From 37d6fdd69fab1b6c7e73755936ddb8d0f7147222 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kai=20L=C3=BCke?= Date: Fri, 7 Aug 2020 20:22:29 +0000 Subject: [PATCH] net-nds/openldap: Sync from Gentoo --- .../portage-stable/net-nds/openldap/Manifest | 44 +- .../openldap/files/openldap-2.2.6-ntlm.patch | 199 ---- .../files/openldap-2.3.21-ppolicy.patch | 13 - .../openldap-2.3.24-contrib-smbk5pwd.patch | 53 -- .../openldap/files/openldap-2.3.34-slapd-conf | 64 -- .../files/openldap-2.3.37-libldap_r.patch | 21 - .../files/openldap-2.3.43-fix-hang.patch | 19 - .../files/openldap-2.3.XY-gcc44.patch | 30 - ...p-2.4.17-fix-lmpasswd-gnutls-symbols.patch | 109 --- ...p-2.4.45-fix-lmpasswd-gnutls-symbols.patch | 2 +- .../files/openldap-2.4.47-libressl.patch | 58 ++ .../files/openldap-2.4.47-warnings.patch | 41 + .../net-nds/openldap/files/slurpd-initd | 21 - .../net-nds/openldap/metadata.xml | 13 +- .../openldap/openldap-2.3.43-r3.ebuild | 541 ----------- .../openldap/openldap-2.3.43-r4.ebuild | 547 ----------- .../openldap/openldap-2.4.44-r1.ebuild | 853 ------------------ .../net-nds/openldap/openldap-2.4.44.ebuild | 830 ----------------- ...p-2.4.45.ebuild => openldap-2.4.50.ebuild} | 305 ++++--- 19 files changed, 274 insertions(+), 3489 deletions(-) delete mode 100644 sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.2.6-ntlm.patch delete mode 100644 sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.21-ppolicy.patch delete mode 100644 sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.24-contrib-smbk5pwd.patch delete mode 100644 sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.34-slapd-conf delete mode 100644 sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.37-libldap_r.patch delete mode 100644 sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.43-fix-hang.patch delete mode 100644 sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.XY-gcc44.patch delete mode 100644 sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.4.17-fix-lmpasswd-gnutls-symbols.patch create mode 100644 sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.4.47-libressl.patch create mode 100644 sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.4.47-warnings.patch delete mode 100644 sdk_container/src/third_party/portage-stable/net-nds/openldap/files/slurpd-initd delete mode 100644 sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.3.43-r3.ebuild delete mode 100644 sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.3.43-r4.ebuild delete mode 100644 sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.4.44-r1.ebuild delete mode 100644 sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.4.44.ebuild rename sdk_container/src/third_party/portage-stable/net-nds/openldap/{openldap-2.4.45.ebuild => openldap-2.4.50.ebuild} (77%) diff --git a/sdk_container/src/third_party/portage-stable/net-nds/openldap/Manifest b/sdk_container/src/third_party/portage-stable/net-nds/openldap/Manifest index a885e38ce8..12dd61f09d 100644 --- a/sdk_container/src/third_party/portage-stable/net-nds/openldap/Manifest +++ b/sdk_container/src/third_party/portage-stable/net-nds/openldap/Manifest @@ -1,42 +1,2 @@ -AUX DB_CONFIG.fast.example 746 SHA256 69fc9aa6e4f0b888bc02d3f75642fe1ebf9345c685257a5c1236b2e79ed56e0b SHA512 07199416b7c91864a1dd5ad45642367c4f79ee8b694214305289c47afb5b53420f0fb81cf7c8b117400c903535e88a2dd47bda28d57e969aeeec669debf6dc9e WHIRLPOOL 1d6a2adcdbbac2698d8d5ab1867ecfafee23c8561c34addaea30f59bde8b4bfad88c576ffd7df102aa428c2588ed3b9376de49606eb6608c8e873f8119326c5a -AUX openldap-2.2.14-perlthreadsfix.patch 614 SHA256 bb719cc1fed47ff0f111c960f3295781ae6f0d9e98b4266a87751044b4bb3175 SHA512 e2579de72194c63e445108a39a85635622c1a629cec9d276df84ce9d770dbe7e2df2057663bac192558af3dee60fa2f0ae92f4cc34145c300fe141ae7f3f13b3 WHIRLPOOL 24cab36ff0368f81f555ba0fa0ea0f78d245d1863bf4c6c6d291536b16bdbe628a9a204ffccce12a6014b71717f3dd722c9f95061c1a519e273c0535316ad97d -AUX openldap-2.2.6-ntlm.patch 5011 SHA256 1f7e766bcafb412ec336aad7e07295d6d62d2e2a62b6804b07b06a5056102243 SHA512 8140dba85c56f269c953b0b23b2ca7eecb42f8e5167f4d0f08511dc8c06c30bcb42c3e38ed3b77d5622780a94c0aa9eb65bb8e45af50075acab97e7f466a1a9d WHIRLPOOL 75c2394c46242f738b5ee0db8473b05b5e7e75821e89dcea3ca7a139e34cc61f5848d0601dc66499dad35beefdd02aed5486ed138cfd8e216041aa5ceb85c920 -AUX openldap-2.3.21-ppolicy.patch 402 SHA256 97feaaff03e839aaad402024082ba62fb2cbe0c721664a85af8674ebb28d7dbd SHA512 19d2fb2755f62d3b77851983645f6656f10078e983ac09c8de7b50ba2ce52f2c8e5379f066cf1b6e91921b8ca5c54852bacd1563f20e5004babe94db66e7d88e WHIRLPOOL 32a93bc7daa952313643a56533719963766f944f25abedb29568b4e32fe1f42ffd7631b922dd2395d42d81ca2addcce8ddd5fd11432a4217c5f76f5b1ff8ef66 -AUX openldap-2.3.24-contrib-smbk5pwd.patch 1631 SHA256 277990c6bc9e00c29bc5123d5074e1a741a224e884f92651b301375b02edc70e SHA512 7aaab44cdf84233bfd78555db3af7c5a435cb3f37cb8f243b57b32391381835ce1efff7604f80cdf58fee429f6ecedc486f88addec15b6d32ef78f526c6c8826 WHIRLPOOL fbb14366c31ff97b9a706b9ceb0073e45affcf513a1c58966548537dfa3d3185ce5d8f0b38b627a5a729a3084b38f5681565bea2c46d369179879223e66adc37 -AUX openldap-2.3.34-slapd-conf 2067 SHA256 f7611233b83fa70dac313b4e734041dfe1ddac07c804bdb12a775d7cf88c36a1 SHA512 fa1c6051c8285cd8f91dd236289a7492efd30fe172d269b35a4941945623f87fd4ff0c8b47dae36e55e395e4d931cf680ab15c5f44fd7279be686678661971aa WHIRLPOOL 55384866d25d016a6135b443e9b25a8a321118a4e33214950f7f3ea51c357ba5a4b335d2f77aa941c04ebfd6131fcf48c87f29df8dc4fe685bad9f3aae61642a -AUX openldap-2.3.37-libldap_r.patch 862 SHA256 82471cc13806a9260e441aea90c8dfe9ce21b6d3edabb71766a2afcff6f80dfb SHA512 b49260b4a1583e1084f695e55e80aa90b301c9d56cd9cc04f0a78c0beb2e7d645e4b2163cae2be940f3918802b5d766e30f8550fd7fe723f365829c415fe364c WHIRLPOOL b22350b4ee9a3505b7b78ae915e82d3c84b19e7140047733cecd37818c57606097bd5d199d670ecf0d3bc350c08703bcaa126ed359b7930ab0a9b58e66f4aa50 -AUX openldap-2.3.43-fix-hang.patch 645 SHA256 48d1f63a303142e535413b3a42e1fdfea89abaf3265de801c147ef3bdcf3c27e SHA512 3cc7f46bd69634844c5fdf893120928e2d8b6c93011aebfb01786608bbb40351fab3f5e346857ab95724d5199b4b0270d56d56c7f1a43be07951f26fb82b018e WHIRLPOOL ddb6314f72a70a92d2cdc96548a8d0f783e97b91c9d71971566d3028d8ef1527b6897e5cdd6557fcd223f317b510dfbd12666c5bce0e8c9f06451e077a766bd5 -AUX openldap-2.3.XY-gcc44.patch 1169 SHA256 c799ad2adde0e0801bfd641c1a43860180121a04897b8e2a01ad000ea31e2a8d SHA512 9e7b726b384390dbf85c50cd344b6a614d09823293f1af2642cfb50c25f4f39254ae0b19cd0da0b30e6fbd270f61646487e1643406438bd2ec6b37883b03f9f2 WHIRLPOOL c5881dac9b095c28f3dd75fd71dfada84705bd42d643172389854f0c65e548a0f8721abef50568f63ebd85ac7bfeff68c64703dfdec0f7b42a57b92cf2f95097 -AUX openldap-2.4.11-libldap_r.patch 515 SHA256 3310a89d38bc39e6eb4333799d475411b274482b8bccab212b3edfd4385db70e SHA512 44d97efb25d4f39ab10cd5571db43f3bfa7c617a5bb087085ae16c0298aca899b55c8742a502121ba743a73e6d77cd2056bc96cee63d6d0862dabc8fb5574357 WHIRLPOOL f0c115c60a1405bb6d34090d878ba82b454cced4a7718e1132bc8d118032ae656dcd0207640142740ea4f547403edf2b95c97ae2c7f67a2b656b83cb3a508e45 -AUX openldap-2.4.15-ppolicy.patch 418 SHA256 98269fa1e8a1a0e62dad9acd36fd9a33614fca9a5830d6e7e606db8eb7f85de5 SHA512 59db36c9b4d16e7ccf4b318af2a8d0c6e29cda7e567641b3bcc6069bb7d610a8ac8b56e16ca72165b3e50841abb1ef693b9e2958f16997ac637554f3a67b7146 WHIRLPOOL ae52ce30b17e0413ee87db55070d64e06e4ab5e14adf96f808a0cfba39c3f946fc5b4e4431d8fc6123c025261acd6a16e2245a1b46e1eb7a131444e5ffc7825f -AUX openldap-2.4.17-fix-lmpasswd-gnutls-symbols.patch 3542 SHA256 31e816eb9f3b52f5f9d183f82adebff75892e45e764187e579a92204c90889cb SHA512 6e4d3d04344433967ae099471e2af9d706e77206fc5e8d84d63681c5b975110f9abbee5d29be0a51e4cf8bc8ee157d8f386d99ffcebd059ef1be660530aaa096 WHIRLPOOL 38d4e60faff9d3a5f21e0783e688b4716d8d04976f549958798becad3e03b06eec2eeeac1b7491fe361e077b4aca5b75506bd45d65668746ab67db3a20d86a28 -AUX openldap-2.4.17-gcc44.patch 509 SHA256 33345882f601050ecaa6bb3dd7458e6b5f8e3684345847f7a53d4a1b0f514bda SHA512 ea2c862c7a7b8bc17c31ece694c010dd648840cb4facd48d5640767d859bf3c9108d547007984cb759f4a8810ff99ab8295c82dc2ad069f568d037d8448e6ff4 WHIRLPOOL 5f597463b6e92b43e0d6beabf426f5d6000fb204dfe8080ebcf57ec71391712fb24f728f6e61d205dd3ef9e78c7eb8a443994c68469f80b2536cfea3cd75eed4 -AUX openldap-2.4.28-fix-dash.patch 1101 SHA256 fddaad5f49cce39bf5492bb1dda10f2ce83419c48f128fe536661dde703b5d1b SHA512 f9b3a50eb972f746878afe4a8cda8d7e2a2807932ad2faf602f43e5a1b81166bea4fde764b4e1ae4be0000cc0713ee90a4620afab5809b8460f60ae39a716e9e WHIRLPOOL ba3856cd1008431025811aaa21d0a0ce94896590a16eee8cd27bdc84fd89884b0d27e8dce31bc79e4b4a91884bc90624f1a6afb38efb847839a036b4a2196af5 -AUX openldap-2.4.28-gnutls-gcrypt.patch 340 SHA256 26dc29a502e45f6b1003674c1ef5bc6c79b71d00fc9b2fc7a145291a314370c0 SHA512 53441707e9b24e774c0541ad8b63295eea6dc0352ae2ef3bf389f381da18f1df05fb2f7b41c816e1f697d8f1b208643d05891c03d8fba42d85e3b7689e5ee94f WHIRLPOOL 6be9eda56fd68c9e0818443ca70ee6c1e904aa6126576477d402c9abd2ee44952a0a313efc89f603b02cac35cbfea3c987de5b6ec3625a92bc691386edd85aa5 -AUX openldap-2.4.31-gcc47.patch 480 SHA256 6a0bef52a8681e30c4be7c11df88f5c73d2ab90f0bbbb79c550b6174d3978060 SHA512 a35113fe3f5e9ae5b9631976415df41d53a99ae1ca4c4dcdcfd89e6ccc6ba906cf5cfe2ee4901033dba29d62b6607d4a93ca74645eb6ceba38e67c5d8521816a WHIRLPOOL bf1315bebf8b16a625d55ac1d040a1ab831c25c87fe6f9bb9ff4b1b54f621a36e75e6055955e60617823fbf78244cd4aec7f702ea0d7a8d85a164f550d2675e7 -AUX openldap-2.4.35-contrib-samba4.patch 1400 SHA256 64ca91d3edae25d392f39a7f538e269b26de4e09923f872014e84ec388bda911 SHA512 332c4b2daa3eba165cfdcd479b1012e139d60095aaa628f8f5750fffb722d39395935bd7d7e56272e98fd234ab0be1c6568a71feeda5d88ba24b91b385defdad WHIRLPOOL c472dc75bbc1261b84ce0bfe8dd0a749200d7540647733ca13c0b1ccd8330739278f83eea3c91b3b29e5982eb6c9f9fb920ffdd9a6faaf4c0e66a97a1d16db55 -AUX openldap-2.4.35-contrib-smbk5pwd.patch 1626 SHA256 377b9204f51bb751d7311de3ee789386496372db2964ed2a929733099c23688a SHA512 c045c7605d25bab9eef8c12752f4952e3e6358124764ded91f5f98210686bc371f32ac20c56a63de80410f882f20e0889eec95474f1ee9d4c5bb4ed303ec8da0 WHIRLPOOL 64feead042fe22ec8bd36a23a11ea1af513702de2ab063324f0e49802635ca53b9f2f662159c8784877f6342d0a15cb231710be2ea69031c3df7459cd150cc47 -AUX openldap-2.4.40-slapd-conf 2059 SHA256 306602d38cbbdc2203e9f838348cbe9b264738cf86bbebc60272658b92a1eff9 SHA512 7ce8a8262db74d86449a3d31b96b2efa9e8dae2f9992a1c3a6d6899fb65531eaf917f410d8728852cb74338d7ba3c8c3b52d2f6cdcbba4cb3b97f6c733099fa2 WHIRLPOOL 979a2802501ec22dd93032eb3bc1a3df322558013cd8038736bac436b33fdb666df5d93fbfcc4d99762c10aa9e1a1edef496fa364d2b4f0019b5dd702174b6f4 -AUX openldap-2.4.42-mdb-unbundle.patch 3589 SHA256 43be88ef0810608232b2490e7f06f66272d17059c581f76d4de79c415365dd97 SHA512 ec123ff8cef6c32b1f29c2d0643433dd88dfa8ab62b4d7536de829475ff8b45b5c7376f3e17f3424aab326a573aa36a593630feecbd40c3e574c6c24f5dd83ec WHIRLPOOL 0eadd603e016506d3365f81c802561a0201122b989033935a5a6b4737db75ff6c1517bcca1c7c127b54bfd7c1ea2db0c11f65228ea6c4cbacf2f783af98dfddb -AUX openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch 3542 SHA256 e7f630f8cad556806012489973f4f9c366bdcf7779170b163de21e078da8f114 SHA512 bdbc36bc020964eb997b8038cf3c32a2a8ccc09512e735376a34e5a54d0d0abbbc73cb60a3f6efaf7f8bdd88cad37c5f652c322eb0ff66edee8c8fc8978d1a3b WHIRLPOOL a5a62a1183b38c4346898032c2343c99685e64478bd7b8a45480a4818ab089383d101d84455e02712543504ff742715a9358b4896ed97cff44d6f4ae340b3dde -AUX openldap-2.4.6-evolution-ntlm.patch 5161 SHA256 3b79d9afaa7c76ca20c5e7aa856dea49931741a1022ae6c3bb264c38f4c22edb SHA512 a553231ad3e2d2ca3a3a195b20da6163c135a723e0a3ed39afcad5601ed4ef01e692533df3f8f96d5ec8cc74ca27cbd16508818007dc1343899a42b5595b980b WHIRLPOOL 624f11c996825bb248dd7c33f64afd3a4e8b9edbbe79c6fdffc7f2d8e57c5d8ac4c651eae7763dbc0a06144b916131b70e599771034bcb6bd8c586a9bf6a8209 -AUX slapd-confd 614 SHA256 901044908fbbbbf333f7f0f1efccd1f0e213aa1a9156b3e659eaf0a0c7fdfc89 SHA512 e4ae52d10294da787016cf39adfd68c6ad812ac1758b00845810ee7936d21734d2ef3793252b878d88f21788414071adffb5f484381d4dc6a29f71a8729486b7 WHIRLPOOL d45df7487a952f899e9098779edda82afd9fb5ca66e42bbaf4a94f9ebdda9be58a026c0358a521a2feb4cc04c1f8477fb034896054ca4575d717bec367e1e2e8 -AUX slapd-confd-2.4.28-r1 1072 SHA256 5bca003ec3b67c7c78519aede1d82002579006ccfecce8f87b559df719f82e92 SHA512 7426c04ee689bcfb29a9a3956367c571eac6bc9620efda938591d09382a05527454458f7a25bdc2fa2ac920f93bae516121e085408ffefbe8ace0c7d8c5da315 WHIRLPOOL b9cb4e249f224ce2435184922df8d053d4c6d058a6408b72ac3c393563bdc0d413f7310e74ef7dcdab6dedc3d25a77d5af0581334356a9b55be5c516d6ee71d4 -AUX slapd-initd 1168 SHA256 6b2039adf33b9dbfcce644631f4e8d1c0517327123ad875e102bcafe6c30b364 SHA512 52dec305f990de797cfe12a9b0d5b306f4b5baedec1597879151a492a1743ea46d83bf659f7695e07b8652fddb8a5a2ea11339991432075907fc088edd9a8bd5 WHIRLPOOL b2b29b8571976fafdf3c801b744b86ce9f2bb460bedf736ea912e6c97739c3cc57a64dee45b4fbc15382d26571cd1540b9ac3e609e25ce97973e80fd8bb77ff3 -AUX slapd-initd-2.4.40-r2 1726 SHA256 bcd84fca8efc1eec3aea489f238b51ce7226ffcdb1562044e48106897bc5a6fc SHA512 3945dc4cff9b20bddd2ac4f38d045f8caabb59368ab0b5e952d4194d06a1bdd9871546b84e9a54b692d2e3ca699aa065e5fa909a29ae80e102ed9635c94bcfd5 WHIRLPOOL 1be86d1dcd863077fa77a98e56b5dded097d34afabaebb29d3d37f39c818cca246067fdab4aaffddc64c02fbe01e7000ece6da6e7b9015dcf3248b5325d7ed84 -AUX slapd.service 284 SHA256 106563991611b44717cf93c10473edef39b4f0b4b391e29b9d5bdd3059c7a64a SHA512 450c93b320101e1c28681cad6694c24332fbe424ac98283b621a2f6e1eb01e9e2dbd80a4142e6e8d01d95c55018b44e847d4f4c55f11d7e0e0a11ae1827daa82 WHIRLPOOL d1ff7b8c672d9b38116cc8984567179a743b140211ae99bebd00729d8dc3cfcd4ed7c0833a18b071c9fa20eeb2cce4e053e7b6805474fc3ca8442167254c1e35 -AUX slapd.service.conf 443 SHA256 462adb8f6fc1a9f742c792b4392346d30949eed523453dd19b64afc9dc448145 SHA512 be9cf4bf19111bd77c0ce481428e6f3cc183a6939775ed1a2d7606a5162da34178cb139d666288f6a35b8413bd4dc5f8f1bd60b39f3cca8f749557674b93910b WHIRLPOOL 8697c1c1c82c5c3fbb5d3fffc43e56f1a05a8bf23443270f2a051fde7d6ca0d1c5102611ac62d244b2c190c6bd1fb675cc46a5978a715d2df4e72f13c58db3c8 -AUX slapd.tmpfilesd 90 SHA256 8039a0190bd5b701f29661c63e03e4fb439a8eb50fdd7be5ce96a7f7f3aaeb1b SHA512 c462c92911635a2a6a30eb7239e74b529062224f9798351f53dca9a2e25cbc7f9fbb3743f98a015b7ccac0823ab85adb42d91d980f053bc3f12fdce760ce4bec WHIRLPOOL 2fb28068fa2b8113041544bd88a58060aa309b012b58bd903b58e2ff853fec0882de2f2b0fa28da76eaa5550dcccbe7ed6e8b792df7f788b6bf0d324a0dc0e52 -AUX slurpd-initd 386 SHA256 f63742fd5f4192e8c676d3634b3947f48dffc2d37ebc82d50a3eec19178c51f0 SHA512 f6f5ede73eb1290673f1d4c9605d8806c759d68568610660eaa1cdcacf2926c728387b5e70885acdec0eea0e15a734c730af49550c4ffc8f121fffc3d9b7ed8c WHIRLPOOL 8f6fe3bb1e2221438e546b766368f76cb6dec18aa3b3b997cf3867b058f0d0d0ca1690a0fb10ae2aac28917d0803c4d2d6663e7993e3eeac3589b4f407befc0f -DIST openldap-2.3.43.tgz 3803011 SHA256 d7d2dea05362c8ac7e11bb7bf1da4cdeb07225ba8dc16974bff9f51a9f3d37e1 SHA512 2b0ebb35adbeed34673e1a55cc7a89b348ddee7ad6ce7f915ca3745198cee992aba7281bf0d56197dcfd59665935d5d3764db0ba487975e4dbc2a2507d6ea7a6 WHIRLPOOL 7457112bbad83d75f7ad01230da97511a8d983a98f7e31357dbffd79a7ed7e53057af781002cae8c610d3ad7834dfeefbd7f223798d45aea8cd00b70f5ee0e39 -DIST openldap-2.4.44.tgz 5658830 SHA256 d7de6bf3c67009c95525dde3a0212cc110d0a70b92af2af8e3ee800e81b88400 SHA512 132eb81798f59a364c9246d08697e1c7ebb6c2c3b983f786b14ec0233df09696cbad33a1f35f3076348b5efb77665a076ab854a24122c31e8b58310b7c7fd136 WHIRLPOOL 37399793d681a6489c369d663772970c62a4e1e370d4dc306bcb6fa3b9cb680139c9d940d9218aaac4618f50a63bc391b10f2aec0a134f84094ce4f7378c88ff -DIST openldap-2.4.45.tgz 5672845 SHA256 cdd6cffdebcd95161a73305ec13fc7a78e9707b46ca9f84fb897cd5626df3824 SHA512 1c9fc84efed8998f107ce6e1c6be3f5466388241afdca0cb3847720c9def0bc263a2dbc15bf0f9112d1b4c391fd01e8531a4fb08c5532c30fb86924c08daedab WHIRLPOOL b5855bfe2b2c3856a98fb8b07ab94e51ef995ff80d4f39f0e7edae64f9774f0af9987db3673e25f98df8a5856a3f8839f28f1aa9184c92862a4df22540b3ab49 -DIST rfc2307bis.schema-20140524 12262 SHA256 6cd8154ad86be1d6bb88a79c303dc10a49bce4ce7d21bb417a951d6496df30b1 SHA512 83b89a1deeefc8566b97e7e865b9b6d04541099cbdf719e24538a7d27d61b6209e87ab9003a9f140bd9afd018ec569e71721e3a24090e1902c8b6659d2ba103e WHIRLPOOL 40cef24529fb4bfc1661d03088eccdb17d9056d696b2bf0e698fa248d03f508ba776784bf8abbaffb5f4c2c59b59b29525b4be2babc978fed681e5e3c88073de -EBUILD openldap-2.3.43-r3.ebuild 18084 SHA256 e8bdb634b475e9773001bd4325518e4854b02d9fc21c6e153f5437d662e1c238 SHA512 7d8d7a2e1563960f1db4704d4dc1c1d922c4fc1ac311f5bda1ad9278388be26d9d4e7a0f4c2695406bba2a97613d0fa3a4eaacd7bb639439804a2c105fb859c8 WHIRLPOOL 564dd18d46124a7cd55b22308532dde74caa3393f43ff7fcd96ddf2634a2c2182ba6cbde302620c965a146f6838f3534db19b5d015eca55b7064a25bde83f7a4 -EBUILD openldap-2.3.43-r4.ebuild 18276 SHA256 51dcc2d596a0ae4c494a1c7a473930c10122abc3f91073daac5002f87f60b7bb SHA512 31cea69f98d773f8ef909acc424f29062dd31ad187b771417ba624fb1d3c1c6edfbfb4094fdf31045d251c6e9d44f322732ee4086710be39a8a00e4ad25ddb68 WHIRLPOOL 6a9dc29d18f399f885ea86d56cab4c7e637f8e32d5f584fccdf80641d2742011dafba213c8ca300641ef899d9b7da93dbda926b3741c1a6d8b3c9374e84610c8 -EBUILD openldap-2.4.44-r1.ebuild 27245 SHA256 034bf87b74f8092305d1035d2994a319de41412b21f038418caa8dcdb02a975c SHA512 a5273bcf45add81f5dc01b17ab0e4888a5f96e535c0156aed8f9e48fedf382c30f53cbcebbdc4d3e68e79009b8e53ae8faf8245f12980b9127bd8688960adbe7 WHIRLPOOL 9efabbacb9e7c70209ca478f41855c4cd6e89b979bbe3b38c36a2ff39ec7fcfb07a76a2dbc2da1ae0d82f5ee1d69ced25f90797dabae8095fd64f204775d03f4 -EBUILD openldap-2.4.44.ebuild 26576 SHA256 85310e0749a2bd1dfe37fb10fdbab74cf88bdef06a4d796f3b222daf28de9eb4 SHA512 870e3c0a52144e663d3ba7b8dc70a9198292fc81755ebabee0a214113596d76d004f5b2f91b2033c50432b21de98d0b5f37ace15e2b40a6bc309400c44df286c WHIRLPOOL c655f2c9e3930fd2cfda558e1da8b698fd3db191927fe7eee16a6964a207082e11dd63723df278b8a4640ca9713f328ce28a046d9af1af8b629782a9fd849d64 -EBUILD openldap-2.4.45.ebuild 28042 SHA256 3aedd923fd2e5f20c24b9fe57f5340b2cbc56b5f82276b3d25669518320c4f74 SHA512 554d404a2af4716d8759f0a435f440d1bbc5e31c2c55c0b529ac412aae4d0774c770ebc4248dcc0a856ddd68fba6a276bcb9dc6f8afb0baeb95be2ed80a7c597 WHIRLPOOL 46db827860f5cd3b74836944db87384a7d43e5d2adbf821cc94f3e74d6dbe3c81bbcb778df581663dabce2c0d6d284f46846f77133a6c5e92fbc9855d95d1c13 -MISC ChangeLog 8175 SHA256 3e40d412ae900631f1ff6666ca53a00c645d846d17e85dda64f2307af9a8b51b SHA512 5758f053e916ff51f0af336a4c1ab5068827334b441b5904be35968bb6be7efd078682360e41f7ba2bbbdf0302e0cf0e9b3e51bf466efd8a4a5ef61ff890258e WHIRLPOOL 0d7b6d7f534bdeca1aa97339e69a2705ab96abf678d910e6cdf994956553dc9ad25b935903e938991bf79b4986692912e846989e7a1f9d4fa96c8a82c331d432 -MISC ChangeLog-2015 87821 SHA256 29dc9d2d86f5c0de89ee44162332ee4390220ea9e546895100bd413bc60a0a30 SHA512 7c98e1dfe9ea30d7a31a7187cd913e6997bd8f8d5d74747c85f989a61b702272ce120588874257f2653343c2134c94dc405710f82957169a6f7bac01854d3611 WHIRLPOOL 2b657cb4f1f302e90eea233e401c6ca379b605c697443b36280153eb7419695ed2040ada6505b2c38c86832bda3efa74a4bfeda267d644639148ca6954cd10e9 -MISC metadata.xml 939 SHA256 dbed34e13c441b16f14e2ddb4a415b343e7148c9ebbd294b8d825f5abad9b350 SHA512 2cb744d3e29b0a3e8418b47df6c4d64a606d9a5e021e64104b8644da4977b0ad030b7d2e6c74259799c5ee1aa64984b779fa7966f6a77402574150f6756df1c1 WHIRLPOOL 2febb19b808bb5eea0040655b745c44cddd89f25f8c74091fb63371bec1e4b99d41fce6e5a1e1b699706e1a14634ccc7b49f8d022d3b4cc3a544680e728773fa +DIST openldap-2.4.50.tgz 5712635 BLAKE2B 6a7d864a44c411b82cf703585c4a81954a02497e8510c84e29070dd120da0181e8425fd2b8bb7616e42e6e26d0f06db5ffdf50fb1cd97943d23f9914eb4f1260 SHA512 f528043ff9de36f7b65d8816c9a9c24f0ac400041b2969965178ee6eae62c92a11af33a0a883e4954e5fff98a0738a9f9aa2faf5b385d21974754e045aab31ae +DIST rfc2307bis.schema-20140524 12262 BLAKE2B 98031f49e9bde1e4821e637af3382364d8344ed7017649686a088070d96a632dffa6c661552352656b1b159c0fd962965580069a64c7f3d5bb6a3ed75f60fd99 SHA512 83b89a1deeefc8566b97e7e865b9b6d04541099cbdf719e24538a7d27d61b6209e87ab9003a9f140bd9afd018ec569e71721e3a24090e1902c8b6659d2ba103e diff --git a/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.2.6-ntlm.patch b/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.2.6-ntlm.patch deleted file mode 100644 index 1e52f99f19..0000000000 --- a/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.2.6-ntlm.patch +++ /dev/null @@ -1,199 +0,0 @@ -(Note that this patch is not useful on its own... it just adds some -hooks to work with the LDAP authentication process at a lower level -than the API otherwise allows. The code that calls these hooks and -actually drives the NTLM authentication process is in -lib/e2k-global-catalog.c, and the code that actually implements the -NTLM algorithms is in xntlm/.) - -This is a patch against OpenLDAP 2.2.6. Apply with -p0 - - ---- include/ldap.h.orig 2004-01-01 13:16:28.000000000 -0500 -+++ include/ldap.h 2004-07-14 11:58:49.000000000 -0400 -@@ -1753,5 +1753,26 @@ - LDAPControl **cctrls )); - - -+/* -+ * hacks for NTLM -+ */ -+#define LDAP_AUTH_NTLM_REQUEST ((ber_tag_t) 0x8aU) -+#define LDAP_AUTH_NTLM_RESPONSE ((ber_tag_t) 0x8bU) -+LDAP_F( int ) -+ldap_ntlm_bind LDAP_P(( -+ LDAP *ld, -+ LDAP_CONST char *dn, -+ ber_tag_t tag, -+ struct berval *cred, -+ LDAPControl **sctrls, -+ LDAPControl **cctrls, -+ int *msgidp )); -+LDAP_F( int ) -+ldap_parse_ntlm_bind_result LDAP_P(( -+ LDAP *ld, -+ LDAPMessage *res, -+ struct berval *challenge)); -+ -+ - LDAP_END_DECL - #endif /* _LDAP_H */ ---- libraries/libldap/Makefile.in.orig 2004-01-01 13:16:29.000000000 -0500 -+++ libraries/libldap/Makefile.in 2004-07-14 13:37:23.000000000 -0400 -@@ -20,7 +20,7 @@ - SRCS = bind.c open.c result.c error.c compare.c search.c \ - controls.c messages.c references.c extended.c cyrus.c \ - modify.c add.c modrdn.c delete.c abandon.c \ -- sasl.c sbind.c kbind.c unbind.c cancel.c \ -+ sasl.c ntlm.c sbind.c kbind.c unbind.c cancel.c \ - filter.c free.c sort.c passwd.c whoami.c \ - getdn.c getentry.c getattr.c getvalues.c addentry.c \ - request.c os-ip.c url.c sortctrl.c vlvctrl.c \ -@@ -29,7 +29,7 @@ - OBJS = bind.lo open.lo result.lo error.lo compare.lo search.lo \ - controls.lo messages.lo references.lo extended.lo cyrus.lo \ - modify.lo add.lo modrdn.lo delete.lo abandon.lo \ -- sasl.lo sbind.lo kbind.lo unbind.lo cancel.lo \ -+ sasl.lo ntlm.lo sbind.lo kbind.lo unbind.lo cancel.lo \ - filter.lo free.lo sort.lo passwd.lo whoami.lo \ - getdn.lo getentry.lo getattr.lo getvalues.lo addentry.lo \ - request.lo os-ip.lo url.lo sortctrl.lo vlvctrl.lo \ ---- /dev/null 2004-06-30 15:04:37.000000000 -0400 -+++ libraries/libldap/ntlm.c 2004-07-14 13:44:18.000000000 -0400 -@@ -0,0 +1,137 @@ -+/* $OpenLDAP: pkg/ldap/libraries/libldap/ntlm.c,v 1.1.4.10 2002/01/04 20:38:21 kurt Exp $ */ -+/* -+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved. -+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file -+ */ -+ -+/* Mostly copied from sasl.c */ -+ -+#include "portable.h" -+ -+#include -+#include -+ -+#include -+#include -+#include -+#include -+ -+#include "ldap-int.h" -+ -+int -+ldap_ntlm_bind( -+ LDAP *ld, -+ LDAP_CONST char *dn, -+ ber_tag_t tag, -+ struct berval *cred, -+ LDAPControl **sctrls, -+ LDAPControl **cctrls, -+ int *msgidp ) -+{ -+ BerElement *ber; -+ int rc; -+ ber_int_t id; -+ -+ Debug( LDAP_DEBUG_TRACE, "ldap_ntlm_bind\n", 0, 0, 0 ); -+ -+ assert( ld != NULL ); -+ assert( LDAP_VALID( ld ) ); -+ assert( msgidp != NULL ); -+ -+ if( msgidp == NULL ) { -+ ld->ld_errno = LDAP_PARAM_ERROR; -+ return ld->ld_errno; -+ } -+ -+ /* create a message to send */ -+ if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) { -+ ld->ld_errno = LDAP_NO_MEMORY; -+ return ld->ld_errno; -+ } -+ -+ assert( LBER_VALID( ber ) ); -+ -+ LDAP_NEXT_MSGID( ld, id ); -+ rc = ber_printf( ber, "{it{istON}" /*}*/, -+ id, LDAP_REQ_BIND, -+ ld->ld_version, dn, tag, -+ cred ); -+ -+ /* Put Server Controls */ -+ if( ldap_int_put_controls( ld, sctrls, ber ) != LDAP_SUCCESS ) { -+ ber_free( ber, 1 ); -+ return ld->ld_errno; -+ } -+ -+ if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) { -+ ld->ld_errno = LDAP_ENCODING_ERROR; -+ ber_free( ber, 1 ); -+ return ld->ld_errno; -+ } -+ -+ /* send the message */ -+ *msgidp = ldap_send_initial_request( ld, LDAP_REQ_BIND, dn, ber, id ); -+ -+ if(*msgidp < 0) -+ return ld->ld_errno; -+ -+ return LDAP_SUCCESS; -+} -+ -+int -+ldap_parse_ntlm_bind_result( -+ LDAP *ld, -+ LDAPMessage *res, -+ struct berval *challenge) -+{ -+ ber_int_t errcode; -+ ber_tag_t tag; -+ BerElement *ber; -+ ber_len_t len; -+ -+ Debug( LDAP_DEBUG_TRACE, "ldap_parse_ntlm_bind_result\n", 0, 0, 0 ); -+ -+ assert( ld != NULL ); -+ assert( LDAP_VALID( ld ) ); -+ assert( res != NULL ); -+ -+ if ( ld == NULL || res == NULL ) { -+ return LDAP_PARAM_ERROR; -+ } -+ -+ if( res->lm_msgtype != LDAP_RES_BIND ) { -+ ld->ld_errno = LDAP_PARAM_ERROR; -+ return ld->ld_errno; -+ } -+ -+ if ( ld->ld_error ) { -+ LDAP_FREE( ld->ld_error ); -+ ld->ld_error = NULL; -+ } -+ if ( ld->ld_matched ) { -+ LDAP_FREE( ld->ld_matched ); -+ ld->ld_matched = NULL; -+ } -+ -+ /* parse results */ -+ -+ ber = ber_dup( res->lm_ber ); -+ -+ if( ber == NULL ) { -+ ld->ld_errno = LDAP_NO_MEMORY; -+ return ld->ld_errno; -+ } -+ -+ tag = ber_scanf( ber, "{ioa" /*}*/, -+ &errcode, challenge, &ld->ld_error ); -+ ber_free( ber, 0 ); -+ -+ if( tag == LBER_ERROR ) { -+ ld->ld_errno = LDAP_DECODING_ERROR; -+ return ld->ld_errno; -+ } -+ -+ ld->ld_errno = errcode; -+ -+ return( ld->ld_errno ); -+} diff --git a/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.21-ppolicy.patch b/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.21-ppolicy.patch deleted file mode 100644 index 06bbee86f1..0000000000 --- a/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.21-ppolicy.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- clients.orig/tools/common.c 2006-05-05 00:24:01.000000000 -0700 -+++ clients/tools/common.c 2006-05-05 00:24:13.000000000 -0700 -@@ -904,8 +904,8 @@ - tool_bind( LDAP *ld ) - { - #ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST -- if ( ppolicy ) { - LDAPControl *ctrls[2], c; -+ if ( ppolicy ) { - c.ldctl_oid = LDAP_CONTROL_PASSWORDPOLICYREQUEST; - c.ldctl_value.bv_val = NULL; - c.ldctl_value.bv_len = 0; - diff --git a/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.24-contrib-smbk5pwd.patch b/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.24-contrib-smbk5pwd.patch deleted file mode 100644 index 091ff26a17..0000000000 --- a/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.24-contrib-smbk5pwd.patch +++ /dev/null @@ -1,53 +0,0 @@ ---- contrib/slapd-modules/smbk5pwd/Makefile.ORIG 2006-05-17 13:11:57.194660019 +0300 -+++ contrib/slapd-modules/smbk5pwd/Makefile 2006-05-17 13:11:14.503082288 +0300 -@@ -9,29 +9,39 @@ - # top-level directory of the distribution or, alternatively, at - # . - -+#libexecdir=/usr/lib/openldap -+moduledir=$(libexecdir)/openldap - LIBTOOL=../../../libtool --OPT=-g -O2 -+#OPT= - CC=gcc - - # Omit DO_KRB5 or DO_SAMBA if you don't want to support it. --DEFS=-DDO_KRB5 -DDO_SAMBA -+#DEFS= - --HEIMDAL_INC=-I/usr/heimdal/include -+#KRB5_INC= - SSL_INC= - LDAP_INC=-I../../../include -I../../../servers/slapd --INCS=$(LDAP_INC) $(HEIMDAL_INC) $(SSL_INC) -+INCS=$(LDAP_INC) $(SSL_INC) $(KRB5_INC) - --HEIMDAL_LIB=-L/usr/heimdal/lib -lkrb5 -lkadm5srv -+KRB5_LIB=-lkrb5 -lkadm5srv - SSL_LIB=-lcrypto --LDAP_LIB=-lldap_r -llber --LIBS=$(LDAP_LIB) $(HEIMDAL_LIB) $(SSL_LIB) -- -+LDAP_LIB=-L../../../libraries/libldap_r -lldap_r -llber -+ifneq (DDO_KRB5,$(findstring DDO_KRB5,$(DEFS))) -+ LIBS=$(LDAP_LIB) $(SSL_LIB) -+else -+ LIBS=$(LDAP_LIB) $(KRB5_LIB) $(SSL_LIB) -+endif -+ - all: smbk5pwd.la - - - smbk5pwd.lo: smbk5pwd.c -- $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $? -+ $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(DEFS) $(INCS) -c $? - - smbk5pwd.la: smbk5pwd.lo -- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info 0:0:0 \ -- -rpath /usr/local/libexec/openldap -module -o $@ $? $(LIBS) -+ $(LIBTOOL) --mode=link $(CC) $(CFLAGS) -version-info 0:0:0 \ -+ -rpath $(moduledir) -module -o $@ $? $(LIBS) -+ -+install-mod: -+ $(LIBTOOL) --mode=install ../../../build/shtool install -c \ -+ -m 755 smbk5pwd.la $(DESTDIR)$(moduledir) diff --git a/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.34-slapd-conf b/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.34-slapd-conf deleted file mode 100644 index ad767cfdeb..0000000000 --- a/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.34-slapd-conf +++ /dev/null @@ -1,64 +0,0 @@ -# -# See slapd.conf(5) for details on configuration options. -# This file should NOT be world readable. -# -include /etc/openldap/schema/core.schema - -# Define global ACLs to disable default read access. - -# Do not enable referrals until AFTER you have a working directory -# service AND an understanding of referrals. -#referral ldap://root.openldap.org - -pidfile /var/run/openldap/slapd.pid -argsfile /var/run/openldap/slapd.args - -# Load dynamic backend modules: -###INSERTDYNAMICMODULESHERE### - -# Sample security restrictions -# Require integrity protection (prevent hijacking) -# Require 112-bit (3DES or better) encryption for updates -# Require 63-bit encryption for simple bind -# security ssf=1 update_ssf=112 simple_bind=64 - -# Sample access control policy: -# Root DSE: allow anyone to read it -# Subschema (sub)entry DSE: allow anyone to read it -# Other DSEs: -# Allow self write access -# Allow authenticated users read access -# Allow anonymous users to authenticate -# Directives needed to implement policy: -# access to dn.base="" by * read -# access to dn.base="cn=Subschema" by * read -# access to * -# by self write -# by users read -# by anonymous auth -# -# if no access controls are present, the default policy -# allows anyone and everyone to read anything but restricts -# updates to rootdn. (e.g., "access to * by * read") -# -# rootdn can always read and write EVERYTHING! - -####################################################################### -# BDB database definitions -####################################################################### - -database hdb -suffix "dc=my-domain,dc=com" -# -checkpoint 32 30 -rootdn "cn=Manager,dc=my-domain,dc=com" -# Cleartext passwords, especially for the rootdn, should -# be avoid. See slappasswd(8) and slapd.conf(5) for details. -# Use of strong authentication encouraged. -rootpw secret -# The database directory MUST exist prior to running slapd AND -# should only be accessible by the slapd and slap tools. -# Mode 700 recommended. -directory /var/lib/openldap-data -# Indices to maintain -index objectClass eq diff --git a/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.37-libldap_r.patch b/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.37-libldap_r.patch deleted file mode 100644 index d015bda2ab..0000000000 --- a/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.37-libldap_r.patch +++ /dev/null @@ -1,21 +0,0 @@ ---- libraries/libldap_r/Makefile.in.old 2007-01-02 22:43:50.000000000 +0100 -+++ libraries/libldap_r/Makefile.in 2007-08-22 13:32:20.000000000 +0200 -@@ -56,7 +56,7 @@ - XXLIBS = $(SECURITY_LIBS) $(LUTIL_LIBS) - XXXLIBS = $(LTHREAD_LIBS) - NT_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS) --UNIX_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS) -+UNIX_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS) $(LTHREAD_LIBS) - - .links : Makefile - @for i in $(XXSRCS); do \ ---- servers/slapd/slapi/Makefile.in.old 2007-01-02 22:44:10.000000000 +0100 -+++ servers/slapd/slapi/Makefile.in 2007-08-22 14:58:51.000000000 +0200 -@@ -37,6 +37,7 @@ - XLIBS = $(LIBRARY) - XXLIBS = - NT_LINK_LIBS = $(AC_LIBS) -+UNIX_LINK_LIBS = ../../../libraries/libldap_r/libldap_r.la $(LTHREAD_LIBS) - - XINCPATH = -I$(srcdir)/.. -I$(srcdir) - XDEFS = $(MODULES_CPPFLAGS) diff --git a/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.43-fix-hang.patch b/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.43-fix-hang.patch deleted file mode 100644 index 7e1f4457bd..0000000000 --- a/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.43-fix-hang.patch +++ /dev/null @@ -1,19 +0,0 @@ -commit a3f40e5601c0c522f2bda418374fb415bdcbd75c -Author: Quanah Gibson-Mount -Date: Thu Mar 24 02:25:49 2011 +0000 - - sl_busy is used as a boolean so just set it, don't increment it - -diff --git a/servers/slapd/daemon.c b/servers/slapd/daemon.c -index 2a7a48e..df6d096 100644 ---- a/servers/slapd/daemon.c -+++ b/servers/slapd/daemon.c -@@ -2098,7 +2098,7 @@ slap_listener_activate( - Debug( LDAP_DEBUG_TRACE, "slap_listener_activate(%d): %s\n", - sl->sl_sd, sl->sl_busy ? "busy" : "", 0 ); - -- sl->sl_busy++; -+ sl->sl_busy = 1; - - rc = ldap_pvt_thread_pool_submit( &connection_pool, - slap_listener_thread, (void *) sl ); diff --git a/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.XY-gcc44.patch b/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.XY-gcc44.patch deleted file mode 100644 index 0213d81dc8..0000000000 --- a/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.XY-gcc44.patch +++ /dev/null @@ -1,30 +0,0 @@ ---- include/ldap_pvt_thread.h 2009-04-03 08:51:30.000000000 -0400 -+++ include/ldap_pvt_thread.h 2009-04-03 08:56:36.000000000 -0400 -@@ -57,12 +57,12 @@ - - #ifndef LDAP_PVT_THREAD_H_DONE - #define LDAP_PVT_THREAD_SET_STACK_SIZE --#ifndef LDAP_PVT_THREAD_STACK_SIZE -- /* LARGE stack. Will be twice as large on 64 bit machine. */ --#define LDAP_PVT_THREAD_STACK_SIZE ( 1 * 1024 * 1024 * sizeof(void *) ) - /* May be explicitly defined to zero to disable it */ --#elif LDAP_PVT_THREAD_STACK_SIZE == 0 -+#if defined( LDAP_PVT_THREAD_STACK_SIZE ) && LDAP_PVT_THREAD_STACK_SIZE == 0 - #undef LDAP_PVT_THREAD_SET_STACK_SIZE -+#elif !defined(LDAP_PVT_THREAD_STACK_SIZE) -+ /* LARGE stack. Will be twice as large on 64 bit machine. */ -+#define LDAP_PVT_THREAD_STACK_SIZE ( 1 * 1024 * 1024 * sizeof(void *) ) - #endif - #endif /* !LDAP_PVT_THREAD_H_DONE */ - ---- libraries/libldap/os-ip.c 2009-04-03 08:51:30.000000000 -0400 -+++ libraries/libldap/os-ip.c 2009-04-03 08:54:47.000000000 -0400 -@@ -652,7 +652,7 @@ - char *herr; - #ifdef NI_MAXHOST - char hbuf[NI_MAXHOST]; --#elif defined( MAXHOSTNAMELEN -+#elif defined( MAXHOSTNAMELEN ) - char hbuf[MAXHOSTNAMELEN]; - #else - char hbuf[256]; diff --git a/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.4.17-fix-lmpasswd-gnutls-symbols.patch b/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.4.17-fix-lmpasswd-gnutls-symbols.patch deleted file mode 100644 index e5117468f8..0000000000 --- a/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.4.17-fix-lmpasswd-gnutls-symbols.patch +++ /dev/null @@ -1,109 +0,0 @@ -If GnuTLS is used, the lmpasswd module for USE=samba does not compile. -Forward-port an old Debian patch that upstream never applied. - -Signed-off-by: Robin H. Johnson -Signed-off-by: Steffen Hau -X-Gentoo-Bug: http://bugs.gentoo.org/show_bug.cgi?id=233633 -X-Upstream-Bug: http://www.openldap.org/its/index.cgi/Software%20Enhancements?id=4997 -X-Debian-Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=245341 - ---- openldap-2.4.17.orig/libraries/liblutil/passwd.c 2009-07-27 18:59:19.635995474 -0700 -+++ openldap-2.4.17/libraries/liblutil/passwd.c 2009-07-27 19:01:13.588069010 -0700 -@@ -51,6 +51,26 @@ typedef unsigned char des_data_block[8]; - typedef PK11Context *des_context[1]; - #define DES_ENCRYPT CKA_ENCRYPT - -+#elif defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT) -+# include -+static int gcrypt_init = 0; -+ -+typedef const void* des_key; -+typedef unsigned char des_cblock[8]; -+typedef des_cblock des_data_block; -+typedef int des_key_schedule; /* unused */ -+typedef des_key_schedule des_context; /* unused */ -+#define des_failed(encrypted) 0 -+#define des_finish(key, schedule) -+ -+#define des_set_key_unchecked( key, key_sched ) \ -+ gcry_cipher_setkey( hd, key, 8 ) -+ -+#define des_ecb_encrypt( input, output, key_sched, enc ) \ -+ gcry_cipher_encrypt( hd, *output, 8, *input, 8 ) -+ -+#define des_set_odd_parity( key ) do {} while(0) -+ - #endif - - #endif /* SLAPD_LMHASH */ -@@ -651,7 +671,7 @@ static int chk_md5( - - #ifdef SLAPD_LMHASH - --#if defined(HAVE_OPENSSL) -+#if defined(HAVE_OPENSSL) || defined(HAVE_GNUTLS_GNUTLS_H) - - /* - * abstract away setting the parity. -@@ -841,6 +861,19 @@ static int chk_lanman( - des_data_block StdText = "KGS!