openldap: updated to 2.4.48

OpenLDAP 2.4.48 Added libldap OpenSSL Elliptic Curve support Added libldap Expose OpenLDAP specific interfaces via openldap.h Added slapd-monitor support for slapd-mdb Fixed liblber leaks Fixed liblber with partial flush Fixed libldap ASYNC TLS so it works Fixed libldap ASYNC connections with Solaris 10 Fixed libldap with SASL_NOCANON=on and ldapi connections Fixed libldap to be able to unset syncrepl TLS options Fixed libldap race condition in ldap_int_initialize Fixed libldap return code in ldap_create_assertion_control_value Fixed libldap to correctly disable IPv6 when configured to do so Fixed libldap to correctly close TLS connection Fixed libldap_r handling of deprecated OpenSSL function Fixed liblunicode case correspondance Fixed slapd with an idletimeout of less than four seconds Fixed slapd config parser variable for Windows64 Fixed slapd syncrepl fallback handling with delta-syncrepl Fixed slapd telephoneNumberNormalize, cert DN validation Fixed slapd syncrepl for relax with delta-syncrepl Fixed slapd to restrict rootDN proxyauthz to its own databases Fixed slapd to initialize SASL SSF per connection Fixed slapo-accesslog with SLAP_MOD_SOFT modifications Fixed slapd-ldap starttls connections timeout behavior Fixed slapd-ldap segfault when entry result doesn't match filter Fixed slapd-meta conversion from slapd.conf to cn=config Fixed slapd-meta assertion when network interface goes down Fixed slapd-mdb fix bitshift integer overflow Fixed slapd-mdb index cleanup with cn=config Fixed slapd-mdb to improve performance with alias deref Fixed slapo-accesslog possible assert with exops Fixed slapo-chain to correctly reject multiple chaining URIs Fixed slapo-chain conversion from slapd.conf to cn=config Fixed slapo-memberof conversion from slapd.conf to cn=config Fixed slapo-memberof for group name change to itself Fixed slapo-ppolicy behavior when pwdInHistory is changed Fixed slapo-rwm to not free original filter Fixed slapo-syncprov contextCSN generation Build Environment Fixed slapd to only link to BDB libraries with static build Fixed libldap implicit declaration with LDAP_CONNECTIONLESS Fixed libldap double inclusion of limits.h in cyrus.c Documentation General - Fixed minor typos admin24 - Miscellaneous updates promoting mdb and fixing examples slapd.access(5) - Note MDB is the primary backend slapd.backends(5) - Note MDB is the recommended backend slapd-ldap(5) - Document starttls parameter Contrib Added slapo-lastbind capability to forward authTimestamp updates
author: adam <adam@pkgsrc.org> 2019-08-03 06:46:52 +0000
committer: adam <adam@pkgsrc.org> 2019-08-03 06:46:52 +0000
commit: c07fd4d8f6272b698ecfecb668661343d333ec18 (patch)
tree: 8e99321aa94d499058b8ddc5e1996e188063a132 /databases
parent: c83cb60b945cfb71e1db75008bc888f54778f436 (diff)
download: pkgsrc-c07fd4d8f6272b698ecfecb668661343d333ec18.tar.gz
8 files changed, 23 insertions, 274 deletions
diff --git a/databases/lmdb/Makefile b/databases/lmdb/Makefile
index d91bc28f27e..dd7b99bc11f 100644
--- a/databases/lmdb/Makefile
+++ b/databases/lmdb/Makefile
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.8 2018/12/20 17:55:24 adam Exp $
+# $NetBSD: Makefile,v 1.9 2019/08/03 06:46:52 adam Exp $
 
 .include "../../databases/openldap/Makefile.version"
 
 # get the version from libraries/liblmdb/lmdb.h
-PKGNAME=	lmdb-0.9.23
+PKGNAME=	lmdb-0.9.24
 CATEGORIES=	databases
 
 MAINTAINER=	pkgsrc-users@NetBSD.org
@@ -25,7 +25,7 @@ INSTALLATION_DIRS+=	${PKGMANDIR}/man1
 TEST_TARGET=		test
 
 .include "../../mk/bsd.prefs.mk"
-.if "${OPSYS}" == "Darwin"
+.if ${OPSYS} == "Darwin"
 MAKE_FLAGS+=		SOEXT=.dylib
 MAKE_FLAGS+=		SOLIBS=-install_name\ ${PREFIX}/lib/liblmdb.dylib
 .endif
diff --git a/databases/lmdb/distinfo b/databases/lmdb/distinfo
index eee5949079e..fb9614a9d62 100644
--- a/databases/lmdb/distinfo
+++ b/databases/lmdb/distinfo
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.6 2018/12/20 17:55:24 adam Exp $
+$NetBSD: distinfo,v 1.7 2019/08/03 06:46:52 adam Exp $
 
