mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-12-07 10:22:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

net-nds/openldap: Sync from Gentoo

Browse Source
This commit is contained in:
Kai Lüke 2020-08-07 20:22:29 +00:00
parent 3d58e109d8
commit 37d6fdd69f
19 changed files with 274 additions and 3489 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
sdk_container/src/third_party/portage-stable/net-nds/openldap/Manifest vendored
View File

@ -1,42 +1,2 @@
AUX DB_CONFIG.fast.example 746 SHA256 69fc9aa6e4f0b888bc02d3f75642fe1ebf9345c685257a5c1236b2e79ed56e0b SHA512 07199416b7c91864a1dd5ad45642367c4f79ee8b694214305289c47afb5b53420f0fb81cf7c8b117400c903535e88a2dd47bda28d57e969aeeec669debf6dc9e WHIRLPOOL 1d6a2adcdbbac2698d8d5ab1867ecfafee23c8561c34addaea30f59bde8b4bfad88c576ffd7df102aa428c2588ed3b9376de49606eb6608c8e873f8119326c5a DIST openldap-2.4.50.tgz 5712635 BLAKE2B 6a7d864a44c411b82cf703585c4a81954a02497e8510c84e29070dd120da0181e8425fd2b8bb7616e42e6e26d0f06db5ffdf50fb1cd97943d23f9914eb4f1260 SHA512 f528043ff9de36f7b65d8816c9a9c24f0ac400041b2969965178ee6eae62c92a11af33a0a883e4954e5fff98a0738a9f9aa2faf5b385d21974754e045aab31ae
AUX openldap-2.2.14-perlthreadsfix.patch 614 SHA256 bb719cc1fed47ff0f111c960f3295781ae6f0d9e98b4266a87751044b4bb3175 SHA512 e2579de72194c63e445108a39a85635622c1a629cec9d276df84ce9d770dbe7e2df2057663bac192558af3dee60fa2f0ae92f4cc34145c300fe141ae7f3f13b3 WHIRLPOOL 24cab36ff0368f81f555ba0fa0ea0f78d245d1863bf4c6c6d291536b16bdbe628a9a204ffccce12a6014b71717f3dd722c9f95061c1a519e273c0535316ad97d DIST rfc2307bis.schema-20140524 12262 BLAKE2B 98031f49e9bde1e4821e637af3382364d8344ed7017649686a088070d96a632dffa6c661552352656b1b159c0fd962965580069a64c7f3d5bb6a3ed75f60fd99 SHA512 83b89a1deeefc8566b97e7e865b9b6d04541099cbdf719e24538a7d27d61b6209e87ab9003a9f140bd9afd018ec569e71721e3a24090e1902c8b6659d2ba103e
AUX openldap-2.2.6-ntlm.patch 5011 SHA256 1f7e766bcafb412ec336aad7e07295d6d62d2e2a62b6804b07b06a5056102243 SHA512 8140dba85c56f269c953b0b23b2ca7eecb42f8e5167f4d0f08511dc8c06c30bcb42c3e38ed3b77d5622780a94c0aa9eb65bb8e45af50075acab97e7f466a1a9d WHIRLPOOL 75c2394c46242f738b5ee0db8473b05b5e7e75821e89dcea3ca7a139e34cc61f5848d0601dc66499dad35beefdd02aed5486ed138cfd8e216041aa5ceb85c920
AUX openldap-2.3.21-ppolicy.patch 402 SHA256 97feaaff03e839aaad402024082ba62fb2cbe0c721664a85af8674ebb28d7dbd SHA512 19d2fb2755f62d3b77851983645f6656f10078e983ac09c8de7b50ba2ce52f2c8e5379f066cf1b6e91921b8ca5c54852bacd1563f20e5004babe94db66e7d88e WHIRLPOOL 32a93bc7daa952313643a56533719963766f944f25abedb29568b4e32fe1f42ffd7631b922dd2395d42d81ca2addcce8ddd5fd11432a4217c5f76f5b1ff8ef66
AUX openldap-2.3.24-contrib-smbk5pwd.patch 1631 SHA256 277990c6bc9e00c29bc5123d5074e1a741a224e884f92651b301375b02edc70e SHA512 7aaab44cdf84233bfd78555db3af7c5a435cb3f37cb8f243b57b32391381835ce1efff7604f80cdf58fee429f6ecedc486f88addec15b6d32ef78f526c6c8826 WHIRLPOOL fbb14366c31ff97b9a706b9ceb0073e45affcf513a1c58966548537dfa3d3185ce5d8f0b38b627a5a729a3084b38f5681565bea2c46d369179879223e66adc37
AUX openldap-2.3.34-slapd-conf 2067 SHA256 f7611233b83fa70dac313b4e734041dfe1ddac07c804bdb12a775d7cf88c36a1 SHA512 fa1c6051c8285cd8f91dd236289a7492efd30fe172d269b35a4941945623f87fd4ff0c8b47dae36e55e395e4d931cf680ab15c5f44fd7279be686678661971aa WHIRLPOOL 55384866d25d016a6135b443e9b25a8a321118a4e33214950f7f3ea51c357ba5a4b335d2f77aa941c04ebfd6131fcf48c87f29df8dc4fe685bad9f3aae61642a
AUX openldap-2.3.37-libldap_r.patch 862 SHA256 82471cc13806a9260e441aea90c8dfe9ce21b6d3edabb71766a2afcff6f80dfb SHA512 b49260b4a1583e1084f695e55e80aa90b301c9d56cd9cc04f0a78c0beb2e7d645e4b2163cae2be940f3918802b5d766e30f8550fd7fe723f365829c415fe364c WHIRLPOOL b22350b4ee9a3505b7b78ae915e82d3c84b19e7140047733cecd37818c57606097bd5d199d670ecf0d3bc350c08703bcaa126ed359b7930ab0a9b58e66f4aa50
AUX openldap-2.3.43-fix-hang.patch 645 SHA256 48d1f63a303142e535413b3a42e1fdfea89abaf3265de801c147ef3bdcf3c27e SHA512 3cc7f46bd69634844c5fdf893120928e2d8b6c93011aebfb01786608bbb40351fab3f5e346857ab95724d5199b4b0270d56d56c7f1a43be07951f26fb82b018e WHIRLPOOL ddb6314f72a70a92d2cdc96548a8d0f783e97b91c9d71971566d3028d8ef1527b6897e5cdd6557fcd223f317b510dfbd12666c5bce0e8c9f06451e077a766bd5
AUX openldap-2.3.XY-gcc44.patch 1169 SHA256 c799ad2adde0e0801bfd641c1a43860180121a04897b8e2a01ad000ea31e2a8d SHA512 9e7b726b384390dbf85c50cd344b6a614d09823293f1af2642cfb50c25f4f39254ae0b19cd0da0b30e6fbd270f61646487e1643406438bd2ec6b37883b03f9f2 WHIRLPOOL c5881dac9b095c28f3dd75fd71dfada84705bd42d643172389854f0c65e548a0f8721abef50568f63ebd85ac7bfeff68c64703dfdec0f7b42a57b92cf2f95097
AUX openldap-2.4.11-libldap_r.patch 515 SHA256 3310a89d38bc39e6eb4333799d475411b274482b8bccab212b3edfd4385db70e SHA512 44d97efb25d4f39ab10cd5571db43f3bfa7c617a5bb087085ae16c0298aca899b55c8742a502121ba743a73e6d77cd2056bc96cee63d6d0862dabc8fb5574357 WHIRLPOOL f0c115c60a1405bb6d34090d878ba82b454cced4a7718e1132bc8d118032ae656dcd0207640142740ea4f547403edf2b95c97ae2c7f67a2b656b83cb3a508e45
AUX openldap-2.4.15-ppolicy.patch 418 SHA256 98269fa1e8a1a0e62dad9acd36fd9a33614fca9a5830d6e7e606db8eb7f85de5 SHA512 59db36c9b4d16e7ccf4b318af2a8d0c6e29cda7e567641b3bcc6069bb7d610a8ac8b56e16ca72165b3e50841abb1ef693b9e2958f16997ac637554f3a67b7146 WHIRLPOOL ae52ce30b17e0413ee87db55070d64e06e4ab5e14adf96f808a0cfba39c3f946fc5b4e4431d8fc6123c025261acd6a16e2245a1b46e1eb7a131444e5ffc7825f
AUX openldap-2.4.17-fix-lmpasswd-gnutls-symbols.patch 3542 SHA256 31e816eb9f3b52f5f9d183f82adebff75892e45e764187e579a92204c90889cb SHA512 6e4d3d04344433967ae099471e2af9d706e77206fc5e8d84d63681c5b975110f9abbee5d29be0a51e4cf8bc8ee157d8f386d99ffcebd059ef1be660530aaa096 WHIRLPOOL 38d4e60faff9d3a5f21e0783e688b4716d8d04976f549958798becad3e03b06eec2eeeac1b7491fe361e077b4aca5b75506bd45d65668746ab67db3a20d86a28
AUX openldap-2.4.17-gcc44.patch 509 SHA256 33345882f601050ecaa6bb3dd7458e6b5f8e3684345847f7a53d4a1b0f514bda SHA512 ea2c862c7a7b8bc17c31ece694c010dd648840cb4facd48d5640767d859bf3c9108d547007984cb759f4a8810ff99ab8295c82dc2ad069f568d037d8448e6ff4 WHIRLPOOL 5f597463b6e92b43e0d6beabf426f5d6000fb204dfe8080ebcf57ec71391712fb24f728f6e61d205dd3ef9e78c7eb8a443994c68469f80b2536cfea3cd75eed4
AUX openldap-2.4.28-fix-dash.patch 1101 SHA256 fddaad5f49cce39bf5492bb1dda10f2ce83419c48f128fe536661dde703b5d1b SHA512 f9b3a50eb972f746878afe4a8cda8d7e2a2807932ad2faf602f43e5a1b81166bea4fde764b4e1ae4be0000cc0713ee90a4620afab5809b8460f60ae39a716e9e WHIRLPOOL ba3856cd1008431025811aaa21d0a0ce94896590a16eee8cd27bdc84fd89884b0d27e8dce31bc79e4b4a91884bc90624f1a6afb38efb847839a036b4a2196af5
AUX openldap-2.4.28-gnutls-gcrypt.patch 340 SHA256 26dc29a502e45f6b1003674c1ef5bc6c79b71d00fc9b2fc7a145291a314370c0 SHA512 53441707e9b24e774c0541ad8b63295eea6dc0352ae2ef3bf389f381da18f1df05fb2f7b41c816e1f697d8f1b208643d05891c03d8fba42d85e3b7689e5ee94f WHIRLPOOL 6be9eda56fd68c9e0818443ca70ee6c1e904aa6126576477d402c9abd2ee44952a0a313efc89f603b02cac35cbfea3c987de5b6ec3625a92bc691386edd85aa5
AUX openldap-2.4.31-gcc47.patch 480 SHA256 6a0bef52a8681e30c4be7c11df88f5c73d2ab90f0bbbb79c550b6174d3978060 SHA512 a35113fe3f5e9ae5b9631976415df41d53a99ae1ca4c4dcdcfd89e6ccc6ba906cf5cfe2ee4901033dba29d62b6607d4a93ca74645eb6ceba38e67c5d8521816a WHIRLPOOL bf1315bebf8b16a625d55ac1d040a1ab831c25c87fe6f9bb9ff4b1b54f621a36e75e6055955e60617823fbf78244cd4aec7f702ea0d7a8d85a164f550d2675e7
AUX openldap-2.4.35-contrib-samba4.patch 1400 SHA256 64ca91d3edae25d392f39a7f538e269b26de4e09923f872014e84ec388bda911 SHA512 332c4b2daa3eba165cfdcd479b1012e139d60095aaa628f8f5750fffb722d39395935bd7d7e56272e98fd234ab0be1c6568a71feeda5d88ba24b91b385defdad WHIRLPOOL c472dc75bbc1261b84ce0bfe8dd0a749200d7540647733ca13c0b1ccd8330739278f83eea3c91b3b29e5982eb6c9f9fb920ffdd9a6faaf4c0e66a97a1d16db55
AUX openldap-2.4.35-contrib-smbk5pwd.patch 1626 SHA256 377b9204f51bb751d7311de3ee789386496372db2964ed2a929733099c23688a SHA512 c045c7605d25bab9eef8c12752f4952e3e6358124764ded91f5f98210686bc371f32ac20c56a63de80410f882f20e0889eec95474f1ee9d4c5bb4ed303ec8da0 WHIRLPOOL 64feead042fe22ec8bd36a23a11ea1af513702de2ab063324f0e49802635ca53b9f2f662159c8784877f6342d0a15cb231710be2ea69031c3df7459cd150cc47
AUX openldap-2.4.40-slapd-conf 2059 SHA256 306602d38cbbdc2203e9f838348cbe9b264738cf86bbebc60272658b92a1eff9 SHA512 7ce8a8262db74d86449a3d31b96b2efa9e8dae2f9992a1c3a6d6899fb65531eaf917f410d8728852cb74338d7ba3c8c3b52d2f6cdcbba4cb3b97f6c733099fa2 WHIRLPOOL 979a2802501ec22dd93032eb3bc1a3df322558013cd8038736bac436b33fdb666df5d93fbfcc4d99762c10aa9e1a1edef496fa364d2b4f0019b5dd702174b6f4
