -z "$INSTANCE" ] && INSTANCE="openldap${SVCNAME#slapd}" - -depend() { - need net - before dbus hald avahi-daemon - provide ldap -} - -start() { - checkpath -q -d /var/run/openldap/ -o ldap:ldap - if ! checkconfig -Q ; then - eerror "There is a problem with your slapd.conf!" - return 1 - fi - ebegin "Starting ldap-server" - [ -n "$KRB5_KTNAME" ] && export KRB5_KTNAME - eval start-stop-daemon --start --pidfile /var/run/openldap/${SVCNAME}.pid --exec /usr/lib/openldap/slapd -- -u ldap -g ldap "${OPTS}" - eend $? -} - -stop() { - ebegin "Stopping ldap-server" - start-stop-daemon --stop --signal 2 --quiet --pidfile /var/run/openldap/${SVCNAME}.pid - eend $? -} - -checkconfig() { - /usr/sbin/slaptest -u "$@" ${OPTS_CONF} -} diff --git a/net-nds/openldap/files/slapd-initd-2.4.40 b/net-nds/openldap/files/slapd-initd-2.4.40 deleted file mode 100644 index 473e9fd0e725..000000000000 --- a/net-nds/openldap/files/slapd-initd-2.4.40 +++ /dev/null @@ -1,51 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -extra_commands="checkconfig" - -[ -z "$INSTANCE" ] && INSTANCE="openldap${SVCNAME#slapd}" -PIDDIR=/run/openldap -PIDFILE=$PIDDIR/$SVCNAME.pid - -depend() { - need net - before dbus hald avahi-daemon - provide ldap -} - -start() { - checkpath -q -d ${PIDDIR} -o ldap:ldap - if ! checkconfig -Q ; then - eerror "There is a problem with your slapd.conf!" - return 1 - fi - ebegin "Starting ldap-server" - [ -n "$KRB5_KTNAME" ] && export KRB5_KTNAME - eval start-stop-daemon --start --pidfile ${PIDFILE} --exec /usr/lib/openldap/slapd -- -u ldap -g ldap "${OPTS}" - eend $? -} - -stop() { - ebegin "Stopping ldap-server" - start-stop-daemon --stop --signal 2 --quiet --pidfile ${PIDFILE} - eend $? -} - -checkconfig() { - # checks requested by bug #502948 - for d in `awk '/^directory/{print $2}'`; do - if [ ! -d $d ]; then - eerror "Directory $d in config does not exist!" - return 1 - fi - /usr/bin/find $d ! -name DB_CONFIG ! -user ldap -o ! -group ldap |grep -sq . - if [ $? -ne 0 ]; then - ewarn "You have files in $d not owned by the ldap user, you must ensure they are accessible to the slapd instance!" - fi - [ ! -e $d/DB_CONFIG ] && ewarn "$d/DB_CONFIG does not exist, slapd performance may be sub-optimal" - done - # now test the config fully - /usr/sbin/slaptest -u "$@" ${OPTS_CONF} -} diff --git a/net-nds/openldap/files/slapd-initd-2.4.40-r1 b/net-nds/openldap/files/slapd-initd-2.4.40-r1 deleted file mode 100644 index 3547e0751816..000000000000 --- a/net-nds/openldap/files/slapd-initd-2.4.40-r1 +++ /dev/null @@ -1,65 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -extra_commands="checkconfig" - -[ -z "$INSTANCE" ] && INSTANCE="openldap${SVCNAME#slapd}" -PIDDIR=/run/openldap -PIDFILE=$PIDDIR/$SVCNAME.pid - -depend() { - need net - before dbus hald avahi-daemon - provide ldap -} - -start() { - checkpath -q -d ${PIDDIR} -o ldap:ldap - if ! checkconfig -Q ; then - eerror "There is a problem with your slapd.conf!" - return 1 - fi - ebegin "Starting ldap-server" - [ -n "$KRB5_KTNAME" ] && export KRB5_KTNAME - eval start-stop-daemon --start --pidfile ${PIDFILE} --exec /usr/lib/openldap/slapd -- -u ldap -g ldap "${OPTS}" - eend $? -} - -stop() { - ebegin "Stopping ldap-server" - start-stop-daemon --stop --signal 2 --quiet --pidfile ${PIDFILE} - eend $? -} - -checkconfig() { - # checks requested by bug #502948 - # Step 1: extract the last valid config file or config dir - set -- $OPTS - while [ -n "$*" ]; do - opt=$1 ; shift - if [ "$opt" = "-f" -o "$opt" = "-F" ] ; then - CONF=$1 - shift - fi - done - set -- - # Fallback - CONF=${CONF-/etc/openldap/slapd.conf} - [ -d $CONF ] && CONF=${CONF}/* - DBDIRS=`eval awk '"/^(directory|olcDbDirectory:)/{print \$2}"' $CONF` - for d in $DBDIRS; do - if [ ! -d $d ]; then - eerror "Directory $d in config does not exist!" - return 1 - fi - /usr/bin/find $d ! -name DB_CONFIG ! -user ldap -o ! -group ldap |grep -sq . - if [ $? -ne 0 ]; then - ewarn "You have files in $d not owned by the ldap user, you must ensure they are accessible to the slapd instance!" - fi - [ ! -e $d/DB_CONFIG ] && ewarn "$d/DB_CONFIG does not exist, slapd performance may be sub-optimal" - done - # now test the config fully - /usr/sbin/slaptest -u "$@" ${OPTS_CONF} -} |