-SHA1 (openldap-2.4.47.tgz) = c59d52dd75f7d1c7b02f83725da36c322d439674
-RMD160 (openldap-2.4.47.tgz) = c228e5d55019c90aaeceeda32980e52cd7a0a4a6
-SHA512 (openldap-2.4.47.tgz) = d424079e34207e3d24383a2bea70a07ded40714982a6767174d2b2cb208cd94feab5ef12157accae915b8e404e5773a7547aaef65f06b44dc3cc09c6a64d5a11
-Size (openldap-2.4.47.tgz) = 5699678 bytes
+SHA1 (openldap-2.4.48.tgz) = c1984e80f6db038b317bf931866adb38e5537dcd
+RMD160 (openldap-2.4.48.tgz) = c91aa87634856d84386d2d8498b647ea2b1b7521
+SHA512 (openldap-2.4.48.tgz) = cf694a415be0bd55cc7f606099da2ed461748efd276561944cd29d7f5a8252a9be799d8778fac2d4fa9f382731eb4ca48c6b85630cb58a3b8249843561ae8feb
+Size (openldap-2.4.48.tgz) = 5704883 bytes
 SHA1 (patch-libraries_liblmdb_Makefile) = 6b2f0bb477b17b073095d499ff4496f3b30dc08f
diff --git a/databases/openldap-client/Makefile b/databases/openldap-client/Makefile
index 0be234720aa..8868656ca0c 100644
--- a/databases/openldap-client/Makefile
+++ b/databases/openldap-client/Makefile
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.27 2019/05/02 10:59:13 jperkin Exp $
+# $NetBSD: Makefile,v 1.28 2019/08/03 06:46:52 adam Exp $
 
 PKGNAME=	${DISTNAME:S/-/-client-/}
-PKGREVISION=	1
 COMMENT=	Lightweight Directory Access Protocol libraries and client programs
 
 CONFLICTS+=		openldap<2.3.23nb1
diff --git a/databases/openldap-client/PLIST b/databases/openldap-client/PLIST
index d6431166d18..a38ca3ab9ba 100644
--- a/databases/openldap-client/PLIST
+++ b/databases/openldap-client/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.11 2018/04/02 13:40:44 adam Exp $
+@comment $NetBSD: PLIST,v 1.12 2019/08/03 06:46:52 adam Exp $
 bin/ldapadd
 bin/ldapcompare
 bin/ldapdelete
@@ -17,6 +17,7 @@ include/ldap_features.h
 include/ldap_schema.h
 include/ldap_utf8.h
 include/ldif.h
+include/openldap.h
 include/slapi-plugin.h
 lib/liblber.la
 lib/libldap.la
diff --git a/databases/openldap-doc/distinfo b/databases/openldap-doc/distinfo
index 43ccca0a794..aab3cd06612 100644
--- a/databases/openldap-doc/distinfo
+++ b/databases/openldap-doc/distinfo
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.19 2018/12/20 17:54:09 adam Exp $
+$NetBSD: distinfo,v 1.20 2019/08/03 06:46:52 adam Exp $
 
-SHA1 (openldap-2.4.47.tgz) = c59d52dd75f7d1c7b02f83725da36c322d439674
-RMD160 (openldap-2.4.47.tgz) = c228e5d55019c90aaeceeda32980e52cd7a0a4a6
-SHA512 (openldap-2.4.47.tgz) = d424079e34207e3d24383a2bea70a07ded40714982a6767174d2b2cb208cd94feab5ef12157accae915b8e404e5773a7547aaef65f06b44dc3cc09c6a64d5a11
-Size (openldap-2.4.47.tgz) = 5699678 bytes
+SHA1 (openldap-2.4.48.tgz) = c1984e80f6db038b317bf931866adb38e5537dcd
+RMD160 (openldap-2.4.48.tgz) = c91aa87634856d84386d2d8498b647ea2b1b7521
+SHA512 (openldap-2.4.48.tgz) = cf694a415be0bd55cc7f606099da2ed461748efd276561944cd29d7f5a8252a9be799d8778fac2d4fa9f382731eb4ca48c6b85630cb58a3b8249843561ae8feb
+Size (openldap-2.4.48.tgz) = 5704883 bytes
diff --git a/databases/openldap/Makefile.version b/databases/openldap/Makefile.version
index 4d88de925ed..ce85f148833 100644
--- a/databases/openldap/Makefile.version
+++ b/databases/openldap/Makefile.version
@@ -1,10 +1,10 @@
-# $NetBSD: Makefile.version,v 1.16 2018/12/20 17:54:09 adam Exp $
+# $NetBSD: Makefile.version,v 1.17 2019/08/03 06:46:52 adam Exp $
 # used by databases/lmdb/Makefile
 # used by databases/openldap/Makefile
 # used by databases/openldap/Makefile.common
 # used by databases/openldap-docs/Makefile
 
