diff options
author | adam <adam@pkgsrc.org> | 2021-08-23 09:58:57 +0000 |
---|---|---|
committer | adam <adam@pkgsrc.org> | 2021-08-23 09:58:57 +0000 |
commit | baca07a8d1e9a03c250656926bc54d9f30573cad (patch) | |
tree | cf174faed72371c645f1d9c6164a41978b0a602d /databases | |
parent | c490ce672dd53d215559dc0665cf8e61982b1496 (diff) | |
download | pkgsrc-baca07a8d1e9a03c250656926bc54d9f30573cad.tar.gz |
openldap: updated to 2.5.7
OpenLDAP 2.5.7 Release (2021/08/18)
Fixed lloadd client state tracking
Fixed slapd bconfig to canonicalize structuralObjectclass
Fixed slapd-ldif duplicate controls response
Fixed slapd-mdb multival crash when attribute is missing an equality matchingrule
Fixed slapd-mdb compatibility with OpenLDAP 2.4 MDB databases
Fixed slapd-mdb idlexp maximum size handling
Fixed slapd-monitor number of ops executing with asynchronous backends
Fixed slapd-sql to add support for ppolicy attributes
Fixed slapd-sql to close transactions after bind and search
Fixed slapo-accesslog to make reqMod optional
Fixed slapo-ppolicy logging when pwdChangedTime attribute is not present
Documentation
slapd-mdb(5) note max idlexp size is 30, not 31
slapo-accesslog(5) note that reqMod is optional
Add ldapvc(1) man page
Add guide section on load balancer
Updated guide to document multiprovider as replacement for mirrormode
Updated guide to clarify slapd-mdb upgrade requirements
Updated guide to document removal of deprecated options from client tools
OpenLDAP 2.5.6 Release (2021/07/27)
Fixed libldap buffer overflow
Fixed libldap missing mutex unlock on connection alloc failure
Fixed lloadd cn=config olcBkLloadClientMaxPending setting
Fixed slapd multiple config defaults
Fixed slapd ipv6 addresses to work with tcp wrappers
Fixed slapo-syncprov delete of nonexistent sessionlog
Build
Fixed library symbol versioning on Solaris
Fixed compile warning in libldap/tpool.c
Fixed compile warning in libldap/tls_o.c
Contrib
Fixed ppm module for sysconfdir
Documentation
Updated guide to document multival, idlexp, and maxentrysize
OpenLDAP 2.5.5 Release (2021/06/03)
Added libldap LDAP_OPT_TCP_USER_TIMEOUT support
Added lloadd tcp-user-timeout support
Added slapd-asyncmeta tcp-user-timeout support
Added slapd-ldap tcp-user-timeout support
Added slapd-meta tcp-user-timeout support
Fixed incorrect control OIDs for AuthZ Identity
Fixed libldap typo in util-int.c
Fixed libldap double free of LDAP_OPT_DEFBASE
Fixed libldap better TLS1.3 cipher suite handling
Fixed lloadd multiple issues
Fixed slapd slap_op_time to avoid duplicates across restarts
Fixed slapd typo in daemon.c
Fixed slapd slapi compilation
Fixed slapd to handle empty DN in extended filters
Fixed slapd syncrepl searches with empty base
Fixed slapd syncrepl refresh on startup
Fixed slapd abort due to typo
Fixed slapd-asyncmeta quarantine handling
Fixed slapd-asyncmeta to have a default operations timeout
Fixed slapd-ldap quarantine handling
Fixed slapd-mdb deletion of context entry
Fixed slapd-mdb off-by-one affecting search scope
Fixed slapd-meta quarantine handling
Fixed slapo-accesslog to record reqNewDN for modRDN ops
Fixed slapo-pcache locking during expiration
Build
Fixed slappw-argon2 module installation
Contrib
Update ldapc++/ldaptcl to use configure.ac
Documentation
ldap_first_attribute(3) - Document ldap_get_attribute_ber
ldap_modify(3) - Delete non-existent mod_next parameter
OpenLDAP 2.5.4 Release (2021/04/29)
Initial release for "general use".
Diffstat (limited to 'databases')
33 files changed, 195 insertions, 402 deletions
diff --git a/databases/lmdb/distinfo b/databases/lmdb/distinfo index d3ccff77058..d26ee488552 100644 --- a/databases/lmdb/distinfo +++ b/databases/lmdb/distinfo @@ -1,7 +1,7 @@ -$NetBSD: distinfo,v 1.19 2021/06/14 09:04:23 adam Exp $ +$NetBSD: distinfo,v 1.20 2021/08/23 09:58:57 adam Exp $ -SHA1 (openldap-2.4.59.tgz) = b154d06bbf40fafafb34fffc4b116946d931efef -RMD160 (openldap-2.4.59.tgz) = 8374bba331c1effa3328ae1517dba388a323357e -SHA512 (openldap-2.4.59.tgz) = 233459ab446da6e107a7fc4ecd5668d6b08c11a11359ee76449550393e8f586a29b59d7ae09a050a1fca4fcf388ea61438ef60831b3ae802d92c048365ae3968 -Size (openldap-2.4.59.tgz) = 5886272 bytes +SHA1 (openldap-2.5.7.tgz) = c7cdc392a7c6006b82699f669a88597fe41820f0 +RMD160 (openldap-2.5.7.tgz) = 06be7fba0ce57c3a8ee260da244d2dc8935ea0f5 +SHA512 (openldap-2.5.7.tgz) = c849b9f9515cf458acbaef0dc21b8a53ab7b27e4288af6f69433f909f2939878c94cd641d24abc88d4351725b80829d342d446933fa5cba52cde4b9f095dcea0 +Size (openldap-2.5.7.tgz) = 6426051 bytes SHA1 (patch-libraries_liblmdb_Makefile) = 4dd8ed43169e5615b416e7e0696dd3b16e784282 diff --git a/databases/openldap-client/PLIST b/databases/openldap-client/PLIST index 0805140b960..cd88473dfcc 100644 --- a/databases/openldap-client/PLIST +++ b/databases/openldap-client/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.13 2020/08/12 08:31:13 adam Exp $ +@comment $NetBSD: PLIST,v 1.14 2021/08/23 09:58:58 adam Exp $ bin/ldapadd bin/ldapcompare bin/ldapdelete @@ -8,6 +8,7 @@ bin/ldapmodrdn bin/ldappasswd bin/ldapsearch bin/ldapurl +bin/ldapvc bin/ldapwhoami include/lber.h include/lber_types.h @@ -21,7 +22,8 @@ include/openldap.h include/slapi-plugin.h lib/liblber.la lib/libldap.la -lib/libldap_r.la +lib/pkgconfig/lber.pc +lib/pkgconfig/ldap.pc man/man1/ldapadd.1 man/man1/ldapcompare.1 man/man1/ldapdelete.1 @@ -31,6 +33,7 @@ man/man1/ldapmodrdn.1 man/man1/ldappasswd.1 man/man1/ldapsearch.1 man/man1/ldapurl.1 +man/man1/ldapvc.1 man/man1/ldapwhoami.1 man/man3/ber_alloc_t.3 man/man3/ber_bvarray_add.3 @@ -125,6 +128,7 @@ man/man3/ldap_first_entry.3 man/man3/ldap_first_message.3 man/man3/ldap_first_reference.3 man/man3/ldap_free_urldesc.3 +man/man3/ldap_get_attribute_ber.3 man/man3/ldap_get_dn.3 man/man3/ldap_get_option.3 man/man3/ldap_get_values.3 @@ -217,10 +221,10 @@ man/man3/ldap_value_free.3 man/man3/ldap_value_free_len.3 man/man5/ldap.conf.5 man/man5/ldif.5 -man/man5/slapd-bdb.5 +man/man5/lloadd.conf.5 +man/man5/slapd-asyncmeta.5 man/man5/slapd-config.5 