AUX openldap-2.4.42-mdb-unbundle.patch 3589 SHA256 43be88ef0810608232b2490e7f06f66272d17059c581f76d4de79c415365dd97 SHA512 ec123ff8cef6c32b1f29c2d0643433dd88dfa8ab62b4d7536de829475ff8b45b5c7376f3e17f3424aab326a573aa36a593630feecbd40c3e574c6c24f5dd83ec WHIRLPOOL 0eadd603e016506d3365f81c802561a0201122b989033935a5a6b4737db75ff6c1517bcca1c7c127b54bfd7c1ea2db0c11f65228ea6c4cbacf2f783af98dfddb
AUX openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch 3542 SHA256 e7f630f8cad556806012489973f4f9c366bdcf7779170b163de21e078da8f114 SHA512 bdbc36bc020964eb997b8038cf3c32a2a8ccc09512e735376a34e5a54d0d0abbbc73cb60a3f6efaf7f8bdd88cad37c5f652c322eb0ff66edee8c8fc8978d1a3b WHIRLPOOL a5a62a1183b38c4346898032c2343c99685e64478bd7b8a45480a4818ab089383d101d84455e02712543504ff742715a9358b4896ed97cff44d6f4ae340b3dde
AUX openldap-2.4.6-evolution-ntlm.patch 5161 SHA256 3b79d9afaa7c76ca20c5e7aa856dea49931741a1022ae6c3bb264c38f4c22edb SHA512 a553231ad3e2d2ca3a3a195b20da6163c135a723e0a3ed39afcad5601ed4ef01e692533df3f8f96d5ec8cc74ca27cbd16508818007dc1343899a42b5595b980b WHIRLPOOL 624f11c996825bb248dd7c33f64afd3a4e8b9edbbe79c6fdffc7f2d8e57c5d8ac4c651eae7763dbc0a06144b916131b70e599771034bcb6bd8c586a9bf6a8209
AUX slapd-confd 614 SHA256 901044908fbbbbf333f7f0f1efccd1f0e213aa1a9156b3e659eaf0a0c7fdfc89 SHA512 e4ae52d10294da787016cf39adfd68c6ad812ac1758b00845810ee7936d21734d2ef3793252b878d88f21788414071adffb5f484381d4dc6a29f71a8729486b7 WHIRLPOOL d45df7487a952f899e9098779edda82afd9fb5ca66e42bbaf4a94f9ebdda9be58a026c0358a521a2feb4cc04c1f8477fb034896054ca4575d717bec367e1e2e8
AUX slapd-confd-2.4.28-r1 1072 SHA256 5bca003ec3b67c7c78519aede1d82002579006ccfecce8f87b559df719f82e92 SHA512 7426c04ee689bcfb29a9a3956367c571eac6bc9620efda938591d09382a05527454458f7a25bdc2fa2ac920f93bae516121e085408ffefbe8ace0c7d8c5da315 WHIRLPOOL b9cb4e249f224ce2435184922df8d053d4c6d058a6408b72ac3c393563bdc0d413f7310e74ef7dcdab6dedc3d25a77d5af0581334356a9b55be5c516d6ee71d4
AUX slapd-initd 1168 SHA256 6b2039adf33b9dbfcce644631f4e8d1c0517327123ad875e102bcafe6c30b364 SHA512 52dec305f990de797cfe12a9b0d5b306f4b5baedec1597879151a492a1743ea46d83bf659f7695e07b8652fddb8a5a2ea11339991432075907fc088edd9a8bd5 WHIRLPOOL b2b29b8571976fafdf3c801b744b86ce9f2bb460bedf736ea912e6c97739c3cc57a64dee45b4fbc15382d26571cd1540b9ac3e609e25ce97973e80fd8bb77ff3
AUX slapd-initd-2.4.40-r2 1726 SHA256 bcd84fca8efc1eec3aea489f238b51ce7226ffcdb1562044e48106897bc5a6fc SHA512 3945dc4cff9b20bddd2ac4f38d045f8caabb59368ab0b5e952d4194d06a1bdd9871546b84e9a54b692d2e3ca699aa065e5fa909a29ae80e102ed9635c94bcfd5 WHIRLPOOL 1be86d1dcd863077fa77a98e56b5dded097d34afabaebb29d3d37f39c818cca246067fdab4aaffddc64c02fbe01e7000ece6da6e7b9015dcf3248b5325d7ed84
AUX slapd.service 284 SHA256 106563991611b44717cf93c10473edef39b4f0b4b391e29b9d5bdd3059c7a64a SHA512 450c93b320101e1c28681cad6694c24332fbe424ac98283b621a2f6e1eb01e9e2dbd80a4142e6e8d01d95c55018b44e847d4f4c55f11d7e0e0a11ae1827daa82 WHIRLPOOL d1ff7b8c672d9b38116cc8984567179a743b140211ae99bebd00729d8dc3cfcd4ed7c0833a18b071c9fa20eeb2cce4e053e7b6805474fc3ca8442167254c1e35
AUX slapd.service.conf 443 SHA256 462adb8f6fc1a9f742c792b4392346d30949eed523453dd19b64afc9dc448145 SHA512 be9cf4bf19111bd77c0ce481428e6f3cc183a6939775ed1a2d7606a5162da34178cb139d666288f6a35b8413bd4dc5f8f1bd60b39f3cca8f749557674b93910b WHIRLPOOL 8697c1c1c82c5c3fbb5d3fffc43e56f1a05a8bf23443270f2a051fde7d6ca0d1c5102611ac62d244b2c190c6bd1fb675cc46a5978a715d2df4e72f13c58db3c8
AUX slapd.tmpfilesd 90 SHA256 8039a0190bd5b701f29661c63e03e4fb439a8eb50fdd7be5ce96a7f7f3aaeb1b SHA512 c462c92911635a2a6a30eb7239e74b529062224f9798351f53dca9a2e25cbc7f9fbb3743f98a015b7ccac0823ab85adb42d91d980f053bc3f12fdce760ce4bec WHIRLPOOL 2fb28068fa2b8113041544bd88a58060aa309b012b58bd903b58e2ff853fec0882de2f2b0fa28da76eaa5550dcccbe7ed6e8b792df7f788b6bf0d324a0dc0e52
AUX slurpd-initd 386 SHA256 f63742fd5f4192e8c676d3634b3947f48dffc2d37ebc82d50a3eec19178c51f0 SHA512 f6f5ede73eb1290673f1d4c9605d8806c759d68568610660eaa1cdcacf2926c728387b5e70885acdec0eea0e15a734c730af49550c4ffc8f121fffc3d9b7ed8c WHIRLPOOL 8f6fe3bb1e2221438e546b766368f76cb6dec18aa3b3b997cf3867b058f0d0d0ca1690a0fb10ae2aac28917d0803c4d2d6663e7993e3eeac3589b4f407befc0f
DIST openldap-2.3.43.tgz 3803011 SHA256 d7d2dea05362c8ac7e11bb7bf1da4cdeb07225ba8dc16974bff9f51a9f3d37e1 SHA512 2b0ebb35adbeed34673e1a55cc7a89b348ddee7ad6ce7f915ca3745198cee992aba7281bf0d56197dcfd59665935d5d3764db0ba487975e4dbc2a2507d6ea7a6 WHIRLPOOL 7457112bbad83d75f7ad01230da97511a8d983a98f7e31357dbffd79a7ed7e53057af781002cae8c610d3ad7834dfeefbd7f223798d45aea8cd00b70f5ee0e39
DIST openldap-2.4.44.tgz 5658830 SHA256 d7de6bf3c67009c95525dde3a0212cc110d0a70b92af2af8e3ee800e81b88400 SHA512 132eb81798f59a364c9246d08697e1c7ebb6c2c3b983f786b14ec0233df09696cbad33a1f35f3076348b5efb77665a076ab854a24122c31e8b58310b7c7fd136 WHIRLPOOL 37399793d681a6489c369d663772970c62a4e1e370d4dc306bcb6fa3b9cb680139c9d940d9218aaac4618f50a63bc391b10f2aec0a134f84094ce4f7378c88ff
DIST openldap-2.4.45.tgz 5672845 SHA256 cdd6cffdebcd95161a73305ec13fc7a78e9707b46ca9f84fb897cd5626df3824 SHA512 1c9fc84efed8998f107ce6e1c6be3f5466388241afdca0cb3847720c9def0bc263a2dbc15bf0f9112d1b4c391fd01e8531a4fb08c5532c30fb86924c08daedab WHIRLPOOL b5855bfe2b2c3856a98fb8b07ab94e51ef995ff80d4f39f0e7edae64f9774f0af9987db3673e25f98df8a5856a3f8839f28f1aa9184c92862a4df22540b3ab49
DIST rfc2307bis.schema-20140524 12262 SHA256 6cd8154ad86be1d6bb88a79c303dc10a49bce4ce7d21bb417a951d6496df30b1 SHA512 83b89a1deeefc8566b97e7e865b9b6d04541099cbdf719e24538a7d27d61b6209e87ab9003a9f140bd9afd018ec569e71721e3a24090e1902c8b6659d2ba103e WHIRLPOOL 40cef24529fb4bfc1661d03088eccdb17d9056d696b2bf0e698fa248d03f508ba776784bf8abbaffb5f4c2c59b59b29525b4be2babc978fed681e5e3c88073de
EBUILD openldap-2.3.43-r3.ebuild 18084 SHA256 e8bdb634b475e9773001bd4325518e4854b02d9fc21c6e153f5437d662e1c238 SHA512 7d8d7a2e1563960f1db4704d4dc1c1d922c4fc1ac311f5bda1ad9278388be26d9d4e7a0f4c2695406bba2a97613d0fa3a4eaacd7bb639439804a2c105fb859c8 WHIRLPOOL 564dd18d46124a7cd55b22308532dde74caa3393f43ff7fcd96ddf2634a2c2182ba6cbde302620c965a146f6838f3534db19b5d015eca55b7064a25bde83f7a4
EBUILD openldap-2.3.43-r4.ebuild 18276 SHA256 51dcc2d596a0ae4c494a1c7a473930c10122abc3f91073daac5002f87f60b7bb SHA512 31cea69f98d773f8ef909acc424f29062dd31ad187b771417ba624fb1d3c1c6edfbfb4094fdf31045d251c6e9d44f322732ee4086710be39a8a00e4ad25ddb68 WHIRLPOOL 6a9dc29d18f399f885ea86d56cab4c7e637f8e32d5f584fccdf80641d2742011dafba213c8ca300641ef899d9b7da93dbda926b3741c1a6d8b3c9374e84610c8
EBUILD openldap-2.4.44-r1.ebuild 27245 SHA256 034bf87b74f8092305d1035d2994a319de41412b21f038418caa8dcdb02a975c SHA512 a5273bcf45add81f5dc01b17ab0e4888a5f96e535c0156aed8f9e48fedf382c30f53cbcebbdc4d3e68e79009b8e53ae8faf8245f12980b9127bd8688960adbe7 WHIRLPOOL 9efabbacb9e7c70209ca478f41855c4cd6e89b979bbe3b38c36a2ff39ec7fcfb07a76a2dbc2da1ae0d82f5ee1d69ced25f90797dabae8095fd64f204775d03f4
EBUILD openldap-2.4.44.ebuild 26576 SHA256 85310e0749a2bd1dfe37fb10fdbab74cf88bdef06a4d796f3b222daf28de9eb4 SHA512 870e3c0a52144e663d3ba7b8dc70a9198292fc81755ebabee0a214113596d76d004f5b2f91b2033c50432b21de98d0b5f37ace15e2b40a6bc309400c44df286c WHIRLPOOL c655f2c9e3930fd2cfda558e1da8b698fd3db191927fe7eee16a6964a207082e11dd63723df278b8a4640ca9713f328ce28a046d9af1af8b629782a9fd849d64
EBUILD openldap-2.4.45.ebuild 28042 SHA256 3aedd923fd2e5f20c24b9fe57f5340b2cbc56b5f82276b3d25669518320c4f74 SHA512 554d404a2af4716d8759f0a435f440d1bbc5e31c2c55c0b529ac412aae4d0774c770ebc4248dcc0a856ddd68fba6a276bcb9dc6f8afb0baeb95be2ed80a7c597 WHIRLPOOL 46db827860f5cd3b74836944db87384a7d43e5d2adbf821cc94f3e74d6dbe3c81bbcb778df581663dabce2c0d6d284f46846f77133a6c5e92fbc9855d95d1c13
MISC ChangeLog 8175 SHA256 3e40d412ae900631f1ff6666ca53a00c645d846d17e85dda64f2307af9a8b51b SHA512 5758f053e916ff51f0af336a4c1ab5068827334b441b5904be35968bb6be7efd078682360e41f7ba2bbbdf0302e0cf0e9b3e51bf466efd8a4a5ef61ff890258e WHIRLPOOL 0d7b6d7f534bdeca1aa97339e69a2705ab96abf678d910e6cdf994956553dc9ad25b935903e938991bf79b4986692912e846989e7a1f9d4fa96c8a82c331d432
MISC ChangeLog-2015 87821 SHA256 29dc9d2d86f5c0de89ee44162332ee4390220ea9e546895100bd413bc60a0a30 SHA512 7c98e1dfe9ea30d7a31a7187cd913e6997bd8f8d5d74747c85f989a61b702272ce120588874257f2653343c2134c94dc405710f82957169a6f7bac01854d3611 WHIRLPOOL 2b657cb4f1f302e90eea233e401c6ca379b605c697443b36280153eb7419695ed2040ada6505b2c38c86832bda3efa74a4bfeda267d644639148ca6954cd10e9
MISC metadata.xml 939 SHA256 dbed34e13c441b16f14e2ddb4a415b343e7148c9ebbd294b8d825f5abad9b350 SHA512 2cb744d3e29b0a3e8418b47df6c4d64a606d9a5e021e64104b8644da4977b0ad030b7d2e6c74259799c5ee1aa64984b779fa7966f6a77402574150f6756df1c1 WHIRLPOOL 2febb19b808bb5eea0040655b745c44cddd89f25f8c74091fb63371bec1e4b99d41fce6e5a1e1b699706e1a14634ccc7b49f8d022d3b4cc3a544680e728773fa