-OPENLDAP_VERSION=	2.4.47
+OPENLDAP_VERSION=	2.4.48
 
 DISTNAME=	openldap-${OPENLDAP_VERSION}
 MASTER_SITES=	ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/
diff --git a/databases/openldap/distinfo b/databases/openldap/distinfo
index b5745fecbd5..bca7285ab13 100644
--- a/databases/openldap/distinfo
+++ b/databases/openldap/distinfo
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.112 2018/12/20 17:54:09 adam Exp $
+$NetBSD: distinfo,v 1.113 2019/08/03 06:46:52 adam Exp $
 
-SHA1 (openldap-2.4.47.tgz) = c59d52dd75f7d1c7b02f83725da36c322d439674
-RMD160 (openldap-2.4.47.tgz) = c228e5d55019c90aaeceeda32980e52cd7a0a4a6
-SHA512 (openldap-2.4.47.tgz) = d424079e34207e3d24383a2bea70a07ded40714982a6767174d2b2cb208cd94feab5ef12157accae915b8e404e5773a7547aaef65f06b44dc3cc09c6a64d5a11
-Size (openldap-2.4.47.tgz) = 5699678 bytes
+SHA1 (openldap-2.4.48.tgz) = c1984e80f6db038b317bf931866adb38e5537dcd
+RMD160 (openldap-2.4.48.tgz) = c91aa87634856d84386d2d8498b647ea2b1b7521
+SHA512 (openldap-2.4.48.tgz) = cf694a415be0bd55cc7f606099da2ed461748efd276561944cd29d7f5a8252a9be799d8778fac2d4fa9f382731eb4ca48c6b85630cb58a3b8249843561ae8feb
+Size (openldap-2.4.48.tgz) = 5704883 bytes
 SHA1 (patch-ac) = 2995c518278b363bf9657e181c2340d3024d5980
 SHA1 (patch-ad) = 24e7ec27d592dd76bdec1e4805801c5304951daf
 SHA1 (patch-af) = 2e00b01bd813e73bdc1fb764a02e98d7755703de
@@ -18,7 +18,6 @@ SHA1 (patch-contrib_slapd-modules_nops_Makefile) = c51bccf34c3f3112232a134038622
 SHA1 (patch-contrib_slapd-modules_nops_slapo-nops.5) = f32352f19361b7e9aa5b038ae8578def7c08fa47
 SHA1 (patch-da) = 75e26bd08c6e66b69192ebfbb36db974d391ec3e
 SHA1 (patch-dd) = 9c74118ff0b2232bda729c9917082fceef41dd16
-SHA1 (patch-its7595) = 941b055bb5ac1f963b9d39384d3627a32f531cf1
 SHA1 (patch-its8885) = f70666e1a44499013c93fe9bd0d8198b5bffe11c
 SHA1 (patch-libraries_libldap_os-local.c) = 7cd4f8638456fae12499de0d36d7802e47d3d688
 SHA1 (patch-libraries_libldap_tls__m.c) = 91dab1dcfa6560c30093094586ea9eabf2e977b8
diff --git a/databases/openldap/patches/patch-its7595 b/databases/openldap/patches/patch-its7595
deleted file mode 100644
index 90f5e4b7ff3..00000000000
--- a/databases/openldap/patches/patch-its7595
+++ /dev/null
@@ -1,250 +0,0 @@
-$NetBSD: patch-its7595,v 1.2 2017/06/02 08:29:56 adam Exp $
-
-ECDH support from upstream
-
-From e631ce808ed56119e61321463d06db7999ba5a08 Mon Sep 17 00:00:00 2001
-From: Howard Chu <hyc@openldap.org>
-Date: Sat, 7 Sep 2013 09:47:19 -0700
-Subject: [PATCH] ITS#7595 Add Elliptic Curve support for OpenSSL
-
-From 9562ad00bd7f965df721bc22ac905bc759298a27 Mon Sep 17 00:00:00 2001
-From: Howard Chu <hyc@openldap.org>
-Date: Sat, 7 Sep 2013 10:13:40 -0700
-Subject: [PATCH] ITS#7595 more doc for elliptic curve
-
-From 721e46fe6695077d63a3df6ea2e397920a72308d Mon Sep 17 00:00:00 2001