@#$%"; - des_data_block PasswordHash1, PasswordHash2; - char PasswordHash[33], storedPasswordHash[33]; -+ -+#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT) -+ gcry_cipher_hd_t hd; -+ -+ if ( !gcrypt_init ) { -+ gcry_check_version( GCRYPT_VERSION ); -+ gcrypt_init = 1; -+ } -+ -+ schedule = schedule; /* unused - avoid warning */ -+ -+ gcry_cipher_open( &hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0 ); -+#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */ - - for( i=0; ibv_len; i++) { - if(cred->bv_val[i] == '\0') { -@@ -883,6 +916,10 @@ static int chk_lanman( - strncpy( storedPasswordHash, passwd->bv_val, 32 ); - storedPasswordHash[32] = '\0'; - ldap_pvt_str2lower( storedPasswordHash ); -+ -+#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT) -+ gcry_cipher_close( hd ); -+#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */ - - return memcmp( PasswordHash, storedPasswordHash, 32) ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; - } -@@ -1138,6 +1175,19 @@ static int hash_lanman( - des_data_block PasswordHash1, PasswordHash2; - char PasswordHash[33]; - -+#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT) -+ gcry_cipher_hd_t hd; -+ -+ if ( !gcrypt_init ) { -+ gcry_check_version( GCRYPT_VERSION ); -+ gcrypt_init = 1; -+ } -+ -+ schedule = schedule; /* unused - avoid warning */ -+ -+ gcry_cipher_open( &hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0 ); -+#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */ -+ - for( i=0; ibv_len; i++) { - if(passwd->bv_val[i] == '\0') { - return LUTIL_PASSWD_ERR; /* NUL character in password */ -@@ -1168,6 +1218,10 @@ static int hash_lanman( - - hash->bv_val = PasswordHash; - hash->bv_len = 32; -+ -+#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT) -+ gcry_cipher_close( hd ); -+#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */ - - return pw_string( scheme, hash ); - } diff --git a/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch b/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch index 0859d53cae..29688fcb14 100644 --- a/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch +++ b/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch @@ -19,7 +19,7 @@ X-Debian-Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=245341 + +typedef const void* des_key; +typedef unsigned char DES_cblock[8]; -+typedef des_cblock des_data_block; ++typedef DES_cblock des_data_block; +typedef int DES_key_schedule; /* unused */ +typedef DES_key_schedule des_context; /* unused */ +#define des_failed(encrypted) 0 diff --git a/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.4.47-libressl.patch b/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.4.47-libressl.patch new file mode 100644 index 0000000000..5e5b3e37bf --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.4.47-libressl.patch @@ -0,0 +1,58 @@ +diff --git a/libraries/libldap/tls_o.c b/libraries/libldap/tls_o.c +index b0277dfe9..8a3f47a74 100644 +--- a/libraries/libldap/tls_o.c ++++ b/libraries/libldap/tls_o.c +@@ -50,7 +50,7 @@ + #include + #endif + +-#if OPENSSL_VERSION_NUMBER >= 0x10100000 ++#if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER) + #define ASN1_STRING_data(x) ASN1_STRING_get0_data(x) + #endif + +@@ -200,7 +200,7 @@ tlso_init( void ) + (void) tlso_seed_PRNG( lo->ldo_tls_randfile ); + #endif + +-#if OPENSSL_VERSION_NUMBER < 0x10100000 ++#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER) + SSL_load_error_strings(); + SSL_library_init(); + OpenSSL_add_all_digests(); +@@ -252,7 +252,7 @@ static void + tlso_ctx_ref( tls_ctx *ctx ) + { + tlso_ctx *c = (tlso_ctx *)ctx; +-#if OPENSSL_VERSION_NUMBER < 0x10100000 ++#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER) + #define SSL_CTX_up_ref(ctx) CRYPTO_add( &(ctx->references), 1, CRYPTO_LOCK_SSL_CTX ) + #endif + SSL_CTX_up_ref( c ); +@@ -511,7 +511,7 @@ tlso_session_my_dn( tls_session *sess, struct berval *der_dn ) + if (!x) return LDAP_INVALID_CREDENTIALS; + + xn = X509_get_subject_name(x); +-#if OPENSSL_VERSION_NUMBER < 0x10100000 ++#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER) + der_dn->bv_len = i2d_X509_NAME( xn, NULL ); + der_dn->bv_val = xn->bytes->data; + #else +@@ -547,7 +547,7 @@ tlso_session_peer_dn( tls_session *sess, struct berval *der_dn ) + return LDAP_INVALID_CREDENTIALS; + + xn = X509_get_subject_name(x); +-#if OPENSSL_VERSION_NUMBER < 0x10100000 ++#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER) + der_dn->bv_len = i2d_X509_NAME( xn, NULL ); + der_dn->bv_val = xn->bytes->data; + #else +@@ -768,7 +768,7 @@ struct tls_data { + Sockbuf_IO_Desc *sbiod; + }; + +-#if OPENSSL_VERSION_NUMBER < 0x10100000 ++#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER) + #define BIO_set_init(b, x) b->init = x + #define BIO_set_data(b, x) b->ptr = x + #define BIO_clear_flags(b, x) b->flags &= ~(x) diff --git a/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.4.47-warnings.patch b/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.4.47-warnings.patch new file mode 100644 index 0000000000..d75bd0d3c5 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.4.47-warnings.patch @@ -0,0 +1,41 @@ +diff --git a/include/ldap.h b/include/ldap.h +index c245651c2..7f14f1051 100644 +--- a/include/ldap.h ++++ b/include/ldap.h +@@ -2041,6 +2041,10 @@ LDAP_F( int ) + ldap_is_ldapi_url LDAP_P(( + LDAP_CONST char *url )); + ++LDAP_F( int ) ++ldap_is_ldapc_url LDAP_P(( ++ LDAP_CONST char *url )); ++ + LDAP_F( int ) + ldap_url_parse LDAP_P(( + LDAP_CONST char *url, +diff --git a/include/ldap_int_thread.h b/include/ldap_int_thread.h +index e2dd8a942..bbc07c845 100644 +--- a/include/ldap_int_thread.h ++++ b/include/ldap_int_thread.h +@@ -33,7 +33,7 @@ LDAP_END_DECL + * definitions for POSIX Threads * + * * + **********************************/ +- ++#define __USE_UNIX98 + #include + #ifdef HAVE_SCHED_H + #include +diff --git a/libraries/libldap/tls2.c b/libraries/libldap/tls2.c +index d25c190ea..639f598e7 100644 +--- a/libraries/libldap/tls2.c ++++ b/libraries/libldap/tls2.c +@@ -76,6 +76,8 @@ static oid_name oids[] = { + + #ifdef HAVE_TLS + ++int ldap_pvt_tls_check_hostname( LDAP *ld, void *s, const char *name_in ); ++ + void + ldap_pvt_tls_ctx_free ( void *c ) + { diff --git a/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/slurpd-initd b/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/slurpd-initd deleted file mode 100644 index bb1b50dbb1..0000000000 --- a/sdk_container/src/third_party/portage-stable/net-nds/openldap/files/slurpd-initd +++ /dev/null @@ -1,21 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2004 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -depend() { - need net -} - -start() { - ebegin "Starting slurpd" - start-stop-daemon --start --quiet \ - --exec /usr/lib/openldap/slurpd - eend $? -} - -stop() { - ebegin "Stopping slurpd" - start-stop-daemon --stop --quiet \ - --exec /usr/lib/openldap/slurpd - eend $? -} diff --git a/sdk_container/src/third_party/portage-stable/net-nds/openldap/metadata.xml b/sdk_container/src/third_party/portage-stable/net-nds/openldap/metadata.xml index 4e5e2c4903..6cea2f2e32 100644 --- a/sdk_container/src/third_party/portage-stable/net-nds/openldap/metadata.xml +++ b/sdk_container/src/third_party/portage-stable/net-nds/openldap/metadata.xml @@ -1,19 +1,18 @@ - - ldap-bugs@gentoo.org - + + ldap-bugs@gentoo.org + Enable experimental backend options Enable support for kerberos init Enable ODBC and SQL backend options Enable contributed OpenLDAP overlays - Enable overlay for syncing ldap, unix and - lanman passwords - Build libraries & userspace tools only. Does not install any server code. + Enable overlay for syncing ldap, unix and lanman passwords + Build libraries & userspace tools only. Does not install any server code Enable support for pbkdf2 passwords - Enable support for pw-sha2 password hashes. + Enable support for pw-sha2 password hashes cpe:/a:openldap:openldap diff --git a/sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.3.43-r3.ebuild b/sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.3.43-r3.ebuild deleted file mode 100644 index 321b6b720f..0000000000 --- a/sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.3.43-r3.ebuild +++ /dev/null @@ -1,541 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="2" - -AT_M4DIR="./build" -inherit autotools db-use eutils flag-o-matic multilib ssl-cert toolchain-funcs versionator user - -DESCRIPTION="LDAP suite of application and development tools" -HOMEPAGE="http://www.OpenLDAP.org/" -SRC_URI="mirror://openldap/openldap-release/${P}.tgz" - -LICENSE="OPENLDAP GPL-2" -SLOT="0" -KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 s390 sh sparc ~sparc-fbsd x86 ~x86-fbsd" -IUSE="berkdb crypt debug gdbm ipv6 kerberos minimal odbc overlays perl samba sasl slp smbkrb5passwd ssl tcpd selinux" - -# note that the 'samba' USE flag pulling in OpenSSL is NOT an error. OpenLDAP -# uses OpenSSL for LanMan/NTLM hashing (which is used in some enviroments, like -# mine at work)! -# Robin H. Johnson March 8, 2004 - -RDEPEND="sys-libs/ncurses - tcpd? ( sys-apps/tcp-wrappers ) - ssl? ( dev-libs/openssl ) - sasl? ( dev-libs/cyrus-sasl ) - !minimal? ( - odbc? ( dev-db/unixODBC ) - slp? ( net-libs/openslp ) - perl? ( || ( >=dev-lang/perl-5.16 =sys-libs/db-4.2.52_p2-r1:4.2 - ) - ) - !berkdb? ( - gdbm? ( sys-libs/gdbm ) - !gdbm? ( - || ( sys-libs/db:4.5 - sys-libs/db:4.4 - sys-libs/db:4.3 - >=sys-libs/db-4.2.52_p2-r1:4.2 - ) - ) - ) - smbkrb5passwd? ( - dev-libs/openssl - app-crypt/heimdal - ) - ) - selinux? ( sec-policy/selinux-ldap )" -DEPEND="${RDEPEND}" - -# for tracking versions -OPENLDAP_VERSIONTAG=".version-tag" -OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data" - -openldap_upgrade_howto() { - eerror - eerror "A (possible old) installation of OpenLDAP was detected," - eerror "installation will not proceed for now." - eerror - eerror "As major version upgrades can corrupt your database," - eerror "you need to dump your database and re-create it afterwards." - eerror "" - d="$(date -u +%s)" - l="/root/ldapdump.${d}" - i="${l}.raw" - eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop" - eerror " 2. slapcat -l ${i}" - eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}" - eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/" - eerror " 5. emerge --update \=net-nds/${PF}" - eerror " 6. etc-update, and ensure that you apply the changes" - eerror " 7. slapadd -l ${l}" - eerror " 8. chown ldap:ldap /var/lib/openldap-data/*" - eerror " 9. /etc/init.d/slapd start" - eerror "10. check that your data is intact." - eerror "11. set up the new replication system." - eerror - if [ "${FORCE_UPGRADE}" != "1" ]; then - die "You need to upgrade your database first" - else - eerror "You have the magical FORCE_UPGRADE=1 in place." - eerror "Don't say you weren't warned about data loss." - fi -} - -openldap_find_versiontags() { - # scan for all datadirs - openldap_datadirs="" - if [ -f "${ROOT}"/etc/openldap/slapd.conf ]; then - openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${ROOT}/etc/openldap/slapd.conf)" - fi - openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}" - - einfo - einfo "Scanning datadir(s) from slapd.conf and" - einfo "the default installdir for Versiontags" - einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)" - einfo - - # scan datadirs if we have a version tag - openldap_found_tag=0 - for each in ${openldap_datadirs}; do - CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"` - CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG} - if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then - einfo "- Checking ${each}..." - if [ -r ${CURRENT_TAG} ] ; then - # yey, we have one :) - einfo " Found Versiontag in ${each}" - source ${CURRENT_TAG} - if [ "${OLDPF}" == "" ] ; then - eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}" - eerror "Please delete it" - eerror - die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}" - fi - - OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}` - - # are we on the same branch? - if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then - ewarn " Versiontag doesn't match current major release!" - if [[ `ls -a ${CURRENT_TAGDIR} | wc -l` -gt 5 ]] ; then - eerror " Versiontag says other major and you (probably) have datafiles!" - echo - openldap_upgrade_howto - else - einfo " No real problem, seems there's no database." - fi - else - einfo " Versiontag is fine here :)" - fi - else - einfo " Non-tagged dir ${each}" - if [[ `ls -a ${each} | wc -l` > 5 ]] ; then - einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files" - echo - - eerror - eerror "Your OpenLDAP Installation has a non tagged datadir that" - eerror "possibly contains a database at ${CURRENT_TAGDIR}" - eerror - eerror "Please export data if any entered and empty or remove" - eerror "the directory, installation has been stopped so you" - eerror "can take required action" - eerror - eerror "For a HOWTO on exporting the data, see instructions in the ebuild" - eerror - die "Please move the datadir ${CURRENT_TAGDIR} away" - fi - fi - einfo - fi - done - - echo - einfo - einfo "All datadirs are fine, proceeding with merge now..." - einfo - -} - -pkg_setup() { - if has_version "<=dev-lang/perl-5.8.8_rc1" && built_with_use dev-lang/perl minimal ; then - die "You must have a complete (USE='-minimal') Perl install to use the perl backend!" - fi - - if use samba && ! use ssl ; then - eerror "LAN manager passwords need ssl flag set" - die "Please set ssl useflag" - fi - - if use minimal && has_version 'net-nds/openldap[minimal]' ; then - einfo - einfo "Skipping scan for previous datadirs as requested by minimal useflag" - einfo - else - openldap_find_versiontags - fi - - # The user/group are only used for running daemons which are - # disabled in minimal builds, so elide the accounts too. - if ! use minimal ; then - enewgroup ldap 439 - enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap - fi -} - -src_prepare() { - # According to MDK, the link order needs to be changed so that - # on systems w/ MD5 passwords the system crypt library is used - # (the net result is that "passwd" can be used to change ldap passwords w/ - # proper pam support) - sed -i -e 's/$(SECURITY_LIBS) $(LDIF_LIBS) $(LUTIL_LIBS)/$(LUTIL_LIBS) $(SECURITY_LIBS) $(LDIF_LIBS)/' \ - "${S}"/servers/slapd/Makefile.in - - # supersedes old fix for bug #31202 - EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch - - # ensure correct SLAPI path by default - sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "/var/run/openldap/slapd.sock",' \ - "${S}"/include/ldap_defaults.h - - EPATCH_OPTS="-p0 -d ${S}" - - # ximian connector 1.4.7 ntlm patch - epatch "${FILESDIR}"/${PN}-2.2.6-ntlm.patch - - # bug #132263 - epatch "${FILESDIR}"/${PN}-2.3.21-ppolicy.patch - - # bug #189817 - epatch "${FILESDIR}"/${PN}-2.3.37-libldap_r.patch - - # fix up stuff for newer autoconf that simulates autoconf-2.13, but doesn't - # do it perfectly. - cd "${S}"/build - ln -s shtool install - ln -s shtool install.sh - einfo "Making sure upstream build strip does not do stripping too early" - sed -i.orig \ - -e '/^STRIP/s,-s,,g' \ - top.mk || die "Failed to block stripping" - - # bug #116045 - # patch contrib modules - if ! use minimal ; then - cd "${S}"/contrib - epatch "${FILESDIR}"/${PN}-2.3.24-contrib-smbk5pwd.patch - fi - # Fix gcc-4.4 compat, bug 264761 - epatch "${FILESDIR}/openldap-2.3.XY-gcc44.patch" -} - -src_configure() { - local myconf - - #Fix for glibc-2.8 and ucred. Bug 228457. - append-flags -D_GNU_SOURCE - - # HDB is only available with BerkDB - myconf_berkdb='--enable-bdb --enable-ldbm-api=berkeley --enable-hdb=mod' - myconf_gdbm='--disable-bdb --enable-ldbm-api=gdbm --disable-hdb' - - use debug && myconf="${myconf} --enable-debug" # there is no disable-debug - - # enable slapd/slurpd servers if not doing a minimal build - if ! use minimal ; then - myconf="${myconf} --enable-slapd --enable-slurpd" - # base backend stuff - myconf="${myconf} --enable-ldbm" - if use berkdb ; then - einfo "Using Berkeley DB for local backend" - myconf="${myconf} ${myconf_berkdb}" - # We need to include the slotted db.h dir for FreeBSD - append-cppflags -I$(db_includedir 4.5 4.4 4.3 4.2 ) - elif use gdbm ; then - einfo "Using GDBM for local backend" - myconf="${myconf} ${myconf_gdbm}" - else - ewarn "Neither gdbm or berkdb USE flags present, falling back to" - ewarn "Berkeley DB for local backend" - myconf="${myconf} ${myconf_berkdb}" - # We need to include the slotted db.h dir for FreeBSD - append-cppflags -I$(db_includedir 4.5 4.4 4.3 4.2 ) - fi - # extra backend stuff - myconf="${myconf} --enable-passwd=mod --enable-phonetic=mod" - myconf="${myconf} --enable-dnssrv=mod --enable-ldap" - myconf="${myconf} --enable-meta=mod --enable-monitor=mod" - myconf="${myconf} --enable-null=mod --enable-shell=mod" - myconf="${myconf} --enable-relay=mod" - myconf="${myconf} $(use_enable perl perl mod)" - myconf="${myconf} $(use_enable odbc sql mod)" - # slapd options - myconf="${myconf} $(use_enable crypt) $(use_enable slp)" - myconf="${myconf} --enable-rewrite --enable-rlookups" - myconf="${myconf} --enable-aci --enable-modules" - myconf="${myconf} --enable-cleartext --enable-slapi" - myconf="${myconf} $(use_enable samba lmpasswd)" - # slapd overlay options - myconf="${myconf} --enable-dyngroup --enable-proxycache" - use overlays && myconf="${myconf} --enable-overlays=mod" - myconf="${myconf} --enable-syncprov" - else - myconf="${myconf} --disable-slapd --disable-slurpd" - myconf="${myconf} --disable-bdb --disable-ldbm" - myconf="${myconf} --disable-hdb --disable-monitor" - myconf="${myconf} --disable-slurpd --disable-overlays" - myconf="${myconf} --disable-relay" - fi - - # basic functionality stuff - myconf="${myconf} --enable-syslog --enable-dynamic" - myconf="${myconf} --enable-local --enable-proctitle" - - myconf="${myconf} $(use_enable ipv6)" - myconf="${myconf} $(use_with sasl cyrus-sasl) $(use_enable sasl spasswd)" - myconf="${myconf} $(use_enable tcpd wrappers) $(use_with ssl tls)" - - if [ $(get_libdir) != "lib" ] ; then - append-ldflags -L/usr/$(get_libdir) - fi - - STRIP=/bin/true \ - econf \ - --enable-static \ - --enable-shared \ - --libexecdir=/usr/$(get_libdir)/openldap \ - ${myconf} || die "configure failed" -} - -src_compile() { - emake depend || die "make depend failed" - emake || die "make failed" - - # openldap/contrib - tc-export CC - if ! use minimal ; then - # dsaschema - einfo "Building contributed dsaschema" - cd "${S}"/contrib/slapd-modules/dsaschema - ${CC} -shared -I../../../include ${CFLAGS} -fPIC \ - -Wall -o libdsaschema-plugin.so dsaschema.c || \ - die "failed to compile dsaschema module" - # kerberos passwd - if use kerberos ; then - einfo "Building contributed pw-kerberos" - cd "${S}"/contrib/slapd-modules/passwd/ && \ - ${CC} -shared -I../../../include ${CFLAGS} -fPIC \ - $(krb5-config --cflags) \ - -DHAVE_KRB5 -o pw-kerberos.so kerberos.c || \ - die "failed to compile kerberos password module" - fi - # netscape mta-md5 password - einfo "Building contributed pw-netscape" - cd "${S}"/contrib/slapd-modules/passwd/ && \ - ${CC} -shared -I../../../include ${CFLAGS} -fPIC \ - -o pw-netscape.so netscape.c || \ - die "failed to compile netscape password module" - # smbk5pwd overlay - # Note: this modules builds, but may not work with - # Gentoo's MIT-Kerberos. It was designed for Heimdal - # Kerberos. - if use smbkrb5passwd ; then - einfo "Building contributed smbk5pwd" - local mydef - local mykrb5inc - mydef="-DDO_SAMBA -DDO_KRB5" - mykrb5inc="$(krb5-config --cflags)" - cd "${S}"/contrib/slapd-modules/smbk5pwd && \ - libexecdir="/usr/$(get_libdir)/openldap" \ - DEFS="${mydef}" KRB5_INC="${mykrb5inc}" emake || \ - die "failed to compile smbk5pwd module" - fi - # addrdnvalues - einfo "Building contributed addrdnvalues" - cd "${S}"/contrib/slapi-plugins/addrdnvalues/ && \ - ${CC} -shared -I../../../include ${CFLAGS} -fPIC \ - -o libaddrdnvalues-plugin.so addrdnvalues.c || \ - die "failed to compile addrdnvalues plugin" - fi -} - -src_test() { - einfo "Doing tests" - cd tests ; make tests || die "make tests failed" -} - -src_install() { - emake DESTDIR="${D}" install || die "make install failed" - - dodoc ANNOUNCEMENT CHANGES COPYRIGHT README "${FILESDIR}"/DB_CONFIG.fast.example - docinto rfc ; dodoc doc/rfc/*.txt - - # openldap modules go here - # TODO: write some code to populate slapd.conf with moduleload statements - keepdir /usr/$(get_libdir)/openldap/openldap/ - - # make state directories - local dirlist="data" - if ! use minimal; then - dirlist="${dirlist} slurp ldbm" - fi - for x in ${dirlist}; do - keepdir /var/lib/openldap-${x} - fowners ldap:ldap /var/lib/openldap-${x} - fperms 0700 /var/lib/openldap-${x} - done - - echo "OLDPF='${PF}'" > "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" - echo "# do NOT delete this. it is used" >> "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" - echo "# to track versions for upgrading." >> "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" - - # manually remove /var/tmp references in .la - # because it is packaged with an ancient libtool - #for x in "${D}"/usr/$(get_libdir)/lib*.la; do - # sed -i -e "s:-L${S}[/]*libraries::" ${x} - #done - - # change slapd.pid location in configuration file - keepdir /var/run/openldap - fowners ldap:ldap /var/run/openldap - fperms 0755 /var/run/openldap - - if ! use minimal; then - # use our config - rm "${D}"etc/openldap/slapd.con* - insinto /etc/openldap - newins "${FILESDIR}"/${PN}-2.3.34-slapd-conf slapd.conf - configfile="${D}"etc/openldap/slapd.conf - - # populate with built backends - ebegin "populate config with built backends" - for x in "${D}"usr/$(get_libdir)/openldap/openldap/back_*.so; do - elog "Adding $(basename ${x})" - sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}" - done - sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}" - fowners root:ldap /etc/openldap/slapd.conf - fperms 0640 /etc/openldap/slapd.conf - cp "${configfile}" "${configfile}".default - eend - - # install our own init scripts - newinitd "${FILESDIR}"/slapd-initd slapd - newinitd "${FILESDIR}"/slurpd-initd slurpd - newconfd "${FILESDIR}"/slapd-confd slapd - - if [ $(get_libdir) != lib ]; then - sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i "${D}"etc/init.d/{slapd,slurpd} - fi - - # install contributed modules - docinto / - if [ -e "${S}"/contrib/slapd-modules/dsaschema/libdsaschema-plugin.so ]; - then - cd "${S}"/contrib/slapd-modules/dsaschema/ - newdoc README README.contrib.dsaschema - exeinto /usr/$(get_libdir)/openldap/openldap - doexe libdsaschema-plugin.so || \ - die "failed to install dsaschema module" - fi - if [ -e "${S}"/contrib/slapd-modules/passwd/pw-kerberos.so ]; then - cd "${S}"/contrib/slapd-modules/passwd/ - newdoc README README.contrib.passwd - exeinto /usr/$(get_libdir)/openldap/openldap - doexe pw-kerberos.so || \ - die "failed to install kerberos passwd module" - fi - if [ -e "${S}"/contrib/slapd-modules/passwd/pw-netscape.so ]; then - cd "${S}"/contrib/slapd-modules/passwd/ - newdoc README README.contrib.passwd - exeinto /usr/$(get_libdir)/openldap/openldap - doexe "${S}"/contrib/slapd-modules/passwd/pw-netscape.so || \ - die "failed to install Netscape MTA-MD5 passwd module" - fi - if [ -e "${S}"/contrib/slapd-modules/smbk5pwd/.libs/smbk5pwd.so ]; then - cd "${S}"/contrib/slapd-modules/smbk5pwd - newdoc README README.contrib.smbk5pwd - libexecdir="/usr/$(get_libdir)/openldap" \ - emake DESTDIR="${D}" install-mod || \ - die "failed to install smbk5pwd overlay module" - fi - if [ -e "${S}"/contrib/slapd-tools/statslog ]; then - cd "${S}"/contrib/slapd-tools - exeinto /usr/bin - newexe statslog ldapstatslog || \ - die "failed to install ldapstatslog script" - fi - if [ -e "${S}"/contrib/slapi-plugins/addrdnvalues/libaddrdnvalues-plugin.so ]; - then - cd "${S}"/contrib/slapi-plugins/addrdnvalues - newdoc README README.contrib.addrdnvalues - exeinto /usr/$(get_libdir)/openldap/openldap - doexe libaddrdnvalues-plugin.so || \ - die "failed to install addrdnvalues plugin" - fi - fi -} - -pkg_preinst() { - # keep old libs if any - LIBSUFFIXES=".so.2.0.130 -2.2.so.7" - for LIBSUFFIX in ${LIBSUFFIXES} ; do - for each in libldap libldap_r liblber ; do - preserve_old_lib "usr/$(get_libdir)/${each}${LIBSUFFIX}" - done - done -} - -pkg_postinst() { - if ! use minimal ; then - # You cannot build SSL certificates during src_install that will make - # binary packages containing your SSL key, which is both a security risk - # and a misconfiguration if multiple machines use the same key and cert. - # Additionally, it overwrites - if use ssl; then - install_cert /etc/openldap/ssl/ldap - chown ldap:ldap "${ROOT}"etc/openldap/ssl/ldap.* - ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]" - ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]" - ewarn "add 'TLS_REQCERT never' if you want to use them." - fi - # These lines force the permissions of various content to be correct - chown ldap:ldap "${ROOT}"var/run/openldap - chmod 0755 "${ROOT}"var/run/openldap - chown root:ldap "${ROOT}"etc/openldap/slapd.conf{,.default} - chmod 0640 "${ROOT}"etc/openldap/slapd.conf{,.default} - chown ldap:ldap "${ROOT}"var/lib/openldap-{data,ldbm,slurp} - fi - - # Reference inclusion bug #77330 - echo - elog - elog "Getting started using OpenLDAP? There is some documentation available:" - elog "Gentoo Guide to OpenLDAP Authentication" - elog "(https://www.gentoo.org/doc/en/ldap-howto.xml)" - elog - - # note to bug #110412 - echo - elog - elog "An example file for tuning BDB backends with openldap is" - elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/" - elog - - LIBSUFFIXES=".so.2.0.130 -2.2.so.7" - for LIBSUFFIX in ${LIBSUFFIXES} ; do - for each in liblber libldap libldap_r ; do - preserve_old_lib_notify "usr/$(get_libdir)/${each}${LIBSUFFIX}" - done - done -} diff --git a/sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.3.43-r4.ebuild b/sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.3.43-r4.ebuild deleted file mode 100644 index 663b6aa5e3..0000000000 --- a/sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.3.43-r4.ebuild +++ /dev/null @@ -1,547 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="2" - -AT_M4DIR="./build" -inherit autotools db-use eutils flag-o-matic multilib ssl-cert toolchain-funcs versionator user - -DESCRIPTION="LDAP suite of application and development tools" -HOMEPAGE="http://www.OpenLDAP.org/" -SRC_URI="mirror://openldap/openldap-release/${P}.tgz" - -LICENSE="OPENLDAP GPL-2" -SLOT="0" -KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 s390 ~sh sparc x86 ~sparc-fbsd ~x86-fbsd" -IUSE="berkdb crypt debug gdbm ipv6 kerberos minimal odbc overlays perl samba sasl slp smbkrb5passwd ssl tcpd selinux" - -# note that the 'samba' USE flag pulling in OpenSSL is NOT an error. OpenLDAP -# uses OpenSSL for LanMan/NTLM hashing (which is used in some enviroments, like -# mine at work)! -# Robin H. Johnson March 8, 2004 - -RDEPEND="sys-libs/ncurses - tcpd? ( sys-apps/tcp-wrappers ) - ssl? ( dev-libs/openssl ) - sasl? ( dev-libs/cyrus-sasl ) - !minimal? ( - odbc? ( dev-db/unixODBC ) - slp? ( net-libs/openslp ) - perl? ( || ( >=dev-lang/perl-5.16 =sys-libs/db-4.2.52_p2-r1:4.2 - ) - ) - !berkdb? ( - gdbm? ( sys-libs/gdbm ) - !gdbm? ( - || ( sys-libs/db:4.5 - sys-libs/db:4.4 - sys-libs/db:4.3 - >=sys-libs/db-4.2.52_p2-r1:4.2 - ) - ) - ) - smbkrb5passwd? ( - dev-libs/openssl - app-crypt/heimdal - ) - ) - selinux? ( sec-policy/selinux-ldap )" -DEPEND="${RDEPEND}" - -# for tracking versions -OPENLDAP_VERSIONTAG=".version-tag" -OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data" - -openldap_upgrade_howto() { - eerror - eerror "A (possible old) installation of OpenLDAP was detected," - eerror "installation will not proceed for now." - eerror - eerror "As major version upgrades can corrupt your database," - eerror "you need to dump your database and re-create it afterwards." - eerror "" - d="$(date -u +%s)" - l="/root/ldapdump.${d}" - i="${l}.raw" - eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop" - eerror " 2. slapcat -l ${i}" - eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}" - eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/" - eerror " 5. emerge --update \=net-nds/${PF}" - eerror " 6. etc-update, and ensure that you apply the changes" - eerror " 7. slapadd -l ${l}" - eerror " 8. chown ldap:ldap /var/lib/openldap-data/*" - eerror " 9. /etc/init.d/slapd start" - eerror "10. check that your data is intact." - eerror "11. set up the new replication system." - eerror - if [ "${FORCE_UPGRADE}" != "1" ]; then - die "You need to upgrade your database first" - else - eerror "You have the magical FORCE_UPGRADE=1 in place." - eerror "Don't say you weren't warned about data loss." - fi -} - -openldap_find_versiontags() { - # scan for all datadirs - openldap_datadirs="" - if [ -f "${ROOT}"/etc/openldap/slapd.conf ]; then - openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${ROOT}/etc/openldap/slapd.conf)" - fi - openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}" - - einfo - einfo "Scanning datadir(s) from slapd.conf and" - einfo "the default installdir for Versiontags" - einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)" - einfo - - # scan datadirs if we have a version tag - openldap_found_tag=0 - for each in ${openldap_datadirs}; do - CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"` - CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG} - if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then - einfo "- Checking ${each}..." - if [ -r ${CURRENT_TAG} ] ; then - # yey, we have one :) - einfo " Found Versiontag in ${each}" - source ${CURRENT_TAG} - if [ "${OLDPF}" == "" ] ; then - eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}" - eerror "Please delete it" - eerror - die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}" - fi - - OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}` - - # are we on the same branch? - if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then - ewarn " Versiontag doesn't match current major release!" - if [[ `ls -a ${CURRENT_TAGDIR} | wc -l` -gt 5 ]] ; then - eerror " Versiontag says other major and you (probably) have datafiles!" - echo - openldap_upgrade_howto - else - einfo " No real problem, seems there's no database." - fi - else - einfo " Versiontag is fine here :)" - fi - else - einfo " Non-tagged dir ${each}" - if [[ `ls -a ${each} | wc -l` > 5 ]] ; then - einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files" - echo - - eerror - eerror "Your OpenLDAP Installation has a non tagged datadir that" - eerror "possibly contains a database at ${CURRENT_TAGDIR}" - eerror - eerror "Please export data if any entered and empty or remove" - eerror "the directory, installation has been stopped so you" - eerror "can take required action" - eerror - eerror "For a HOWTO on exporting the data, see instructions in the ebuild" - eerror - die "Please move the datadir ${CURRENT_TAGDIR} away" - fi - fi - einfo - fi - done - - echo - einfo - einfo "All datadirs are fine, proceeding with merge now..." - einfo - -} - -pkg_setup() { - if has_version "<=dev-lang/perl-5.8.8_rc1" && built_with_use dev-lang/perl minimal ; then - die "You must have a complete (USE='-minimal') Perl install to use the perl backend!" - fi - - if use samba && ! use ssl ; then - eerror "LAN manager passwords need ssl flag set" - die "Please set ssl useflag" - fi - - if use minimal && has_version 'net-nds/openldap[minimal]' ; then - einfo - einfo "Skipping scan for previous datadirs as requested by minimal useflag" - einfo - else - openldap_find_versiontags - fi - - # The user/group are only used for running daemons which are - # disabled in minimal builds, so elide the accounts too. - if ! use minimal ; then - enewgroup ldap 439 - enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap - fi -} - -src_prepare() { - # According to MDK, the link order needs to be changed so that - # on systems w/ MD5 passwords the system crypt library is used - # (the net result is that "passwd" can be used to change ldap passwords w/ - # proper pam support) - sed -i -e 's/$(SECURITY_LIBS) $(LDIF_LIBS) $(LUTIL_LIBS)/$(LUTIL_LIBS) $(SECURITY_LIBS) $(LDIF_LIBS)/' \ - "${S}"/servers/slapd/Makefile.in - - # supersedes old fix for bug #31202 - EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch - - # ensure correct SLAPI path by default - sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "/var/run/openldap/slapd.sock",' \ - "${S}"/include/ldap_defaults.h - - EPATCH_OPTS="-p0 -d ${S}" - - # ximian connector 1.4.7 ntlm patch - epatch "${FILESDIR}"/${PN}-2.2.6-ntlm.patch - - # bug #132263 - epatch "${FILESDIR}"/${PN}-2.3.21-ppolicy.patch - - # bug #189817 - epatch "${FILESDIR}"/${PN}-2.3.37-libldap_r.patch - - # fix up stuff for newer autoconf that simulates autoconf-2.13, but doesn't - # do it perfectly. - cd "${S}"/build - ln -s shtool install - ln -s shtool install.sh - einfo "Making sure upstream build strip does not do stripping too early" - sed -i.orig \ - -e '/^STRIP/s,-s,,g' \ - top.mk || die "Failed to block stripping" - - # bug #116045 - # patch contrib modules - if ! use minimal ; then - cd "${S}"/contrib - epatch "${FILESDIR}"/${PN}-2.3.24-contrib-smbk5pwd.patch - fi - # Fix gcc-4.4 compat, bug 264761 - epatch "${FILESDIR}/openldap-2.3.XY-gcc44.patch" - - # Backport random-hang fix from 2.4 - # http://www.openldap.org/lists/openldap-technical/201208/msg00120.html - EPATCH_OPTS="" - cd "${S}" - epatch "${FILESDIR}/openldap-2.3.43-fix-hang.patch" -} - -src_configure() { - local myconf - - #Fix for glibc-2.8 and ucred. Bug 228457. - append-flags -D_GNU_SOURCE - - # HDB is only available with BerkDB - myconf_berkdb='--enable-bdb --enable-ldbm-api=berkeley --enable-hdb=mod' - myconf_gdbm='--disable-bdb --enable-ldbm-api=gdbm --disable-hdb' - - use debug && myconf="${myconf} --enable-debug" # there is no disable-debug - - # enable slapd/slurpd servers if not doing a minimal build - if ! use minimal ; then - myconf="${myconf} --enable-slapd --enable-slurpd" - # base backend stuff - myconf="${myconf} --enable-ldbm" - if use berkdb ; then - einfo "Using Berkeley DB for local backend" - myconf="${myconf} ${myconf_berkdb}" - # We need to include the slotted db.h dir for FreeBSD - append-cppflags -I$(db_includedir 4.5 4.4 4.3 4.2 ) - elif use gdbm ; then - einfo "Using GDBM for local backend" - myconf="${myconf} ${myconf_gdbm}" - else - ewarn "Neither gdbm or berkdb USE flags present, falling back to" - ewarn "Berkeley DB for local backend" - myconf="${myconf} ${myconf_berkdb}" - # We need to include the slotted db.h dir for FreeBSD - append-cppflags -I$(db_includedir 4.5 4.4 4.3 4.2 ) - fi - # extra backend stuff - myconf="${myconf} --enable-passwd=mod --enable-phonetic=mod" - myconf="${myconf} --enable-dnssrv=mod --enable-ldap" - myconf="${myconf} --enable-meta=mod --enable-monitor=mod" - myconf="${myconf} --enable-null=mod --enable-shell=mod" - myconf="${myconf} --enable-relay=mod" - myconf="${myconf} $(use_enable perl perl mod)" - myconf="${myconf} $(use_enable odbc sql mod)" - # slapd options - myconf="${myconf} $(use_enable crypt) $(use_enable slp)" - myconf="${myconf} --enable-rewrite --enable-rlookups" - myconf="${myconf} --enable-aci --enable-modules" - myconf="${myconf} --enable-cleartext --enable-slapi" - myconf="${myconf} $(use_enable samba lmpasswd)" - # slapd overlay options - myconf="${myconf} --enable-dyngroup --enable-proxycache" - use overlays && myconf="${myconf} --enable-overlays=mod" - myconf="${myconf} --enable-syncprov" - else - myconf="${myconf} --disable-slapd --disable-slurpd" - myconf="${myconf} --disable-bdb --disable-ldbm" - myconf="${myconf} --disable-hdb --disable-monitor" - myconf="${myconf} --disable-slurpd --disable-overlays" - myconf="${myconf} --disable-relay" - fi - - # basic functionality stuff - myconf="${myconf} --enable-syslog --enable-dynamic" - myconf="${myconf} --enable-local --enable-proctitle" - - myconf="${myconf} $(use_enable ipv6)" - myconf="${myconf} $(use_with sasl cyrus-sasl) $(use_enable sasl spasswd)" - myconf="${myconf} $(use_enable tcpd wrappers) $(use_with ssl tls)" - - if [ $(get_libdir) != "lib" ] ; then - append-ldflags -L/usr/$(get_libdir) - fi - - STRIP=/bin/true \ - econf \ - --enable-static \ - --enable-shared \ - --libexecdir=/usr/$(get_libdir)/openldap \ - ${myconf} || die "configure failed" -} - -src_compile() { - emake depend || die "make depend failed" - emake || die "make failed" - - # openldap/contrib - tc-export CC - if ! use minimal ; then - # dsaschema - einfo "Building contributed dsaschema" - cd "${S}"/contrib/slapd-modules/dsaschema - ${CC} -shared -I../../../include ${CFLAGS} -fPIC \ - -Wall -o libdsaschema-plugin.so dsaschema.c || \ - die "failed to compile dsaschema module" - # kerberos passwd - if use kerberos ; then - einfo "Building contributed pw-kerberos" - cd "${S}"/contrib/slapd-modules/passwd/ && \ - ${CC} -shared -I../../../include ${CFLAGS} -fPIC \ - $(krb5-config --cflags) \ - -DHAVE_KRB5 -o pw-kerberos.so kerberos.c || \ - die "failed to compile kerberos password module" - fi - # netscape mta-md5 password - einfo "Building contributed pw-netscape" - cd "${S}"/contrib/slapd-modules/passwd/ && \ - ${CC} -shared -I../../../include ${CFLAGS} -fPIC \ - -o pw-netscape.so netscape.c || \ - die "failed to compile netscape password module" - # smbk5pwd overlay - # Note: this modules builds, but may not work with - # Gentoo's MIT-Kerberos. It was designed for Heimdal - # Kerberos. - if use smbkrb5passwd ; then - einfo "Building contributed smbk5pwd" - local mydef - local mykrb5inc - mydef="-DDO_SAMBA -DDO_KRB5" - mykrb5inc="$(krb5-config --cflags)" - cd "${S}"/contrib/slapd-modules/smbk5pwd && \ - libexecdir="/usr/$(get_libdir)/openldap" \ - DEFS="${mydef}" KRB5_INC="${mykrb5inc}" emake || \ - die "failed to compile smbk5pwd module" - fi - # addrdnvalues - einfo "Building contributed addrdnvalues" - cd "${S}"/contrib/slapi-plugins/addrdnvalues/ && \ - ${CC} -shared -I../../../include ${CFLAGS} -fPIC \ - -o libaddrdnvalues-plugin.so addrdnvalues.c || \ - die "failed to compile addrdnvalues plugin" - fi -} - -src_test() { - einfo "Doing tests" - cd tests ; make tests || die "make tests failed" -} - -src_install() { - emake DESTDIR="${D}" install || die "make install failed" - - dodoc ANNOUNCEMENT CHANGES COPYRIGHT README "${FILESDIR}"/DB_CONFIG.fast.example - docinto rfc ; dodoc doc/rfc/*.txt - - # openldap modules go here - # TODO: write some code to populate slapd.conf with moduleload statements - keepdir /usr/$(get_libdir)/openldap/openldap/ - - # make state directories - local dirlist="data" - if ! use minimal; then - dirlist="${dirlist} slurp ldbm" - fi - for x in ${dirlist}; do - keepdir /var/lib/openldap-${x} - fowners ldap:ldap /var/lib/openldap-${x} - fperms 0700 /var/lib/openldap-${x} - done - - echo "OLDPF='${PF}'" > "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" - echo "# do NOT delete this. it is used" >> "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" - echo "# to track versions for upgrading." >> "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" - - # manually remove /var/tmp references in .la - # because it is packaged with an ancient libtool - #for x in "${D}"/usr/$(get_libdir)/lib*.la; do - # sed -i -e "s:-L${S}[/]*libraries::" ${x} - #done - - # change slapd.pid location in configuration file - keepdir /var/run/openldap - fowners ldap:ldap /var/run/openldap - fperms 0755 /var/run/openldap - - if ! use minimal; then - # use our config - rm "${D}"etc/openldap/slapd.con* - insinto /etc/openldap - newins "${FILESDIR}"/${PN}-2.3.34-slapd-conf slapd.conf - configfile="${D}"etc/openldap/slapd.conf - - # populate with built backends - ebegin "populate config with built backends" - for x in "${D}"usr/$(get_libdir)/openldap/openldap/back_*.so; do - elog "Adding $(basename ${x})" - sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}" - done - sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}" - fowners root:ldap /etc/openldap/slapd.conf - fperms 0640 /etc/openldap/slapd.conf - cp "${configfile}" "${configfile}".default - eend - - # install our own init scripts - newinitd "${FILESDIR}"/slapd-initd slapd - newinitd "${FILESDIR}"/slurpd-initd slurpd - newconfd "${FILESDIR}"/slapd-confd slapd - - if [ $(get_libdir) != lib ]; then - sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i "${D}"etc/init.d/{slapd,slurpd} - fi - - # install contributed modules - docinto / - if [ -e "${S}"/contrib/slapd-modules/dsaschema/libdsaschema-plugin.so ]; - then - cd "${S}"/contrib/slapd-modules/dsaschema/ - newdoc README README.contrib.dsaschema - exeinto /usr/$(get_libdir)/openldap/openldap - doexe libdsaschema-plugin.so || \ - die "failed to install dsaschema module" - fi - if [ -e "${S}"/contrib/slapd-modules/passwd/pw-kerberos.so ]; then - cd "${S}"/contrib/slapd-modules/passwd/ - newdoc README README.contrib.passwd - exeinto /usr/$(get_libdir)/openldap/openldap - doexe pw-kerberos.so || \ - die "failed to install kerberos passwd module" - fi - if [ -e "${S}"/contrib/slapd-modules/passwd/pw-netscape.so ]; then - cd "${S}"/contrib/slapd-modules/passwd/ - newdoc README README.contrib.passwd - exeinto /usr/$(get_libdir)/openldap/openldap - doexe "${S}"/contrib/slapd-modules/passwd/pw-netscape.so || \ - die "failed to install Netscape MTA-MD5 passwd module" - fi - if [ -e "${S}"/contrib/slapd-modules/smbk5pwd/.libs/smbk5pwd.so ]; then - cd "${S}"/contrib/slapd-modules/smbk5pwd - newdoc README README.contrib.smbk5pwd - libexecdir="/usr/$(get_libdir)/openldap" \ - emake DESTDIR="${D}" install-mod || \ - die "failed to install smbk5pwd overlay module" - fi - if [ -e "${S}"/contrib/slapd-tools/statslog ]; then - cd "${S}"/contrib/slapd-tools - exeinto /usr/bin - newexe statslog ldapstatslog || \ - die "failed to install ldapstatslog script" - fi - if [ -e "${S}"/contrib/slapi-plugins/addrdnvalues/libaddrdnvalues-plugin.so ]; - then - cd "${S}"/contrib/slapi-plugins/addrdnvalues - newdoc README README.contrib.addrdnvalues - exeinto /usr/$(get_libdir)/openldap/openldap - doexe libaddrdnvalues-plugin.so || \ - die "failed to install addrdnvalues plugin" - fi - fi -} - -pkg_preinst() { - # keep old libs if any - LIBSUFFIXES=".so.2.0.130 -2.2.so.7" - for LIBSUFFIX in ${LIBSUFFIXES} ; do - for each in libldap libldap_r liblber ; do - preserve_old_lib "usr/$(get_libdir)/${each}${LIBSUFFIX}" - done - done -} - -pkg_postinst() { - if ! use minimal ; then - # You cannot build SSL certificates during src_install that will make - # binary packages containing your SSL key, which is both a security risk - # and a misconfiguration if multiple machines use the same key and cert. - # Additionally, it overwrites - if use ssl; then - install_cert /etc/openldap/ssl/ldap - chown ldap:ldap "${ROOT}"etc/openldap/ssl/ldap.* - ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]" - ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]" - ewarn "add 'TLS_REQCERT never' if you want to use them." - fi - # These lines force the permissions of various content to be correct - chown ldap:ldap "${ROOT}"var/run/openldap - chmod 0755 "${ROOT}"var/run/openldap - chown root:ldap "${ROOT}"etc/openldap/slapd.conf{,.default} - chmod 0640 "${ROOT}"etc/openldap/slapd.conf{,.default} - chown ldap:ldap "${ROOT}"var/lib/openldap-{data,ldbm,slurp} - fi - - # Reference inclusion bug #77330 - echo - elog - elog "Getting started using OpenLDAP? There is some documentation available:" - elog "Gentoo Guide to OpenLDAP Authentication" - elog "(https://www.gentoo.org/doc/en/ldap-howto.xml)" - elog - - # note to bug #110412 - echo - elog - elog "An example file for tuning BDB backends with openldap is" - elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/" - elog - - LIBSUFFIXES=".so.2.0.130 -2.2.so.7" - for LIBSUFFIX in ${LIBSUFFIXES} ; do - for each in liblber libldap libldap_r ; do - preserve_old_lib_notify "usr/$(get_libdir)/${each}${LIBSUFFIX}" - done - done -} diff --git a/sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.4.44-r1.ebuild b/sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.4.44-r1.ebuild deleted file mode 100644 index 23c66c3db5..0000000000 --- a/sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.4.44-r1.ebuild +++ /dev/null @@ -1,853 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="5" - -inherit db-use eutils flag-o-matic multilib multilib-minimal ssl-cert versionator toolchain-funcs autotools user systemd - -BIS_PN=rfc2307bis.schema -BIS_PV=20140524 -BIS_P="${BIS_PN}-${BIS_PV}" - -DESCRIPTION="LDAP suite of application and development tools" -HOMEPAGE="http://www.OpenLDAP.org/" - -# mirrors are mostly not working, using canonical URI -SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz - mirror://gentoo/${BIS_P}" - -LICENSE="OPENLDAP GPL-2" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~x86-solaris" - -IUSE_DAEMON="crypt samba slp tcpd experimental minimal" -IUSE_BACKEND="+berkdb" -IUSE_OVERLAY="overlays perl" -IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 libressl +syslog selinux static-libs" -IUSE_CONTRIB="smbkrb5passwd kerberos kinit pbkdf2" -IUSE_CONTRIB="${IUSE_CONTRIB} -cxx" -IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}" - -REQUIRED_USE="cxx? ( sasl ) - ?? ( gnutls libressl ) - pbkdf2? ( ssl )" - -# always list newer first -# Do not add any AGPL-3 BDB here! -# See bug 525110, comment 15. -# Advanced usage: OPENLDAP_BDB_SLOTS in the environment can be used to force a slot during build. -BDB_SLOTS="${OPENLDAP_BDB_SLOTS:=5.3 5.1 4.8 4.7 4.6 4.5 4.4}" -BDB_PKGS='' -for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done - -# openssl is needed to generate lanman-passwords required by samba -CDEPEND=" - ssl? ( - !gnutls? ( - !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] ) - ) - gnutls? ( >=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}] - libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] ) - >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] ) ) - sasl? ( dev-libs/cyrus-sasl:= ) - !minimal? ( - sys-devel/libtool - sys-libs/e2fsprogs-libs - >=dev-db/lmdb-0.9.18:= - tcpd? ( sys-apps/tcp-wrappers ) - odbc? ( !iodbc? ( dev-db/unixODBC ) - iodbc? ( dev-db/libiodbc ) ) - slp? ( net-libs/openslp ) - perl? ( dev-lang/perl:=[-build(-)] ) - samba? ( - !libressl? ( dev-libs/openssl:0 ) - libressl? ( dev-libs/libressl ) - ) - berkdb? ( - ${l}" - eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/" - eerror " 5. emerge --update \=net-nds/${PF}" - eerror " 6. etc-update, and ensure that you apply the changes" - eerror " 7. slapadd -l ${l}" - eerror " 8. chown ldap:ldap /var/lib/openldap-data/*" - eerror " 9. /etc/init.d/slapd start" - eerror "10. check that your data is intact." - eerror "11. set up the new replication system." - eerror - if [ "${FORCE_UPGRADE}" != "1" ]; then - die "You need to upgrade your database first" - else - eerror "You have the magical FORCE_UPGRADE=1 in place." - eerror "Don't say you weren't warned about data loss." - fi -} - -pkg_setup() { - if ! use sasl && use cxx ; then - die "To build the ldapc++ library you must emerge openldap with sasl support" - fi - # Bug #322787 - if use minimal && ! has_version "net-nds/openldap" ; then - einfo "No datadir scan needed, openldap not installed" - elif use minimal && has_version 'net-nds/openldap[minimal]' ; then - einfo "Skipping scan for previous datadirs as requested by minimal useflag" - else - openldap_find_versiontags - fi - - # The user/group are only used for running daemons which are - # disabled in minimal builds, so elide the accounts too. - if ! use minimal ; then - enewgroup ldap 439 - enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap - fi -} - -src_prepare() { - # ensure correct SLAPI path by default - sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \ - "${S}"/include/ldap_defaults.h - - epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch - - epatch \ - "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \ - "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch - - # bug #116045 - still present in 2.4.28 - epatch "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch - # bug #408077 - samba4 - epatch "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch - - # bug #189817 - epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch - - # bug #233633 - epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch - - # bug #281495 - epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch - - # bug #294350 - epatch "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch - - # unbreak /bin/sh -> dash - epatch "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch - - # bug #420959 - epatch "${FILESDIR}"/${PN}-2.4.31-gcc47.patch - - # unbundle lmdb - epatch "${FILESDIR}"/${PN}-2.4.42-mdb-unbundle.patch - rm -rf "${S}"/libraries/liblmdb - - cd "${S}"/build || die - einfo "Making sure upstream build strip does not do stripping too early" - sed -i.orig \ - -e '/^STRIP/s,-s,,g' \ - top.mk || die "Failed to block stripping" - - # wrong assumption that /bin/sh is /bin/bash - sed -i \ - -e 's|/bin/sh|/bin/bash|g' \ - "${S}"/tests/scripts/* || die "sed failed" - - cd "${S}" || die - - AT_NOEAUTOMAKE=yes eautoreconf -} - -build_contrib_module() { - # - cd "${S}/contrib/slapd-modules/$1" || die - einfo "Compiling contrib-module: $3" - # Make sure it's uppercase - local define_name="$(echo "SLAPD_OVER_${1}" | LC_ALL=C tr '[:lower:]' '[:upper:]')" - "${lt}" --mode=compile --tag=CC \ - "${CC}" \ - -D${define_name}=SLAPD_MOD_DYNAMIC \ - -I"${BUILD_DIR}"/include \ - -I../../../include -I../../../servers/slapd ${CFLAGS} \ - -o ${2%.c}.lo -c $2 || die "compiling $3 failed" - einfo "Linking contrib-module: $3" - "${lt}" --mode=link --tag=CC \ - "${CC}" -module \ - ${CFLAGS} \ - ${LDFLAGS} \ - -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ - -o $3.la ${2%.c}.lo || die "linking $3 failed" -} - -src_configure() { - # Bug 408001 - use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync - - # connectionless ldap per bug #342439 - append-cppflags -DLDAP_CONNECTIONLESS - - multilib-minimal_src_configure -} - -multilib_src_configure() { - local myconf=() - - use debug && myconf+=( $(use_enable debug) ) - - # ICU exists only in the configure, nowhere in the codebase, bug #510858 - export ac_cv_header_unicode_utypes_h=no ol_cv_lib_icu=no - - if ! use minimal && multilib_is_native_abi; then - local CPPFLAGS=${CPPFLAGS} - - # re-enable serverside overlay chains per bug #296567 - # see ldap docs chaper 12.3.1 for details - myconf+=( --enable-ldap ) - - # backends - myconf+=( --enable-slapd ) - if use berkdb ; then - einfo "Using Berkeley DB for local backend" - myconf+=( --enable-bdb --enable-hdb ) - DBINCLUDE=$(db_includedir $BDB_SLOTS) - einfo "Using $DBINCLUDE for sys-libs/db version" - # We need to include the slotted db.h dir for FreeBSD - append-cppflags -I${DBINCLUDE} - else - myconf+=( --disable-bdb --disable-hdb ) - fi - for backend in dnssrv ldap mdb meta monitor null passwd relay shell sock; do - myconf+=( --enable-${backend}=mod ) - done - - myconf+=( $(use_enable perl perl mod) ) - - myconf+=( $(use_enable odbc sql mod) ) - if use odbc ; then - local odbc_lib="unixodbc" - if use iodbc ; then - odbc_lib="iodbc" - append-cppflags -I"${EPREFIX}"/usr/include/iodbc - fi - myconf+=( --with-odbc=${odbc_lib} ) - fi - - # slapd options - myconf+=( - $(use_enable crypt) - $(use_enable slp) - $(use_enable samba lmpasswd) - $(use_enable syslog) - ) - if use experimental ; then - myconf+=( - --enable-dynacl - --enable-aci=mod - ) - fi - for option in aci cleartext modules rewrite rlookups slapi; do - myconf+=( --enable-${option} ) - done - - # slapd overlay options - # Compile-in the syncprov, the others as module - myconf+=( --enable-syncprov=yes ) - use overlays && myconf+=( --enable-overlays=mod ) - - else - myconf+=( - --disable-backends - --disable-slapd - --disable-bdb - --disable-hdb - --disable-mdb - --disable-overlays - --disable-syslog - ) - fi - - # basic functionality stuff - myconf+=( - $(use_enable ipv6) - $(multilib_native_use_with sasl cyrus-sasl) - $(multilib_native_use_enable sasl spasswd) - $(use_enable tcpd wrappers) - ) - - # Some cross-compiling tests don't pan out well. - tc-is-cross-compiler && myconf+=( - --with-yielding-select=yes - ) - - local ssl_lib="no" - if use ssl || ( ! use minimal && use samba ) ; then - ssl_lib="openssl" - use gnutls && ssl_lib="gnutls" - fi - - myconf+=( --with-tls=${ssl_lib} ) - - for basicflag in dynamic local proctitle shared; do - myconf+=( --enable-${basicflag} ) - done - - tc-export AR CC CXX - ECONF_SOURCE=${S} \ - STRIP=/bin/true \ - econf \ - --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \ - $(use_enable static-libs static) \ - "${myconf[@]}" - emake depend -} - -src_configure_cxx() { - # This needs the libraries built by the first build run. - # So we have to run it AFTER the main build, not just after the main - # configure. - local myconf_ldapcpp=( - --with-ldap-includes="${S}"/include - ) - - mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die - cd "${BUILD_DIR}/contrib/ldapc++" || die - - local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS} - append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \ - -L"${BUILD_DIR}"/libraries/libldap/.libs - append-cppflags -I"${BUILD_DIR}"/include - ECONF_SOURCE=${S}/contrib/ldapc++ \ - econf "${myconf_ldapcpp[@]}" \ - CC="${CC}" \ - CXX="${CXX}" -} - -multilib_src_compile() { - tc-export AR CC CXX - emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash - local lt="${BUILD_DIR}/libtool" - export echo="echo" - - if ! use minimal && multilib_is_native_abi ; then - if use cxx ; then - einfo "Building contrib library: ldapc++" - src_configure_cxx - cd "${BUILD_DIR}/contrib/ldapc++" || die - emake \ - CC="${CC}" CXX="${CXX}" - fi - - if use smbkrb5passwd ; then - einfo "Building contrib-module: smbk5pwd" - cd "${S}/contrib/slapd-modules/smbk5pwd" || die - - MY_DEFS="-DDO_SHADOW" - if use samba ; then - MY_DEFS="${MY_DEFS} -DDO_SAMBA" - MY_KRB5_INC="" - fi - if use kerberos ; then - MY_DEFS="${MY_DEFS} -DDO_KRB5" - MY_KRB5_INC="$(krb5-config --cflags)" - fi - - emake \ - DEFS="${MY_DEFS}" \ - KRB5_INC="${MY_KRB5_INC}" \ - LDAP_BUILD="${BUILD_DIR}" \ - CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" - fi - - if use overlays ; then - einfo "Building contrib-module: samba4" - cd "${S}/contrib/slapd-modules/samba4" || die - - emake \ - LDAP_BUILD="${BUILD_DIR}" \ - CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap" - fi - - if use kerberos ; then - if use kinit ; then - build_contrib_module "kinit" "kinit.c" "kinit" - fi - cd "${S}/contrib/slapd-modules/passwd" || die - einfo "Compiling contrib-module: pw-kerberos" - "${lt}" --mode=compile --tag=CC \ - "${CC}" \ - -I"${BUILD_DIR}"/include \ - -I../../../include \ - ${CFLAGS} \ - $(krb5-config --cflags) \ - -DHAVE_KRB5 \ - -o kerberos.lo \ - -c kerberos.c || die "compiling pw-kerberos failed" - einfo "Linking contrib-module: pw-kerberos" - "${lt}" --mode=link --tag=CC \ - "${CC}" -module \ - ${CFLAGS} \ - ${LDFLAGS} \ - -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ - -o pw-kerberos.la \ - kerberos.lo || die "linking pw-kerberos failed" - fi - - if use pbkdf2; then - cd "${S}/contrib/slapd-modules/passwd/pbkdf2" || die - einfo "Compiling contrib-module: pw-pbkdf2" - "${lt}" --mode=compile --tag=CC \ - "${CC}" \ - -I"${BUILD_DIR}"/include \ - -I../../../../include \ - ${CFLAGS} \ - -o pbkdf2.lo \ - -c pw-pbkdf2.c || die "compiling pw-pbkdf2 failed" - einfo "Linking contrib-module: pw-pbkdf2" - "${lt}" --mode=link --tag=CC \ - "${CC}" -module \ - ${CFLAGS} \ - ${LDFLAGS} \ - -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ - -o pw-pbkdf2.la \ - pbkdf2.lo || die "linking pw-pbkdf2 failed" - fi - - # We could build pw-radius if GNURadius would install radlib.h - cd "${S}/contrib/slapd-modules/passwd" || die - einfo "Compiling contrib-module: pw-netscape" - "${lt}" --mode=compile --tag=CC \ - "${CC}" \ - -I"${BUILD_DIR}"/include \ - -I../../../include \ - ${CFLAGS} \ - -o netscape.lo \ - -c netscape.c || die "compiling pw-netscape failed" - einfo "Linking contrib-module: pw-netscape" - "${lt}" --mode=link --tag=CC \ - "${CC}" -module \ - ${CFLAGS} \ - ${LDFLAGS} \ - -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ - -o pw-netscape.la \ - netscape.lo || die "linking pw-netscape failed" - - #build_contrib_module "acl" "posixgroup.c" "posixGroup" # example code only - #build_contrib_module "acl" "gssacl.c" "gss" # example code only, also needs kerberos - build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay" - build_contrib_module "allop" "allop.c" "overlay-allop" - build_contrib_module "allowed" "allowed.c" "allowed" - build_contrib_module "autogroup" "autogroup.c" "autogroup" - build_contrib_module "cloak" "cloak.c" "cloak" - # build_contrib_module "comp_match" "comp_match.c" "comp_match" # really complex, adds new external deps, questionable demand - build_contrib_module "denyop" "denyop.c" "denyop-overlay" - build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin" - build_contrib_module "dupent" "dupent.c" "dupent" - build_contrib_module "lastbind" "lastbind.c" "lastbind" - # lastmod may not play well with other overlays - build_contrib_module "lastmod" "lastmod.c" "lastmod" - build_contrib_module "noopsrch" "noopsrch.c" "noopsrch" - build_contrib_module "nops" "nops.c" "nops-overlay" - #build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER - build_contrib_module "trace" "trace.c" "trace" - # build slapi-plugins - cd "${S}/contrib/slapi-plugins/addrdnvalues" || die - einfo "Building contrib-module: addrdnvalues plugin" - "${CC}" -shared \ - -I"${BUILD_DIR}"/include \ - -I../../../include \ - ${CFLAGS} \ - -fPIC \ - ${LDFLAGS} \ - -o libaddrdnvalues-plugin.so \ - addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed" - - fi -} - -multilib_src_test() { - if multilib_is_native_abi; then - cd tests || die - emake tests || die "make tests failed" - fi -} - -multilib_src_install() { - local lt="${BUILD_DIR}/libtool" - emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install - use static-libs || prune_libtool_files --all - - if ! use minimal && multilib_is_native_abi; then - # openldap modules go here - # TODO: write some code to populate slapd.conf with moduleload statements - keepdir /usr/$(get_libdir)/openldap/openldap/ - - # initial data storage dir - keepdir /var/lib/openldap-data - use prefix || fowners ldap:ldap /var/lib/openldap-data - fperms 0700 /var/lib/openldap-data - - echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" - echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" - echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" - - # use our config - rm "${ED}"etc/openldap/slapd.conf - insinto /etc/openldap - newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf - configfile="${ED}"etc/openldap/slapd.conf - - # populate with built backends - ebegin "populate config with built backends" - for x in "${ED}"usr/$(get_libdir)/openldap/openldap/back_*.so; do - einfo "Adding $(basename ${x})" - sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}" - done - sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}" - use prefix || fowners root:ldap /etc/openldap/slapd.conf - fperms 0640 /etc/openldap/slapd.conf - cp "${configfile}" "${configfile}".default - eend - - # install our own init scripts and systemd unit files - einfo "Install init scripts" - newinitd "${FILESDIR}"/slapd-initd-2.4.40-r2 slapd - newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd - einfo "Install systemd service" - systemd_dounit "${FILESDIR}"/slapd.service - systemd_install_serviced "${FILESDIR}"/slapd.service.conf - systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf - - if [[ $(get_libdir) != lib ]]; then - sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i \ - "${ED}"/etc/init.d/slapd \ - "${ED}"/usr/lib/systemd/system/slapd.service || die - fi - # If built without SLP, we don't need to be before avahi - use slp \ - || sed -i \ - -e '/before/{s/avahi-daemon//g}' \ - "${ED}"etc/init.d/slapd - - if use cxx ; then - einfo "Install the ldapc++ library" - cd "${BUILD_DIR}/contrib/ldapc++" || die - emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install - cd "${S}"/contrib/ldapc++ || die - newdoc README ldapc++-README - fi - - if use smbkrb5passwd ; then - einfo "Install the smbk5pwd module" - cd "${S}/contrib/slapd-modules/smbk5pwd" || die - emake DESTDIR="${D}" \ - LDAP_BUILD="${BUILD_DIR}" \ - libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install - newdoc README smbk5pwd-README - fi - - if use overlays ; then - einfo "Install the samba4 module" - cd "${S}/contrib/slapd-modules/samba4" || die - emake DESTDIR="${D}" \ - LDAP_BUILD="${BUILD_DIR}" \ - libexecdir="/usr/$(get_libdir)/openldap" install - newdoc README samba4-README - fi - - einfo "Installing contrib modules" - cd "${S}/contrib/slapd-modules" || die - for l in */*.la */*/*.la; do - [[ -e ${l} ]] || continue - "${lt}" --mode=install cp ${l} \ - "${ED}"usr/$(get_libdir)/openldap/openldap || \ - die "installing ${l} failed" - done - - dodoc "${FILESDIR}"/DB_CONFIG.fast.example - docinto contrib - doman */*.5 - #newdoc acl/README* - newdoc addpartial/README addpartial-README - newdoc allop/README allop-README - newdoc allowed/README allowed-README - newdoc autogroup/README autogroup-README - newdoc dsaschema/README dsaschema-README - newdoc passwd/README passwd-README - cd "${S}/contrib/slapi-plugins" || die - insinto /usr/$(get_libdir)/openldap/openldap - doins */*.so - docinto contrib - newdoc addrdnvalues/README addrdnvalues-README - - insinto /etc/openldap/schema - newins "${DISTDIR}"/${BIS_P} ${BIS_PN} - - docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample* - docinto back-shell ; dodoc "${S}"/servers/slapd/back-shell/searchexample* - docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm - - dosbin "${S}"/contrib/slapd-tools/statslog - newdoc "${S}"/contrib/slapd-tools/README README.statslog - fi -} - -multilib_src_install_all() { - dodoc ANNOUNCEMENT CHANGES COPYRIGHT README - docinto rfc ; dodoc doc/rfc/*.txt -} - -pkg_preinst() { - # keep old libs if any - preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0) - # bug 440470, only display the getting started help there was no openldap before, - # or we are going to a non-minimal build - ! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]' - OPENLDAP_PRINT_MESSAGES=$((! $?)) -} - -pkg_postinst() { - if ! use minimal ; then - # You cannot build SSL certificates during src_install that will make - # binary packages containing your SSL key, which is both a security risk - # and a misconfiguration if multiple machines use the same key and cert. - if use ssl; then - install_cert /etc/openldap/ssl/ldap - use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.* - ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]" - ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]" - ewarn "add 'TLS_REQCERT allow' if you want to use them." - fi - - if use prefix; then - # Warn about prefix issues with slapd - eerror "slapd might NOT be usable on Prefix systems as it requires root privileges" - eerror "to start up, and requires that certain files directories be owned by" - eerror "ldap:ldap. As Prefix does not support changing ownership of files and" - eerror "directories, you will have to manually fix this yourself." - fi - - # These lines force the permissions of various content to be correct - use prefix || chown ldap:ldap "${EROOT}"var/run/openldap - chmod 0755 "${EROOT}"var/run/openldap - use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default} - chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default} - use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data - fi - - if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then - elog "Getting started using OpenLDAP? There is some documentation available:" - elog "Gentoo Guide to OpenLDAP Authentication" - elog "(https://www.gentoo.org/doc/en/ldap-howto.xml)" - elog "---" - elog "An example file for tuning BDB backends with openldap is" - elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/" - fi - - preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0) -} diff --git a/sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.4.44.ebuild b/sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.4.44.ebuild deleted file mode 100644 index ea8e84e9cf..0000000000 --- a/sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.4.44.ebuild +++ /dev/null @@ -1,830 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="5" - -inherit db-use eutils flag-o-matic multilib multilib-minimal ssl-cert versionator toolchain-funcs autotools user systemd - -BIS_PN=rfc2307bis.schema -BIS_PV=20140524 -BIS_P="${BIS_PN}-${BIS_PV}" - -DESCRIPTION="LDAP suite of application and development tools" -HOMEPAGE="http://www.OpenLDAP.org/" - -# mirrors are mostly not working, using canonical URI -SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz - mirror://gentoo/${BIS_P}" - -LICENSE="OPENLDAP GPL-2" -SLOT="0" -KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~x86-solaris" - -IUSE_DAEMON="crypt samba slp tcpd experimental minimal" -IUSE_BACKEND="+berkdb" -IUSE_OVERLAY="overlays perl" -IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 libressl +syslog selinux static-libs" -IUSE_CONTRIB="smbkrb5passwd kerberos kinit" -IUSE_CONTRIB="${IUSE_CONTRIB} -cxx" -IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}" - -REQUIRED_USE="cxx? ( sasl ) - ?? ( gnutls libressl )" - -# always list newer first -# Do not add any AGPL-3 BDB here! -# See bug 525110, comment 15. -# Advanced usage: OPENLDAP_BDB_SLOTS in the environment can be used to force a slot during build. -BDB_SLOTS="${OPENLDAP_BDB_SLOTS:=5.3 5.1 4.8 4.7 4.6 4.5 4.4}" -BDB_PKGS='' -for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done - -# openssl is needed to generate lanman-passwords required by samba -CDEPEND=" - ssl? ( - !gnutls? ( - !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] ) - ) - gnutls? ( >=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}] - libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] ) - >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] ) ) - sasl? ( dev-libs/cyrus-sasl:= ) - !minimal? ( - sys-devel/libtool - sys-libs/e2fsprogs-libs - >=dev-db/lmdb-0.9.18:= - tcpd? ( sys-apps/tcp-wrappers ) - odbc? ( !iodbc? ( dev-db/unixODBC ) - iodbc? ( dev-db/libiodbc ) ) - slp? ( net-libs/openslp ) - perl? ( dev-lang/perl:=[-build(-)] ) - samba? ( - !libressl? ( dev-libs/openssl:0 ) - libressl? ( dev-libs/libressl ) - ) - berkdb? ( - ${l}" - eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/" - eerror " 5. emerge --update \=net-nds/${PF}" - eerror " 6. etc-update, and ensure that you apply the changes" - eerror " 7. slapadd -l ${l}" - eerror " 8. chown ldap:ldap /var/lib/openldap-data/*" - eerror " 9. /etc/init.d/slapd start" - eerror "10. check that your data is intact." - eerror "11. set up the new replication system." - eerror - if [ "${FORCE_UPGRADE}" != "1" ]; then - die "You need to upgrade your database first" - else - eerror "You have the magical FORCE_UPGRADE=1 in place." - eerror "Don't say you weren't warned about data loss." - fi -} - -pkg_setup() { - if ! use sasl && use cxx ; then - die "To build the ldapc++ library you must emerge openldap with sasl support" - fi - # Bug #322787 - if use minimal && ! has_version "net-nds/openldap" ; then - einfo "No datadir scan needed, openldap not installed" - elif use minimal && has_version 'net-nds/openldap[minimal]' ; then - einfo "Skipping scan for previous datadirs as requested by minimal useflag" - else - openldap_find_versiontags - fi - - # The user/group are only used for running daemons which are - # disabled in minimal builds, so elide the accounts too. - if ! use minimal ; then - enewgroup ldap 439 - enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap - fi -} - -src_prepare() { - # ensure correct SLAPI path by default - sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \ - "${S}"/include/ldap_defaults.h - - epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch - - epatch \ - "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \ - "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch - - # bug #116045 - still present in 2.4.28 - epatch "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch - # bug #408077 - samba4 - epatch "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch - - # bug #189817 - epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch - - # bug #233633 - epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch - - # bug #281495 - epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch - - # bug #294350 - epatch "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch - - # unbreak /bin/sh -> dash - epatch "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch - - # bug #420959 - epatch "${FILESDIR}"/${PN}-2.4.31-gcc47.patch - - # unbundle lmdb - epatch "${FILESDIR}"/${PN}-2.4.42-mdb-unbundle.patch - rm -rf "${S}"/libraries/liblmdb - - cd "${S}"/build || die - einfo "Making sure upstream build strip does not do stripping too early" - sed -i.orig \ - -e '/^STRIP/s,-s,,g' \ - top.mk || die "Failed to block stripping" - - # wrong assumption that /bin/sh is /bin/bash - sed -i \ - -e 's|/bin/sh|/bin/bash|g' \ - "${S}"/tests/scripts/* || die "sed failed" - - cd "${S}" || die - - AT_NOEAUTOMAKE=yes eautoreconf -} - -build_contrib_module() { - # - cd "${S}/contrib/slapd-modules/$1" || die - einfo "Compiling contrib-module: $3" - # Make sure it's uppercase - local define_name="$(echo "SLAPD_OVER_${1}" | LC_ALL=C tr '[:lower:]' '[:upper:]')" - "${lt}" --mode=compile --tag=CC \ - "${CC}" \ - -D${define_name}=SLAPD_MOD_DYNAMIC \ - -I"${BUILD_DIR}"/include \ - -I../../../include -I../../../servers/slapd ${CFLAGS} \ - -o ${2%.c}.lo -c $2 || die "compiling $3 failed" - einfo "Linking contrib-module: $3" - "${lt}" --mode=link --tag=CC \ - "${CC}" -module \ - ${CFLAGS} \ - ${LDFLAGS} \ - -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ - -o $3.la ${2%.c}.lo || die "linking $3 failed" -} - -src_configure() { - # Bug 408001 - use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync - - # connectionless ldap per bug #342439 - append-cppflags -DLDAP_CONNECTIONLESS - - multilib-minimal_src_configure -} - -multilib_src_configure() { - local myconf=() - - use debug && myconf+=( $(use_enable debug) ) - - # ICU exists only in the configure, nowhere in the codebase, bug #510858 - export ac_cv_header_unicode_utypes_h=no ol_cv_lib_icu=no - - if ! use minimal && multilib_is_native_abi; then - local CPPFLAGS=${CPPFLAGS} - - # re-enable serverside overlay chains per bug #296567 - # see ldap docs chaper 12.3.1 for details - myconf+=( --enable-ldap ) - - # backends - myconf+=( --enable-slapd ) - if use berkdb ; then - einfo "Using Berkeley DB for local backend" - myconf+=( --enable-bdb --enable-hdb ) - DBINCLUDE=$(db_includedir $BDB_SLOTS) - einfo "Using $DBINCLUDE for sys-libs/db version" - # We need to include the slotted db.h dir for FreeBSD - append-cppflags -I${DBINCLUDE} - else - myconf+=( --disable-bdb --disable-hdb ) - fi - for backend in dnssrv ldap mdb meta monitor null passwd relay shell sock; do - myconf+=( --enable-${backend}=mod ) - done - - myconf+=( $(use_enable perl perl mod) ) - - myconf+=( $(use_enable odbc sql mod) ) - if use odbc ; then - local odbc_lib="unixodbc" - if use iodbc ; then - odbc_lib="iodbc" - append-cppflags -I"${EPREFIX}"/usr/include/iodbc - fi - myconf+=( --with-odbc=${odbc_lib} ) - fi - - # slapd options - myconf+=( - $(use_enable crypt) - $(use_enable slp) - $(use_enable samba lmpasswd) - $(use_enable syslog) - ) - if use experimental ; then - myconf+=( - --enable-dynacl - --enable-aci=mod - ) - fi - for option in aci cleartext modules rewrite rlookups slapi; do - myconf+=( --enable-${option} ) - done - - # slapd overlay options - # Compile-in the syncprov, the others as module - myconf+=( --enable-syncprov=yes ) - use overlays && myconf+=( --enable-overlays=mod ) - - else - myconf+=( - --disable-backends - --disable-slapd - --disable-bdb - --disable-hdb - --disable-mdb - --disable-overlays - --disable-syslog - ) - fi - - # basic functionality stuff - myconf+=( - $(use_enable ipv6) - $(multilib_native_use_with sasl cyrus-sasl) - $(multilib_native_use_enable sasl spasswd) - $(use_enable tcpd wrappers) - ) - - # Some cross-compiling tests don't pan out well. - tc-is-cross-compiler && myconf+=( - --with-yielding-select=yes - ) - - local ssl_lib="no" - if use ssl || ( ! use minimal && use samba ) ; then - ssl_lib="openssl" - use gnutls && ssl_lib="gnutls" - fi - - myconf+=( --with-tls=${ssl_lib} ) - - for basicflag in dynamic local proctitle shared; do - myconf+=( --enable-${basicflag} ) - done - - tc-export AR CC CXX - ECONF_SOURCE=${S} \ - STRIP=/bin/true \ - econf \ - --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \ - $(use_enable static-libs static) \ - "${myconf[@]}" - emake depend -} - -src_configure_cxx() { - # This needs the libraries built by the first build run. - # So we have to run it AFTER the main build, not just after the main - # configure. - local myconf_ldapcpp=( - --with-ldap-includes="${S}"/include - ) - - mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die - cd "${BUILD_DIR}/contrib/ldapc++" || die - - local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS} - append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \ - -L"${BUILD_DIR}"/libraries/libldap/.libs - append-cppflags -I"${BUILD_DIR}"/include - ECONF_SOURCE=${S}/contrib/ldapc++ \ - econf "${myconf_ldapcpp[@]}" \ - CC="${CC}" \ - CXX="${CXX}" -} - -multilib_src_compile() { - tc-export AR CC CXX - emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash - local lt="${BUILD_DIR}/libtool" - export echo="echo" - - if ! use minimal && multilib_is_native_abi ; then - if use cxx ; then - einfo "Building contrib library: ldapc++" - src_configure_cxx - cd "${BUILD_DIR}/contrib/ldapc++" || die - emake \ - CC="${CC}" CXX="${CXX}" - fi - - if use smbkrb5passwd ; then - einfo "Building contrib-module: smbk5pwd" - cd "${S}/contrib/slapd-modules/smbk5pwd" || die - - MY_DEFS="-DDO_SHADOW" - if use samba ; then - MY_DEFS="${MY_DEFS} -DDO_SAMBA" - MY_KRB5_INC="" - fi - if use kerberos ; then - MY_DEFS="${MY_DEFS} -DDO_KRB5" - MY_KRB5_INC="$(krb5-config --cflags)" - fi - - emake \ - DEFS="${MY_DEFS}" \ - KRB5_INC="${MY_KRB5_INC}" \ - LDAP_BUILD="${BUILD_DIR}" \ - CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" - fi - - if use overlays ; then - einfo "Building contrib-module: samba4" - cd "${S}/contrib/slapd-modules/samba4" || die - - emake \ - LDAP_BUILD="${BUILD_DIR}" \ - CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap" - fi - - if use kerberos ; then - if use kinit ; then - build_contrib_module "kinit" "kinit.c" "kinit" - fi - cd "${S}/contrib/slapd-modules/passwd" || die - einfo "Compiling contrib-module: pw-kerberos" - "${lt}" --mode=compile --tag=CC \ - "${CC}" \ - -I"${BUILD_DIR}"/include \ - -I../../../include \ - ${CFLAGS} \ - $(krb5-config --cflags) \ - -DHAVE_KRB5 \ - -o kerberos.lo \ - -c kerberos.c || die "compiling pw-kerberos failed" - einfo "Linking contrib-module: pw-kerberos" - "${lt}" --mode=link --tag=CC \ - "${CC}" -module \ - ${CFLAGS} \ - ${LDFLAGS} \ - -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ - -o pw-kerberos.la \ - kerberos.lo || die "linking pw-kerberos failed" - fi - # We could build pw-radius if GNURadius would install radlib.h - cd "${S}/contrib/slapd-modules/passwd" || die - einfo "Compiling contrib-module: pw-netscape" - "${lt}" --mode=compile --tag=CC \ - "${CC}" \ - -I"${BUILD_DIR}"/include \ - -I../../../include \ - ${CFLAGS} \ - -o netscape.lo \ - -c netscape.c || die "compiling pw-netscape failed" - einfo "Linking contrib-module: pw-netscape" - "${lt}" --mode=link --tag=CC \ - "${CC}" -module \ - ${CFLAGS} \ - ${LDFLAGS} \ - -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ - -o pw-netscape.la \ - netscape.lo || die "linking pw-netscape failed" - - #build_contrib_module "acl" "posixgroup.c" "posixGroup" # example code only - #build_contrib_module "acl" "gssacl.c" "gss" # example code only, also needs kerberos - build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay" - build_contrib_module "allop" "allop.c" "overlay-allop" - build_contrib_module "allowed" "allowed.c" "allowed" - build_contrib_module "autogroup" "autogroup.c" "autogroup" - build_contrib_module "cloak" "cloak.c" "cloak" - # build_contrib_module "comp_match" "comp_match.c" "comp_match" # really complex, adds new external deps, questionable demand - build_contrib_module "denyop" "denyop.c" "denyop-overlay" - build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin" - build_contrib_module "dupent" "dupent.c" "dupent" - build_contrib_module "lastbind" "lastbind.c" "lastbind" - # lastmod may not play well with other overlays - build_contrib_module "lastmod" "lastmod.c" "lastmod" - build_contrib_module "noopsrch" "noopsrch.c" "noopsrch" - build_contrib_module "nops" "nops.c" "nops-overlay" - #build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER - build_contrib_module "trace" "trace.c" "trace" - # build slapi-plugins - cd "${S}/contrib/slapi-plugins/addrdnvalues" || die - einfo "Building contrib-module: addrdnvalues plugin" - "${CC}" -shared \ - -I"${BUILD_DIR}"/include \ - -I../../../include \ - ${CFLAGS} \ - -fPIC \ - ${LDFLAGS} \ - -o libaddrdnvalues-plugin.so \ - addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed" - - fi -} - -multilib_src_test() { - if multilib_is_native_abi; then - cd tests || die - emake tests || die "make tests failed" - fi -} - -multilib_src_install() { - local lt="${BUILD_DIR}/libtool" - emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install - use static-libs || prune_libtool_files --all - - if ! use minimal && multilib_is_native_abi; then - # openldap modules go here - # TODO: write some code to populate slapd.conf with moduleload statements - keepdir /usr/$(get_libdir)/openldap/openldap/ - - # initial data storage dir - keepdir /var/lib/openldap-data - use prefix || fowners ldap:ldap /var/lib/openldap-data - fperms 0700 /var/lib/openldap-data - - echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" - echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" - echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" - - # use our config - rm "${ED}"etc/openldap/slapd.conf - insinto /etc/openldap - newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf - configfile="${ED}"etc/openldap/slapd.conf - - # populate with built backends - ebegin "populate config with built backends" - for x in "${ED}"usr/$(get_libdir)/openldap/openldap/back_*.so; do - einfo "Adding $(basename ${x})" - sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}" - done - sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}" - use prefix || fowners root:ldap /etc/openldap/slapd.conf - fperms 0640 /etc/openldap/slapd.conf - cp "${configfile}" "${configfile}".default - eend - - # install our own init scripts and systemd unit files - einfo "Install init scripts" - newinitd "${FILESDIR}"/slapd-initd-2.4.40-r2 slapd - newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd - einfo "Install systemd service" - systemd_dounit "${FILESDIR}"/slapd.service - systemd_install_serviced "${FILESDIR}"/slapd.service.conf - systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf - - if [[ $(get_libdir) != lib ]]; then - sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i \ - "${ED}"/etc/init.d/slapd \ - "${ED}"/usr/lib/systemd/system/slapd.service || die - fi - # If built without SLP, we don't need to be before avahi - use slp \ - || sed -i \ - -e '/before/{s/avahi-daemon//g}' \ - "${ED}"etc/init.d/slapd - - if use cxx ; then - einfo "Install the ldapc++ library" - cd "${BUILD_DIR}/contrib/ldapc++" || die - emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install - cd "${S}"/contrib/ldapc++ || die - newdoc README ldapc++-README - fi - - if use smbkrb5passwd ; then - einfo "Install the smbk5pwd module" - cd "${S}/contrib/slapd-modules/smbk5pwd" || die - emake DESTDIR="${D}" \ - LDAP_BUILD="${BUILD_DIR}" \ - libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install - newdoc README smbk5pwd-README - fi - - if use overlays ; then - einfo "Install the samba4 module" - cd "${S}/contrib/slapd-modules/samba4" || die - emake DESTDIR="${D}" \ - LDAP_BUILD="${BUILD_DIR}" \ - libexecdir="/usr/$(get_libdir)/openldap" install - newdoc README samba4-README - fi - - einfo "Installing contrib modules" - cd "${S}/contrib/slapd-modules" || die - for l in */*.la; do - "${lt}" --mode=install cp ${l} \ - "${ED}"usr/$(get_libdir)/openldap/openldap || \ - die "installing ${l} failed" - done - - dodoc "${FILESDIR}"/DB_CONFIG.fast.example - docinto contrib - doman */*.5 - #newdoc acl/README* - newdoc addpartial/README addpartial-README - newdoc allop/README allop-README - newdoc allowed/README allowed-README - newdoc autogroup/README autogroup-README - newdoc dsaschema/README dsaschema-README - newdoc passwd/README passwd-README - cd "${S}/contrib/slapi-plugins" || die - insinto /usr/$(get_libdir)/openldap/openldap - doins */*.so - docinto contrib - newdoc addrdnvalues/README addrdnvalues-README - - insinto /etc/openldap/schema - newins "${DISTDIR}"/${BIS_P} ${BIS_PN} - - docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample* - docinto back-shell ; dodoc "${S}"/servers/slapd/back-shell/searchexample* - docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm - - dosbin "${S}"/contrib/slapd-tools/statslog - newdoc "${S}"/contrib/slapd-tools/README README.statslog - fi -} - -multilib_src_install_all() { - dodoc ANNOUNCEMENT CHANGES COPYRIGHT README - docinto rfc ; dodoc doc/rfc/*.txt -} - -pkg_preinst() { - # keep old libs if any - preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0) - # bug 440470, only display the getting started help there was no openldap before, - # or we are going to a non-minimal build - ! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]' - OPENLDAP_PRINT_MESSAGES=$((! $?)) -} - -pkg_postinst() { - if ! use minimal ; then - # You cannot build SSL certificates during src_install that will make - # binary packages containing your SSL key, which is both a security risk - # and a misconfiguration if multiple machines use the same key and cert. - if use ssl; then - install_cert /etc/openldap/ssl/ldap - use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.* - ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]" - ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]" - ewarn "add 'TLS_REQCERT allow' if you want to use them." - fi - - if use prefix; then - # Warn about prefix issues with slapd - eerror "slapd might NOT be usable on Prefix systems as it requires root privileges" - eerror "to start up, and requires that certain files directories be owned by" - eerror "ldap:ldap. As Prefix does not support changing ownership of files and" - eerror "directories, you will have to manually fix this yourself." - fi - - # These lines force the permissions of various content to be correct - use prefix || chown ldap:ldap "${EROOT}"var/run/openldap - chmod 0755 "${EROOT}"var/run/openldap - use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default} - chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default} - use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data - fi - - if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then - elog "Getting started using OpenLDAP? There is some documentation available:" - elog "Gentoo Guide to OpenLDAP Authentication" - elog "(https://www.gentoo.org/doc/en/ldap-howto.xml)" - elog "---" - elog "An example file for tuning BDB backends with openldap is" - elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/" - fi - - preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0) -} diff --git a/sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.4.45.ebuild b/sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.4.50.ebuild similarity index 77% rename from sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.4.45.ebuild rename to sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.4.50.ebuild index e81d354305..4fdf8de27c 100644 --- a/sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.4.45.ebuild +++ b/sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.4.50.ebuild @@ -1,36 +1,42 @@ -# Copyright 1999-2017 Gentoo Foundation +# Copyright 1999-2020 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 -EAPI="5" +EAPI=7 -inherit db-use eutils flag-o-matic multilib multilib-minimal ssl-cert versionator toolchain-funcs autotools user systemd +inherit autotools db-use flag-o-matic multilib-minimal ssl-cert toolchain-funcs user systemd BIS_PN=rfc2307bis.schema BIS_PV=20140524 BIS_P="${BIS_PN}-${BIS_PV}" DESCRIPTION="LDAP suite of application and development tools" -HOMEPAGE="http://www.OpenLDAP.org/" +HOMEPAGE="https://www.OpenLDAP.org/" -# mirrors are mostly not working, using canonical URI -SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz - mirror://gentoo/${BIS_P}" +# upstream mirrors are mostly not working, using canonical URI +SRC_URI=" + https://openldap.org/software/download/OpenLDAP/openldap-release/${P}.tgz + http://gpl.savoirfairelinux.net/pub/mirrors/openldap/openldap-release/${P}.tgz + http://repository.linagora.org/OpenLDAP/openldap-release/${P}.tgz + http://mirror.eu.oneandone.net/software/openldap/openldap-release/${P}.tgz + mirror://gentoo/${BIS_P}" LICENSE="OPENLDAP GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~x86-solaris" +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~mips ppc ppc64 ~riscv s390 sparc x86 ~ppc-aix ~amd64-linux ~x86-linux ~x86-solaris" -IUSE_DAEMON="crypt samba slp tcpd experimental minimal" +IUSE_DAEMON="crypt samba tcpd experimental minimal" IUSE_BACKEND="+berkdb" IUSE_OVERLAY="overlays perl" -IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 libressl +syslog selinux static-libs" +IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 libressl +syslog selinux static-libs test" IUSE_CONTRIB="smbkrb5passwd kerberos kinit pbkdf2 sha2" IUSE_CONTRIB="${IUSE_CONTRIB} -cxx" IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}" +RESTRICT="!test? ( test )" REQUIRED_USE="cxx? ( sasl ) - ?? ( gnutls libressl ) - pbkdf2? ( ssl )" + pbkdf2? ( ssl ) + test? ( berkdb ) + ?? ( test minimal )" # always list newer first # Do not add any AGPL-3 BDB here! @@ -41,14 +47,17 @@ BDB_PKGS='' for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done # openssl is needed to generate lanman-passwords required by samba -CDEPEND=" +COMMON_DEPEND=" ssl? ( !gnutls? ( - !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] ) + !