199
sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.2.6-ntlm.patch vendored
View File

@ -1,199 +0,0 @@
(Note that this patch is not useful on its own... it just adds some
hooks to work with the LDAP authentication process at a lower level
than the API otherwise allows. The code that calls these hooks and
actually drives the NTLM authentication process is in
lib/e2k-global-catalog.c, and the code that actually implements the
NTLM algorithms is in xntlm/.)
This is a patch against OpenLDAP 2.2.6. Apply with -p0
--- include/ldap.h.orig 2004-01-01 13:16:28.000000000 -0500
+++ include/ldap.h 2004-07-14 11:58:49.000000000 -0400
@@ -1753,5 +1753,26 @@
LDAPControl **cctrls ));
+/*
+ * hacks for NTLM
+ */
+#define LDAP_AUTH_NTLM_REQUEST ((ber_tag_t) 0x8aU)
+#define LDAP_AUTH_NTLM_RESPONSE ((ber_tag_t) 0x8bU)
+LDAP_F( int )
+ldap_ntlm_bind LDAP_P((
+ LDAP *ld,
+ LDAP_CONST char *dn,
+ ber_tag_t tag,
+ struct berval *cred,
+ LDAPControl **sctrls,
+ LDAPControl **cctrls,
+ int *msgidp ));
+LDAP_F( int )
+ldap_parse_ntlm_bind_result LDAP_P((
+ LDAP *ld,
+ LDAPMessage *res,
+ struct berval *challenge));
+
+
LDAP_END_DECL
#endif /* _LDAP_H */
--- libraries/libldap/Makefile.in.orig 2004-01-01 13:16:29.000000000 -0500
+++ libraries/libldap/Makefile.in 2004-07-14 13:37:23.000000000 -0400
@@ -20,7 +20,7 @@
SRCS = bind.c open.c result.c error.c compare.c search.c \
controls.c messages.c references.c extended.c cyrus.c \
modify.c add.c modrdn.c delete.c abandon.c \
- sasl.c sbind.c kbind.c unbind.c cancel.c \
+ sasl.c ntlm.c sbind.c kbind.c unbind.c cancel.c \
filter.c free.c sort.c passwd.c whoami.c \
getdn.c getentry.c getattr.c getvalues.c addentry.c \
request.c os-ip.c url.c sortctrl.c vlvctrl.c \
@@ -29,7 +29,7 @@
OBJS = bind.lo open.lo result.lo error.lo compare.lo search.lo \
controls.lo messages.lo references.lo extended.lo cyrus.lo \
modify.lo add.lo modrdn.lo delete.lo abandon.lo \
- sasl.lo sbind.lo kbind.lo unbind.lo cancel.lo \
+ sasl.lo ntlm.lo sbind.lo kbind.lo unbind.lo cancel.lo \
filter.lo free.lo sort.lo passwd.lo whoami.lo \
getdn.lo getentry.lo getattr.lo getvalues.lo addentry.lo \
request.lo os-ip.lo url.lo sortctrl.lo vlvctrl.lo \
--- /dev/null 2004-06-30 15:04:37.000000000 -0400
+++ libraries/libldap/ntlm.c 2004-07-14 13:44:18.000000000 -0400
@@ -0,0 +1,137 @@
+/* $OpenLDAP: pkg/ldap/libraries/libldap/ntlm.c,v 1.1.4.10 2002/01/04 20:38:21 kurt Exp $ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+/* Mostly copied from sasl.c */
+
+#include "portable.h"
+
+#include <stdlib.h>
+#include <stdio.h>
+
+#include <ac/socket.h>
+#include <ac/string.h>
+#include <ac/time.h>
+#include <ac/errno.h>
+
+#include "ldap-int.h"
+
+int
+ldap_ntlm_bind(
+ LDAP *ld,
+ LDAP_CONST char *dn,
+ ber_tag_t tag,
+ struct berval *cred,
+ LDAPControl **sctrls,
+ LDAPControl **cctrls,
+ int *msgidp )
+{
+ BerElement *ber;
+ int rc;
+ ber_int_t id;
+
+ Debug( LDAP_DEBUG_TRACE, "ldap_ntlm_bind\n", 0, 0, 0 );
+
+ assert( ld != NULL );
+ assert( LDAP_VALID( ld ) );
+ assert( msgidp != NULL );
+
+ if( msgidp == NULL ) {
+ ld->ld_errno = LDAP_PARAM_ERROR;
+ return ld->ld_errno;
+ }
+
+ /* create a message to send */
+ if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
+ ld->ld_errno = LDAP_NO_MEMORY;
+ return ld->ld_errno;
+ }
+
+ assert( LBER_VALID( ber ) );
+
+ LDAP_NEXT_MSGID( ld, id );
+ rc = ber_printf( ber, "{it{istON}" /*}*/,
+ id, LDAP_REQ_BIND,
+ ld->ld_version, dn, tag,
+ cred );
+
+ /* Put Server Controls */
+ if( ldap_int_put_controls( ld, sctrls, ber ) != LDAP_SUCCESS ) {
+ ber_free( ber, 1 );
+ return ld->ld_errno;
+ }
+
+ if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) {
+ ld->ld_errno = LDAP_ENCODING_ERROR;
+ ber_free( ber, 1 );
+ return ld->ld_errno;
+ }
+
+ /* send the message */
+ *msgidp = ldap_send_initial_request( ld, LDAP_REQ_BIND, dn, ber, id );
+
+ if(*msgidp < 0)
+ return ld->ld_errno;
+
+ return LDAP_SUCCESS;
+}
+
+int
+ldap_parse_ntlm_bind_result(
+ LDAP *ld,
+ LDAPMessage *res,
+ struct berval *challenge)
+{
+ ber_int_t errcode;
+ ber_tag_t tag;
+ BerElement *ber;
+ ber_len_t len;
+
+ Debug( LDAP_DEBUG_TRACE, "ldap_parse_ntlm_bind_result\n", 0, 0, 0 );
+
+ assert( ld != NULL );
+ assert( LDAP_VALID( ld ) );
+ assert( res != NULL );
+
+ if ( ld == NULL || res == NULL ) {
+ return LDAP_PARAM_ERROR;
+ }
+
+ if( res->lm_msgtype != LDAP_RES_BIND ) {
+ ld->ld_errno = LDAP_PARAM_ERROR;
+ return ld->ld_errno;
+ }
+
+ if ( ld->ld_error ) {
+ LDAP_FREE( ld->ld_error );
+ ld->ld_error = NULL;
+ }
+ if ( ld->ld_matched ) {
+ LDAP_FREE( ld->ld_matched );
+ ld->ld_matched = NULL;
+ }
+
+ /* parse results */
+
+ ber = ber_dup( res->lm_ber );
+
+ if( ber == NULL ) {
+ ld->ld_errno = LDAP_NO_MEMORY;
+ return ld->ld_errno;
+ }
+
+ tag = ber_scanf( ber, "{ioa" /*}*/,
+ &errcode, challenge, &ld->ld_error );
+ ber_free( ber, 0 );
+
+ if( tag == LBER_ERROR ) {
+ ld->ld_errno = LDAP_DECODING_ERROR;
+ return ld->ld_errno;
+ }
+
+ ld->ld_errno = errcode;
+
+ return( ld->ld_errno );
+}