-From: Howard Chu <hyc@openldap.org>
-Date: Sun, 8 Sep 2013 06:32:23 -0700
-Subject: [PATCH] ITS#7595 don't try to use EC if OpenSSL lacks it
-
---- doc/guide/admin/tls.sdf.orig
-+++ doc/guide/admin/tls.sdf
-@@ -203,6 +203,18 @@
- 
- This directive is ignored with Mozilla NSS.
- 
-+H4: TLSECName <name>
-+
-+This directive specifies the curve to use for Elliptic Curve
-+Diffie-Hellman ephemeral key exchange.  This is required in order
-+to use ECDHE-based cipher suites in OpenSSL.  The names of supported
-+curves may be shown using the following command
-+
-+>	openssl ecparam -list_curves
-+
-+This directive is not used for GnuTLS and is ignored with Mozilla NSS.
-+For GnuTLS the curves may be specified in the ciphersuite.
-+
- H4: TLSVerifyClient { never | allow | try | demand }
- 
- This directive specifies what checks to perform on client certificates
---- doc/man/man5/slapd-config.5.orig
-+++ doc/man/man5/slapd-config.5
-@@ -922,6 +922,13 @@
- When using Mozilla NSS these parameters are always generated randomly
- so this directive is ignored.
- .TP
-+.B olcTLSECName: <name>
-+Specify the name of a curve to use for Elliptic curve Diffie-Hellman
-+ephemeral key exchange.  This is required to enable ECDHE algorithms in
-+OpenSSL.  This option is not used with GnuTLS; the curves may be
-+chosen in the GnuTLS ciphersuite specification. This option is also
-+ignored for Mozilla NSS.
-+.TP
- .B olcTLSProtocolMin: <major>[.<minor>]
- Specifies minimum SSL/TLS protocol version that will be negotiated.
- If the server doesn't support at least that version,
---- doc/man/man5/slapd.conf.5.orig
-+++ doc/man/man5/slapd.conf.5
-@@ -1153,6 +1153,13 @@
- When using Mozilla NSS these parameters are always generated randomly
- so this directive is ignored.
- .TP
-+.B TLSECName <name>
-+Specify the name of a curve to use for Elliptic curve Diffie-Hellman
-+ephemeral key exchange.  This is required to enable ECDHE algorithms in
-+OpenSSL.  This option is not used with GnuTLS; the curves may be
-+chosen in the GnuTLS ciphersuite specification. This option is also
-+ignored for Mozilla NSS.
-+.TP
- .B TLSProtocolMin <major>[.<minor>]
- Specifies minimum SSL/TLS protocol version that will be negotiated.
- If the server doesn't support at least that version,
---- include/ldap.h.orig
-+++ include/ldap.h
-@@ -158,6 +158,7 @@
- #define LDAP_OPT_X_TLS_NEWCTX		0x600f
- #define LDAP_OPT_X_TLS_CRLFILE		0x6010	/* GNUtls only */
- #define LDAP_OPT_X_TLS_PACKAGE		0x6011
-+#define LDAP_OPT_X_TLS_ECNAME		0x6012
- 
- #define LDAP_OPT_X_TLS_NEVER	0
- #define LDAP_OPT_X_TLS_HARD		1
---- libraries/libldap/ldap-int.h.orig
-+++ libraries/libldap/ldap-int.h
-@@ -165,6 +165,7 @@
- 	char		*lt_ciphersuite;
- 	char		*lt_crlfile;
- 	char		*lt_randfile;	/* OpenSSL only */
