Age | Commit message (Collapse) | Author | Files | Lines |
|
on packages that are affected by the switch from the openssl 0.9.7
branch to the 0.9.8 branch. ok jlam@
|
|
support, reported via PR pkg/37745 ).
OpenLDAP 2.4.x brings a lot of new features, including multi-master support,
dynamic configuration and schema changes, automatic reverse group membership,
significant performance improvements, etc. One of the most noticeable changes
for administrators though is the removal if the slurpd daemon (in favour of
the sync replication mechanism). Users of slurpd replication should migrate
to sync replication before upgrading to OpenLDAP 2.4.x.
|
|
|
|
|
|
- Correct typo in "configure" so that "--enable-smbk5pwd" or
"--disable-smbk5pwd" actually work.
- Explicitly add "--disable-smbk5pwd" to "CONFIGURE_ARGS" because this
feature is turned on by default (which it really shouldn't be).
The "openldap-server" package can now be built with the default options.
|
|
The smbk5pwd overlay is now static. It can be used like this:
overlay smbk5pwd
To sync only the samba password, add this:
smbk5pwd-enable samba
See contrib/slapd-modules/smbk5pwd/README in openldap distribution for more
information
|
|
the owner of all installed files is a non-root user. This change
affects most packages that require special users or groups by making
them use the specified unprivileged user and group instead.
(1) Add two new variables PKG_GROUPS_VARS and PKG_USERS_VARS to
unprivileged.mk. These two variables are lists of other bmake
variables that define package-specific users and groups. Packages
that have user-settable variables for users and groups, e.g. apache
and APACHE_{USER,GROUP}, courier-mta and COURIER_{USER,GROUP},
etc., should list these variables in PKG_USERS_VARS and PKG_GROUPS_VARS
so that unprivileged.mk can know to set them to ${UNPRIVILEGED_USER}
and ${UNPRIVILEGED_GROUP}.
(2) Modify packages to use PKG_GROUPS_VARS and PKG_USERS_VARS.
|
|
details here:
http://www.openldap.org/lists/openldap-software/200702/msg00126.html
|
|
OpenLDAP 2.3.31 Release
Fixed libldap unchased referral leak (ITS#4545)
Fixed libldap tls callback (ITS#4723)
Fixed liblutil ldif file: URL parsing
Fixed slapd syncrepl logging (ITS#4755)
Fixed slapd group ACL caching when proxyAuthz'ing (ITS#4760)
Fixed slapd "group" authz default member parsing (ITS#4761)
Fixed slapd uninitialized sd_actives array (ITS#4765)
Fixed slapd DN parsing in bindconf_parse (ITS#4766)
Fixed slapd conditional in macro argument (ITS#4769)
Fixed slapd send_search_reference should propagate errors
Fixed slapd memleak on failed bind (ITS#4771)
Fixed slapd schema preparation case to match RFCs (ITS#4764)
Fixed slapd kbind buffer overflow condition (ITS#4775)
Fixed slapd connections_shutdown assert
Fixed slapd glue parent/sub db overlay nesting (ITS#4615)
Fixed slapd-bdb/hdb/ldbm slap_add_opattrs error checking
Fixed slapd-bdb/hdb setting up tool threads when no indices specified
Fixed slapd-perl interpreter context (ITS#4751)
Fixed slapo-syncprov to complain if defined outside of a database
Fixed test021 modify ops to be syntactically correct
Fixed contrib smbk5pwd, check kadm5 init result
Documentation
Fixed typo in slapo-retcode(5) man page (ITS#4753)
Fixed syncrepl searchbase note (ITS#4540)
Added syncrepl starttls in the admin guide (ITS#4510)
Fixed reference to deprecated function in ldap_parse_result(3)
OpenLDAP 2.3.30 Release
Fixed slapd authzTo/authzFrom URL matching (ITS#4744)
Fixed slapd syncrepl consumer memory leaks (ITS#4746)
Fixed slapd-hdb livelock (ITS#4738)
Fixed slapo-ppolicy external quality check (ITS#4741)
Documentation
Fixed ldapsearch(1) man page acknowledgement (ITS#4743)
OpenLDAP 2.3.29 Release
Fixed liblber/libldap error codes on Windows (ITS#4606)
Fixed libldap string length assert (ITS#4740)
Fixed liblunicode case mapping (ITS#4724)
Fixed slapd ldapi:// socket permissions (ITS#4709)
Fixed slapd c_writewaiters assert (ITS#4696,4736)
Fixed slapo-accesslog purge contextCSN bug (ITS#4704)
Fixed slapo-accesslog modify/replace bug (ITS#4728)
Fixed slapo-dynlist leaks (ITS#4664)
Fixed slapo-ppolicy leaks (ITS#4665)
Fixed slapo-syncprov deadlock (ITS#4720)
Build environment
Added selection of ODBC (ITS#4735)