13
sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.21-ppolicy.patch vendored
View File

@ -1,13 +0,0 @@
--- clients.orig/tools/common.c 2006-05-05 00:24:01.000000000 -0700
+++ clients/tools/common.c 2006-05-05 00:24:13.000000000 -0700
@@ -904,8 +904,8 @@
tool_bind( LDAP *ld )
{
#ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST
- if ( ppolicy ) {
LDAPControl *ctrls[2], c;
+ if ( ppolicy ) {
c.ldctl_oid = LDAP_CONTROL_PASSWORDPOLICYREQUEST;
c.ldctl_value.bv_val = NULL;
c.ldctl_value.bv_len = 0;

53
sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.24-contrib-smbk5pwd.patch vendored
View File

@ -1,53 +0,0 @@
--- contrib/slapd-modules/smbk5pwd/Makefile.ORIG 2006-05-17 13:11:57.194660019 +0300
+++ contrib/slapd-modules/smbk5pwd/Makefile 2006-05-17 13:11:14.503082288 +0300
@@ -9,29 +9,39 @@
# top-level directory of the distribution or, alternatively, at
# <http://www.OpenLDAP.org/license.html>.
+#libexecdir=/usr/lib/openldap
+moduledir=$(libexecdir)/openldap
LIBTOOL=../../../libtool
-OPT=-g -O2
+#OPT=
CC=gcc
# Omit DO_KRB5 or DO_SAMBA if you don't want to support it.
-DEFS=-DDO_KRB5 -DDO_SAMBA
+#DEFS=
-HEIMDAL_INC=-I/usr/heimdal/include
+#KRB5_INC=
SSL_INC=
LDAP_INC=-I../../../include -I../../../servers/slapd
-INCS=$(LDAP_INC) $(HEIMDAL_INC) $(SSL_INC)
+INCS=$(LDAP_INC) $(SSL_INC) $(KRB5_INC)
-HEIMDAL_LIB=-L/usr/heimdal/lib -lkrb5 -lkadm5srv
+KRB5_LIB=-lkrb5 -lkadm5srv
SSL_LIB=-lcrypto
-LDAP_LIB=-lldap_r -llber
-LIBS=$(LDAP_LIB) $(HEIMDAL_LIB) $(SSL_LIB)
-
+LDAP_LIB=-L../../../libraries/libldap_r -lldap_r -llber
+ifneq (DDO_KRB5,$(findstring DDO_KRB5,$(DEFS)))
+ LIBS=$(LDAP_LIB) $(SSL_LIB)
+else
+ LIBS=$(LDAP_LIB) $(KRB5_LIB) $(SSL_LIB)
+endif
+
all: smbk5pwd.la
smbk5pwd.lo: smbk5pwd.c
- $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $?
+ $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(DEFS) $(INCS) -c $?
smbk5pwd.la: smbk5pwd.lo
- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info 0:0:0 \
- -rpath /usr/local/libexec/openldap -module -o $@ $? $(LIBS)
+ $(LIBTOOL) --mode=link $(CC) $(CFLAGS) -version-info 0:0:0 \
+ -rpath $(moduledir) -module -o $@ $? $(LIBS)
+
+install-mod:
+ $(LIBTOOL) --mode=install ../../../build/shtool install -c \
+ -m 755 smbk5pwd.la $(DESTDIR)$(moduledir)

64
sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.34-slapd-conf vendored
View File

@ -1,64 +0,0 @@
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
# Define global ACLs to disable default read access.
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
# Load dynamic backend modules:
###INSERTDYNAMICMODULESHERE###
# Sample security restrictions
# Require integrity protection (prevent hijacking)
# Require 112-bit (3DES or better) encryption for updates
# Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64
# Sample access control policy:
# Root DSE: allow anyone to read it
# Subschema (sub)entry DSE: allow anyone to read it
# Other DSEs:
# Allow self write access
# Allow authenticated users read access
# Allow anonymous users to authenticate
# Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
# by self write
# by users read
# by anonymous auth
#
# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn. (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!
#######################################################################
# BDB database definitions
#######################################################################
database hdb
suffix "dc=my-domain,dc=com"
# <kbyte> <min>
checkpoint 32 30
rootdn "cn=Manager,dc=my-domain,dc=com"
# Cleartext passwords, especially for the rootdn, should
# be avoid. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw secret
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory /var/lib/openldap-data
# Indices to maintain
index objectClass eq

21
sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.37-libldap_r.patch vendored
View File

@ -1,21 +0,0 @@
--- libraries/libldap_r/Makefile.in.old 2007-01-02 22:43:50.000000000 +0100
+++ libraries/libldap_r/Makefile.in 2007-08-22 13:32:20.000000000 +0200
@@ -56,7 +56,7 @@
XXLIBS = $(SECURITY_LIBS) $(LUTIL_LIBS)
XXXLIBS = $(LTHREAD_LIBS)
NT_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS)
-UNIX_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS)
+UNIX_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS) $(LTHREAD_LIBS)
.links : Makefile
@for i in $(XXSRCS); do \
--- servers/slapd/slapi/Makefile.in.old 2007-01-02 22:44:10.000000000 +0100
+++ servers/slapd/slapi/Makefile.in 2007-08-22 14:58:51.000000000 +0200
@@ -37,6 +37,7 @@
XLIBS = $(LIBRARY)
XXLIBS =
NT_LINK_LIBS = $(AC_LIBS)
+UNIX_LINK_LIBS = ../../../libraries/libldap_r/libldap_r.la $(LTHREAD_LIBS)
XINCPATH = -I$(srcdir)/.. -I$(srcdir)
XDEFS = $(MODULES_CPPFLAGS)

19
sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.43-fix-hang.patch vendored
View File

@ -1,19 +0,0 @@
commit a3f40e5601c0c522f2bda418374fb415bdcbd75c
Author: Quanah Gibson-Mount <quanah@openldap.org>
Date: Thu Mar 24 02:25:49 2011 +0000
sl_busy is used as a boolean so just set it, don't increment it
diff --git a/servers/slapd/daemon.c b/servers/slapd/daemon.c
index 2a7a48e..df6d096 100644
--- a/servers/slapd/daemon.c
+++ b/servers/slapd/daemon.c
@@ -2098,7 +2098,7 @@ slap_listener_activate(
Debug( LDAP_DEBUG_TRACE, "slap_listener_activate(%d): %s\n",
sl->sl_sd, sl->sl_busy ? "busy" : "", 0 );
- sl->sl_busy++;
+ sl->sl_busy = 1;
rc = ldap_pvt_thread_pool_submit( &connection_pool,
slap_listener_thread, (void *) sl );

30
sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.3.XY-gcc44.patch vendored
View File

@ -1,30 +0,0 @@
--- include/ldap_pvt_thread.h 2009-04-03 08:51:30.000000000 -0400
+++ include/ldap_pvt_thread.h 2009-04-03 08:56:36.000000000 -0400
@@ -57,12 +57,12 @@
#ifndef LDAP_PVT_THREAD_H_DONE
#define LDAP_PVT_THREAD_SET_STACK_SIZE
-#ifndef LDAP_PVT_THREAD_STACK_SIZE
- /* LARGE stack. Will be twice as large on 64 bit machine. */
-#define LDAP_PVT_THREAD_STACK_SIZE ( 1 * 1024 * 1024 * sizeof(void *) )
/* May be explicitly defined to zero to disable it */
-#elif LDAP_PVT_THREAD_STACK_SIZE == 0
+#if defined( LDAP_PVT_THREAD_STACK_SIZE ) && LDAP_PVT_THREAD_STACK_SIZE == 0
#undef LDAP_PVT_THREAD_SET_STACK_SIZE
+#elif !defined(LDAP_PVT_THREAD_STACK_SIZE)
+ /* LARGE stack. Will be twice as large on 64 bit machine. */
+#define LDAP_PVT_THREAD_STACK_SIZE ( 1 * 1024 * 1024 * sizeof(void *) )
#endif
#endif /* !LDAP_PVT_THREAD_H_DONE */
--- libraries/libldap/os-ip.c 2009-04-03 08:51:30.000000000 -0400
+++ libraries/libldap/os-ip.c 2009-04-03 08:54:47.000000000 -0400
@@ -652,7 +652,7 @@
char *herr;
#ifdef NI_MAXHOST
char hbuf[NI_MAXHOST];
-#elif defined( MAXHOSTNAMELEN
+#elif defined( MAXHOSTNAMELEN )
char hbuf[MAXHOSTNAMELEN];
#else
char hbuf[256];

109
sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.4.17-fix-lmpasswd-gnutls-symbols.patch vendored
View File

@ -1,109 +0,0 @@
If GnuTLS is used, the lmpasswd module for USE=samba does not compile.
Forward-port an old Debian patch that upstream never applied.
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
Signed-off-by: Steffen Hau <steffen@hauihau.de>
X-Gentoo-Bug: http://bugs.gentoo.org/show_bug.cgi?id=233633
X-Upstream-Bug: http://www.openldap.org/its/index.cgi/Software%20Enhancements?id=4997
X-Debian-Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=245341
--- openldap-2.4.17.orig/libraries/liblutil/passwd.c 2009-07-27 18:59:19.635995474 -0700
+++ openldap-2.4.17/libraries/liblutil/passwd.c 2009-07-27 19:01:13.588069010 -0700
@@ -51,6 +51,26 @@ typedef unsigned char des_data_block[8];
typedef PK11Context *des_context[1];
#define DES_ENCRYPT CKA_ENCRYPT
+#elif defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
+# include <gcrypt.h>
+static int gcrypt_init = 0;
+
+typedef const void* des_key;
+typedef unsigned char des_cblock[8];
+typedef des_cblock des_data_block;
+typedef int des_key_schedule; /* unused */
+typedef des_key_schedule des_context; /* unused */
+#define des_failed(encrypted) 0
+#define des_finish(key, schedule)
+
+#define des_set_key_unchecked( key, key_sched ) \
+ gcry_cipher_setkey( hd, key, 8 )
+
+#define des_ecb_encrypt( input, output, key_sched, enc ) \
+ gcry_cipher_encrypt( hd, *output, 8, *input, 8 )
+
+#define des_set_odd_parity( key ) do {} while(0)
+
#endif
#endif /* SLAPD_LMHASH */
@@ -651,7 +671,7 @@ static int chk_md5(
#ifdef SLAPD_LMHASH
-#if defined(HAVE_OPENSSL)
+#if defined(HAVE_OPENSSL) || defined(HAVE_GNUTLS_GNUTLS_H)
/*
* abstract away setting the parity.
@@ -841,6 +861,19 @@ static int chk_lanman(
des_data_block StdText = "KGS!@#$%";
des_data_block PasswordHash1, PasswordHash2;
char PasswordHash[33], storedPasswordHash[33];
+
+#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
+ gcry_cipher_hd_t hd;
+
+ if ( !gcrypt_init ) {
+ gcry_check_version( GCRYPT_VERSION );
+ gcrypt_init = 1;
+ }
+
+ schedule = schedule; /* unused - avoid warning */
+
+ gcry_cipher_open( &hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0 );
+#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */
for( i=0; i<cred->bv_len; i++) {
if(cred->bv_val[i] == '\0') {
@@ -883,6 +916,10 @@ static int chk_lanman(
strncpy( storedPasswordHash, passwd->bv_val, 32 );
storedPasswordHash[32] = '\0';
ldap_pvt_str2lower( storedPasswordHash );
+
+#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
+ gcry_cipher_close( hd );
+#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */
return memcmp( PasswordHash, storedPasswordHash, 32) ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK;
}
@@ -1138,6 +1175,19 @@ static int hash_lanman(
des_data_block PasswordHash1, PasswordHash2;
char PasswordHash[33];
+#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
+ gcry_cipher_hd_t hd;
+
+ if ( !gcrypt_init ) {
+ gcry_check_version( GCRYPT_VERSION );
+ gcrypt_init = 1;
+ }
+
+ schedule = schedule; /* unused - avoid warning */
+
+ gcry_cipher_open( &hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0 );
+#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */
+
for( i=0; i<passwd->bv_len; i++) {
if(passwd->bv_val[i] == '\0') {
return LUTIL_PASSWD_ERR; /* NUL character in password */
@@ -1168,6 +1218,10 @@ static int hash_lanman(
hash->bv_val = PasswordHash;
hash->bv_len = 32;
+
+#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
+ gcry_cipher_close( hd );
+#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */
return pw_string( scheme, hash );
}

2
sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch vendored
View File

@ -19,7 +19,7 @@ X-Debian-Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=245341
+ +
+typedef const void* des_key; +typedef const void* des_key;
+typedef unsigned char DES_cblock[8]; +typedef unsigned char DES_cblock[8];
+typedef des_cblock des_data_block; +typedef DES_cblock des_data_block;
+typedef int DES_key_schedule; /* unused */ +typedef int DES_key_schedule; /* unused */
+typedef DES_key_schedule des_context; /* unused */ +typedef DES_key_schedule des_context; /* unused */
+#define des_failed(encrypted) 0 +#define des_failed(encrypted) 0

58
sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.4.47-libressl.patch vendored Normal file
View File

@ -0,0 +1,58 @@
diff --git a/libraries/libldap/tls_o.c b/libraries/libldap/tls_o.c
index b0277dfe9..8a3f47a74 100644
--- a/libraries/libldap/tls_o.c
+++ b/libraries/libldap/tls_o.c
@@ -50,7 +50,7 @@
#include <ssl.h>
#endif
-#if OPENSSL_VERSION_NUMBER >= 0x10100000
+#if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER)
#define ASN1_STRING_data(x) ASN1_STRING_get0_data(x)
#endif
@@ -200,7 +200,7 @@ tlso_init( void )
(void) tlso_seed_PRNG( lo->ldo_tls_randfile );
#endif
-#if OPENSSL_VERSION_NUMBER < 0x10100000
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
SSL_load_error_strings();
SSL_library_init();
OpenSSL_add_all_digests();
@@ -252,7 +252,7 @@ static void
tlso_ctx_ref( tls_ctx *ctx )
{
tlso_ctx *c = (tlso_ctx *)ctx;
-#if OPENSSL_VERSION_NUMBER < 0x10100000
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
#define SSL_CTX_up_ref(ctx) CRYPTO_add( &(ctx->references), 1, CRYPTO_LOCK_SSL_CTX )
#endif
SSL_CTX_up_ref( c );
@@ -511,7 +511,7 @@ tlso_session_my_dn( tls_session *sess, struct berval *der_dn )
if (!x) return LDAP_INVALID_CREDENTIALS;
xn = X509_get_subject_name(x);
-#if OPENSSL_VERSION_NUMBER < 0x10100000
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
der_dn->bv_len = i2d_X509_NAME( xn, NULL );
der_dn->bv_val = xn->bytes->data;
#else
@@ -547,7 +547,7 @@ tlso_session_peer_dn( tls_session *sess, struct berval *der_dn )
return LDAP_INVALID_CREDENTIALS;
xn = X509_get_subject_name(x);
-#if OPENSSL_VERSION_NUMBER < 0x10100000
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
der_dn->bv_len = i2d_X509_NAME( xn, NULL );
der_dn->bv_val = xn->bytes->data;
#else
@@ -768,7 +768,7 @@ struct tls_data {
Sockbuf_IO_Desc *sbiod;
};
-#if OPENSSL_VERSION_NUMBER < 0x10100000
+#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
#define BIO_set_init(b, x) b->init = x
#define BIO_set_data(b, x) b->ptr = x
#define BIO_clear_flags(b, x) b->flags &= ~(x)