-+	char		*lt_ecname;		/* OpenSSL only */
- 	int		lt_protocol_min;
- };
- #endif
-@@ -250,6 +251,7 @@
- #define ldo_tls_certfile	ldo_tls_info.lt_certfile
- #define ldo_tls_keyfile	ldo_tls_info.lt_keyfile
- #define ldo_tls_dhfile	ldo_tls_info.lt_dhfile
-+#define ldo_tls_ecname	ldo_tls_info.lt_ecname
- #define ldo_tls_cacertfile	ldo_tls_info.lt_cacertfile
- #define ldo_tls_cacertdir	ldo_tls_info.lt_cacertdir
- #define ldo_tls_ciphersuite	ldo_tls_info.lt_ciphersuite
---- libraries/libldap/tls2.c.orig
-+++ libraries/libldap/tls2.c
-@@ -118,6 +118,10 @@
- 		LDAP_FREE( lo->ldo_tls_dhfile );
- 		lo->ldo_tls_dhfile = NULL;
- 	}
-+	if ( lo->ldo_tls_ecname ) {
-+		LDAP_FREE( lo->ldo_tls_ecname );
-+		lo->ldo_tls_ecname = NULL;
-+	}
- 	if ( lo->ldo_tls_cacertfile ) {
- 		LDAP_FREE( lo->ldo_tls_cacertfile );
- 		lo->ldo_tls_cacertfile = NULL;
-@@ -232,6 +236,10 @@
- 		lts.lt_dhfile = LDAP_STRDUP( lts.lt_dhfile );
- 		__atoe( lts.lt_dhfile );
- 	}
-+	if ( lts.lt_ecname ) {
-+		lts.lt_ecname = LDAP_STRDUP( lts.lt_ecname );
-+		__atoe( lts.lt_ecname );
-+	}
- #endif
- 	lo->ldo_tls_ctx = ti->ti_ctx_new( lo );
- 	if ( lo->ldo_tls_ctx == NULL ) {
-@@ -257,6 +265,7 @@
- 	LDAP_FREE( lts.lt_crlfile );
- 	LDAP_FREE( lts.lt_cacertdir );
- 	LDAP_FREE( lts.lt_dhfile );
-+	LDAP_FREE( lts.lt_ecname );
- #endif
- 	return rc;
- }
-@@ -634,6 +643,10 @@
- 		*(char **)arg = lo->ldo_tls_dhfile ?
- 			LDAP_STRDUP( lo->ldo_tls_dhfile ) : NULL;
- 		break;
-+	case LDAP_OPT_X_TLS_ECNAME:
-+		*(char **)arg = lo->ldo_tls_ecname ?
-+			LDAP_STRDUP( lo->ldo_tls_ecname ) : NULL;
-+		break;
- 	case LDAP_OPT_X_TLS_CRLFILE:	/* GnuTLS only */
- 		*(char **)arg = lo->ldo_tls_crlfile ?
- 			LDAP_STRDUP( lo->ldo_tls_crlfile ) : NULL;
-@@ -753,6 +766,10 @@
- 		if ( lo->ldo_tls_dhfile ) LDAP_FREE( lo->ldo_tls_dhfile );
- 		lo->ldo_tls_dhfile = arg ? LDAP_STRDUP( (char *) arg ) : NULL;
- 		return 0;
-+	case LDAP_OPT_X_TLS_ECNAME:
-+		if ( lo->ldo_tls_ecname ) LDAP_FREE( lo->ldo_tls_ecname );
-+		lo->ldo_tls_ecname = arg ? LDAP_STRDUP( (char *) arg ) : NULL;
-+		return 0;
- 	case LDAP_OPT_X_TLS_CRLFILE:	/* GnuTLS only */
- 		if ( lo->ldo_tls_crlfile ) LDAP_FREE( lo->ldo_tls_crlfile );
- 		lo->ldo_tls_crlfile = arg ? LDAP_STRDUP( (char *) arg ) : NULL;
---- libraries/libldap/tls_o.c.orig
-+++ libraries/libldap/tls_o.c
-@@ -327,10 +327,9 @@
- 		return -1;
- 	}
- 
--	if ( lo->ldo_tls_dhfile ) {
--		DH *dh = NULL;
-+	if ( is_server && lo->ldo_tls_dhfile ) {
-+		DH *dh;
- 		BIO *bio;
--		SSL_CTX_set_options( ctx, SSL_OP_SINGLE_DH_USE );
- 
- 		if (( bio=BIO_new_file( lt->lt_dhfile,"r" )) == NULL ) {
- 			Debug( LDAP_DEBUG_ANY,
-@@ -349,6 +348,38 @@
- 		}
- 		BIO_free( bio );
- 		SSL_CTX_set_tmp_dh( ctx, dh );
-+		SSL_CTX_set_options( ctx, SSL_OP_SINGLE_DH_USE );
-+		DH_free( dh );
-+	}
-+