man/man5/slapd-dnssrv.5 -man/man5/slapd-hdb.5 man/man5/slapd-ldap.5 man/man5/slapd-ldif.5 man/man5/slapd-mdb.5 @@ -231,9 +235,9 @@ man/man5/slapd-null.5 man/man5/slapd-passwd.5 man/man5/slapd-perl.5 man/man5/slapd-relay.5 -man/man5/slapd-shell.5 man/man5/slapd-sock.5 man/man5/slapd-sql.5 +man/man5/slapd-wt.5 man/man5/slapd.access.5 man/man5/slapd.backends.5 man/man5/slapd.conf.5 @@ -241,17 +245,22 @@ man/man5/slapd.overlays.5 man/man5/slapd.plugin.5 man/man5/slapo-accesslog.5 man/man5/slapo-auditlog.5 +man/man5/slapo-autoca.5 man/man5/slapo-chain.5 man/man5/slapo-collect.5 man/man5/slapo-constraint.5 man/man5/slapo-dds.5 +man/man5/slapo-deref.5 man/man5/slapo-dyngroup.5 man/man5/slapo-dynlist.5 +man/man5/slapo-homedir.5 man/man5/slapo-memberof.5 +man/man5/slapo-otp.5 man/man5/slapo-pbind.5 man/man5/slapo-pcache.5 man/man5/slapo-ppolicy.5 man/man5/slapo-refint.5 +man/man5/slapo-remoteauth.5 man/man5/slapo-retcode.5 man/man5/slapo-rwm.5 man/man5/slapo-sock.5 @@ -260,6 +269,8 @@ man/man5/slapo-syncprov.5 man/man5/slapo-translucent.5 man/man5/slapo-unique.5 man/man5/slapo-valsort.5 +man/man5/slappw-argon2.5 +man/man8/lloadd.8 man/man8/slapacl.8 man/man8/slapadd.8 man/man8/slapauth.8 @@ -267,6 +278,7 @@ man/man8/slapcat.8 man/man8/slapd.8 man/man8/slapdn.8 man/man8/slapindex.8 +man/man8/slapmodify.8 man/man8/slappasswd.8 man/man8/slapschema.8 man/man8/slaptest.8 diff --git a/databases/openldap-client/options.mk b/databases/openldap-client/options.mk index a358247b199..b0ba22b06fc 100644 --- a/databases/openldap-client/options.mk +++ b/databases/openldap-client/options.mk @@ -1,4 +1,4 @@ -# $NetBSD: options.mk,v 1.2 2012/06/12 15:45:55 wiz Exp $ +# $NetBSD: options.mk,v 1.3 2021/08/23 09:58:58 adam Exp $ PKG_OPTIONS_VAR= PKG_OPTIONS.openldap-client PKG_SUPPORTED_OPTIONS= kerberos sasl slp inet6 @@ -19,11 +19,11 @@ PKG_OPTIONS+= sasl ### SASL authentication (requires SASL2) ### .if !empty(PKG_OPTIONS:Msasl) -CONFIGURE_ARGS+= --with-cyrus-sasl +CONFIGURE_ARGS+= --with-cyrus-sasl BUILDLINK_API_DEPENDS.cyrus-sasl+= cyrus-sasl>=2.1.15 . include "../../security/cyrus-sasl/buildlink3.mk" .else -CONFIGURE_ARGS+= --without-cyrus-sasl +CONFIGURE_ARGS+= --without-cyrus-sasl .endif ### diff --git a/databases/openldap-cloak/Makefile b/databases/openldap-cloak/Makefile index f026e6a0a9e..e6affd18e6e 100644 --- a/databases/openldap-cloak/Makefile +++ b/databases/openldap-cloak/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.19 2020/02/10 15:13:06 adam Exp $ +# $NetBSD: Makefile,v 1.20 2021/08/23 09:58:58 adam Exp $ PKGNAME= ${DISTNAME:S/-/-cloak-/} COMMENT= Hide specific attributes unless explicitely requested for OpenLDAP @@ -6,8 +6,6 @@ COMMENT= Hide specific attributes unless explicitely requested for OpenLDAP CONFLICTS+= openldap<2.3.23nb1 DEPENDS+= openldap-server>=2.4.13nb1:../../databases/openldap-server -USE_LIBTOOL= yes - BUILD_DIRS= include contrib/slapd-modules/cloak INSTALLATION_DIRS= lib/openldap ${PKGMANDIR}/man5 diff --git a/databases/openldap-doc/PLIST b/databases/openldap-doc/PLIST index b4aa8c0f985..90fa766385c 100644 --- a/databases/openldap-doc/PLIST +++ b/databases/openldap-doc/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.7 2020/08/12 08:31:13 adam Exp $ +@comment $NetBSD: PLIST,v 1.8 2021/08/23 09:58:58 adam Exp $ share/doc/openldap/admin/allmail-en.png share/doc/openldap/admin/allusersgroup-en.png share/doc/openldap/admin/config_dit.png @@ -12,6 +12,7 @@ share/doc/openldap/admin/intro_dctree.png share/doc/openldap/admin/intro_tree.png share/doc/openldap/admin/ldap-sync-refreshandpersist.png share/doc/openldap/admin/ldap-sync-refreshonly.png +share/doc/openldap/admin/load-balancer-scenario.png share/doc/openldap/admin/n-way-multi-provider.png share/doc/openldap/admin/push-based-complete.png share/doc/openldap/admin/push-based-standalone.png diff --git a/databases/openldap-doc/distinfo b/databases/openldap-doc/distinfo index 2c7d6e55600..bd356c68c8b 100644 --- a/databases/openldap-doc/distinfo +++ b/databases/openldap-doc/distinfo @@ -1,6 +1,6 @@ -$NetBSD: distinfo,v 1.31 2021/06/14 09:04:23 adam Exp $ +$NetBSD: distinfo,v 1.32 2021/08/23 09:58:58 adam Exp $ -SHA1 (openldap-2.4.59.tgz) = b154d06bbf40fafafb34fffc4b116946d931efef -RMD160 (openldap-2.4.59.tgz) = 8374bba331c1effa3328ae1517dba388a323357e -SHA512 (openldap-2.4.59.tgz) = 233459ab446da6e107a7fc4ecd5668d6b08c11a11359ee76449550393e8f586a29b59d7ae09a050a1fca4fcf388ea61438ef60831b3ae802d92c048365ae3968 -Size (openldap-2.4.59.tgz) = 5886272 bytes +SHA1 (openldap-2.5.7.tgz) = c7cdc392a7c6006b82699f669a88597fe41820f0 +RMD160 (openldap-2.5.7.tgz) = 06be7fba0ce57c3a8ee260da244d2dc8935ea0f5 +SHA512 (openldap-2.5.7.tgz) = c849b9f9515cf458acbaef0dc21b8a53ab7b27e4288af6f69433f909f2939878c94cd641d24abc88d4351725b80829d342d446933fa5cba52cde4b9f095dcea0 +Size (openldap-2.5.7.tgz) = 6426051 bytes diff --git a/databases/openldap-nops/Makefile b/databases/openldap-nops/Makefile index 3219c52e93a..84fb3cb0822 100644 --- a/databases/openldap-nops/Makefile +++ b/databases/openldap-nops/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.22 2020/02/10 15:13:06 adam Exp $ +# $NetBSD: Makefile,v 1.23 2021/08/23 09:58:58 adam Exp $ PKGNAME= ${DISTNAME:S/-/-nops-/} COMMENT= Remove null-ops for OpenLDAP @@ -6,8 +6,6 @@ COMMENT= Remove null-ops for OpenLDAP CONFLICTS+= openldap<2.3.23nb1 DEPENDS+= openldap-server>=2.4.13nb1:../../databases/openldap-server -USE_LIBTOOL= yes - BUILD_DIRS= include contrib/slapd-modules/nops INSTALLATION_DIRS= lib/openldap ${PKGMANDIR}/man5 diff --git a/databases/openldap-server/Makefile b/databases/openldap-server/Makefile index 7a415b442a2..9c6fd1e23a5 100644 --- a/databases/openldap-server/Makefile +++ b/databases/openldap-server/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.58 2020/04/29 07:31:52 adam Exp $ +# $NetBSD: Makefile,v 1.59 2021/08/23 09:58:59 adam Exp $ PKGNAME= ${DISTNAME:S/-/-server-/} COMMENT= Lightweight Directory Access Protocol server suite @@ -14,7 +14,6 @@ CFLAGS.SunOS+= -D_POSIX_PTHREAD_SEMANTICS # sigwait # slapd options CONFIGURE_ARGS+= --enable-slapd CONFIGURE_ARGS+= --enable-crypt -CONFIGURE_ARGS+= --enable-wrappers # slapd backends CONFIGURE_ARGS+= --enable-dnssrv diff --git a/databases/openldap-server/PLIST b/databases/openldap-server/PLIST index a2ec83c7e08..5e434e08a70 100644 --- a/databases/openldap-server/PLIST +++ b/databases/openldap-server/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.13 2019/09/27 07:14:02 triaxx Exp $ +@comment $NetBSD: PLIST,v 1.14 2021/08/23 09:58:59 adam Exp $ ${PLIST.slapi}lib/libslapi.la libexec/slapd sbin/slapacl @@ -7,10 +7,10 @@ sbin/slapauth sbin/slapcat sbin/slapdn sbin/slapindex +sbin/slapmodify sbin/slappasswd sbin/slapschema sbin/slaptest -${PLIST.bdb}share/examples/openldap/DB_CONFIG share/examples/openldap/schema/README share/examples/openldap/schema/collective.ldif share/examples/openldap/schema/collective.schema @@ -20,6 +20,8 @@ share/examples/openldap/schema/core.ldif share/examples/openldap/schema/core.schema share/examples/openldap/schema/cosine.ldif share/examples/openldap/schema/cosine.schema +share/examples/openldap/schema/dsee.ldif +share/examples/openldap/schema/dsee.schema share/examples/openldap/schema/duaconf.ldif share/examples/openldap/schema/duaconf.schema share/examples/openldap/schema/dyngroup.ldif @@ -30,13 +32,15 @@ share/examples/openldap/schema/java.ldif share/examples/openldap/schema/java.schema share/examples/openldap/schema/misc.ldif share/examples/openldap/schema/misc.schema +share/examples/openldap/schema/msuser.ldif +share/examples/openldap/schema/msuser.schema +share/examples/openldap/schema/namedobject.ldif +share/examples/openldap/schema/namedobject.schema share/examples/openldap/schema/nis.ldif share/examples/openldap/schema/nis.schema share/examples/openldap/schema/openldap.ldif share/examples/openldap/schema/openldap.schema share/examples/openldap/schema/pmi.ldif share/examples/openldap/schema/pmi.schema -share/examples/openldap/schema/ppolicy.ldif -share/examples/openldap/schema/ppolicy.schema share/examples/openldap/slapd.conf share/examples/openldap/slapd.ldif diff --git a/databases/openldap-server/options.mk b/databases/openldap-server/options.mk index f840103173b..b08b24e02d1 100644 --- a/databases/openldap-server/options.mk +++ b/databases/openldap-server/options.mk @@ -1,30 +1,14 @@ -# $NetBSD: options.mk,v 1.24 2020/04/03 10:56:40 jperkin Exp $ +# $NetBSD: options.mk,v 1.25 2021/08/23 09:58:59 adam Exp $ PKG_OPTIONS_VAR= PKG_OPTIONS.openldap-server -PKG_SUPPORTED_OPTIONS= bdb dso inet6 sasl slapi slp smbk5pwd +PKG_SUPPORTED_OPTIONS= dso inet6 sasl slapi slp PKG_OPTIONS_OPTIONAL_GROUPS+= odbc PKG_OPTIONS_GROUP.odbc= iodbc unixodbc -PKG_SUGGESTED_OPTIONS= bdb dso inet6 +PKG_SUGGESTED_OPTIONS= dso inet6 .include "../../mk/bsd.options.mk" -PLIST_VARS+= slapi bdb - -### -### Whether to build with the Berkeley DB based slapd backends. -### -### NOTE: that option is enabled, because the openldap server needs -### to have local storage support to work as standalone. -### -.if !empty(PKG_OPTIONS:Mbdb) -BDB_ACCEPTED= db4 db5 -CONFIGURE_ARGS+= --enable-bdb --enable-hdb -PLIST.bdb= yes -TEST_TARGET= test -. include "../../mk/bdb.buildlink3.mk" -.else -CONFIGURE_ARGS+= --disable-bdb --disable-hdb -.endif +PLIST_VARS+= slapi ### ### Whether to build with iODBC to enable SQL based slapd backends @@ -77,14 +61,6 @@ CONFIGURE_ARGS+= --disable-ipv6 .endif ### -### smbk5pwd support (sync samba and kerberos passwords on password changes) -### -.if !empty(PKG_OPTIONS:Msmbk5pwd) -PKG_FAIL_REASON+= "smbk5pwd option to openldap-server is now " \ - "available through the openldap-smbk5pwd package" -.endif - -### ### Enable dynamic module support ### .if !empty(PKG_OPTIONS:Mdso) diff --git a/databases/openldap-smbk5pwd/Makefile b/databases/openldap-smbk5pwd/Makefile index c6fdb0a1e79..1c66f7a6fc1 100644 --- a/databases/openldap-smbk5pwd/Makefile +++ b/databases/openldap-smbk5pwd/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.25 2020/02/10 15:13:06 adam Exp $ +# $NetBSD: Makefile,v 1.26 2021/08/23 09:58:59 adam Exp $ PKGNAME= ${DISTNAME:S/-/-smbk5pwd-/} COMMENT= Samba and Kerberos password sync for OpenLDAP @@ -6,8 +6,6 @@ COMMENT= Samba and Kerberos password sync for OpenLDAP CONFLICTS+= openldap<2.3.23nb1 DEPENDS+= openldap-server>=2.4.13nb1:../../databases/openldap-server -USE_LIBTOOL= yes - BUILD_DIRS= include contrib/slapd-modules/smbk5pwd INSTALLATION_DIRS+= lib/openldap @@ -21,12 +19,9 @@ do-install: .include "../../databases/openldap-server/options.mk" .include "../../mk/krb5.buildlink3.mk" - .if ${KRB5_TYPE} == "heimdal" -CPPFLAGS+= -DDO_SAMBA -DDO_KRB5 +CPPFLAGS+= -DDO_KRB5 LIBS+= -lkrb5 -lkadm5srv -.else -CPPFLAGS+= -DDO_SAMBA .endif LIBS+= -L${BUILDLINK_PREFIX.openssl}/lib diff --git a/databases/openldap/Makefile b/databases/openldap/Makefile index b9d7ee19746..f2b9735e536 100644 --- a/databases/openldap/Makefile +++ b/databases/openldap/Makefile @@ -1,14 +1,11 @@ -# $NetBSD: Makefile,v 1.152 2020/02/10 15:13:06 adam Exp $ +# $NetBSD: Makefile,v 1.153 2021/08/23 09:58:58 adam Exp $ .include "../../databases/openldap/Makefile.version" -DISTNAME= openldap-${OPENLDAP_VERSION} CATEGORIES= databases MAINTAINER= adam@NetBSD.org -HOMEPAGE= https://www.openldap.org/ COMMENT= Lightweight Directory Access Protocol meta-package -LICENSE= modified-bsd META_PACKAGE= yes diff --git a/databases/openldap/Makefile.common b/databases/openldap/Makefile.common index 98489208798..d3d3ad6be64 100644 --- a/databases/openldap/Makefile.common +++ b/databases/openldap/Makefile.common @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.common,v 1.43 2019/05/02 10:59:13 jperkin Exp $ +# $NetBSD: Makefile.common,v 1.44 2021/08/23 09:58:58 adam Exp $ # # used by databases/openldap-client/Makefile # used by databases/openldap-cloak/Makefile @@ -12,16 +12,16 @@ CATEGORIES= databases MAINTAINER= adam@NetBSD.org -CONFLICTS+= ldapsdk-[0-9]* +CONFLICTS+= ldapsdk-[0-9]* -DISTINFO_FILE= ${.CURDIR}/../../databases/openldap/distinfo -PATCHDIR= ${.CURDIR}/../../databases/openldap/patches +DISTINFO_FILE= ${.CURDIR}/../../databases/openldap/distinfo +PATCHDIR= ${.CURDIR}/../../databases/openldap/patches -USE_LIBTOOL= yes -USE_TOOLS+= soelim -GNU_CONFIGURE= yes +USE_LIBTOOL= yes +USE_TOOLS+= gmake soelim +GNU_CONFIGURE= yes -MAKE_ENV+= LIBMODE=${LIBMODE} +MAKE_ENV+= LIBMODE=${LIBMODE} .include "../../mk/bsd.prefs.mk" @@ -80,7 +80,7 @@ PTHREAD_OPTS+= require CONFIGURE_ARGS+= --without-fetch .include "../../security/openssl/buildlink3.mk" -.include "../../security/tcp_wrappers/buildlink3.mk" +#.include "../../security/tcp_wrappers/buildlink3.mk" .include "../../mk/pthread.buildlink3.mk" .if ${PTHREAD_TYPE} == "native" diff --git a/databases/openldap/Makefile.version b/databases/openldap/Makefile.version index 87bc81208dd..58db2711f96 100644 --- a/databases/openldap/Makefile.version +++ b/databases/openldap/Makefile.version @@ -1,10 +1,10 @@ -# $NetBSD: Makefile.version,v 1.30 2021/06/14 09:04:23 adam Exp $ +# $NetBSD: Makefile.version,v 1.31 2021/08/23 09:58:58 adam Exp $ # used by databases/lmdb/Makefile # used by databases/openldap/Makefile # used by databases/openldap/Makefile.common # used by databases/openldap-docs/Makefile -OPENLDAP_VERSION= 2.4.59 +OPENLDAP_VERSION= 2.5.7 DISTNAME= openldap-${OPENLDAP_VERSION} MASTER_SITES= ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/ diff --git a/databases/openldap/distinfo b/databases/openldap/distinfo index fe2bed44d9d..ec902d03360 100644 --- a/databases/openldap/distinfo +++ b/databases/openldap/distinfo @@ -1,23 +1,21 @@ -$NetBSD: distinfo,v 1.124 2021/06/14 09:04:23 adam Exp $ +$NetBSD: distinfo,v 1.125 2021/08/23 09:58:58 adam Exp $ -SHA1 (openldap-2.4.59.tgz) = b154d06bbf40fafafb34fffc4b116946d931efef -RMD160 (openldap-2.4.59.tgz) = 8374bba331c1effa3328ae1517dba388a323357e -SHA512 (openldap-2.4.59.tgz) = 233459ab446da6e107a7fc4ecd5668d6b08c11a11359ee76449550393e8f586a29b59d7ae09a050a1fca4fcf388ea61438ef60831b3ae802d92c048365ae3968 -Size (openldap-2.4.59.tgz) = 5886272 bytes -SHA1 (patch-ac) = 2995c518278b363bf9657e181c2340d3024d5980 -SHA1 (patch-ad) = 24e7ec27d592dd76bdec1e4805801c5304951daf -SHA1 (patch-af) = 2e00b01bd813e73bdc1fb764a02e98d7755703de -SHA1 (patch-ag) = 380336d8b50dd6b3a277f2ea6a03eb88cc5919b8 -SHA1 (patch-ah) = 7b5a9d042df36f17bcb503372e301a0c6554af68 -SHA1 (patch-aj) = 857bbf14855d7d2a2911457bc6373d8beb69b751 -SHA1 (patch-am) = fb8f3e7699f8b2ef55c066cdc6216522c101c7f3 -SHA1 (patch-an) = 3e904d05a3e69930259329ca821d3bbf7dd54eb2 -SHA1 (patch-ao) = 4fcbbfd4d6be792392e3646123022aeaf25923e3 -SHA1 (patch-contrib_slapd-modules_cloak_Makefile) = 47c81def0c013a360acb549ed69e9042f0bc1be3 -SHA1 (patch-contrib_slapd-modules_nops_Makefile) = c51bccf34c3f3112232a134038622d31b6315628 +SHA1 (openldap-2.5.7.tgz) = c7cdc392a7c6006b82699f669a88597fe41820f0 +RMD160 (openldap-2.5.7.tgz) = 06be7fba0ce57c3a8ee260da244d2dc8935ea0f5 +SHA512 (openldap-2.5.7.tgz) = c849b9f9515cf458acbaef0dc21b8a53ab7b27e4288af6f69433f909f2939878c94cd641d24abc88d4351725b80829d342d446933fa5cba52cde4b9f095dcea0 +Size (openldap-2.5.7.tgz) = 6426051 bytes +SHA1 (patch-configure) = d17685e195dbde0fd36ddd593da1c3877bf022d9 +SHA1 (patch-contrib_slapd-modules_cloak_Makefile) = f64c16aebd1b5f6ab069fc22b785f066f0b1c143 +SHA1 (patch-contrib_slapd-modules_nops_Makefile) = 96c072cde836ea96710ddf0dc96b7f9fe78d81d8 +SHA1 (patch-contrib_slapd-modules_nops_nops.c) = 72c28de4b09cbac7e793828dfcf04820643dcbec SHA1 (patch-contrib_slapd-modules_nops_slapo-nops.5) = f32352f19361b7e9aa5b038ae8578def7c08fa47 -SHA1 (patch-da) = 75e26bd08c6e66b69192ebfbb36db974d391ec3e -SHA1 (patch-dd) = 9c74118ff0b2232bda729c9917082fceef41dd16 -SHA1 (patch-its8885) = f70666e1a44499013c93fe9bd0d8198b5bffe11c +SHA1 (patch-contrib_slapd-modules_smbk5pwd_Makefile) = a57b327bdf680fe60b58c07075a0602afeb556fa +SHA1 (patch-libraries_libldap_Makefile.in) = 2a259ca83c6f9ce0661e6ba1f91c0ca2db535695 +SHA1 (patch-libraries_libldap_cyrus.c) = 1e47cdf4b1f1cc4eef36cf40a6beec1bed167f85 +SHA1 (patch-libraries_libldap_init.c) = 884d102d7c02cf85b36635b2ac5d6925ec17420f +SHA1 (patch-libraries_libldap_ldap-int.h) = 967499db16d31cbf47deff330d97efd0a360ac7f SHA1 (patch-libraries_libldap_os-local.c) = 7cd4f8638456fae12499de0d36d7802e47d3d688 -SHA1 (patch-libraries_libldap_tls__m.c) = 91dab1dcfa6560c30093094586ea9eabf2e977b8 +SHA1 (patch-libraries_libldap_thr__posix.c) = d9e6ff44bd3885ab4a83fd5e9915e74aaace237e +SHA1 (patch-libraries_liblutil_sha1.c) = 10deca5c2f0431dd51d9137f14b5070be1264dcd +SHA1 (patch-servers_slapd_Makefile.in) = 40043fdaecac7b591b462f7af32149a93e88eaf5 +SHA1 (patch-servers_slapd_back-sql_delete.c) = 437336aed5ef7e1b8b0e53c9d9019a43eb226472 diff --git a/databases/openldap/patches/patch-ac b/databases/openldap/patches/patch-ac deleted file mode 100644 index 74ddc6d5340..00000000000 --- a/databases/openldap/patches/patch-ac +++ /dev/null @@ -1,24 +0,0 @@ -$NetBSD: patch-ac,v 1.12 2012/03/13 19:57:11 adam Exp $ - ---- libraries/libldap_r/thr_posix.c.orig 2006-05-13 11:47:50.000000000 +0200 -+++ libraries/libldap_r/thr_posix.c -@@ -19,6 +19,7 @@ - #if defined( HAVE_PTHREADS ) - - #include <ac/errno.h> -+#include <ac/unistd.h> - - #ifdef REPLACE_BROKEN_YIELD - #ifndef HAVE_NANOSLEEP -@@ -146,9 +147,11 @@ ldap_pvt_thread_create( ldap_pvt_thread_ - #endif - - #ifdef LDAP_PVT_THREAD_SET_STACK_SIZE -+#if defined(_POSIX_THREAD_ATTR_STACKSIZE) - /* this should be tunable */ - pthread_attr_setstacksize( &attr, LDAP_PVT_THREAD_STACK_SIZE ); - #endif -+#endif - - #if HAVE_PTHREADS > 5 - detach = detach ? PTHREAD_CREATE_DETACHED : PTHREAD_CREATE_JOINABLE; diff --git a/databases/openldap/patches/patch-af b/databases/openldap/patches/patch-af deleted file mode 100644 index df76794cc06..00000000000 --- a/databases/openldap/patches/patch-af +++ /dev/null @@ -1,13 +0,0 @@ -$NetBSD: patch-af,v 1.6 2012/03/13 19:57:11 adam Exp $ - ---- libraries/libldap/Makefile.in.orig 2005-05-06 12:10:22.000000000 -0400 -+++ libraries/libldap/Makefile.in -@@ -68,7 +68,7 @@ CFFILES=ldap.conf - - install-local: $(CFFILES) FORCE - -$(MKDIR) $(DESTDIR)$(libdir) -- $(LTINSTALL) $(INSTALLFLAGS) -m 644 $(LIBRARY) $(DESTDIR)$(libdir) -+ $(LTINSTALL) $(INSTALLFLAGS) -m $(LIBMODE) $(LIBRARY) $(DESTDIR)$(libdir) - $(LTFINISH) $(DESTDIR)$(libdir) - -$(MKDIR) $(DESTDIR)$(sysconfdir) - @for i in $(CFFILES); do \ diff --git a/databases/openldap/patches/patch-aj b/databases/openldap/patches/patch-aj deleted file mode 100644 index e703044c146..00000000000 --- a/databases/openldap/patches/patch-aj +++ /dev/null @@ -1,15 +0,0 @@ -$NetBSD: patch-aj,v 1.4 2012/03/13 19:57:11 adam Exp $ - ---- libraries/libldap_r/Makefile.in.orig 2008-02-12 00:26:41.000000000 +0100 -+++ libraries/libldap_r/Makefile.in -@@ -62,6 +62,10 @@ XXXLIBS = $(LTHREAD_LIBS) - NT_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS) - UNIX_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS) $(LTHREAD_LIBS) - -+AC_CFLAGS += $(PTHREAD_CFLAGS) -+AC_LDFLAGS += $(PTHREAD_LDFLAGS) -+LINK_LIBS += $(LTHREAD_LIBS) -+ - .links : Makefile - @for i in $(XXSRCS); do \ - $(RM) $$i ; \ diff --git a/databases/openldap/patches/patch-configure b/databases/openldap/patches/patch-configure new file mode 100644 index 00000000000..28fa6bee91f --- /dev/null +++ b/databases/openldap/patches/patch-configure @@ -0,0 +1,15 @@ +$NetBSD: patch-configure,v 1.1 2021/08/23 09:58:58 adam Exp $ + +Portability fix. + +--- configure.orig 2021-08-13 12:19:24.000000000 +0000 ++++ configure +@@ -22847,7 +22847,7 @@ fi + WITH_SYSTEMD=no + systemdsystemunitdir= + ol_link_systemd=no +-if test $ol_enable_slapd == no && test $ol_enable_balancer != yes ; then ++if test $ol_enable_slapd = no && test $ol_enable_balancer != yes ; then + if test $ol_with_systemd != no ; then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: servers disabled, ignoring --with-systemd=$ol_with_systemd argument" >&5 + $as_echo "$as_me: WARNING: servers disabled, ignoring --with-systemd=$ol_with_systemd argument" >&2;} diff --git a/databases/openldap/patches/patch-contrib_slapd-modules_cloak_Makefile b/databases/openldap/patches/patch-contrib_slapd-modules_cloak_Makefile index 59ac503e1fa..c2af880fb01 100644 --- a/databases/openldap/patches/patch-contrib_slapd-modules_cloak_Makefile +++ b/databases/openldap/patches/patch-contrib_slapd-modules_cloak_Makefile @@ -1,18 +1,21 @@ -$NetBSD: patch-contrib_slapd-modules_cloak_Makefile,v 1.2 2015/07/17 14:49:05 adam Exp $ +$NetBSD: patch-contrib_slapd-modules_cloak_Makefile,v 1.3 2021/08/23 09:58:58 adam Exp $ ---- contrib/slapd-modules/cloak/Makefile.orig 2015-06-21 00:19:58.000000000 +0000 +Link against external libraries. + +--- contrib/slapd-modules/cloak/Makefile.orig 2021-07-27 17:44:47.000000000 +0000 +++ contrib/slapd-modules/cloak/Makefile -@@ -3,12 +3,10 @@ +@@ -3,13 +3,11 @@ LDAP_SRC = ../../.. LDAP_BUILD = $(LDAP_SRC) LDAP_INC = -I$(LDAP_BUILD)/include -I$(LDAP_SRC)/include -I$(LDAP_SRC)/servers/slapd --LDAP_LIB = $(LDAP_BUILD)/libraries/libldap_r/libldap_r.la \ +-LDAP_LIB = $(LDAP_BUILD)/libraries/libldap/libldap.la \ - $(LDAP_BUILD)/libraries/liblber/liblber.la -+LDAP_LIB = -lldap_r -llber ++LDAP_LIB = -lldap -llber LIBTOOL = $(LDAP_BUILD)/libtool + INSTALL = /usr/bin/install -CC = gcc --OPT = -g -O2 -Wall +-OPT = -g -O2 +OPT = ${CFLAGS} ${CPPFLAGS} DEFS = -DSLAPD_OVER_CLOAK=SLAPD_MOD_DYNAMIC INCS = $(LDAP_INC) diff --git a/databases/openldap/patches/patch-contrib_slapd-modules_nops_Makefile b/databases/openldap/patches/patch-contrib_slapd-modules_nops_Makefile index 695ddcbfe43..94bc2a9127a 100644 --- a/databases/openldap/patches/patch-contrib_slapd-modules_nops_Makefile +++ b/databases/openldap/patches/patch-contrib_slapd-modules_nops_Makefile @@ -1,18 +1,21 @@ -$NetBSD: patch-contrib_slapd-modules_nops_Makefile,v 1.2 2015/07/17 14:49:05 adam Exp $ +$NetBSD: patch-contrib_slapd-modules_nops_Makefile,v 1.3 2021/08/23 09:58:58 adam Exp $ ---- contrib/slapd-modules/nops/Makefile.orig 2015-06-21 00:19:58.000000000 +0000 +Link against external libraries. + +--- contrib/slapd-modules/nops/Makefile.orig 2021-07-27 17:44:47.000000000 +0000 +++ contrib/slapd-modules/nops/Makefile -@@ -3,12 +3,10 @@ +@@ -3,13 +3,11 @@ LDAP_SRC = ../../.. LDAP_BUILD = $(LDAP_SRC) LDAP_INC = -I$(LDAP_BUILD)/include -I$(LDAP_SRC)/include -I$(LDAP_SRC)/servers/slapd --LDAP_LIB = $(LDAP_BUILD)/libraries/libldap_r/libldap_r.la \ +-LDAP_LIB = $(LDAP_BUILD)/libraries/libldap/libldap.la \ - $(LDAP_BUILD)/libraries/liblber/liblber.la -+LDAP_LIB = -lldap_r -llber ++LDAP_LIB = -lldap -llber LIBTOOL = $(LDAP_BUILD)/libtool + INSTALL = /usr/bin/install -CC = gcc --OPT = -g -O2 -Wall +-OPT = -g -O2 +OPT = ${CFLAGS} ${CPPFLAGS} DEFS = -DSLAPD_OVER_NOPS=SLAPD_MOD_DYNAMIC INCS = $(LDAP_INC) diff --git a/databases/openldap/patches/patch-dd b/databases/openldap/patches/patch-contrib_slapd-modules_nops_nops.c index 7ebce567438..6ab71fb3cf0 100644 --- a/databases/openldap/patches/patch-dd +++ b/databases/openldap/patches/patch-contrib_slapd-modules_nops_nops.c @@ -1,6 +1,6 @@ -$NetBSD: patch-dd,v 1.3 2012/03/13 19:57:11 adam Exp $ +$NetBSD: patch-contrib_slapd-modules_nops_nops.c,v 1.1 2021/08/23 09:58:58 adam Exp $ ---- contrib/slapd-modules/nops/nops.c.orig 2009-04-28 02:51:12.000000000 +0200 +--- contrib/slapd-modules/nops/nops.c.orig 2021-07-27 17:44:47.000000000 +0000 +++ contrib/slapd-modules/nops/nops.c @@ -69,10 +69,15 @@ nops_modify( Operation *op, SlapReply *r int rc; diff --git a/databases/openldap/patches/patch-da b/databases/openldap/patches/patch-contrib_slapd-modules_smbk5pwd_Makefile index 300a66be1ce..2735a1481f4 100644 --- a/databases/openldap/patches/patch-da +++ b/databases/openldap/patches/patch-contrib_slapd-modules_smbk5pwd_Makefile @@ -1,30 +1,34 @@ -$NetBSD: patch-da,v 1.8 2015/07/17 14:49:05 adam Exp $ +$NetBSD: patch-contrib_slapd-modules_smbk5pwd_Makefile,v 1.1 2021/08/23 09:58:58 adam Exp $ ---- contrib/slapd-modules/smbk5pwd/Makefile.orig 2015-06-21 00:19:58.000000000 +0000 +Link against external libraries. +Take build options from