Age | Commit message (Collapse) | Author | Files | Lines |
|
- Correct typo in "configure" so that "--enable-smbk5pwd" or
"--disable-smbk5pwd" actually work.
- Explicitly add "--disable-smbk5pwd" to "CONFIGURE_ARGS" because this
feature is turned on by default (which it really shouldn't be).
The "openldap-server" package can now be built with the default options.
|
|
The smbk5pwd overlay is now static. It can be used like this:
overlay smbk5pwd
To sync only the samba password, add this:
smbk5pwd-enable samba
See contrib/slapd-modules/smbk5pwd/README in openldap distribution for more
information
|
|
the owner of all installed files is a non-root user. This change
affects most packages that require special users or groups by making
them use the specified unprivileged user and group instead.
(1) Add two new variables PKG_GROUPS_VARS and PKG_USERS_VARS to
unprivileged.mk. These two variables are lists of other bmake
variables that define package-specific users and groups. Packages
that have user-settable variables for users and groups, e.g. apache
and APACHE_{USER,GROUP}, courier-mta and COURIER_{USER,GROUP},
etc., should list these variables in PKG_USERS_VARS and PKG_GROUPS_VARS
so that unprivileged.mk can know to set them to ${UNPRIVILEGED_USER}
and ${UNPRIVILEGED_GROUP}.
(2) Modify packages to use PKG_GROUPS_VARS and PKG_USERS_VARS.
|
|
details here:
http://www.openldap.org/lists/openldap-software/200702/msg00126.html
|
|
OpenLDAP 2.3.31 Release
Fixed libldap unchased referral leak (ITS#4545)
Fixed libldap tls callback (ITS#4723)
Fixed liblutil ldif file: URL parsing
Fixed slapd syncrepl logging (ITS#4755)
Fixed slapd group ACL caching when proxyAuthz'ing (ITS#4760)
Fixed slapd "group" authz default member parsing (ITS#4761)
Fixed slapd uninitialized sd_actives array (ITS#4765)
Fixed slapd DN parsing in bindconf_parse (ITS#4766)
Fixed slapd conditional in macro argument (ITS#4769)
Fixed slapd send_search_reference should propagate errors
Fixed slapd memleak on failed bind (ITS#4771)
Fixed slapd schema preparation case to match RFCs (ITS#4764)
Fixed slapd kbind buffer overflow condition (ITS#4775)
Fixed slapd connections_shutdown assert
Fixed slapd glue parent/sub db overlay nesting (ITS#4615)
Fixed slapd-bdb/hdb/ldbm slap_add_opattrs error checking
Fixed slapd-bdb/hdb setting up tool threads when no indices specified
Fixed slapd-perl interpreter context (ITS#4751)
Fixed slapo-syncprov to complain if defined outside of a database
Fixed test021 modify ops to be syntactically correct
Fixed contrib smbk5pwd, check kadm5 init result
Documentation
Fixed typo in slapo-retcode(5) man page (ITS#4753)
Fixed syncrepl searchbase note (ITS#4540)
Added syncrepl starttls in the admin guide (ITS#4510)
Fixed reference to deprecated function in ldap_parse_result(3)
OpenLDAP 2.3.30 Release
Fixed slapd authzTo/authzFrom URL matching (ITS#4744)
Fixed slapd syncrepl consumer memory leaks (ITS#4746)
Fixed slapd-hdb livelock (ITS#4738)
Fixed slapo-ppolicy external quality check (ITS#4741)
Documentation
Fixed ldapsearch(1) man page acknowledgement (ITS#4743)
OpenLDAP 2.3.29 Release
Fixed liblber/libldap error codes on Windows (ITS#4606)
Fixed libldap string length assert (ITS#4740)
Fixed liblunicode case mapping (ITS#4724)
Fixed slapd ldapi:// socket permissions (ITS#4709)
Fixed slapd c_writewaiters assert (ITS#4696,4736)
Fixed slapo-accesslog purge contextCSN bug (ITS#4704)
Fixed slapo-accesslog modify/replace bug (ITS#4728)
Fixed slapo-dynlist leaks (ITS#4664)
Fixed slapo-ppolicy leaks (ITS#4665)
Fixed slapo-syncprov deadlock (ITS#4720)
Build environment
Added selection of ODBC (ITS#4735)
Documentation
Fixed slapd-ldap/meta(5) rebind-as-user usage (ITS#4715)
Fixed slapd-ldap/meta(5) missing network-timeout (ITS#4718)
OpenLDAP 2.3.28 Release
Fixed libldap ldap.conf max line length (ITS#4669)
Fixed libldap use keepalive for syncrepl (ITS#4708)
Fixed liblutil LDIF CR/LF parsing bug (ITS#4635)
Fixed librewrite LDAP map parsing bug
Fixed librewrite map double free bug
Added ldapsearch bad filter pattern check (ITS#4647)
Fixed slapd global access controls initialization (ITS#4654)
Fixed slapd setting c_sasl_bindop only on SASL binds
Fixed slapd max line length issue (ITS#4651)
Fixed slapd return code not being propagated (ITS#4565)
Fixed slapd integerBitAndMatch (ITS#4672)
Fixed slapd syncrepl modrdn new superior (ITS#4695)
Fixed slapd-ldap retry with idassert (ITS#4686)
Fixed slapd-meta DN massage error code handling (ITS#4711)
Fixed slapd-monitor locking with scope "subordinate" (ITS#4668)
Fixed slapd-perl deletes (ITS#2612)
Fixed slapd-perl backend initialization (ITS#4358)
Fixed slapd-perl finding interpreter inside a thread (ITS#4358)
Fixed slapo-ppolicy pwdChangedTime behavior (ITS#4692)
Fixed slapo-translucent ldapmodify crash (ITS#4673)
Documentation
Updated ldapsearch(1) options (ITS#4371,4526,4647)
Fixed slapd.access(5) non-optional dn= error (ITS#4522)
|
|
Bump PKGREVISION for openldap-client and openldap-server.