-+	if ( is_server && lo->ldo_tls_ecname ) {
-+#ifdef OPENSSL_NO_EC
-+		Debug( LDAP_DEBUG_ANY,
-+			"TLS: Elliptic Curves not supported.\n", 0,0,0 );
-+		return -1;
-+#else
-+		EC_KEY *ecdh;
-+
-+		int nid = OBJ_sn2nid( lt->lt_ecname );
-+		if ( nid == NID_undef ) {
-+			Debug( LDAP_DEBUG_ANY,
-+				"TLS: could not use EC name `%s'.\n",
-+				lo->ldo_tls_ecname,0,0);
-+			tlso_report_error();
-+			return -1;
-+		}
-+		ecdh = EC_KEY_new_by_curve_name( nid );
-+		if ( ecdh == NULL ) {
-+			Debug( LDAP_DEBUG_ANY,
-+				"TLS: could not generate key for EC name `%s'.\n",
-+				lo->ldo_tls_ecname,0,0);
-+			tlso_report_error();
-+			return -1;
-+		}
-+		SSL_CTX_set_tmp_ecdh( ctx, ecdh );
-+		SSL_CTX_set_options( ctx, SSL_OP_SINGLE_ECDH_USE );
-+		EC_KEY_free( ecdh );
-+#endif
- 	}
- 
- 	if ( tlso_opt_trace ) {
---- servers/slapd/bconfig.c.orig
-+++ servers/slapd/bconfig.c
-@@ -194,6 +194,7 @@
- 	CFG_ACL_ADD,
- 	CFG_SYNC_SUBENTRY,
- 	CFG_LTHREADS,
-+	CFG_TLS_ECNAME,
- 
- 	CFG_LAST
- };
-@@ -738,6 +739,14 @@
- #endif
- 		"( OLcfgGlAt:77 NAME 'olcTLSDHParamFile' "
- 			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
-+	{ "TLSECName", NULL, 2, 2, 0,
-+#ifdef HAVE_TLS
-+		CFG_TLS_ECNAME|ARG_STRING|ARG_MAGIC, &config_tls_option,
-+#else
-+		ARG_IGNORED, NULL,
-+#endif
-+		"( OLcfgGlAt:96 NAME 'olcTLSECName' "
-+			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
- 	{ "TLSProtocolMin",	NULL, 2, 2, 0,
- #ifdef HAVE_TLS
- 		CFG_TLS_PROTOCOL_MIN|ARG_STRING|ARG_MAGIC, &config_tls_config,
-@@ -819,7 +828,7 @@
- 		 "olcThreads $ olcTimeLimit $ olcTLSCACertificateFile $ "
- 		 "olcTLSCACertificatePath $ olcTLSCertificateFile $ "
- 		 "olcTLSCertificateKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ "
--		 "olcTLSRandFile $ olcTLSVerifyClient $ olcTLSDHParamFile $ "
-+		 "olcTLSRandFile $ olcTLSVerifyClient $ olcTLSDHParamFile $ olcTLSECName $ "
- 		 "olcTLSCRLFile $ olcTLSProtocolMin $ olcToolThreads $ olcWriteTimeout $ "
- 		 "olcObjectIdentifier $ olcAttributeTypes $ olcObjectClasses $ "
- 		 "olcDitContentRules $ olcLdapSyntaxes ) )", Cft_Global },
-@@ -3824,6 +3833,7 @@
- 	case CFG_TLS_CA_PATH:	flag = LDAP_OPT_X_TLS_CACERTDIR;	break;
- 	case CFG_TLS_CA_FILE:	flag = LDAP_OPT_X_TLS_CACERTFILE;	break;
- 	case CFG_TLS_DH_FILE:	flag = LDAP_OPT_X_TLS_DHFILE;	break;
-+	case CFG_TLS_ECNAME:	flag = LDAP_OPT_X_TLS_ECNAME;	break;
- #ifdef HAVE_GNUTLS
- 	case CFG_TLS_CRL_FILE:	flag = LDAP_OPT_X_TLS_CRLFILE;	break;
- #endif
author	adam <adam@pkgsrc.org>	2019-08-03 06:46:52 +0000
committer	adam <adam@pkgsrc.org>	2019-08-03 06:46:52 +0000
commit	c07fd4d8f6272b698ecfecb668661343d333ec18 (patch)
tree	8e99321aa94d499058b8ddc5e1996e188063a132 /databases
parent	c83cb60b945cfb71e1db75008bc888f54778f436 (diff)
download	pkgsrc-c07fd4d8f6272b698ecfecb668661343d333ec18.tar.gz