41
sdk_container/src/third_party/portage-stable/net-nds/openldap/files/openldap-2.4.47-warnings.patch vendored Normal file
View File

@ -0,0 +1,41 @@
diff --git a/include/ldap.h b/include/ldap.h
index c245651c2..7f14f1051 100644
--- a/include/ldap.h
+++ b/include/ldap.h
@@ -2041,6 +2041,10 @@ LDAP_F( int )
ldap_is_ldapi_url LDAP_P((
LDAP_CONST char *url ));
+LDAP_F( int )
+ldap_is_ldapc_url LDAP_P((
+ LDAP_CONST char *url ));
+
LDAP_F( int )
ldap_url_parse LDAP_P((
LDAP_CONST char *url,
diff --git a/include/ldap_int_thread.h b/include/ldap_int_thread.h
index e2dd8a942..bbc07c845 100644
--- a/include/ldap_int_thread.h
+++ b/include/ldap_int_thread.h
@@ -33,7 +33,7 @@ LDAP_END_DECL
* definitions for POSIX Threads *
* *
**********************************/
-
+#define __USE_UNIX98
#include <pthread.h>
#ifdef HAVE_SCHED_H
#include <sched.h>
diff --git a/libraries/libldap/tls2.c b/libraries/libldap/tls2.c
index d25c190ea..639f598e7 100644
--- a/libraries/libldap/tls2.c
+++ b/libraries/libldap/tls2.c
@@ -76,6 +76,8 @@ static oid_name oids[] = {
#ifdef HAVE_TLS
+int ldap_pvt_tls_check_hostname( LDAP *ld, void *s, const char *name_in );
+
void
ldap_pvt_tls_ctx_free ( void *c )
{

21
sdk_container/src/third_party/portage-stable/net-nds/openldap/files/slurpd-initd vendored
View File

@ -1,21 +0,0 @@
#!/sbin/openrc-run
# Copyright 1999-2004 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
depend() {
need net
}
start() {
ebegin "Starting slurpd"
start-stop-daemon --start --quiet \
--exec /usr/lib/openldap/slurpd
eend $?
}
stop() {
ebegin "Stopping slurpd"
start-stop-daemon --stop --quiet \
--exec /usr/lib/openldap/slurpd
eend $?
}

13
sdk_container/src/third_party/portage-stable/net-nds/openldap/metadata.xml vendored
View File

@ -1,19 +1,18 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata> <pkgmetadata>
<maintainer type="project"> <maintainer type="project">
<email>ldap-bugs@gentoo.org</email> <email>ldap-bugs@gentoo.org</email>
</maintainer> </maintainer>
<use> <use>
<flag name="experimental">Enable experimental backend options</flag> <flag name="experimental">Enable experimental backend options</flag>
<flag name="kinit">Enable support for kerberos init</flag> <flag name="kinit">Enable support for kerberos init</flag>
<flag name="odbc">Enable ODBC and SQL backend options</flag> <flag name="odbc">Enable ODBC and SQL backend options</flag>
<flag name="overlays">Enable contributed OpenLDAP overlays</flag> <flag name="overlays">Enable contributed OpenLDAP overlays</flag>
<flag name="smbkrb5passwd">Enable overlay for syncing ldap, unix and <flag name="smbkrb5passwd">Enable overlay for syncing ldap, unix and lanman passwords</flag>
lanman passwords</flag> <flag name="minimal">Build libraries &amp; userspace tools only. Does not install any server code</flag>
<flag name="minimal">Build libraries &amp; userspace tools only. Does not install any server code.</flag>
<flag name="pbkdf2">Enable support for pbkdf2 passwords</flag> <flag name="pbkdf2">Enable support for pbkdf2 passwords</flag>
<flag name="sha2">Enable support for pw-sha2 password hashes.</flag> <flag name="sha2">Enable support for pw-sha2 password hashes</flag>
</use> </use>
<upstream> <upstream>
<remote-id type="cpe">cpe:/a:openldap:openldap</remote-id> <remote-id type="cpe">cpe:/a:openldap:openldap</remote-id>

541
sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.3.43-r3.ebuild vendored
View File

@ -1,541 +0,0 @@
# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI="2"
AT_M4DIR="./build"
inherit autotools db-use eutils flag-o-matic multilib ssl-cert toolchain-funcs versionator user
DESCRIPTION="LDAP suite of application and development tools"
HOMEPAGE="http://www.OpenLDAP.org/"
SRC_URI="mirror://openldap/openldap-release/${P}.tgz"
LICENSE="OPENLDAP GPL-2"
SLOT="0"
KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 s390 sh sparc ~sparc-fbsd x86 ~x86-fbsd"
IUSE="berkdb crypt debug gdbm ipv6 kerberos minimal odbc overlays perl samba sasl slp smbkrb5passwd ssl tcpd selinux"
# note that the 'samba' USE flag pulling in OpenSSL is NOT an error. OpenLDAP
# uses OpenSSL for LanMan/NTLM hashing (which is used in some enviroments, like
# mine at work)!
# Robin H. Johnson <robbat2@gentoo.org> March 8, 2004
RDEPEND="sys-libs/ncurses
tcpd? ( sys-apps/tcp-wrappers )
ssl? ( dev-libs/openssl )
sasl? ( dev-libs/cyrus-sasl )
!minimal? (
odbc? ( dev-db/unixODBC )
slp? ( net-libs/openslp )
perl? ( || ( >=dev-lang/perl-5.16 <dev-lang/perl-5.16[-build] ) )
samba? ( dev-libs/openssl )
kerberos? ( virtual/krb5 )
berkdb? (
|| ( sys-libs/db:4.5
sys-libs/db:4.4
sys-libs/db:4.3
>=sys-libs/db-4.2.52_p2-r1:4.2
)
)
!berkdb? (
gdbm? ( sys-libs/gdbm )
!gdbm? (
|| ( sys-libs/db:4.5
sys-libs/db:4.4
sys-libs/db:4.3
>=sys-libs/db-4.2.52_p2-r1:4.2
)
)
)
smbkrb5passwd? (
dev-libs/openssl
app-crypt/heimdal
)
)
selinux? ( sec-policy/selinux-ldap )"
DEPEND="${RDEPEND}"
# for tracking versions
OPENLDAP_VERSIONTAG=".version-tag"
OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
openldap_upgrade_howto() {
eerror
eerror "A (possible old) installation of OpenLDAP was detected,"
eerror "installation will not proceed for now."
eerror
eerror "As major version upgrades can corrupt your database,"
eerror "you need to dump your database and re-create it afterwards."
eerror ""
d="$(date -u +%s)"
l="/root/ldapdump.${d}"
i="${l}.raw"
eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
eerror " 2. slapcat -l ${i}"
eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
eerror " 5. emerge --update \=net-nds/${PF}"
eerror " 6. etc-update, and ensure that you apply the changes"
eerror " 7. slapadd -l ${l}"
eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
eerror " 9. /etc/init.d/slapd start"
eerror "10. check that your data is intact."
eerror "11. set up the new replication system."
eerror
if [ "${FORCE_UPGRADE}" != "1" ]; then
die "You need to upgrade your database first"
else
eerror "You have the magical FORCE_UPGRADE=1 in place."
eerror "Don't say you weren't warned about data loss."
fi
}
openldap_find_versiontags() {
# scan for all datadirs
openldap_datadirs=""
if [ -f "${ROOT}"/etc/openldap/slapd.conf ]; then
openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${ROOT}/etc/openldap/slapd.conf)"
fi
openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
einfo
einfo "Scanning datadir(s) from slapd.conf and"
einfo "the default installdir for Versiontags"
einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
einfo
# scan datadirs if we have a version tag
openldap_found_tag=0
for each in ${openldap_datadirs}; do
CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
einfo "- Checking ${each}..."
if [ -r ${CURRENT_TAG} ] ; then
# yey, we have one :)
einfo " Found Versiontag in ${each}"
source ${CURRENT_TAG}
if [ "${OLDPF}" == "" ] ; then
eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
eerror "Please delete it"
eerror
die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
fi
OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
# are we on the same branch?
if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
ewarn " Versiontag doesn't match current major release!"
if [[ `ls -a ${CURRENT_TAGDIR} | wc -l` -gt 5 ]] ; then
eerror " Versiontag says other major and you (probably) have datafiles!"
echo
openldap_upgrade_howto
else
einfo " No real problem, seems there's no database."
fi
else
einfo " Versiontag is fine here :)"
fi
else
einfo " Non-tagged dir ${each}"
if [[ `ls -a ${each} | wc -l` > 5 ]] ; then
einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
echo
eerror
eerror "Your OpenLDAP Installation has a non tagged datadir that"
eerror "possibly contains a database at ${CURRENT_TAGDIR}"
eerror
eerror "Please export data if any entered and empty or remove"
eerror "the directory, installation has been stopped so you"
eerror "can take required action"
eerror
eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
eerror
die "Please move the datadir ${CURRENT_TAGDIR} away"
fi
fi
einfo
fi
done
echo
einfo
einfo "All datadirs are fine, proceeding with merge now..."
einfo
}
pkg_setup() {
if has_version "<=dev-lang/perl-5.8.8_rc1" && built_with_use dev-lang/perl minimal ; then
die "You must have a complete (USE='-minimal') Perl install to use the perl backend!"
fi
if use samba && ! use ssl ; then
eerror "LAN manager passwords need ssl flag set"
die "Please set ssl useflag"
fi
if use minimal && has_version 'net-nds/openldap[minimal]' ; then
einfo
einfo "Skipping scan for previous datadirs as requested by minimal useflag"
einfo
else
openldap_find_versiontags
fi
# The user/group are only used for running daemons which are
# disabled in minimal builds, so elide the accounts too.
if ! use minimal ; then
enewgroup ldap 439
enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
fi
}
src_prepare() {
# According to MDK, the link order needs to be changed so that
# on systems w/ MD5 passwords the system crypt library is used
# (the net result is that "passwd" can be used to change ldap passwords w/
# proper pam support)
sed -i -e 's/$(SECURITY_LIBS) $(LDIF_LIBS) $(LUTIL_LIBS)/$(LUTIL_LIBS) $(SECURITY_LIBS) $(LDIF_LIBS)/' \
"${S}"/servers/slapd/Makefile.in
# supersedes old fix for bug #31202
EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch
# ensure correct SLAPI path by default
sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "/var/run/openldap/slapd.sock",' \
"${S}"/include/ldap_defaults.h
EPATCH_OPTS="-p0 -d ${S}"
# ximian connector 1.4.7 ntlm patch
epatch "${FILESDIR}"/${PN}-2.2.6-ntlm.patch
# bug #132263
epatch "${FILESDIR}"/${PN}-2.3.21-ppolicy.patch
# bug #189817
epatch "${FILESDIR}"/${PN}-2.3.37-libldap_r.patch
# fix up stuff for newer autoconf that simulates autoconf-2.13, but doesn't
# do it perfectly.
cd "${S}"/build
ln -s shtool install
ln -s shtool install.sh
einfo "Making sure upstream build strip does not do stripping too early"
sed -i.orig \
-e '/^STRIP/s,-s,,g' \
top.mk || die "Failed to block stripping"
# bug #116045
# patch contrib modules
if ! use minimal ; then
cd "${S}"/contrib
epatch "${FILESDIR}"/${PN}-2.3.24-contrib-smbk5pwd.patch
fi
# Fix gcc-4.4 compat, bug 264761
epatch "${FILESDIR}/openldap-2.3.XY-gcc44.patch"
}
src_configure() {
local myconf
#Fix for glibc-2.8 and ucred. Bug 228457.
append-flags -D_GNU_SOURCE
# HDB is only available with BerkDB
myconf_berkdb='--enable-bdb --enable-ldbm-api=berkeley --enable-hdb=mod'
myconf_gdbm='--disable-bdb --enable-ldbm-api=gdbm --disable-hdb'
use debug && myconf="${myconf} --enable-debug" # there is no disable-debug
# enable slapd/slurpd servers if not doing a minimal build
if ! use minimal ; then
myconf="${myconf} --enable-slapd --enable-slurpd"
# base backend stuff
myconf="${myconf} --enable-ldbm"
if use berkdb ; then
einfo "Using Berkeley DB for local backend"
myconf="${myconf} ${myconf_berkdb}"
# We need to include the slotted db.h dir for FreeBSD
append-cppflags -I$(db_includedir 4.5 4.4 4.3 4.2 )
elif use gdbm ; then
einfo "Using GDBM for local backend"
myconf="${myconf} ${myconf_gdbm}"
else
ewarn "Neither gdbm or berkdb USE flags present, falling back to"
ewarn "Berkeley DB for local backend"
myconf="${myconf} ${myconf_berkdb}"
# We need to include the slotted db.h dir for FreeBSD
append-cppflags -I$(db_includedir 4.5 4.4 4.3 4.2 )
fi
# extra backend stuff
myconf="${myconf} --enable-passwd=mod --enable-phonetic=mod"
myconf="${myconf} --enable-dnssrv=mod --enable-ldap"
myconf="${myconf} --enable-meta=mod --enable-monitor=mod"
myconf="${myconf} --enable-null=mod --enable-shell=mod"
myconf="${myconf} --enable-relay=mod"
myconf="${myconf} $(use_enable perl perl mod)"
myconf="${myconf} $(use_enable odbc sql mod)"
# slapd options
myconf="${myconf} $(use_enable crypt) $(use_enable slp)"
myconf="${myconf} --enable-rewrite --enable-rlookups"
myconf="${myconf} --enable-aci --enable-modules"
myconf="${myconf} --enable-cleartext --enable-slapi"
myconf="${myconf} $(use_enable samba lmpasswd)"
# slapd overlay options
myconf="${myconf} --enable-dyngroup --enable-proxycache"
use overlays && myconf="${myconf} --enable-overlays=mod"
myconf="${myconf} --enable-syncprov"
else
myconf="${myconf} --disable-slapd --disable-slurpd"
myconf="${myconf} --disable-bdb --disable-ldbm"
myconf="${myconf} --disable-hdb --disable-monitor"
myconf="${myconf} --disable-slurpd --disable-overlays"
myconf="${myconf} --disable-relay"
fi
# basic functionality stuff
myconf="${myconf} --enable-syslog --enable-dynamic"
myconf="${myconf} --enable-local --enable-proctitle"
myconf="${myconf} $(use_enable ipv6)"
myconf="${myconf} $(use_with sasl cyrus-sasl) $(use_enable sasl spasswd)"
myconf="${myconf} $(use_enable tcpd wrappers) $(use_with ssl tls)"
if [ $(get_libdir) != "lib" ] ; then
append-ldflags -L/usr/$(get_libdir)
fi
STRIP=/bin/true \
econf \
--enable-static \
--enable-shared \
--libexecdir=/usr/$(get_libdir)/openldap \
${myconf} || die "configure failed"
}
src_compile() {
emake depend || die "make depend failed"
emake || die "make failed"
# openldap/contrib
tc-export CC
if ! use minimal ; then
# dsaschema
einfo "Building contributed dsaschema"
cd "${S}"/contrib/slapd-modules/dsaschema
${CC} -shared -I../../../include ${CFLAGS} -fPIC \
-Wall -o libdsaschema-plugin.so dsaschema.c || \
die "failed to compile dsaschema module"
# kerberos passwd
if use kerberos ; then
einfo "Building contributed pw-kerberos"
cd "${S}"/contrib/slapd-modules/passwd/ && \
${CC} -shared -I../../../include ${CFLAGS} -fPIC \
$(krb5-config --cflags) \
-DHAVE_KRB5 -o pw-kerberos.so kerberos.c || \
die "failed to compile kerberos password module"
fi
# netscape mta-md5 password
einfo "Building contributed pw-netscape"
cd "${S}"/contrib/slapd-modules/passwd/ && \
${CC} -shared -I../../../include ${CFLAGS} -fPIC \
-o pw-netscape.so netscape.c || \
die "failed to compile netscape password module"
# smbk5pwd overlay
# Note: this modules builds, but may not work with
# Gentoo's MIT-Kerberos. It was designed for Heimdal
# Kerberos.
if use smbkrb5passwd ; then
einfo "Building contributed smbk5pwd"
local mydef
local mykrb5inc
mydef="-DDO_SAMBA -DDO_KRB5"
mykrb5inc="$(krb5-config --cflags)"
cd "${S}"/contrib/slapd-modules/smbk5pwd && \
libexecdir="/usr/$(get_libdir)/openldap" \
DEFS="${mydef}" KRB5_INC="${mykrb5inc}" emake || \
die "failed to compile smbk5pwd module"
fi
# addrdnvalues
einfo "Building contributed addrdnvalues"
cd "${S}"/contrib/slapi-plugins/addrdnvalues/ && \
${CC} -shared -I../../../include ${CFLAGS} -fPIC \
-o libaddrdnvalues-plugin.so addrdnvalues.c || \
die "failed to compile addrdnvalues plugin"
fi
}
src_test() {
einfo "Doing tests"
cd tests ; make tests || die "make tests failed"
}
src_install() {
emake DESTDIR="${D}" install || die "make install failed"
dodoc ANNOUNCEMENT CHANGES COPYRIGHT README "${FILESDIR}"/DB_CONFIG.fast.example
docinto rfc ; dodoc doc/rfc/*.txt
# openldap modules go here
# TODO: write some code to populate slapd.conf with moduleload statements
keepdir /usr/$(get_libdir)/openldap/openldap/
# make state directories
local dirlist="data"
if ! use minimal; then
dirlist="${dirlist} slurp ldbm"
fi
for x in ${dirlist}; do
keepdir /var/lib/openldap-${x}
fowners ldap:ldap /var/lib/openldap-${x}
fperms 0700 /var/lib/openldap-${x}
done
echo "OLDPF='${PF}'" > "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
echo "# do NOT delete this. it is used" >> "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
echo "# to track versions for upgrading." >> "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
# manually remove /var/tmp references in .la
# because it is packaged with an ancient libtool
#for x in "${D}"/usr/$(get_libdir)/lib*.la; do
# sed -i -e "s:-L${S}[/]*libraries::" ${x}
#done
# change slapd.pid location in configuration file
keepdir /var/run/openldap
fowners ldap:ldap /var/run/openldap
fperms 0755 /var/run/openldap
if ! use minimal; then
# use our config
rm "${D}"etc/openldap/slapd.con*
insinto /etc/openldap
newins "${FILESDIR}"/${PN}-2.3.34-slapd-conf slapd.conf
configfile="${D}"etc/openldap/slapd.conf
# populate with built backends
ebegin "populate config with built backends"
for x in "${D}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
elog "Adding $(basename ${x})"
sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
done
sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
fowners root:ldap /etc/openldap/slapd.conf
fperms 0640 /etc/openldap/slapd.conf
cp "${configfile}" "${configfile}".default
eend
# install our own init scripts
newinitd "${FILESDIR}"/slapd-initd slapd
newinitd "${FILESDIR}"/slurpd-initd slurpd
newconfd "${FILESDIR}"/slapd-confd slapd
if [ $(get_libdir) != lib ]; then
sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i "${D}"etc/init.d/{slapd,slurpd}
fi
# install contributed modules
docinto /
if [ -e "${S}"/contrib/slapd-modules/dsaschema/libdsaschema-plugin.so ];
then
cd "${S}"/contrib/slapd-modules/dsaschema/
newdoc README README.contrib.dsaschema
exeinto /usr/$(get_libdir)/openldap/openldap
doexe libdsaschema-plugin.so || \
die "failed to install dsaschema module"
fi
if [ -e "${S}"/contrib/slapd-modules/passwd/pw-kerberos.so ]; then
cd "${S}"/contrib/slapd-modules/passwd/
newdoc README README.contrib.passwd
exeinto /usr/$(get_libdir)/openldap/openldap
doexe pw-kerberos.so || \
die "failed to install kerberos passwd module"
fi
if [ -e "${S}"/contrib/slapd-modules/passwd/pw-netscape.so ]; then
cd "${S}"/contrib/slapd-modules/passwd/
newdoc README README.contrib.passwd
exeinto /usr/$(get_libdir)/openldap/openldap
doexe "${S}"/contrib/slapd-modules/passwd/pw-netscape.so || \
die "failed to install Netscape MTA-MD5 passwd module"
fi
if [ -e "${S}"/contrib/slapd-modules/smbk5pwd/.libs/smbk5pwd.so ]; then
cd "${S}"/contrib/slapd-modules/smbk5pwd
newdoc README README.contrib.smbk5pwd
libexecdir="/usr/$(get_libdir)/openldap" \
emake DESTDIR="${D}" install-mod || \
die "failed to install smbk5pwd overlay module"
fi
if [ -e "${S}"/contrib/slapd-tools/statslog ]; then
cd "${S}"/contrib/slapd-tools
exeinto /usr/bin
newexe statslog ldapstatslog || \
die "failed to install ldapstatslog script"
fi
if [ -e "${S}"/contrib/slapi-plugins/addrdnvalues/libaddrdnvalues-plugin.so ];
then
cd "${S}"/contrib/slapi-plugins/addrdnvalues
newdoc README README.contrib.addrdnvalues
exeinto /usr/$(get_libdir)/openldap/openldap
doexe libaddrdnvalues-plugin.so || \
die "failed to install addrdnvalues plugin"
fi
fi
}
pkg_preinst() {
# keep old libs if any
LIBSUFFIXES=".so.2.0.130 -2.2.so.7"
for LIBSUFFIX in ${LIBSUFFIXES} ; do
for each in libldap libldap_r liblber ; do
preserve_old_lib "usr/$(get_libdir)/${each}${LIBSUFFIX}"
done
done
}
pkg_postinst() {
if ! use minimal ; then
# You cannot build SSL certificates during src_install that will make
# binary packages containing your SSL key, which is both a security risk
# and a misconfiguration if multiple machines use the same key and cert.
# Additionally, it overwrites
if use ssl; then
install_cert /etc/openldap/ssl/ldap
chown ldap:ldap "${ROOT}"etc/openldap/ssl/ldap.*
ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
ewarn "add 'TLS_REQCERT never' if you want to use them."
fi
# These lines force the permissions of various content to be correct
chown ldap:ldap "${ROOT}"var/run/openldap
chmod 0755 "${ROOT}"var/run/openldap
chown root:ldap "${ROOT}"etc/openldap/slapd.conf{,.default}
chmod 0640 "${ROOT}"etc/openldap/slapd.conf{,.default}
chown ldap:ldap "${ROOT}"var/lib/openldap-{data,ldbm,slurp}
fi
# Reference inclusion bug #77330
echo
elog
elog "Getting started using OpenLDAP? There is some documentation available:"
elog "Gentoo Guide to OpenLDAP Authentication"
elog "(https://www.gentoo.org/doc/en/ldap-howto.xml)"
elog
# note to bug #110412
echo
elog
elog "An example file for tuning BDB backends with openldap is"
elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
elog
LIBSUFFIXES=".so.2.0.130 -2.2.so.7"
for LIBSUFFIX in ${LIBSUFFIXES} ; do
for each in liblber libldap libldap_r ; do
preserve_old_lib_notify "usr/$(get_libdir)/${each}${LIBSUFFIX}"
done
done
}