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] ) + libressl? ( dev-libs/libressl:0=[${MULTILIB_USEDEP}] ) ) - gnutls? ( >=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}] - libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] ) - >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] ) ) + gnutls? ( + >=net-libs/gnutls-2.12.23-r6:=[${MULTILIB_USEDEP}] + >=dev-libs/libgcrypt-1.5.3:0=[${MULTILIB_USEDEP}] + ) + ) sasl? ( dev-libs/cyrus-sasl:= ) !minimal? ( sys-devel/libtool @@ -57,19 +66,18 @@ CDEPEND=" tcpd? ( sys-apps/tcp-wrappers ) odbc? ( !iodbc? ( dev-db/unixODBC ) iodbc? ( dev-db/libiodbc ) ) - slp? ( net-libs/openslp ) perl? ( dev-lang/perl:=[-build(-)] ) samba? ( - !libressl? ( dev-libs/openssl:0 ) - libressl? ( dev-libs/libressl ) + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl:0= ) ) berkdb? ( dash + "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch + + # bug #420959 + "${FILESDIR}"/${PN}-2.4.31-gcc47.patch + + # unbundle lmdb + "${FILESDIR}"/${PN}-2.4.42-mdb-unbundle.patch + + # bug #622464 + "${FILESDIR}"/${PN}-2.4.47-libressl.patch + + # fix some compiler warnings + "${FILESDIR}"/${PN}-2.4.47-warnings.patch +) + openldap_filecount() { local dir="$1" find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l @@ -136,11 +181,11 @@ openldap_filecount() { openldap_find_versiontags() { # scan for all datadirs - openldap_datadirs="" - if [ -f "${EROOT}"/etc/openldap/slapd.conf ]; then - openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${EROOT}/etc/openldap/slapd.conf)" + local openldap_datadirs=() + if [[ -f "${EROOT}"/etc/openldap/slapd.conf ]]; then + openldap_datadirs=( $(awk '{if($1 == "directory") print $2 }' "${EROOT}"/etc/openldap/slapd.conf) ) fi - openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}" + openldap_datadirs+=( ${OPENLDAP_DEFAULTDIR_VERSIONTAG} ) einfo einfo "Scanning datadir(s) from slapd.conf and" @@ -151,28 +196,28 @@ openldap_find_versiontags() { # scan datadirs if we have a version tag openldap_found_tag=0 have_files=0 - for each in ${openldap_datadirs}; do - CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"` - CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG} - if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then + for each in ${openldap_datadirs[@]} ; do + CURRENT_TAGDIR="${ROOT}$(sed "s:\/::" <<< ${each})" + CURRENT_TAG="${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}" + if [[ -d "${CURRENT_TAGDIR}" ]] && [[ "${openldap_found_tag}" == 0 ]] ; then einfo "- Checking ${each}..." - if [ -r ${CURRENT_TAG} ] ; then + if [[ -r "${CURRENT_TAG}" ]] ; then # yey, we have one :) einfo " Found Versiontag in ${each}" - source ${CURRENT_TAG} - if [ "${OLDPF}" == "" ] ; then + source "${CURRENT_TAG}" + if [[ "${OLDPF}" == "" ]] ; then eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}" eerror "Please delete it" eerror die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}" fi - OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}` + OLD_MAJOR=$(ver_cut 2-3 ${OLDPF}) - [ $(openldap_filecount ${CURRENT_TAGDIR}) -gt 0 ] && have_files=1 + [[ "$(openldap_filecount ${CURRENT_TAGDIR})" -gt 0 ]] && have_files=1 # are we on the same branch? - if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then + if [[ "${OLD_MAJOR}" != "${PV:0:3}" ]] ; then ewarn " Versiontag doesn't match current major release!" if [[ "${have_files}" == "1" ]] ; then eerror " Versiontag says other major and you (probably) have datafiles!" @@ -186,7 +231,7 @@ openldap_find_versiontags() { fi else einfo " Non-tagged dir ${each}" - [ $(openldap_filecount ${each}) -gt 0 ] && have_files=1 + [[ "$(openldap_filecount ${each})" -gt 0 ]] && have_files=1 if [[ "${have_files}" == "1" ]] ; then einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files" echo @@ -208,45 +253,45 @@ openldap_find_versiontags() { einfo fi done - [ "${have_files}" == "1" ] && einfo "DB files present" || einfo "No DB files present" + [[ "${have_files}" == "1" ]] && einfo "DB files present" || einfo "No DB files present" # Now we must check for the major version of sys-libs/db linked against. - SLAPD_PATH=${EROOT}/usr/$(get_libdir)/openldap/slapd - if [ "${have_files}" == "1" -a -f "${SLAPD_PATH}" ]; then + SLAPD_PATH="${EROOT}/usr/$(get_libdir)/openldap/slapd" + if [[ "${have_files}" == "1" ]] && [[ -f "${SLAPD_PATH}" ]]; then OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \ | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')" if use berkdb; then # find which one would be used - for bdb_slot in $BDB_SLOTS ; do + for bdb_slot in ${BDB_SLOTS} ; do NEWVER="$(db_findver "=sys-libs/db-${bdb_slot}*")" - [[ -n "$NEWVER" ]] && break + [[ -n "${NEWVER}" ]] && break done fi local fail=0 - if [ -z "${OLDVER}" -a -z "${NEWVER}" ]; then + if [[ -z "${OLDVER}" ]] && [[ -z "${NEWVER}" ]]; then : # Nothing wrong here. - elif [ -z "${OLDVER}" -a -n "${NEWVER}" ]; then + elif [[ -z "${OLDVER}" ]] && [[ -n "${NEWVER}" ]]; then eerror " Your existing version of OpenLDAP was not built against" eerror " any version of sys-libs/db, but the new one will build" eerror " against ${NEWVER} and your database may be inaccessible." echo fail=1 - elif [ -n "${OLDVER}" -a -z "${NEWVER}" ]; then + elif [[ -n "${OLDVER}" ]] && [[ -z "${NEWVER}" ]]; then eerror " Your existing version of OpenLDAP was built against" eerror " sys-libs/db:${OLDVER}, but the new one will not be" eerror " built against any version and your database may be" eerror " inaccessible." echo fail=1 - elif [ "${OLDVER}" != "${NEWVER}" ]; then + elif [[ "${OLDVER}" != "${NEWVER}" ]]; then eerror " Your existing version of OpenLDAP was built against" eerror " sys-libs/db:${OLDVER}, but the new one will build against" eerror " ${NEWVER} and your database would be inaccessible." echo fail=1 fi - [ "${fail}" == "1" ] && openldap_upgrade_howto + [[ "${fail}" == "1" ]] && openldap_upgrade_howto fi echo @@ -256,6 +301,7 @@ openldap_find_versiontags() { } openldap_upgrade_howto() { + local d l i eerror eerror "A (possible old) installation of OpenLDAP was detected," eerror "installation will not proceed for now." @@ -269,7 +315,7 @@ openldap_upgrade_howto() { d="$(date -u +%s)" l="/root/ldapdump.${d}" i="${l}.raw" - eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop" + eerror " 1. /etc/init.d/slapd stop" eerror " 2. slapcat -l ${i}" eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}" eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/" @@ -281,7 +327,7 @@ openldap_upgrade_howto() { eerror "10. check that your data is intact." eerror "11. set up the new replication system." eerror - if [ "${FORCE_UPGRADE}" != "1" ]; then + if [[ "${FORCE_UPGRADE}" != "1" ]]; then die "You need to upgrade your database first" else eerror "You have the magical FORCE_UPGRADE=1 in place." @@ -312,64 +358,33 @@ pkg_setup() { src_prepare() { # ensure correct SLAPI path by default - sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \ - "${S}"/include/ldap_defaults.h + sed -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \ + -i include/ldap_defaults.h || die - epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch + default + rm -r libraries/liblmdb || die - epatch \ - "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \ - "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch - - # bug #116045 - still present in 2.4.28 - epatch "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch - # bug #408077 - samba4 - epatch "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch - - # bug #189817 - epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch - - # bug #233633 - epatch "${FILESDIR}"/${PN}-2.4.45-fix-lmpasswd-gnutls-symbols.patch - - # bug #281495 - epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch - - # bug #294350 - epatch "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch - - # unbreak /bin/sh -> dash - epatch "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch - - # bug #420959 - epatch "${FILESDIR}"/${PN}-2.4.31-gcc47.patch - - # unbundle lmdb - epatch "${FILESDIR}"/${PN}-2.4.42-mdb-unbundle.patch - rm -rf "${S}"/libraries/liblmdb - - cd "${S}"/build || die + pushd build &>/dev/null || die "pushd build" einfo "Making sure upstream build strip does not do stripping too early" sed -i.orig \ -e '/^STRIP/s,-s,,g' \ top.mk || die "Failed to block stripping" + popd &>/dev/null || die # wrong assumption that /bin/sh is /bin/bash - sed -i \ + sed \ -e 's|/bin/sh|/bin/bash|g' \ - "${S}"/tests/scripts/* || die "sed failed" - - cd "${S}" || die + -i tests/scripts/* || die "sed failed" AT_NOEAUTOMAKE=yes eautoreconf } build_contrib_module() { # - cd "${S}/contrib/slapd-modules/$1" || die + pushd "${S}/contrib/slapd-modules/$1" &>/dev/null || die "pushd contrib/slapd-modules/$1" einfo "Compiling contrib-module: $3" # Make sure it's uppercase - local define_name="$(echo "SLAPD_OVER_${1}" | LC_ALL=C tr '[:lower:]' '[:upper:]')" + local define_name="$(LC_ALL=C tr '[:lower:]' '[:upper:]' <<< "SLAPD_OVER_${1}")" "${lt}" --mode=compile --tag=CC \ "${CC}" \ -D${define_name}=SLAPD_MOD_DYNAMIC \ @@ -383,6 +398,7 @@ build_contrib_module() { ${LDFLAGS} \ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ -o $3.la ${2%.c}.lo || die "linking $3 failed" + popd &>/dev/null || die } src_configure() { @@ -415,8 +431,8 @@ multilib_src_configure() { if use berkdb ; then einfo "Using Berkeley DB for local backend" myconf+=( --enable-bdb --enable-hdb ) - DBINCLUDE=$(db_includedir $BDB_SLOTS) - einfo "Using $DBINCLUDE for sys-libs/db version" + DBINCLUDE=$(db_includedir ${BDB_SLOTS}) + einfo "Using ${DBINCLUDE} for sys-libs/db version" # We need to include the slotted db.h dir for FreeBSD append-cppflags -I${DBINCLUDE} else @@ -441,7 +457,7 @@ multilib_src_configure() { # slapd options myconf+=( $(use_enable crypt) - $(use_enable slp) + --disable-slp $(use_enable samba lmpasswd) $(use_enable syslog) ) @@ -498,7 +514,8 @@ multilib_src_configure() { done tc-export AR CC CXX - ECONF_SOURCE=${S} \ + CONFIG_SHELL="/bin/bash" \ + ECONF_SOURCE="${S}" \ STRIP=/bin/true \ econf \ --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \ @@ -516,7 +533,7 @@ src_configure_cxx() { ) mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die - cd "${BUILD_DIR}/contrib/ldapc++" || die + pushd "${BUILD_DIR}/contrib/ldapc++" &>/dev/null || die "pushd contrib/ldapc++" local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS} append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \ @@ -526,6 +543,7 @@ src_configure_cxx() { econf "${myconf_ldapcpp[@]}" \ CC="${CC}" \ CXX="${CXX}" + popd &>/dev/null || die } multilib_src_compile() { @@ -538,14 +556,14 @@ multilib_src_compile() { if use cxx ; then einfo "Building contrib library: ldapc++" src_configure_cxx - cd "${BUILD_DIR}/contrib/ldapc++" || die - emake \ - CC="${CC}" CXX="${CXX}" + pushd "${BUILD_DIR}/contrib/ldapc++" &>/dev/null || die "pushd contrib/ldapc++" + emake CC="${CC}" CXX="${CXX}" + popd &>/dev/null || die fi if use smbkrb5passwd ; then einfo "Building contrib-module: smbk5pwd" - cd "${S}/contrib/slapd-modules/smbk5pwd" || die + pushd "${S}/contrib/slapd-modules/smbk5pwd" &>/dev/null || die "pushd contrib/slapd-modules/smbk5pwd" MY_DEFS="-DDO_SHADOW" if use samba ; then @@ -562,22 +580,24 @@ multilib_src_compile() { KRB5_INC="${MY_KRB5_INC}" \ LDAP_BUILD="${BUILD_DIR}" \ CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" + popd &>/dev/null || die fi if use overlays ; then einfo "Building contrib-module: samba4" - cd "${S}/contrib/slapd-modules/samba4" || die + pushd "${S}/contrib/slapd-modules/samba4" &>/dev/null || die "pushd contrib/slapd-modules/samba4" emake \ LDAP_BUILD="${BUILD_DIR}" \ CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap" + popd &>/dev/null || die fi if use kerberos ; then if use kinit ; then build_contrib_module "kinit" "kinit.c" "kinit" fi - cd "${S}/contrib/slapd-modules/passwd" || die + pushd "${S}/contrib/slapd-modules/passwd" &>/dev/null || die "pushd contrib/slapd-modules/passwd" einfo "Compiling contrib-module: pw-kerberos" "${lt}" --mode=compile --tag=CC \ "${CC}" \ @@ -596,10 +616,11 @@ multilib_src_compile() { -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ -o pw-kerberos.la \ kerberos.lo || die "linking pw-kerberos failed" + popd &>/dev/null || die fi if use pbkdf2; then - cd "${S}/contrib/slapd-modules/passwd/pbkdf2" || die + pushd "${S}/contrib/slapd-modules/passwd/pbkdf2" &>/dev/null || die "pushd contrib/slapd-modules/passwd/pbkdf2" einfo "Compiling contrib-module: pw-pbkdf2" "${lt}" --mode=compile --tag=CC \ "${CC}" \ @@ -616,10 +637,11 @@ multilib_src_compile() { -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ -o pw-pbkdf2.la \ pbkdf2.lo || die "linking pw-pbkdf2 failed" + popd &>/dev/null || die fi if use sha2 ; then - cd "${S}/contrib/slapd-modules/passwd/sha2" || die + pushd "${S}/contrib/slapd-modules/passwd/sha2" &>/dev/null || die "pushd contrib/slapd-modules/passwd/sha2" einfo "Compiling contrib-module: pw-sha2" "${lt}" --mode=compile --tag=CC \ "${CC}" \ @@ -643,10 +665,11 @@ multilib_src_compile() { -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ -o pw-sha2.la \ sha2.lo slapd-sha2.lo || die "linking pw-sha2 failed" + popd &>/dev/null || die fi # We could build pw-radius if GNURadius would install radlib.h - cd "${S}/contrib/slapd-modules/passwd" || die + pushd "${S}/contrib/slapd-modules/passwd" &>/dev/null || die "pushd contrib/slapd-modules/passwd" einfo "Compiling contrib-module: pw-netscape" "${lt}" --mode=compile --tag=CC \ "${CC}" \ @@ -679,11 +702,12 @@ multilib_src_compile() { # lastmod may not play well with other overlays build_contrib_module "lastmod" "lastmod.c" "lastmod" build_contrib_module "noopsrch" "noopsrch.c" "noopsrch" - build_contrib_module "nops" "nops.c" "nops-overlay" + #build_contrib_module "nops" "nops.c" "nops-overlay" https://bugs.gentoo.org/641576 #build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER build_contrib_module "trace" "trace.c" "trace" + popd &>/dev/null || die # build slapi-plugins - cd "${S}/contrib/slapi-plugins/addrdnvalues" || die + pushd "${S}/contrib/slapi-plugins/addrdnvalues" &>/dev/null || die "pushd contrib/slapi-plugins/addrdnvalues" einfo "Building contrib-module: addrdnvalues plugin" "${CC}" -shared \ -I"${BUILD_DIR}"/include \ @@ -693,21 +717,20 @@ multilib_src_compile() { ${LDFLAGS} \ -o libaddrdnvalues-plugin.so \ addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed" - + popd &>/dev/null || die fi } multilib_src_test() { if multilib_is_native_abi; then cd tests || die - emake tests || die "make tests failed" + emake tests fi } multilib_src_install() { local lt="${BUILD_DIR}/libtool" emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install - use static-libs || prune_libtool_files --all if ! use minimal && multilib_is_native_abi; then # openldap modules go here @@ -724,42 +747,40 @@ multilib_src_install() { echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" # use our config - rm "${ED}"etc/openldap/slapd.conf + rm "${ED}"/etc/openldap/slapd.conf insinto /etc/openldap newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf - configfile="${ED}"etc/openldap/slapd.conf + configfile="${ED}"/etc/openldap/slapd.conf # populate with built backends ebegin "populate config with built backends" - for x in "${ED}"usr/$(get_libdir)/openldap/openldap/back_*.so; do + for x in "${ED}"/usr/$(get_libdir)/openldap/openldap/back_*.so; do einfo "Adding $(basename ${x})" - sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}" + sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}" || die done sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}" use prefix || fowners root:ldap /etc/openldap/slapd.conf fperms 0640 /etc/openldap/slapd.conf - cp "${configfile}" "${configfile}".default + cp "${configfile}" "${configfile}".default || die eend # install our own init scripts and systemd unit files einfo "Install init scripts" - newinitd "${FILESDIR}"/slapd-initd-2.4.40-r2 slapd + sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd-initd-2.4.40-r2 > "${T}"/slapd || die + doinitd "${T}"/slapd newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd + einfo "Install systemd service" - systemd_dounit "${FILESDIR}"/slapd.service + sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd.service > "${T}"/slapd.service || die + systemd_dounit "${T}"/slapd.service systemd_install_serviced "${FILESDIR}"/slapd.service.conf systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf - if [[ $(get_libdir) != lib ]]; then - sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i \ - "${ED}"/etc/init.d/slapd \ - "${ED}"/usr/lib/systemd/system/slapd.service || die - fi # If built without SLP, we don't need to be before avahi - use slp \ - || sed -i \ + sed -i \ -e '/before/{s/avahi-daemon//g}' \ - "${ED}"etc/init.d/slapd + "${ED}"/etc/init.d/slapd \ + || die if use cxx ; then einfo "Install the ldapc++ library" @@ -792,7 +813,7 @@ multilib_src_install() { for l in */*.la */*/*.la; do [[ -e ${l} ]] || continue "${lt}" --mode=install cp ${l} \ - "${ED}"usr/$(get_libdir)/openldap/openldap || \ + "${ED}"/usr/$(get_libdir)/openldap/openldap || \ die "installing ${l} failed" done @@ -822,6 +843,10 @@ multilib_src_install() { dosbin "${S}"/contrib/slapd-tools/statslog newdoc "${S}"/contrib/slapd-tools/README README.statslog fi + + if ! use static-libs ; then + find "${ED}" \( -name '*.a' -o -name '*.la' \) -delete || die + fi } multilib_src_install_all() { @@ -845,7 +870,7 @@ pkg_postinst() { # and a misconfiguration if multiple machines use the same key and cert. if use ssl; then install_cert /etc/openldap/ssl/ldap - use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.* + use prefix || chown ldap:ldap "${EROOT}"/etc/openldap/ssl/ldap.* ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]" ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]" ewarn "add 'TLS_REQCERT allow' if you want to use them." @@ -860,17 +885,19 @@ pkg_postinst() { fi # These lines force the permissions of various content to be correct - use prefix || chown ldap:ldap "${EROOT}"var/run/openldap - chmod 0755 "${EROOT}"var/run/openldap - use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default} - chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default} - use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data + if [[ -d "${EROOT}"/var/run/openldap ]]; then + use prefix || { chown ldap:ldap "${EROOT}"/var/run/openldap || die; } + chmod 0755 "${EROOT}"/var/run/openldap || die + fi + use prefix || chown root:ldap "${EROOT}"/etc/openldap/slapd.conf{,.default} + chmod 0640 "${EROOT}"/etc/openldap/slapd.conf{,.default} || die + use prefix || chown ldap:ldap "${EROOT}"/var/lib/openldap-data fi if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then elog "Getting started using OpenLDAP? There is some documentation available:" elog "Gentoo Guide to OpenLDAP Authentication" - elog "(https://www.gentoo.org/doc/en/ldap-howto.xml)" + elog "(https://wiki.gentoo.org/wiki/Centralized_authentication_using_OpenLDAP)" elog "---" elog "An example file for tuning BDB backends with openldap is" elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"