|
|
Changes since 2.3.24:
OpenLDAP 2.3.27 Release
- Fixed libldap dangling pointer issue (previous fix was broken) (ITS#4405)
OpenLDAP 2.3.26 Release
- Fixed libldap dnssrv bug with "not present" positive statement (ITS#4610)
- Fixed libldap dangling pointer issue (ITS#4405)
- Fixed slapd incorrect rebuilding of replica URI (ITS#4633)
- Fixed slapd DN X.509 normalization crash (ITS#4644)
- Fixed slapd-monitor operations order via callbacks (ITS#4631)
- Fixed slapd-sql undefined filter handling (ITS#4604)
- Fixed slapo-accesslog purge task during shutdown
- Fixed slapo-ppolicy handling of default policy (ITS#4634)
- Fixed slapo-ppolicy logging verbosity when using default policy
- Fixed slapo-syncprov incomplete sync on restart issues (ITS#4622)
OpenLDAP 2.3.25 Release
- Fixed liblber ber_bvreplace_x argument checks
- Add libldap_r TLS concurrency workaround (ITS#4583)
- Fixed liblutil password length bug
- Add slapd glue/subordinate conflict check (ITS#4614)
- Fixed slapd acl selfwrite bug (ITS#4587)
- Fixed slapd bconfig "require" and "none" handling (ITS#4574)
- Fixed slapd bconfig segfault when ldapadding new schema entries
- Fixed slapd syncrepl no rootdn bug (ITS#4582)
- Fixed slapd syncrepl contextCSN issue (ITS#4622)
- Fixed slapd-bdb/hdb lock bug with virtual root (ITS#4572)
- Fixed slapd-bdb/hdb modrdn new entry disappearing bug (ITS#4616)
- Fixed slapd-bdb/hdb cache job issue
- Fixed slapo-syncprov need new CSN with delete syncID sets (ITS#4534)
- Fixed slapo-syncprov startup when lastmod is off (ITS#4613)
- Fixed slapo-accesslog cn=config purge bug (ITS#4595)
- Fixes slapo-auditlog DB initialization
- Fixed slapo-ppolicy password hashing bug (ITS#4575)
- Fixed slapo-ppolicy password modify pwdMustChange reset bug (ITS#4576)
- Fixed slapo-ppolicy control can be critical (ITS#4596)
- Fixed slapo-retcode logical and bug
- Fixed slapo-syncprov DEL propagation bug (ITS#4589)
- Fixed slurpd ldaps:// default port bug (ITS#4580)
- Build environment
- Fix configure winsock.h detection for Cygwin (ITS#4621)
- Fix configure GMP detection (ITS#4608)
- Updated test006-acls to test selfwrite access (ITS#4587)
- Documentation
- Fixed ldapsearch(1) formatting (ITS#4619)
- Updated slapd.conf(5) RFC references
- Updated slapd.conf(5) lastmod discussion (ITS#4613)
- Updated slapd.conf(5) "require" and "none" handling (ITS#4574)
- Added slapd.conf(5) access control note to authz-regexp discussion
- Updated slapo-syncprov(5) to clarify SyncProv and syncrepl diffs
|
|
should be world-accessible. Bump PKGREVISION.
|
|
|
|
Makefile.
|
|
now split off. This package contains only the slapd and slurpd servers.
Please note that both slapd and slurpd now run unprivileged by default (as
slapd:ldap and slurpd:ldap, respectively). An upgrade scenaria is described
in MESSAGE. This change addresses PR pkg/31959.
|