Documentation
Fixed slapd-ldap/meta(5) rebind-as-user usage (ITS#4715)
Fixed slapd-ldap/meta(5) missing network-timeout (ITS#4718)
OpenLDAP 2.3.28 Release
Fixed libldap ldap.conf max line length (ITS#4669)
Fixed libldap use keepalive for syncrepl (ITS#4708)
Fixed liblutil LDIF CR/LF parsing bug (ITS#4635)
Fixed librewrite LDAP map parsing bug
Fixed librewrite map double free bug
Added ldapsearch bad filter pattern check (ITS#4647)
Fixed slapd global access controls initialization (ITS#4654)
Fixed slapd setting c_sasl_bindop only on SASL binds
Fixed slapd max line length issue (ITS#4651)
Fixed slapd return code not being propagated (ITS#4565)
Fixed slapd integerBitAndMatch (ITS#4672)
Fixed slapd syncrepl modrdn new superior (ITS#4695)
Fixed slapd-ldap retry with idassert (ITS#4686)
Fixed slapd-meta DN massage error code handling (ITS#4711)
Fixed slapd-monitor locking with scope "subordinate" (ITS#4668)
Fixed slapd-perl deletes (ITS#2612)
Fixed slapd-perl backend initialization (ITS#4358)
Fixed slapd-perl finding interpreter inside a thread (ITS#4358)
Fixed slapo-ppolicy pwdChangedTime behavior (ITS#4692)
Fixed slapo-translucent ldapmodify crash (ITS#4673)
Documentation
Updated ldapsearch(1) options (ITS#4371,4526,4647)
Fixed slapd.access(5) non-optional dn= error (ITS#4522)
|
|
Bump PKGREVISION for openldap-client and openldap-server.
|
|
Changes since 2.3.24:
OpenLDAP 2.3.27 Release
- Fixed libldap dangling pointer issue (previous fix was broken) (ITS#4405)
OpenLDAP 2.3.26 Release
- Fixed libldap dnssrv bug with "not present" positive statement (ITS#4610)
- Fixed libldap dangling pointer issue (ITS#4405)
- Fixed slapd incorrect rebuilding of replica URI (ITS#4633)
- Fixed slapd DN X.509 normalization crash (ITS#4644)
- Fixed slapd-monitor operations order via callbacks (ITS#4631)
- Fixed slapd-sql undefined filter handling (ITS#4604)
- Fixed slapo-accesslog purge task during shutdown
- Fixed slapo-ppolicy handling of default policy (ITS#4634)
- Fixed slapo-ppolicy logging verbosity when using default policy
- Fixed slapo-syncprov incomplete sync on restart issues (ITS#4622)
OpenLDAP 2.3.25 Release
- Fixed liblber ber_bvreplace_x argument checks
- Add libldap_r TLS concurrency workaround (ITS#4583)
- Fixed liblutil password length bug
- Add slapd glue/subordinate conflict check (ITS#4614)
- Fixed slapd acl selfwrite bug (ITS#4587)
- Fixed slapd bconfig "require" and "none" handling (ITS#4574)
- Fixed slapd bconfig segfault when ldapadding new schema entries
- Fixed slapd syncrepl no rootdn bug (ITS#4582)
- Fixed slapd syncrepl contextCSN issue (ITS#4622)
- Fixed slapd-bdb/hdb lock bug with virtual root (ITS#4572)
- Fixed slapd-bdb/hdb modrdn new entry disappearing bug (ITS#4616)
- Fixed slapd-bdb/hdb cache job issue
- Fixed slapo-syncprov need new CSN with delete syncID sets (ITS#4534)
- Fixed slapo-syncprov startup when lastmod is off (ITS#4613)
- Fixed slapo-accesslog cn=config purge bug (ITS#4595)
- Fixes slapo-auditlog DB initialization
- Fixed slapo-ppolicy password hashing bug (ITS#4575)
- Fixed slapo-ppolicy password modify pwdMustChange reset bug (ITS#4576)
- Fixed slapo-ppolicy control can be critical (ITS#4596)
- Fixed slapo-retcode logical and bug
- Fixed slapo-syncprov DEL propagation bug (ITS#4589)
- Fixed slurpd ldaps:// default port bug (ITS#4580)
- Build environment
- Fix configure winsock.h detection for Cygwin (ITS#4621)
- Fix configure GMP detection (ITS#4608)
- Updated test006-acls to test selfwrite access (ITS#4587)
- Documentation
- Fixed ldapsearch(1) formatting (ITS#4619)
- Updated slapd.conf(5) RFC references
- Updated slapd.conf(5) lastmod discussion (ITS#4613)
- Updated slapd.conf(5) "require" and "none" handling (ITS#4574)
- Added slapd.conf(5) access control note to authz-regexp discussion
- Updated slapo-syncprov(5) to clarify SyncProv and syncrepl diffs
|
|
should be world-accessible. Bump PKGREVISION.
|
|
|
|
Makefile.
|
|
now split off. This package contains only the slapd and slurpd servers.
Please note that both slapd and slurpd now run unprivileged by default (as
slapd:ldap and slurpd:ldap, respectively). An upgrade scenaria is described
in MESSAGE. This change addresses PR pkg/31959.
|