547
sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.3.43-r4.ebuild vendored
View File

@ -1,547 +0,0 @@
# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI="2"
AT_M4DIR="./build"
inherit autotools db-use eutils flag-o-matic multilib ssl-cert toolchain-funcs versionator user
DESCRIPTION="LDAP suite of application and development tools"
HOMEPAGE="http://www.OpenLDAP.org/"
SRC_URI="mirror://openldap/openldap-release/${P}.tgz"
LICENSE="OPENLDAP GPL-2"
SLOT="0"
KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 s390 ~sh sparc x86 ~sparc-fbsd ~x86-fbsd"
IUSE="berkdb crypt debug gdbm ipv6 kerberos minimal odbc overlays perl samba sasl slp smbkrb5passwd ssl tcpd selinux"
# note that the 'samba' USE flag pulling in OpenSSL is NOT an error. OpenLDAP
# uses OpenSSL for LanMan/NTLM hashing (which is used in some enviroments, like
# mine at work)!
# Robin H. Johnson <robbat2@gentoo.org> March 8, 2004
RDEPEND="sys-libs/ncurses
tcpd? ( sys-apps/tcp-wrappers )
ssl? ( dev-libs/openssl )
sasl? ( dev-libs/cyrus-sasl )
!minimal? (
odbc? ( dev-db/unixODBC )
slp? ( net-libs/openslp )
perl? ( || ( >=dev-lang/perl-5.16 <dev-lang/perl-5.16[-build] ) )
samba? ( dev-libs/openssl )
kerberos? ( virtual/krb5 )
berkdb? (
|| ( sys-libs/db:4.5
sys-libs/db:4.4
sys-libs/db:4.3
>=sys-libs/db-4.2.52_p2-r1:4.2
)
)
!berkdb? (
gdbm? ( sys-libs/gdbm )
!gdbm? (
|| ( sys-libs/db:4.5
sys-libs/db:4.4
sys-libs/db:4.3
>=sys-libs/db-4.2.52_p2-r1:4.2
)
)
)
smbkrb5passwd? (
dev-libs/openssl
app-crypt/heimdal
)
)
selinux? ( sec-policy/selinux-ldap )"
DEPEND="${RDEPEND}"
# for tracking versions
OPENLDAP_VERSIONTAG=".version-tag"
OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
openldap_upgrade_howto() {
eerror
eerror "A (possible old) installation of OpenLDAP was detected,"
eerror "installation will not proceed for now."
eerror
eerror "As major version upgrades can corrupt your database,"
eerror "you need to dump your database and re-create it afterwards."
eerror ""
d="$(date -u +%s)"
l="/root/ldapdump.${d}"
i="${l}.raw"
eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
eerror " 2. slapcat -l ${i}"
eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
eerror " 5. emerge --update \=net-nds/${PF}"
eerror " 6. etc-update, and ensure that you apply the changes"
eerror " 7. slapadd -l ${l}"
eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
eerror " 9. /etc/init.d/slapd start"
eerror "10. check that your data is intact."
eerror "11. set up the new replication system."
eerror
if [ "${FORCE_UPGRADE}" != "1" ]; then
die "You need to upgrade your database first"
else
eerror "You have the magical FORCE_UPGRADE=1 in place."
eerror "Don't say you weren't warned about data loss."
fi
}
openldap_find_versiontags() {
# scan for all datadirs
openldap_datadirs=""
if [ -f "${ROOT}"/etc/openldap/slapd.conf ]; then
openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${ROOT}/etc/openldap/slapd.conf)"
fi
openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
einfo
einfo "Scanning datadir(s) from slapd.conf and"
einfo "the default installdir for Versiontags"
einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
einfo
# scan datadirs if we have a version tag
openldap_found_tag=0
for each in ${openldap_datadirs}; do
CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
einfo "- Checking ${each}..."
if [ -r ${CURRENT_TAG} ] ; then
# yey, we have one :)
einfo " Found Versiontag in ${each}"
source ${CURRENT_TAG}
if [ "${OLDPF}" == "" ] ; then
eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
eerror "Please delete it"
eerror
die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
fi
OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
# are we on the same branch?
if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
ewarn " Versiontag doesn't match current major release!"
if [[ `ls -a ${CURRENT_TAGDIR} | wc -l` -gt 5 ]] ; then
eerror " Versiontag says other major and you (probably) have datafiles!"
echo
openldap_upgrade_howto
else
einfo " No real problem, seems there's no database."
fi
else
einfo " Versiontag is fine here :)"
fi
else
einfo " Non-tagged dir ${each}"
if [[ `ls -a ${each} | wc -l` > 5 ]] ; then
einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
echo
eerror
eerror "Your OpenLDAP Installation has a non tagged datadir that"
eerror "possibly contains a database at ${CURRENT_TAGDIR}"
eerror
eerror "Please export data if any entered and empty or remove"
eerror "the directory, installation has been stopped so you"
eerror "can take required action"
eerror
eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
eerror
die "Please move the datadir ${CURRENT_TAGDIR} away"
fi
fi
einfo
fi
done
echo
einfo
einfo "All datadirs are fine, proceeding with merge now..."
einfo
}
pkg_setup() {
if has_version "<=dev-lang/perl-5.8.8_rc1" && built_with_use dev-lang/perl minimal ; then
die "You must have a complete (USE='-minimal') Perl install to use the perl backend!"
fi
if use samba && ! use ssl ; then
eerror "LAN manager passwords need ssl flag set"
die "Please set ssl useflag"
fi
if use minimal && has_version 'net-nds/openldap[minimal]' ; then
einfo
einfo "Skipping scan for previous datadirs as requested by minimal useflag"
einfo
else
openldap_find_versiontags
fi
# The user/group are only used for running daemons which are
# disabled in minimal builds, so elide the accounts too.
if ! use minimal ; then
enewgroup ldap 439
enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
fi
}
src_prepare() {
# According to MDK, the link order needs to be changed so that
# on systems w/ MD5 passwords the system crypt library is used
# (the net result is that "passwd" can be used to change ldap passwords w/
# proper pam support)
sed -i -e 's/$(SECURITY_LIBS) $(LDIF_LIBS) $(LUTIL_LIBS)/$(LUTIL_LIBS) $(SECURITY_LIBS) $(LDIF_LIBS)/' \
"${S}"/servers/slapd/Makefile.in
# supersedes old fix for bug #31202
EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch
# ensure correct SLAPI path by default
sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "/var/run/openldap/slapd.sock",' \
"${S}"/include/ldap_defaults.h
EPATCH_OPTS="-p0 -d ${S}"
# ximian connector 1.4.7 ntlm patch
epatch "${FILESDIR}"/${PN}-2.2.6-ntlm.patch
# bug #132263
epatch "${FILESDIR}"/${PN}-2.3.21-ppolicy.patch
# bug #189817
epatch "${FILESDIR}"/${PN}-2.3.37-libldap_r.patch
# fix up stuff for newer autoconf that simulates autoconf-2.13, but doesn't
# do it perfectly.
cd "${S}"/build
ln -s shtool install
ln -s shtool install.sh
einfo "Making sure upstream build strip does not do stripping too early"
sed -i.orig \
-e '/^STRIP/s,-s,,g' \
top.mk || die "Failed to block stripping"
# bug #116045
# patch contrib modules
if ! use minimal ; then
cd "${S}"/contrib
epatch "${FILESDIR}"/${PN}-2.3.24-contrib-smbk5pwd.patch
fi
# Fix gcc-4.4 compat, bug 264761
epatch "${FILESDIR}/openldap-2.3.XY-gcc44.patch"
# Backport random-hang fix from 2.4
# http://www.openldap.org/lists/openldap-technical/201208/msg00120.html
EPATCH_OPTS=""
cd "${S}"
epatch "${FILESDIR}/openldap-2.3.43-fix-hang.patch"
}
src_configure() {
local myconf
#Fix for glibc-2.8 and ucred. Bug 228457.
append-flags -D_GNU_SOURCE
# HDB is only available with BerkDB
myconf_berkdb='--enable-bdb --enable-ldbm-api=berkeley --enable-hdb=mod'
myconf_gdbm='--disable-bdb --enable-ldbm-api=gdbm --disable-hdb'
use debug && myconf="${myconf} --enable-debug" # there is no disable-debug
# enable slapd/slurpd servers if not doing a minimal build
if ! use minimal ; then
myconf="${myconf} --enable-slapd --enable-slurpd"
# base backend stuff
myconf="${myconf} --enable-ldbm"
if use berkdb ; then
einfo "Using Berkeley DB for local backend"
myconf="${myconf} ${myconf_berkdb}"
# We need to include the slotted db.h dir for FreeBSD
append-cppflags -I$(db_includedir 4.5 4.4 4.3 4.2 )
elif use gdbm ; then
einfo "Using GDBM for local backend"
myconf="${myconf} ${myconf_gdbm}"
else
ewarn "Neither gdbm or berkdb USE flags present, falling back to"
ewarn "Berkeley DB for local backend"
myconf="${myconf} ${myconf_berkdb}"
# We need to include the slotted db.h dir for FreeBSD
append-cppflags -I$(db_includedir 4.5 4.4 4.3 4.2 )
fi
# extra backend stuff
myconf="${myconf} --enable-passwd=mod --enable-phonetic=mod"
myconf="${myconf} --enable-dnssrv=mod --enable-ldap"
myconf="${myconf} --enable-meta=mod --enable-monitor=mod"
myconf="${myconf} --enable-null=mod --enable-shell=mod"
myconf="${myconf} --enable-relay=mod"
myconf="${myconf} $(use_enable perl perl mod)"
myconf="${myconf} $(use_enable odbc sql mod)"
# slapd options
myconf="${myconf} $(use_enable crypt) $(use_enable slp)"
myconf="${myconf} --enable-rewrite --enable-rlookups"
myconf="${myconf} --enable-aci --enable-modules"
myconf="${myconf} --enable-cleartext --enable-slapi"
myconf="${myconf} $(use_enable samba lmpasswd)"
# slapd overlay options
myconf="${myconf} --enable-dyngroup --enable-proxycache"
use overlays && myconf="${myconf} --enable-overlays=mod"
myconf="${myconf} --enable-syncprov"
else
myconf="${myconf} --disable-slapd --disable-slurpd"
myconf="${myconf} --disable-bdb --disable-ldbm"
myconf="${myconf} --disable-hdb --disable-monitor"
myconf="${myconf} --disable-slurpd --disable-overlays"
myconf="${myconf} --disable-relay"
fi
# basic functionality stuff
myconf="${myconf} --enable-syslog --enable-dynamic"
myconf="${myconf} --enable-local --enable-proctitle"
myconf="${myconf} $(use_enable ipv6)"
myconf="${myconf} $(use_with sasl cyrus-sasl) $(use_enable sasl spasswd)"
myconf="${myconf} $(use_enable tcpd wrappers) $(use_with ssl tls)"
if [ $(get_libdir) != "lib" ] ; then
append-ldflags -L/usr/$(get_libdir)
fi
STRIP=/bin/true \
econf \
--enable-static \
--enable-shared \
--libexecdir=/usr/$(get_libdir)/openldap \
${myconf} || die "configure failed"
}
src_compile() {
emake depend || die "make depend failed"
emake || die "make failed"
# openldap/contrib
tc-export CC
if ! use minimal ; then
# dsaschema
einfo "Building contributed dsaschema"
cd "${S}"/contrib/slapd-modules/dsaschema
${CC} -shared -I../../../include ${CFLAGS} -fPIC \
-Wall -o libdsaschema-plugin.so dsaschema.c || \
die "failed to compile dsaschema module"
# kerberos passwd
if use kerberos ; then
einfo "Building contributed pw-kerberos"
cd "${S}"/contrib/slapd-modules/passwd/ && \
${CC} -shared -I../../../include ${CFLAGS} -fPIC \
$(krb5-config --cflags) \
-DHAVE_KRB5 -o pw-kerberos.so kerberos.c || \
die "failed to compile kerberos password module"
fi
# netscape mta-md5 password
einfo "Building contributed pw-netscape"
cd "${S}"/contrib/slapd-modules/passwd/ && \
${CC} -shared -I../../../include ${CFLAGS} -fPIC \
-o pw-netscape.so netscape.c || \
die "failed to compile netscape password module"
# smbk5pwd overlay
# Note: this modules builds, but may not work with
# Gentoo's MIT-Kerberos. It was designed for Heimdal
# Kerberos.
if use smbkrb5passwd ; then
einfo "Building contributed smbk5pwd"
local mydef
local mykrb5inc
mydef="-DDO_SAMBA -DDO_KRB5"
mykrb5inc="$(krb5-config --cflags)"
cd "${S}"/contrib/slapd-modules/smbk5pwd && \
libexecdir="/usr/$(get_libdir)/openldap" \
DEFS="${mydef}" KRB5_INC="${mykrb5inc}" emake || \
die "failed to compile smbk5pwd module"
fi
# addrdnvalues
einfo "Building contributed addrdnvalues"
cd "${S}"/contrib/slapi-plugins/addrdnvalues/ && \
${CC} -shared -I../../../include ${CFLAGS} -fPIC \
-o libaddrdnvalues-plugin.so addrdnvalues.c || \
die "failed to compile addrdnvalues plugin"
fi
}
src_test() {
einfo "Doing tests"
cd tests ; make tests || die "make tests failed"
}
src_install() {
emake DESTDIR="${D}" install || die "make install failed"
dodoc ANNOUNCEMENT CHANGES COPYRIGHT README "${FILESDIR}"/DB_CONFIG.fast.example
docinto rfc ; dodoc doc/rfc/*.txt
# openldap modules go here
# TODO: write some code to populate slapd.conf with moduleload statements
keepdir /usr/$(get_libdir)/openldap/openldap/
# make state directories
local dirlist="data"
if ! use minimal; then
dirlist="${dirlist} slurp ldbm"
fi
for x in ${dirlist}; do
keepdir /var/lib/openldap-${x}
fowners ldap:ldap /var/lib/openldap-${x}
fperms 0700 /var/lib/openldap-${x}
done
echo "OLDPF='${PF}'" > "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
echo "# do NOT delete this. it is used" >> "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
echo "# to track versions for upgrading." >> "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
# manually remove /var/tmp references in .la
# because it is packaged with an ancient libtool
#for x in "${D}"/usr/$(get_libdir)/lib*.la; do
# sed -i -e "s:-L${S}[/]*libraries::" ${x}
#done
# change slapd.pid location in configuration file
keepdir /var/run/openldap
fowners ldap:ldap /var/run/openldap
fperms 0755 /var/run/openldap
if ! use minimal; then
# use our config
rm "${D}"etc/openldap/slapd.con*
insinto /etc/openldap
newins "${FILESDIR}"/${PN}-2.3.34-slapd-conf slapd.conf
configfile="${D}"etc/openldap/slapd.conf
# populate with built backends
ebegin "populate config with built backends"
for x in "${D}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
elog "Adding $(basename ${x})"
sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
done
sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
fowners root:ldap /etc/openldap/slapd.conf
fperms 0640 /etc/openldap/slapd.conf
cp "${configfile}" "${configfile}".default
eend
# install our own init scripts
newinitd "${FILESDIR}"/slapd-initd slapd
newinitd "${FILESDIR}"/slurpd-initd slurpd
newconfd "${FILESDIR}"/slapd-confd slapd
if [ $(get_libdir) != lib ]; then
sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i "${D}"etc/init.d/{slapd,slurpd}
fi
# install contributed modules
docinto /
if [ -e "${S}"/contrib/slapd-modules/dsaschema/libdsaschema-plugin.so ];
then
cd "${S}"/contrib/slapd-modules/dsaschema/
newdoc README README.contrib.dsaschema
exeinto /usr/$(get_libdir)/openldap/openldap
doexe libdsaschema-plugin.so || \
die "failed to install dsaschema module"
fi
if [ -e "${S}"/contrib/slapd-modules/passwd/pw-kerberos.so ]; then
cd "${S}"/contrib/slapd-modules/passwd/
newdoc README README.contrib.passwd
exeinto /usr/$(get_libdir)/openldap/openldap
doexe pw-kerberos.so || \
die "failed to install kerberos passwd module"
fi
if [ -e "${S}"/contrib/slapd-modules/passwd/pw-netscape.so ]; then
cd "${S}"/contrib/slapd-modules/passwd/
newdoc README README.contrib.passwd
exeinto /usr/$(get_libdir)/openldap/openldap
doexe "${S}"/contrib/slapd-modules/passwd/pw-netscape.so || \
die "failed to install Netscape MTA-MD5 passwd module"
fi
if [ -e "${S}"/contrib/slapd-modules/smbk5pwd/.libs/smbk5pwd.so ]; then
cd "${S}"/contrib/slapd-modules/smbk5pwd
newdoc README README.contrib.smbk5pwd
libexecdir="/usr/$(get_libdir)/openldap" \
emake DESTDIR="${D}" install-mod || \
die "failed to install smbk5pwd overlay module"
fi
if [ -e "${S}"/contrib/slapd-tools/statslog ]; then
cd "${S}"/contrib/slapd-tools
exeinto /usr/bin
newexe statslog ldapstatslog || \
die "failed to install ldapstatslog script"
fi
if [ -e "${S}"/contrib/slapi-plugins/addrdnvalues/libaddrdnvalues-plugin.so ];
then
cd "${S}"/contrib/slapi-plugins/addrdnvalues
newdoc README README.contrib.addrdnvalues
exeinto /usr/$(get_libdir)/openldap/openldap
doexe libaddrdnvalues-plugin.so || \
die "failed to install addrdnvalues plugin"
fi
fi
}
pkg_preinst() {
# keep old libs if any
LIBSUFFIXES=".so.2.0.130 -2.2.so.7"
for LIBSUFFIX in ${LIBSUFFIXES} ; do
for each in libldap libldap_r liblber ; do
preserve_old_lib "usr/$(get_libdir)/${each}${LIBSUFFIX}"
done
done
}
pkg_postinst() {
if ! use minimal ; then
# You cannot build SSL certificates during src_install that will make
# binary packages containing your SSL key, which is both a security risk
# and a misconfiguration if multiple machines use the same key and cert.
# Additionally, it overwrites
if use ssl; then
install_cert /etc/openldap/ssl/ldap
chown ldap:ldap "${ROOT}"etc/openldap/ssl/ldap.*
ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
ewarn "add 'TLS_REQCERT never' if you want to use them."
fi
# These lines force the permissions of various content to be correct
chown ldap:ldap "${ROOT}"var/run/openldap
chmod 0755 "${ROOT}"var/run/openldap
chown root:ldap "${ROOT}"etc/openldap/slapd.conf{,.default}
chmod 0640 "${ROOT}"etc/openldap/slapd.conf{,.default}
chown ldap:ldap "${ROOT}"var/lib/openldap-{data,ldbm,slurp}
fi
# Reference inclusion bug #77330
echo
elog
elog "Getting started using OpenLDAP? There is some documentation available:"
elog "Gentoo Guide to OpenLDAP Authentication"
elog "(https://www.gentoo.org/doc/en/ldap-howto.xml)"
elog
# note to bug #110412
echo
elog
elog "An example file for tuning BDB backends with openldap is"
elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
elog
LIBSUFFIXES=".so.2.0.130 -2.2.so.7"
for LIBSUFFIX in ${LIBSUFFIXES} ; do
for each in liblber libldap libldap_r ; do
preserve_old_lib_notify "usr/$(get_libdir)/${each}${LIBSUFFIX}"
done
done
}

853
sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.4.44-r1.ebuild vendored
View File