PkgSrc. + +--- contrib/slapd-modules/smbk5pwd/Makefile.orig 2021-08-18 17:11:41.000000000 +0000 +++ contrib/slapd-modules/smbk5pwd/Makefile @@ -15,8 +15,7 @@ LDAP_SRC = ../../.. LDAP_BUILD = $(LDAP_SRC) LDAP_INC = -I$(LDAP_BUILD)/include -I$(LDAP_SRC)/include -I$(LDAP_SRC)/servers/slapd --LDAP_LIB = $(LDAP_BUILD)/libraries/libldap_r/libldap_r.la \ +-LDAP_LIB = $(LDAP_BUILD)/libraries/libldap/libldap.la \ - $(LDAP_BUILD)/libraries/liblber/liblber.la -+LDAP_LIB = -lldap_r -llber ++LDAP_LIB = -lldap -llber SSL_INC = SSL_LIB = -lcrypto -@@ -25,12 +24,10 @@ HEIMDAL_INC = -I/usr/heimdal/include - HEIMDAL_LIB = -L/usr/heimdal/lib -lkrb5 -lkadm5srv +@@ -26,12 +25,11 @@ HEIMDAL_LIB = -L/usr/heimdal/lib -lkrb5 LIBTOOL = $(LDAP_BUILD)/libtool + INSTALL = /usr/bin/install -CC = gcc --OPT = -g -O2 -Wall +-OPT = -g -O2 +OPT = ${CFLAGS} ${CPPFLAGS} # Omit DO_KRB5, DO_SAMBA or DO_SHADOW if you don't want to support it. -DEFS = -DDO_KRB5 -DDO_SAMBA -DDO_SHADOW -INCS = $(LDAP_INC) $(HEIMDAL_INC) $(SSL_INC) -LIBS = $(LDAP_LIB) $(HEIMDAL_LIB) $(SSL_LIB) ++DEFS = -DDO_SAMBA +INCS = $(LDAP_INC) $(SSL_INC) +LIBS = $(LDAP_LIB) $(SSL_LIB) ${EXTRA_LIBS} PROGRAMS = smbk5pwd.la - LTVER = 0:0:0 + MANPAGES = slapo-smbk5pwd.5 diff --git a/databases/openldap/patches/patch-its8885 b/databases/openldap/patches/patch-its8885 deleted file mode 100644 index f1fe5ab00a2..00000000000 --- a/databases/openldap/patches/patch-its8885 +++ /dev/null @@ -1,157 +0,0 @@ -$NetBSD: patch-its8885,v 1.1 2018/07/31 12:39:52 manu Exp $ - -Add a configure test for hdb_generate_key_set_password() prototype - -From upstream ITS #8885 - -contrib/slapd-modules/smbk5pwd uses hdb_generate_key_set_password() from -Heimdal, which was shortly turned from a 5 arguments function to a 7 arguments -function before the prototype change was rolled back to address API -incompatibility. - -Unfortunately, the 7 arguments hdb_generate_key_set_password() made it into -released NetBSD 8.0, causing a build break in contrib/slapd-modules/smbk5pwd. - -This change adds a configure test for 7 arguments prototype so that -contrib/slapd-modules/smbk5pwd build again on NetBSD 8.0, and other OS that -would include the 7 arguments hdb_generate_key_set_password(). - ---- build/openldap.m4.orig 2018-03-22 16:44:27.000000000 +0100 -+++ build/openldap.m4 2018-07-30 03:50:36.291294379 +0200 -@@ -1141,4 +1141,27 @@ - char *__ssl_compat = "0.9.7d"; - #endif - ], [ol_cv_ssl_crl_compat=yes], [ol_cv_ssl_crl_compat=no])]) - ]) -+dnl ==================================================================== -+dnl check for db_generate_key_set_password prototype -+AC_DEFUN([OL_HDB_GENERATE_KEY_SET_PASSWORD], -+[AC_CACHE_CHECK([if hdb_generate_key_set_password requires 7 arguments], -+ [ol_cv_hdb_generate_key_set_password_7_args],[ -+ AC_COMPILE_IFELSE([ -+ AC_LANG_PROGRAM([ -+ #include "krb5/krb5.h" -+ #include "krb5/hdb.h" -+ ],[ -+ (void)hdb_generate_key_set_password( -+ NULL, /* context */ -+ NULL, /* principal */ -+ NULL, /* password */ -+ NULL, /* ks_tuple */ -+ 0, /* n_ks_tuple */ -+ NULL, /* keys */ -+ 0 /* num_keys */ -+ ); -+ ])], -+ [ol_cv_hdb_generate_key_set_password_7_args=yes], -+ [ol_cv_hdb_generate_key_set_password_7_args=no])]) -+]) ---- include/portable.hin.orig 2018-03-22 16:44:27.000000000 +0100 -+++ include/portable.hin 2018-07-30 03:50:36.309332999 +0200 -@@ -399,8 +399,11 @@ - - /* Define to 1 if you have the <openssl/ssl.h> header file. */ - #undef HAVE_OPENSSL_SSL_H - -+/* Define to 1 if hdb_generate_key_set_password needs 7 arguments */ -+#undef HAVE_HDB_GENERATE_KEY_SET_PASSWORD_7_ARGS -+ - /* Define to 1 if you have the `pipe' function. */ - #undef HAVE_PIPE - - /* Define to 1 if you have the `poll' function. */ ---- contrib/slapd-modules/smbk5pwd/smbk5pwd.c.orig 2018-03-22 16:44:27.000000000 +0100 -+++ contrib/slapd-modules/smbk5pwd/smbk5pwd.c 2018-07-30 03:50:36.307164222 +0200 -@@ -462,10 +462,15 @@ - "dn=\"%s\" missing krb5KeyVersionNumber\n", - op->o_log_prefix, e->e_name.bv_val, 0 ); - } - -+#ifdef HAVE_HDB_GENERATE_KEY_SET_PASSWORD_7_ARGS -+ ret = hdb_generate_key_set_password(context, ent.principal, -+ qpw->rs_new.bv_val, NULL, 0, &ent.keys.val, &nkeys); -+#else - ret = hdb_generate_key_set_password(context, ent.principal, - qpw->rs_new.bv_val, &ent.keys.val, &nkeys); -+#endif - ent.keys.len = nkeys; - hdb_seal_keys(context, db, &ent); - krb5_free_principal( context, ent.principal ); - ---- configure.orig 2018-03-22 16:44:27.000000000 +0100 -+++ configure 2018-07-30 03:50:36.300456664 +0200 -@@ -15815,8 +15815,55 @@ - $as_echo "#define SLAPD_LMHASH 1" >>confdefs.h - - fi - -+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if hdb_generate_key_set_password requires 7 arguments" >&5 -+$as_echo_n "checking if hdb_generate_key_set_password requires 7 arguments... " >&6; } -+if test "${ol_cv_hdb_generate_key_set_password_7_args+set}" = set; then : -+ $as_echo_n "(cached) " >&6 -+else -+ -+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext -+/* end confdefs.h. */ -+ -+ -+ #include "krb5/krb5.h" -+ #include "krb5/hdb.h" -+ -+int -+main () -+{ -+ -+ (void)hdb_generate_key_set_password( -+ NULL, /* context */ -+ NULL, /* principal */ -+ NULL, /* password */ -+ NULL, /* ks_tuple */ -+ 0, /* n_ks_tuple */ -+ NULL, /* keys */ -+ 0 /* num_keys */ -+ ); -+ -+ ; -+ return 0; -+} -+_ACEOF -+if ac_fn_c_try_compile "$LINENO"; then : -+ ol_cv_hdb_generate_key_set_password_7_args=yes -+else -+ ol_cv_hdb_generate_key_set_password_7_args=no -+fi -+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -+fi -+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ol_cv_hdb_generate_key_set_password_7_args" >&5 -+$as_echo "$ol_cv_hdb_generate_key_set_password_7_args" >&6; } -+ -+if test $ol_cv_hdb_generate_key_set_password_7_args = yes ; then -+ -+$as_echo "#define HAVE_HDB_GENERATE_KEY_SET_PASSWORD_7_ARGS 1" >>confdefs.h -+ -+fi -+ - ol_link_threads=no - - case $ol_with_threads in auto | yes | nt) - ---- configure.in.orig 2018-03-22 16:44:27.000000000 +0100 -+++ configure.in 2018-07-30 03:54:41.886303506 +0200 -@@ -1279,8 +1279,16 @@ - AC_DEFINE(SLAPD_LMHASH, 1, [define to support LAN Manager passwords]) - fi - - dnl ---------------------------------------------------------------- -+dnl hdb_generate_key_set_password prototype -+OL_HDB_GENERATE_KEY_SET_PASSWORD -+if test $ol_cv_hdb_generate_key_set_password_7_args = yes ; then -+ AC_DEFINE(HAVE_HDB_GENERATE_KEY_SET_PASSWORD_7_ARGS, 1, -+ [define if hdb_generate_key_set_password needs 7 arguments]) -+fi -+ -+dnl ---------------------------------------------------------------- - dnl Threads? - ol_link_threads=no - - case $ol_with_threads in auto | yes | nt) diff --git a/databases/openldap/patches/patch-libraries_libldap_Makefile.in b/databases/openldap/patches/patch-libraries_libldap_Makefile.in new file mode 100644 index 00000000000..5288a760f68 --- /dev/null +++ b/databases/openldap/patches/patch-libraries_libldap_Makefile.in @@ -0,0 +1,15 @@ +$NetBSD: patch-libraries_libldap_Makefile.in,v 1.1 2021/08/23 09:58:58 adam Exp $ + +--- libraries/libldap/Makefile.in.orig 2021-08-13 12:05:43.000000000 +0000 ++++ libraries/libldap/Makefile.in +@@ -62,6 +62,10 @@ ifneq (,$(OL_VERSIONED_SYMBOLS)) + SYMBOL_VERSION_FLAGS=$(OL_VERSIONED_SYMBOLS)$(LDAP_LIBDIR)/libldap/libldap.vers + endif + ++AC_CFLAGS += $(PTHREAD_CFLAGS) ++AC_LDFLAGS += $(PTHREAD_LDFLAGS) ++LINK_LIBS += $(LTHREAD_LIBS) ++ + apitest: $(XLIBS) apitest.o + $(LTLINK) -o $@ apitest.o $(LIBS) + dntest: $(XLIBS) dntest.o diff --git a/databases/openldap/patches/patch-am b/databases/openldap/patches/patch-libraries_libldap_cyrus.c index ff830b2de23..244d50b2a7b 100644 --- a/databases/openldap/patches/patch-am +++ b/databases/openldap/patches/patch-libraries_libldap_cyrus.c @@ -1,8 +1,8 @@ -$NetBSD: patch-am,v 1.7 2012/03/13 19:57:11 adam Exp $ +$NetBSD: patch-libraries_libldap_cyrus.c,v 1.1 2021/08/23 09:58:58 adam Exp $ ---- libraries/libldap/cyrus.c.orig 2012-02-29 17:37:09.000000000 +0000 +--- libraries/libldap/cyrus.c.orig 2021-07-27 17:44:47.000000000 +0000 +++ libraries/libldap/cyrus.c -@@ -680,7 +680,7 @@ ldap_int_sasl_external( +@@ -767,7 +767,7 @@ ldap_int_sasl_external( LDAP *ld, LDAPConn *conn, const char * authid, @@ -11,7 +11,7 @@ $NetBSD: patch-am,v 1.7 2012/03/13 19:57:11 adam Exp $ { int sc; sasl_conn_t *ctx; -@@ -824,6 +824,7 @@ int ldap_pvt_sasl_secprops( +@@ -911,6 +911,7 @@ int ldap_pvt_sasl_secprops( char **props; unsigned sflags = 0; int got_sflags = 0; @@ -19,7 +19,7 @@ $NetBSD: patch-am,v 1.7 2012/03/13 19:57:11 adam Exp $ sasl_ssf_t max_ssf = 0; int got_max_ssf = 0; sasl_ssf_t min_ssf = 0; -@@ -854,9 +855,9 @@ int ldap_pvt_sasl_secprops( +@@ -941,9 +942,9 @@ int ldap_pvt_sasl_secprops( if ( next == &props[i][sprops[j].key.bv_len] || next[0] != '\0' ) continue; switch( sprops[j].ival ) { case GOT_MINSSF: @@ -31,7 +31,7 @@ $NetBSD: patch-am,v 1.7 2012/03/13 19:57:11 adam Exp $ case GOT_MAXBUF: maxbufsize = v; got_maxbufsize++; break; } -@@ -960,7 +961,7 @@ ldap_int_sasl_get_option( LDAP *ld, int +@@ -1053,7 +1054,7 @@ ldap_int_sasl_get_option( LDAP *ld, int return -1; } @@ -40,7 +40,7 @@ $NetBSD: patch-am,v 1.7 2012/03/13 19:57:11 adam Exp $ } break; case LDAP_OPT_X_SASL_SSF_EXTERNAL: -@@ -968,13 +969,13 @@ ldap_int_sasl_get_option( LDAP *ld, int +@@ -1061,13 +1062,13 @@ ldap_int_sasl_get_option( LDAP *ld, int return -1; case LDAP_OPT_X_SASL_SSF_MIN: @@ -57,7 +57,7 @@ $NetBSD: patch-am,v 1.7 2012/03/13 19:57:11 adam Exp $ break; case LDAP_OPT_X_SASL_NOCANON: *(int *)arg = (int) LDAP_BOOL_GET(&ld->ld_options, LDAP_BOOL_SASL_NOCANON ); -@@ -1074,7 +1075,7 @@ ldap_int_sasl_set_option( LDAP *ld, int +@@ -1171,7 +1172,7 @@ ldap_int_sasl_set_option( LDAP *ld, int #else memset(&extprops, 0L, sizeof(extprops)); @@ -66,7 +66,7 @@ $NetBSD: patch-am,v 1.7 2012/03/13 19:57:11 adam Exp $ sc = sasl_setprop( ctx, SASL_SSF_EXTERNAL, (void *) &extprops ); -@@ -1086,13 +1087,13 @@ ldap_int_sasl_set_option( LDAP *ld, int +@@ -1183,13 +1184,13 @@ ldap_int_sasl_set_option( LDAP *ld, int } break; case LDAP_OPT_X_SASL_SSF_MIN: @@ -83,7 +83,7 @@ $NetBSD: patch-am,v 1.7 2012/03/13 19:57:11 adam Exp $ break; case LDAP_OPT_X_SASL_NOCANON: if ( arg == LDAP_OPT_OFF ) { -@@ -1220,7 +1221,7 @@ ldap_int_sasl_external( +@@ -1329,7 +1330,7 @@ ldap_int_sasl_external( LDAP *ld, LDAPConn *conn, const char * authid, diff --git a/databases/openldap/patches/patch-ah b/databases/openldap/patches/patch-libraries_libldap_init.c index df477b4ea8f..d52c5ad2390 100644 --- a/databases/openldap/patches/patch-ah +++ b/databases/openldap/patches/patch-libraries_libldap_init.c @@ -1,8 +1,8 @@ -$NetBSD: patch-ah,v 1.10 2012/10/13 11:47:19 adam Exp $ +$NetBSD: patch-libraries_libldap_init.c,v 1.1 2021/08/23 09:58:58 adam Exp $ ---- libraries/libldap/init.c.orig 2012-10-10 12:18:49.000000000 +0000 +--- libraries/libldap/init.c.orig 2021-07-27 17:44:47.000000000 +0000 +++ libraries/libldap/init.c -@@ -643,7 +643,11 @@ void ldap_int_initialize( struct ldapopt +@@ -691,7 +691,11 @@ void ldap_int_initialize( struct ldapopt #if defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL) LDAP_MUTEX_LOCK( &ldap_int_hostname_mutex ); { diff --git a/databases/openldap/patches/patch-an b/databases/openldap/patches/patch-libraries_libldap_ldap-int.h index 23d34c324ac..d681aad8b9d 100644 --- a/databases/openldap/patches/patch-an +++ b/databases/openldap/patches/patch-libraries_libldap_ldap-int.h @@ -1,8 +1,8 @@ -$NetBSD: patch-an,v 1.5 2012/08/06 13:33:38 adam Exp $ +$NetBSD: patch-libraries_libldap_ldap-int.h,v 1.1 2021/08/23 09:58:58 adam Exp $ ---- libraries/libldap/ldap-int.h.orig 2005-10-11 21:10:47.000000000 -0400 +--- libraries/libldap/ldap-int.h.orig 2021-07-27 17:44:47.000000000 +0000 +++ libraries/libldap/ldap-int.h -@@ -743,7 +743,7 @@ LDAP_F (int) ldap_int_sasl_close LDAP_P( +@@ -866,7 +866,7 @@ LDAP_F (int) ldap_int_sasl_close LDAP_P( LDAP_F (int) ldap_int_sasl_external LDAP_P(( LDAP *ld, LDAPConn *conn, diff --git a/databases/openldap/patches/patch-libraries_libldap_thr__posix.c b/databases/openldap/patches/patch-libraries_libldap_thr__posix.c