@ -1,853 +0,0 @@
# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI="5"
inherit db-use eutils flag-o-matic multilib multilib-minimal ssl-cert versionator toolchain-funcs autotools user systemd
BIS_PN=rfc2307bis.schema
BIS_PV=20140524
BIS_P="${BIS_PN}-${BIS_PV}"
DESCRIPTION="LDAP suite of application and development tools"
HOMEPAGE="http://www.OpenLDAP.org/"
# mirrors are mostly not working, using canonical URI
SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz
mirror://gentoo/${BIS_P}"
LICENSE="OPENLDAP GPL-2"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~x86-solaris"
IUSE_DAEMON="crypt samba slp tcpd experimental minimal"
IUSE_BACKEND="+berkdb"
IUSE_OVERLAY="overlays perl"
IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 libressl +syslog selinux static-libs"
IUSE_CONTRIB="smbkrb5passwd kerberos kinit pbkdf2"
IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
REQUIRED_USE="cxx? ( sasl )
?? ( gnutls libressl )
pbkdf2? ( ssl )"
# always list newer first
# Do not add any AGPL-3 BDB here!
# See bug 525110, comment 15.
# Advanced usage: OPENLDAP_BDB_SLOTS in the environment can be used to force a slot during build.
BDB_SLOTS="${OPENLDAP_BDB_SLOTS:=5.3 5.1 4.8 4.7 4.6 4.5 4.4}"
BDB_PKGS=''
for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done
# openssl is needed to generate lanman-passwords required by samba
CDEPEND="
ssl? (
!gnutls? (
!libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] )
)
gnutls? ( >=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}]
libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] )
>=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] ) )
sasl? ( dev-libs/cyrus-sasl:= )
!minimal? (
sys-devel/libtool
sys-libs/e2fsprogs-libs
>=dev-db/lmdb-0.9.18:=
tcpd? ( sys-apps/tcp-wrappers )
odbc? ( !iodbc? ( dev-db/unixODBC )
iodbc? ( dev-db/libiodbc ) )
slp? ( net-libs/openslp )
perl? ( dev-lang/perl:=[-build(-)] )
samba? (
!libressl? ( dev-libs/openssl:0 )
libressl? ( dev-libs/libressl )
)
berkdb? (
<sys-libs/db-6.0:=
|| ( ${BDB_PKGS} )
)
smbkrb5passwd? (
!libressl? ( dev-libs/openssl:0 )
libressl? ( dev-libs/libressl )
kerberos? ( app-crypt/heimdal )
)
kerberos? (
virtual/krb5
kinit? ( !app-crypt/heimdal )
)
cxx? ( dev-libs/cyrus-sasl:= )
)
abi_x86_32? (
!<=app-emulation/emul-linux-x86-baselibs-20140508-r3
!app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
)"
DEPEND="${CDEPEND}
sys-apps/groff"
RDEPEND="${CDEPEND}
selinux? ( sec-policy/selinux-ldap )
"
# for tracking versions
OPENLDAP_VERSIONTAG=".version-tag"
OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
MULTILIB_WRAPPED_HEADERS=(
# USE=cxx
/usr/include/LDAPAsynConnection.h
/usr/include/LDAPAttrType.h
/usr/include/LDAPAttribute.h
/usr/include/LDAPAttributeList.h
/usr/include/LDAPConnection.h
/usr/include/LDAPConstraints.h
/usr/include/LDAPControl.h
/usr/include/LDAPControlSet.h
/usr/include/LDAPEntry.h
/usr/include/LDAPEntryList.h
/usr/include/LDAPException.h
/usr/include/LDAPExtResult.h
/usr/include/LDAPMessage.h
/usr/include/LDAPMessageQueue.h
/usr/include/LDAPModList.h
/usr/include/LDAPModification.h
/usr/include/LDAPObjClass.h
/usr/include/LDAPRebind.h
/usr/include/LDAPRebindAuth.h
/usr/include/LDAPReferenceList.h
/usr/include/LDAPResult.h
/usr/include/LDAPSaslBindResult.h
/usr/include/LDAPSchema.h
/usr/include/LDAPSearchReference.h
/usr/include/LDAPSearchResult.h
/usr/include/LDAPSearchResults.h
/usr/include/LDAPUrl.h
/usr/include/LDAPUrlList.h
/usr/include/LdifReader.h
/usr/include/LdifWriter.h
/usr/include/SaslInteraction.h
/usr/include/SaslInteractionHandler.h
/usr/include/StringList.h
/usr/include/TlsOptions.h
)
openldap_filecount() {
local dir="$1"
find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
}
openldap_find_versiontags() {
# scan for all datadirs
openldap_datadirs=""
if [ -f "${EROOT}"/etc/openldap/slapd.conf ]; then
openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${EROOT}/etc/openldap/slapd.conf)"
fi
openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
einfo
einfo "Scanning datadir(s) from slapd.conf and"
einfo "the default installdir for Versiontags"
einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
einfo
# scan datadirs if we have a version tag
openldap_found_tag=0
have_files=0
for each in ${openldap_datadirs}; do
CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
einfo "- Checking ${each}..."
if [ -r ${CURRENT_TAG} ] ; then
# yey, we have one :)
einfo " Found Versiontag in ${each}"
source ${CURRENT_TAG}
if [ "${OLDPF}" == "" ] ; then
eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
eerror "Please delete it"
eerror
die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
fi
OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
[ $(openldap_filecount ${CURRENT_TAGDIR}) -gt 0 ] && have_files=1
# are we on the same branch?
if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
ewarn " Versiontag doesn't match current major release!"
if [[ "${have_files}" == "1" ]] ; then
eerror " Versiontag says other major and you (probably) have datafiles!"
echo
openldap_upgrade_howto
else
einfo " No real problem, seems there's no database."
fi
else
einfo " Versiontag is fine here :)"
fi
else
einfo " Non-tagged dir ${each}"
[ $(openldap_filecount ${each}) -gt 0 ] && have_files=1
if [[ "${have_files}" == "1" ]] ; then
einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
echo
eerror
eerror "Your OpenLDAP Installation has a non tagged datadir that"
eerror "possibly contains a database at ${CURRENT_TAGDIR}"
eerror
eerror "Please export data if any entered and empty or remove"
eerror "the directory, installation has been stopped so you"
eerror "can take required action"
eerror
eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
eerror
openldap_upgrade_howto
die "Please move the datadir ${CURRENT_TAGDIR} away"
fi
fi
einfo
fi
done
[ "${have_files}" == "1" ] && einfo "DB files present" || einfo "No DB files present"
# Now we must check for the major version of sys-libs/db linked against.
SLAPD_PATH=${EROOT}/usr/$(get_libdir)/openldap/slapd
if [ "${have_files}" == "1" -a -f "${SLAPD_PATH}" ]; then
OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
| awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
if use berkdb; then
# find which one would be used
for bdb_slot in $BDB_SLOTS ; do
NEWVER="$(db_findver "=sys-libs/db-${bdb_slot}*")"
[[ -n "$NEWVER" ]] && break
done
fi
local fail=0
if [ -z "${OLDVER}" -a -z "${NEWVER}" ]; then
:
# Nothing wrong here.
elif [ -z "${OLDVER}" -a -n "${NEWVER}" ]; then
eerror " Your existing version of OpenLDAP was not built against"
eerror " any version of sys-libs/db, but the new one will build"
eerror " against ${NEWVER} and your database may be inaccessible."
echo
fail=1
elif [ -n "${OLDVER}" -a -z "${NEWVER}" ]; then
eerror " Your existing version of OpenLDAP was built against"
eerror " sys-libs/db:${OLDVER}, but the new one will not be"
eerror " built against any version and your database may be"
eerror " inaccessible."
echo
fail=1
elif [ "${OLDVER}" != "${NEWVER}" ]; then
eerror " Your existing version of OpenLDAP was built against"
eerror " sys-libs/db:${OLDVER}, but the new one will build against"
eerror " ${NEWVER} and your database would be inaccessible."
echo
fail=1
fi
[ "${fail}" == "1" ] && openldap_upgrade_howto
fi
echo
einfo
einfo "All datadirs are fine, proceeding with merge now..."
einfo
}
openldap_upgrade_howto() {
eerror
eerror "A (possible old) installation of OpenLDAP was detected,"
eerror "installation will not proceed for now."
eerror
eerror "As major version upgrades can corrupt your database,"
eerror "you need to dump your database and re-create it afterwards."
eerror
eerror "Additionally, rebuilding against different major versions of the"
eerror "sys-libs/db libraries will cause your database to be inaccessible."
eerror ""
d="$(date -u +%s)"
l="/root/ldapdump.${d}"
i="${l}.raw"
eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
eerror " 2. slapcat -l ${i}"
eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
eerror " 5. emerge --update \=net-nds/${PF}"
eerror " 6. etc-update, and ensure that you apply the changes"
eerror " 7. slapadd -l ${l}"
eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
eerror " 9. /etc/init.d/slapd start"
eerror "10. check that your data is intact."
eerror "11. set up the new replication system."
eerror
if [ "${FORCE_UPGRADE}" != "1" ]; then
die "You need to upgrade your database first"
else
eerror "You have the magical FORCE_UPGRADE=1 in place."
eerror "Don't say you weren't warned about data loss."
fi
}
pkg_setup() {
if ! use sasl && use cxx ; then
die "To build the ldapc++ library you must emerge openldap with sasl support"
fi
# Bug #322787
if use minimal && ! has_version "net-nds/openldap" ; then
einfo "No datadir scan needed, openldap not installed"
elif use minimal && has_version 'net-nds/openldap[minimal]' ; then
einfo "Skipping scan for previous datadirs as requested by minimal useflag"
else
openldap_find_versiontags
fi
# The user/group are only used for running daemons which are
# disabled in minimal builds, so elide the accounts too.
if ! use minimal ; then
enewgroup ldap 439
enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
fi
}
src_prepare() {
# ensure correct SLAPI path by default
sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \
"${S}"/include/ldap_defaults.h
epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
epatch \
"${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \
"${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
# bug #116045 - still present in 2.4.28
epatch "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
# bug #408077 - samba4
epatch "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
# bug #189817
epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
# bug #233633
epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch
# bug #281495
epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
# bug #294350
epatch "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
# unbreak /bin/sh -> dash
epatch "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
# bug #420959
epatch "${FILESDIR}"/${PN}-2.4.31-gcc47.patch
# unbundle lmdb
epatch "${FILESDIR}"/${PN}-2.4.42-mdb-unbundle.patch
rm -rf "${S}"/libraries/liblmdb
cd "${S}"/build || die
einfo "Making sure upstream build strip does not do stripping too early"
sed -i.orig \
-e '/^STRIP/s,-s,,g' \
top.mk || die "Failed to block stripping"
# wrong assumption that /bin/sh is /bin/bash
sed -i \
-e 's|/bin/sh|/bin/bash|g' \
"${S}"/tests/scripts/* || die "sed failed"
cd "${S}" || die
AT_NOEAUTOMAKE=yes eautoreconf
}
build_contrib_module() {
# <dir> <sources> <outputname>
cd "${S}/contrib/slapd-modules/$1" || die
einfo "Compiling contrib-module: $3"
# Make sure it's uppercase
local define_name="$(echo "SLAPD_OVER_${1}" | LC_ALL=C tr '[:lower:]' '[:upper:]')"
"${lt}" --mode=compile --tag=CC \
"${CC}" \
-D${define_name}=SLAPD_MOD_DYNAMIC \
-I"${BUILD_DIR}"/include \
-I../../../include -I../../../servers/slapd ${CFLAGS} \
-o ${2%.c}.lo -c $2 || die "compiling $3 failed"
einfo "Linking contrib-module: $3"
"${lt}" --mode=link --tag=CC \
"${CC}" -module \
${CFLAGS} \
${LDFLAGS} \
-rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
-o $3.la ${2%.c}.lo || die "linking $3 failed"
}
src_configure() {
# Bug 408001
use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync
# connectionless ldap per bug #342439
append-cppflags -DLDAP_CONNECTIONLESS
multilib-minimal_src_configure
}
multilib_src_configure() {
local myconf=()
use debug && myconf+=( $(use_enable debug) )
# ICU exists only in the configure, nowhere in the codebase, bug #510858
export ac_cv_header_unicode_utypes_h=no ol_cv_lib_icu=no
if ! use minimal && multilib_is_native_abi; then
local CPPFLAGS=${CPPFLAGS}
# re-enable serverside overlay chains per bug #296567
# see ldap docs chaper 12.3.1 for details
myconf+=( --enable-ldap )
# backends
myconf+=( --enable-slapd )
if use berkdb ; then
einfo "Using Berkeley DB for local backend"
myconf+=( --enable-bdb --enable-hdb )
DBINCLUDE=$(db_includedir $BDB_SLOTS)
einfo "Using $DBINCLUDE for sys-libs/db version"
# We need to include the slotted db.h dir for FreeBSD
append-cppflags -I${DBINCLUDE}
else
myconf+=( --disable-bdb --disable-hdb )
fi
for backend in dnssrv ldap mdb meta monitor null passwd relay shell sock; do
myconf+=( --enable-${backend}=mod )
done
myconf+=( $(use_enable perl perl mod) )
myconf+=( $(use_enable odbc sql mod) )
if use odbc ; then
local odbc_lib="unixodbc"
if use iodbc ; then
odbc_lib="iodbc"
append-cppflags -I"${EPREFIX}"/usr/include/iodbc
fi
myconf+=( --with-odbc=${odbc_lib} )
fi
# slapd options
myconf+=(
$(use_enable crypt)
$(use_enable slp)
$(use_enable samba lmpasswd)
$(use_enable syslog)
)
if use experimental ; then
myconf+=(
--enable-dynacl
--enable-aci=mod
)
fi
for option in aci cleartext modules rewrite rlookups slapi; do
myconf+=( --enable-${option} )
done
# slapd overlay options
# Compile-in the syncprov, the others as module
myconf+=( --enable-syncprov=yes )
use overlays && myconf+=( --enable-overlays=mod )
else
myconf+=(
--disable-backends
--disable-slapd
--disable-bdb
--disable-hdb
--disable-mdb
--disable-overlays
--disable-syslog
)
fi
# basic functionality stuff
myconf+=(
$(use_enable ipv6)
$(multilib_native_use_with sasl cyrus-sasl)
$(multilib_native_use_enable sasl spasswd)
$(use_enable tcpd wrappers)
)
# Some cross-compiling tests don't pan out well.
tc-is-cross-compiler && myconf+=(
--with-yielding-select=yes
)
local ssl_lib="no"
if use ssl || ( ! use minimal && use samba ) ; then
ssl_lib="openssl"
use gnutls && ssl_lib="gnutls"
fi
myconf+=( --with-tls=${ssl_lib} )
for basicflag in dynamic local proctitle shared; do
myconf+=( --enable-${basicflag} )
done
tc-export AR CC CXX
ECONF_SOURCE=${S} \
STRIP=/bin/true \
econf \
--libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
$(use_enable static-libs static) \
"${myconf[@]}"
emake depend
}
src_configure_cxx() {
# This needs the libraries built by the first build run.
# So we have to run it AFTER the main build, not just after the main
# configure.
local myconf_ldapcpp=(
--with-ldap-includes="${S}"/include
)
mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die
cd "${BUILD_DIR}/contrib/ldapc++" || die
local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS}
append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
-L"${BUILD_DIR}"/libraries/libldap/.libs
append-cppflags -I"${BUILD_DIR}"/include
ECONF_SOURCE=${S}/contrib/ldapc++ \
econf "${myconf_ldapcpp[@]}" \
CC="${CC}" \
CXX="${CXX}"
}
multilib_src_compile() {
tc-export AR CC CXX
emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash
local lt="${BUILD_DIR}/libtool"
export echo="echo"
if ! use minimal && multilib_is_native_abi ; then
if use cxx ; then
einfo "Building contrib library: ldapc++"
src_configure_cxx
cd "${BUILD_DIR}/contrib/ldapc++" || die
emake \
CC="${CC}" CXX="${CXX}"
fi
if use smbkrb5passwd ; then
einfo "Building contrib-module: smbk5pwd"
cd "${S}/contrib/slapd-modules/smbk5pwd" || die
MY_DEFS="-DDO_SHADOW"
if use samba ; then
MY_DEFS="${MY_DEFS} -DDO_SAMBA"
MY_KRB5_INC=""
fi
if use kerberos ; then
MY_DEFS="${MY_DEFS} -DDO_KRB5"
MY_KRB5_INC="$(krb5-config --cflags)"
fi
emake \
DEFS="${MY_DEFS}" \
KRB5_INC="${MY_KRB5_INC}" \
LDAP_BUILD="${BUILD_DIR}" \
CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
fi
if use overlays ; then
einfo "Building contrib-module: samba4"
cd "${S}/contrib/slapd-modules/samba4" || die
emake \
LDAP_BUILD="${BUILD_DIR}" \
CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap"
fi
if use kerberos ; then
if use kinit ; then
build_contrib_module "kinit" "kinit.c" "kinit"
fi
cd "${S}/contrib/slapd-modules/passwd" || die
einfo "Compiling contrib-module: pw-kerberos"
"${lt}" --mode=compile --tag=CC \
"${CC}" \
-I"${BUILD_DIR}"/include \
-I../../../include \
${CFLAGS} \
$(krb5-config --cflags) \
-DHAVE_KRB5 \
-o kerberos.lo \
-c kerberos.c || die "compiling pw-kerberos failed"
einfo "Linking contrib-module: pw-kerberos"
"${lt}" --mode=link --tag=CC \
"${CC}" -module \
${CFLAGS} \
${LDFLAGS} \
-rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
-o pw-kerberos.la \
kerberos.lo || die "linking pw-kerberos failed"
fi
if use pbkdf2; then
cd "${S}/contrib/slapd-modules/passwd/pbkdf2" || die
einfo "Compiling contrib-module: pw-pbkdf2"
"${lt}" --mode=compile --tag=CC \
"${CC}" \
-I"${BUILD_DIR}"/include \
-I../../../../include \
${CFLAGS} \
-o pbkdf2.lo \
-c pw-pbkdf2.c || die "compiling pw-pbkdf2 failed"
einfo "Linking contrib-module: pw-pbkdf2"
"${lt}" --mode=link --tag=CC \
"${CC}" -module \
${CFLAGS} \
${LDFLAGS} \
-rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
-o pw-pbkdf2.la \
pbkdf2.lo || die "linking pw-pbkdf2 failed"
fi
# We could build pw-radius if GNURadius would install radlib.h
cd "${S}/contrib/slapd-modules/passwd" || die
einfo "Compiling contrib-module: pw-netscape"
"${lt}" --mode=compile --tag=CC \
"${CC}" \
-I"${BUILD_DIR}"/include \
-I../../../include \
${CFLAGS} \
-o netscape.lo \
-c netscape.c || die "compiling pw-netscape failed"
einfo "Linking contrib-module: pw-netscape"
"${lt}" --mode=link --tag=CC \
"${CC}" -module \
${CFLAGS} \
${LDFLAGS} \
-rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
-o pw-netscape.la \
netscape.lo || die "linking pw-netscape failed"
#build_contrib_module "acl" "posixgroup.c" "posixGroup" # example code only
#build_contrib_module "acl" "gssacl.c" "gss" # example code only, also needs kerberos
build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
build_contrib_module "allop" "allop.c" "overlay-allop"
build_contrib_module "allowed" "allowed.c" "allowed"
build_contrib_module "autogroup" "autogroup.c" "autogroup"
build_contrib_module "cloak" "cloak.c" "cloak"
# build_contrib_module "comp_match" "comp_match.c" "comp_match" # really complex, adds new external deps, questionable demand
build_contrib_module "denyop" "denyop.c" "denyop-overlay"
build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
build_contrib_module "dupent" "dupent.c" "dupent"
build_contrib_module "lastbind" "lastbind.c" "lastbind"
# lastmod may not play well with other overlays
build_contrib_module "lastmod" "lastmod.c" "lastmod"
build_contrib_module "noopsrch" "noopsrch.c" "noopsrch"
build_contrib_module "nops" "nops.c" "nops-overlay"
#build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER
build_contrib_module "trace" "trace.c" "trace"
# build slapi-plugins
cd "${S}/contrib/slapi-plugins/addrdnvalues" || die
einfo "Building contrib-module: addrdnvalues plugin"
"${CC}" -shared \
-I"${BUILD_DIR}"/include \
-I../../../include \
${CFLAGS} \
-fPIC \
${LDFLAGS} \
-o libaddrdnvalues-plugin.so \
addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
fi
}
multilib_src_test() {
if multilib_is_native_abi; then
cd tests || die
emake tests || die "make tests failed"
fi
}
multilib_src_install() {
local lt="${BUILD_DIR}/libtool"
emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install
use static-libs || prune_libtool_files --all
if ! use minimal && multilib_is_native_abi; then
# openldap modules go here
# TODO: write some code to populate slapd.conf with moduleload statements
keepdir /usr/$(get_libdir)/openldap/openldap/
# initial data storage dir
keepdir /var/lib/openldap-data
use prefix || fowners ldap:ldap /var/lib/openldap-data
fperms 0700 /var/lib/openldap-data
echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
# use our config
rm "${ED}"etc/openldap/slapd.conf
insinto /etc/openldap
newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf
configfile="${ED}"etc/openldap/slapd.conf
# populate with built backends
ebegin "populate config with built backends"
for x in "${ED}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
einfo "Adding $(basename ${x})"
sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
done
sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
use prefix || fowners root:ldap /etc/openldap/slapd.conf
fperms 0640 /etc/openldap/slapd.conf
cp "${configfile}" "${configfile}".default
eend
# install our own init scripts and systemd unit files
einfo "Install init scripts"
newinitd "${FILESDIR}"/slapd-initd-2.4.40-r2 slapd
newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd
einfo "Install systemd service"
systemd_dounit "${FILESDIR}"/slapd.service
systemd_install_serviced "${FILESDIR}"/slapd.service.conf
systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf
if [[ $(get_libdir) != lib ]]; then
sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i \
"${ED}"/etc/init.d/slapd \
"${ED}"/usr/lib/systemd/system/slapd.service || die
fi
# If built without SLP, we don't need to be before avahi
use slp \
|| sed -i \
-e '/before/{s/avahi-daemon//g}' \
"${ED}"etc/init.d/slapd
if use cxx ; then
einfo "Install the ldapc++ library"
cd "${BUILD_DIR}/contrib/ldapc++" || die
emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
cd "${S}"/contrib/ldapc++ || die
newdoc README ldapc++-README
fi
if use smbkrb5passwd ; then
einfo "Install the smbk5pwd module"
cd "${S}/contrib/slapd-modules/smbk5pwd" || die
emake DESTDIR="${D}" \
LDAP_BUILD="${BUILD_DIR}" \
libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
newdoc README smbk5pwd-README
fi
if use overlays ; then
einfo "Install the samba4 module"
cd "${S}/contrib/slapd-modules/samba4" || die
emake DESTDIR="${D}" \
LDAP_BUILD="${BUILD_DIR}" \
libexecdir="/usr/$(get_libdir)/openldap" install
newdoc README samba4-README
fi
einfo "Installing contrib modules"
cd "${S}/contrib/slapd-modules" || die
for l in */*.la */*/*.la; do
[[ -e ${l} ]] || continue
"${lt}" --mode=install cp ${l} \
"${ED}"usr/$(get_libdir)/openldap/openldap || \
die "installing ${l} failed"
done
dodoc "${FILESDIR}"/DB_CONFIG.fast.example
docinto contrib
doman */*.5
#newdoc acl/README*
newdoc addpartial/README addpartial-README
newdoc allop/README allop-README
newdoc allowed/README allowed-README
newdoc autogroup/README autogroup-README
newdoc dsaschema/README dsaschema-README
newdoc passwd/README passwd-README
cd "${S}/contrib/slapi-plugins" || die
insinto /usr/$(get_libdir)/openldap/openldap
doins */*.so
docinto contrib
newdoc addrdnvalues/README addrdnvalues-README
insinto /etc/openldap/schema
newins "${DISTDIR}"/${BIS_P} ${BIS_PN}
docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample*
docinto back-shell ; dodoc "${S}"/servers/slapd/back-shell/searchexample*
docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm
dosbin "${S}"/contrib/slapd-tools/statslog
newdoc "${S}"/contrib/slapd-tools/README README.statslog
fi
}
multilib_src_install_all() {
dodoc ANNOUNCEMENT CHANGES COPYRIGHT README
docinto rfc ; dodoc doc/rfc/*.txt
}
pkg_preinst() {
# keep old libs if any
preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0)
# bug 440470, only display the getting started help there was no openldap before,
# or we are going to a non-minimal build
! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]'
OPENLDAP_PRINT_MESSAGES=$((! $?))
}
pkg_postinst() {
if ! use minimal ; then
# You cannot build SSL certificates during src_install that will make
# binary packages containing your SSL key, which is both a security risk
# and a misconfiguration if multiple machines use the same key and cert.
if use ssl; then
install_cert /etc/openldap/ssl/ldap
use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.*
ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
ewarn "add 'TLS_REQCERT allow' if you want to use them."
fi
if use prefix; then
# Warn about prefix issues with slapd
eerror "slapd might NOT be usable on Prefix systems as it requires root privileges"
eerror "to start up, and requires that certain files directories be owned by"
eerror "ldap:ldap. As Prefix does not support changing ownership of files and"
eerror "directories, you will have to manually fix this yourself."
fi
# These lines force the permissions of various content to be correct
use prefix || chown ldap:ldap "${EROOT}"var/run/openldap
chmod 0755 "${EROOT}"var/run/openldap
use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default}
chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default}
use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data
fi
if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then
elog "Getting started using OpenLDAP? There is some documentation available:"
elog "Gentoo Guide to OpenLDAP Authentication"
elog "(https://www.gentoo.org/doc/en/ldap-howto.xml)"
elog "---"
elog "An example file for tuning BDB backends with openldap is"
elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
fi
preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0)
}