new file mode 100644 index 00000000000..6a968c1dbf8 --- /dev/null +++ b/databases/openldap/patches/patch-libraries_libldap_thr__posix.c @@ -0,0 +1,28 @@ +$NetBSD: patch-libraries_libldap_thr__posix.c,v 1.1 2021/08/23 09:58:58 adam Exp $ + +Fix for systems lacking pthread_attr_setstacksize(). + +--- libraries/libldap/thr_posix.c.orig 2021-07-27 17:44:47.000000000 +0000 ++++ libraries/libldap/thr_posix.c +@@ -25,6 +25,7 @@ + #endif + + #include <ac/errno.h> ++#include <ac/unistd.h> + + #ifdef REPLACE_BROKEN_YIELD + #ifndef HAVE_NANOSLEEP +@@ -161,11 +162,13 @@ ldap_pvt_thread_create( ldap_pvt_thread_ + #endif + + #ifdef LDAP_PVT_THREAD_SET_STACK_SIZE ++#ifdef _POSIX_THREAD_ATTR_STACKSIZE + /* this should be tunable */ + pthread_attr_setstacksize( &attr, LDAP_PVT_THREAD_STACK_SIZE ); + if ( ldap_int_stackguard ) + pthread_attr_setguardsize( &attr, LDAP_PVT_THREAD_STACK_SIZE ); + #endif ++#endif + + #if HAVE_PTHREADS > 5 + detach = detach ? PTHREAD_CREATE_DETACHED : PTHREAD_CREATE_JOINABLE; diff --git a/databases/openldap/patches/patch-libraries_libldap_tls__m.c b/databases/openldap/patches/patch-libraries_libldap_tls__m.c deleted file mode 100644 index c213793555d..00000000000 --- a/databases/openldap/patches/patch-libraries_libldap_tls__m.c +++ /dev/null @@ -1,44 +0,0 @@ -$NetBSD: patch-libraries_libldap_tls__m.c,v 1.1 2016/12/13 10:38:06 he Exp $ - -Incorrect multi-keyword mode cipherstring parsing. -Lifted from https://bugzilla.redhat.com/show_bug.cgi?id=1238322 -Fixes CVE-2015-3276. -Submitted upstream as ITS#8543 -http://www.openldap.org/its/index.cgi/Incoming?id=8543 - ---- libraries/libldap/tls_m.c.orig 2016-02-05 23:57:45.000000000 +0000 -+++ libraries/libldap/tls_m.c -@@ -621,17 +621,23 @@ nss_parse_ciphers(const char *cipherstr, - */ - if (mask || strength || protocol) { - for (i=0; i<ciphernum; i++) { -- if (((ciphers_def[i].attr & mask) || -- (ciphers_def[i].strength & strength) || -- (ciphers_def[i].version & protocol)) && -- (cipher_list[i] != -1)) { -- /* Enable the NULL ciphers only if explicity -- * requested */ -- if (ciphers_def[i].attr & SSL_eNULL) { -- if (mask & SSL_eNULL) -- cipher_list[i] = action; -- } else -+ /* if more than one mask is provided -+ * then AND logic applies (to match openssl) -+ */ -+ if ( cipher_list[i] == -1) ) -+ continue; -+ if ( mask && ! (ciphers_def[i].attr & mask) ) -+ continue; -+ if ( strength && ! (ciphers_def[i].strength & strength) ) -+ continue; -+ if ( protocol && ! (ciphers_def[i].version & protocol) ) -+ continue; -+ /* Enable the NULL ciphers only if explicity requested */ -+ if (ciphers_def[i].attr & SSL_eNULL) { -+ if (mask & SSL_eNULL) - cipher_list[i] = action; -+ } else -+ cipher_list[i] = action; - } - } - } else { diff --git a/databases/openldap/patches/patch-ad b/databases/openldap/patches/patch-libraries_liblutil_sha1.c index cd94e4faced..99c073e3289 100644 --- a/databases/openldap/patches/patch-ad +++ b/databases/openldap/patches/patch-libraries_liblutil_sha1.c @@ -1,6 +1,6 @@ -$NetBSD: patch-ad,v 1.7 2006/05/18 05:14:11 taca Exp $ +$NetBSD: patch-libraries_liblutil_sha1.c,v 1.1 2021/08/23 09:58:58 adam Exp $ ---- libraries/liblutil/sha1.c.orig 2006-01-04 07:16:11.000000000 +0900 +--- libraries/liblutil/sha1.c.orig 2021-07-27 17:44:47.000000000 +0000 +++ libraries/liblutil/sha1.c @@ -50,10 +50,16 @@ #define SHA1HANDSOFF /* Copies data before messing with it. */ diff --git a/databases/openldap/patches/patch-ag b/databases/openldap/patches/patch-servers_slapd_Makefile.in index a2cabc6eabc..546ee8a6e3f 100644 --- a/databases/openldap/patches/patch-ag +++ b/databases/openldap/patches/patch-servers_slapd_Makefile.in @@ -1,9 +1,9 @@ -$NetBSD: patch-ag,v 1.8 2017/06/02 08:29:56 adam Exp $ +$NetBSD: patch-servers_slapd_Makefile.in,v 1.1 2021/08/23 09:58:58 adam Exp $ slapd must be installed unstripped: on some platorms (Darwin) tcp_wrappers' variable called "allow_severity" must not be stripped away. ---- servers/slapd/Makefile.in.orig 2016-02-05 23:57:45.000000000 +0000 +--- servers/slapd/Makefile.in.orig 2021-07-27 17:44:47.000000000 +0000 +++ servers/slapd/Makefile.in @@ -76,6 +76,10 @@ XLIBS = $(SLAPD_STATIC_DEPENDS) $(SLAPD_ XXLIBS = $(SLAPD_LIBS) $(SECURITY_LIBS) $(LUTIL_LIBS) @@ -16,16 +16,16 @@ slapd must be installed unstripped: on some platorms (Darwin) tcp_wrappers' BUILD_OPT = "--enable-slapd" BUILD_SRV = @BUILD_SLAPD@ -@@ -378,7 +382,7 @@ install-local-srv: install-slapd install +@@ -375,7 +379,7 @@ install-local-srv: install-slapd install install-slapd: FORCE -$(MKDIR) $(DESTDIR)$(libexecdir) -$(MKDIR) $(DESTDIR)$(localstatedir)/run -- $(LTINSTALL) $(INSTALLFLAGS) $(STRIP) -m 755 \ +- $(LTINSTALL) $(INSTALLFLAGS) $(STRIP_OPTS) -m 755 \ + $(LTINSTALL) $(INSTALLFLAGS) -m 755 \ slapd$(EXEEXT) $(DESTDIR)$(libexecdir) @for i in $(SUBDIRS); do \ if test -d $$i && test -f $$i/Makefile ; then \ -@@ -447,9 +451,7 @@ install-db-config: FORCE +@@ -454,9 +458,7 @@ install-db-config: FORCE @-$(MKDIR) $(DESTDIR)$(localstatedir) $(DESTDIR)$(sysconfdir) @-$(INSTALL) -m 700 -d $(DESTDIR)$(localstatedir)/openldap-data $(INSTALL) $(INSTALLFLAGS) -m 600 $(srcdir)/DB_CONFIG \ diff --git a/databases/openldap/patches/patch-ao b/databases/openldap/patches/patch-servers_slapd_back-sql_delete.c index 264ccbe46c7..236dbdc0ac7 100644 --- a/databases/openldap/patches/patch-ao +++ b/databases/openldap/patches/patch-servers_slapd_back-sql_delete.c @@ -1,11 +1,11 @@ -$NetBSD: patch-ao,v 1.2 2012/03/13 19:57:11 adam Exp $ +$NetBSD: patch-servers_slapd_back-sql_delete.c,v 1.1 2021/08/23 09:58:58 adam Exp $ SQL_NO_DATA is called SQL_NO_DATA_FOUND in ODBC versions >= 3.0, as provided by databases/iodbc and databases/unixodbc. ---- servers/slapd/back-sql/delete.c.orig 2005-08-09 23:04:06.000000000 +0200 +--- servers/slapd/back-sql/delete.c.orig 2021-07-27 17:44:47.000000000 +0000 +++ servers/slapd/back-sql/delete.c -@@ -209,7 +209,7 @@ backsql_delete( Operation *op, SlapReply +@@ -207,7 +207,7 @@ backsql_delete_int( rc = SQLExecute( sth ); switch ( rc ) { |