830
sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.4.44.ebuild vendored
View File

@ -1,830 +0,0 @@
# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI="5"
inherit db-use eutils flag-o-matic multilib multilib-minimal ssl-cert versionator toolchain-funcs autotools user systemd
BIS_PN=rfc2307bis.schema
BIS_PV=20140524
BIS_P="${BIS_PN}-${BIS_PV}"
DESCRIPTION="LDAP suite of application and development tools"
HOMEPAGE="http://www.OpenLDAP.org/"
# mirrors are mostly not working, using canonical URI
SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz
mirror://gentoo/${BIS_P}"
LICENSE="OPENLDAP GPL-2"
SLOT="0"
KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~x86-solaris"
IUSE_DAEMON="crypt samba slp tcpd experimental minimal"
IUSE_BACKEND="+berkdb"
IUSE_OVERLAY="overlays perl"
IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 libressl +syslog selinux static-libs"
IUSE_CONTRIB="smbkrb5passwd kerberos kinit"
IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
REQUIRED_USE="cxx? ( sasl )
?? ( gnutls libressl )"
# always list newer first
# Do not add any AGPL-3 BDB here!
# See bug 525110, comment 15.
# Advanced usage: OPENLDAP_BDB_SLOTS in the environment can be used to force a slot during build.
BDB_SLOTS="${OPENLDAP_BDB_SLOTS:=5.3 5.1 4.8 4.7 4.6 4.5 4.4}"
BDB_PKGS=''
for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done
# openssl is needed to generate lanman-passwords required by samba
CDEPEND="
ssl? (
!gnutls? (
!libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] )
)
gnutls? ( >=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}]
libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] )
>=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] ) )
sasl? ( dev-libs/cyrus-sasl:= )
!minimal? (
sys-devel/libtool
sys-libs/e2fsprogs-libs
>=dev-db/lmdb-0.9.18:=
tcpd? ( sys-apps/tcp-wrappers )
odbc? ( !iodbc? ( dev-db/unixODBC )
iodbc? ( dev-db/libiodbc ) )
slp? ( net-libs/openslp )
perl? ( dev-lang/perl:=[-build(-)] )
samba? (
!libressl? ( dev-libs/openssl:0 )
libressl? ( dev-libs/libressl )
)
berkdb? (
<sys-libs/db-6.0:=
|| ( ${BDB_PKGS} )
)
smbkrb5passwd? (
!libressl? ( dev-libs/openssl:0 )
libressl? ( dev-libs/libressl )
kerberos? ( app-crypt/heimdal )
)
kerberos? (
virtual/krb5
kinit? ( !app-crypt/heimdal )
)
cxx? ( dev-libs/cyrus-sasl:= )
)
abi_x86_32? (
!<=app-emulation/emul-linux-x86-baselibs-20140508-r3
!app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
)"
DEPEND="${CDEPEND}
sys-apps/groff"
RDEPEND="${CDEPEND}
selinux? ( sec-policy/selinux-ldap )
"
# for tracking versions
OPENLDAP_VERSIONTAG=".version-tag"
OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
MULTILIB_WRAPPED_HEADERS=(
# USE=cxx
/usr/include/LDAPAsynConnection.h
/usr/include/LDAPAttrType.h
/usr/include/LDAPAttribute.h
/usr/include/LDAPAttributeList.h
/usr/include/LDAPConnection.h
/usr/include/LDAPConstraints.h
/usr/include/LDAPControl.h
/usr/include/LDAPControlSet.h
/usr/include/LDAPEntry.h
/usr/include/LDAPEntryList.h
/usr/include/LDAPException.h
/usr/include/LDAPExtResult.h
/usr/include/LDAPMessage.h
/usr/include/LDAPMessageQueue.h
/usr/include/LDAPModList.h
/usr/include/LDAPModification.h
/usr/include/LDAPObjClass.h
/usr/include/LDAPRebind.h
/usr/include/LDAPRebindAuth.h
/usr/include/LDAPReferenceList.h
/usr/include/LDAPResult.h
/usr/include/LDAPSaslBindResult.h
/usr/include/LDAPSchema.h
/usr/include/LDAPSearchReference.h
/usr/include/LDAPSearchResult.h
/usr/include/LDAPSearchResults.h
/usr/include/LDAPUrl.h
/usr/include/LDAPUrlList.h
/usr/include/LdifReader.h
/usr/include/LdifWriter.h
/usr/include/SaslInteraction.h
/usr/include/SaslInteractionHandler.h
/usr/include/StringList.h
/usr/include/TlsOptions.h
)
openldap_filecount() {
local dir="$1"
find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
}
openldap_find_versiontags() {
# scan for all datadirs
openldap_datadirs=""
if [ -f "${EROOT}"/etc/openldap/slapd.conf ]; then
openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${EROOT}/etc/openldap/slapd.conf)"
fi
openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
einfo
einfo "Scanning datadir(s) from slapd.conf and"
einfo "the default installdir for Versiontags"
einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
einfo
# scan datadirs if we have a version tag
openldap_found_tag=0
have_files=0
for each in ${openldap_datadirs}; do
CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
einfo "- Checking ${each}..."
if [ -r ${CURRENT_TAG} ] ; then
# yey, we have one :)
einfo " Found Versiontag in ${each}"
source ${CURRENT_TAG}
if [ "${OLDPF}" == "" ] ; then
eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
eerror "Please delete it"
eerror
die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
fi
OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
[ $(openldap_filecount ${CURRENT_TAGDIR}) -gt 0 ] && have_files=1
# are we on the same branch?
if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
ewarn " Versiontag doesn't match current major release!"
if [[ "${have_files}" == "1" ]] ; then
eerror " Versiontag says other major and you (probably) have datafiles!"
echo
openldap_upgrade_howto
else
einfo " No real problem, seems there's no database."
fi
else
einfo " Versiontag is fine here :)"
fi
else
einfo " Non-tagged dir ${each}"
[ $(openldap_filecount ${each}) -gt 0 ] && have_files=1
if [[ "${have_files}" == "1" ]] ; then
einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
echo
eerror
eerror "Your OpenLDAP Installation has a non tagged datadir that"
eerror "possibly contains a database at ${CURRENT_TAGDIR}"
eerror
eerror "Please export data if any entered and empty or remove"
eerror "the directory, installation has been stopped so you"
eerror "can take required action"
eerror
eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
eerror
openldap_upgrade_howto
die "Please move the datadir ${CURRENT_TAGDIR} away"
fi
fi
einfo
fi
done
[ "${have_files}" == "1" ] && einfo "DB files present" || einfo "No DB files present"
# Now we must check for the major version of sys-libs/db linked against.
SLAPD_PATH=${EROOT}/usr/$(get_libdir)/openldap/slapd
if [ "${have_files}" == "1" -a -f "${SLAPD_PATH}" ]; then
OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
| awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
if use berkdb; then
# find which one would be used
for bdb_slot in $BDB_SLOTS ; do
NEWVER="$(db_findver "=sys-libs/db-${bdb_slot}*")"
[[ -n "$NEWVER" ]] && break
done
fi
local fail=0
if [ -z "${OLDVER}" -a -z "${NEWVER}" ]; then
:
# Nothing wrong here.
elif [ -z "${OLDVER}" -a -n "${NEWVER}" ]; then
eerror " Your existing version of OpenLDAP was not built against"
eerror " any version of sys-libs/db, but the new one will build"
eerror " against ${NEWVER} and your database may be inaccessible."
echo
fail=1
elif [ -n "${OLDVER}" -a -z "${NEWVER}" ]; then
eerror " Your existing version of OpenLDAP was built against"
eerror " sys-libs/db:${OLDVER}, but the new one will not be"
eerror " built against any version and your database may be"
eerror " inaccessible."
echo
fail=1
elif [ "${OLDVER}" != "${NEWVER}" ]; then
eerror " Your existing version of OpenLDAP was built against"
eerror " sys-libs/db:${OLDVER}, but the new one will build against"
eerror " ${NEWVER} and your database would be inaccessible."
echo
fail=1
fi
[ "${fail}" == "1" ] && openldap_upgrade_howto
fi
echo
einfo
einfo "All datadirs are fine, proceeding with merge now..."
einfo
}
openldap_upgrade_howto() {
eerror
eerror "A (possible old) installation of OpenLDAP was detected,"
eerror "installation will not proceed for now."
eerror
eerror "As major version upgrades can corrupt your database,"
eerror "you need to dump your database and re-create it afterwards."
eerror
eerror "Additionally, rebuilding against different major versions of the"
eerror "sys-libs/db libraries will cause your database to be inaccessible."
eerror ""
d="$(date -u +%s)"
l="/root/ldapdump.${d}"
i="${l}.raw"
eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
eerror " 2. slapcat -l ${i}"
eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
eerror " 5. emerge --update \=net-nds/${PF}"
eerror " 6. etc-update, and ensure that you apply the changes"
eerror " 7. slapadd -l ${l}"
eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
eerror " 9. /etc/init.d/slapd start"
eerror "10. check that your data is intact."
eerror "11. set up the new replication system."
eerror
if [ "${FORCE_UPGRADE}" != "1" ]; then
die "You need to upgrade your database first"
else
eerror "You have the magical FORCE_UPGRADE=1 in place."
eerror "Don't say you weren't warned about data loss."
fi
}
pkg_setup() {
if ! use sasl && use cxx ; then
die "To build the ldapc++ library you must emerge openldap with sasl support"
fi
# Bug #322787
if use minimal && ! has_version "net-nds/openldap" ; then
einfo "No datadir scan needed, openldap not installed"
elif use minimal && has_version 'net-nds/openldap[minimal]' ; then
einfo "Skipping scan for previous datadirs as requested by minimal useflag"
else
openldap_find_versiontags
fi
# The user/group are only used for running daemons which are
# disabled in minimal builds, so elide the accounts too.
if ! use minimal ; then
enewgroup ldap 439
enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
fi
}
src_prepare() {
# ensure correct SLAPI path by default
sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \
"${S}"/include/ldap_defaults.h
epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
epatch \
"${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \
"${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
# bug #116045 - still present in 2.4.28
epatch "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
# bug #408077 - samba4
epatch "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
# bug #189817
epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
# bug #233633
epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch
# bug #281495
epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
# bug #294350
epatch "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
# unbreak /bin/sh -> dash
epatch "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
# bug #420959
epatch "${FILESDIR}"/${PN}-2.4.31-gcc47.patch
# unbundle lmdb
epatch "${FILESDIR}"/${PN}-2.4.42-mdb-unbundle.patch
rm -rf "${S}"/libraries/liblmdb
cd "${S}"/build || die
einfo "Making sure upstream build strip does not do stripping too early"
sed -i.orig \
-e '/^STRIP/s,-s,,g' \
top.mk || die "Failed to block stripping"
# wrong assumption that /bin/sh is /bin/bash
sed -i \
-e 's|/bin/sh|/bin/bash|g' \
"${S}"/tests/scripts/* || die "sed failed"
cd "${S}" || die
AT_NOEAUTOMAKE=yes eautoreconf
}
build_contrib_module() {
# <dir> <sources> <outputname>
cd "${S}/contrib/slapd-modules/$1" || die
einfo "Compiling contrib-module: $3"
# Make sure it's uppercase
local define_name="$(echo "SLAPD_OVER_${1}" | LC_ALL=C tr '[:lower:]' '[:upper:]')"
"${lt}" --mode=compile --tag=CC \
"${CC}" \
-D${define_name}=SLAPD_MOD_DYNAMIC \
-I"${BUILD_DIR}"/include \
-I../../../include -I../../../servers/slapd ${CFLAGS} \
-o ${2%.c}.lo -c $2 || die "compiling $3 failed"
einfo "Linking contrib-module: $3"
"${lt}" --mode=link --tag=CC \
"${CC}" -module \
${CFLAGS} \
${LDFLAGS} \
-rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
-o $3.la ${2%.c}.lo || die "linking $3 failed"
}
src_configure() {
# Bug 408001
use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync
# connectionless ldap per bug #342439
append-cppflags -DLDAP_CONNECTIONLESS
multilib-minimal_src_configure
}
multilib_src_configure() {
local myconf=()
use debug && myconf+=( $(use_enable debug) )
# ICU exists only in the configure, nowhere in the codebase, bug #510858
export ac_cv_header_unicode_utypes_h=no ol_cv_lib_icu=no
if ! use minimal && multilib_is_native_abi; then
local CPPFLAGS=${CPPFLAGS}
# re-enable serverside overlay chains per bug #296567
# see ldap docs chaper 12.3.1 for details
myconf+=( --enable-ldap )
# backends
myconf+=( --enable-slapd )
if use berkdb ; then
einfo "Using Berkeley DB for local backend"
myconf+=( --enable-bdb --enable-hdb )
DBINCLUDE=$(db_includedir $BDB_SLOTS)
einfo "Using $DBINCLUDE for sys-libs/db version"
# We need to include the slotted db.h dir for FreeBSD
append-cppflags -I${DBINCLUDE}
else
myconf+=( --disable-bdb --disable-hdb )
fi
for backend in dnssrv ldap mdb meta monitor null passwd relay shell sock; do
myconf+=( --enable-${backend}=mod )
done
myconf+=( $(use_enable perl perl mod) )
myconf+=( $(use_enable odbc sql mod) )
if use odbc ; then
local odbc_lib="unixodbc"
if use iodbc ; then
odbc_lib="iodbc"
append-cppflags -I"${EPREFIX}"/usr/include/iodbc
fi
myconf+=( --with-odbc=${odbc_lib} )
fi
# slapd options
myconf+=(
$(use_enable crypt)
$(use_enable slp)
$(use_enable samba lmpasswd)
$(use_enable syslog)
)
if use experimental ; then
myconf+=(
--enable-dynacl
--enable-aci=mod
)
fi
for option in aci cleartext modules rewrite rlookups slapi; do
myconf+=( --enable-${option} )
done
# slapd overlay options
# Compile-in the syncprov, the others as module
myconf+=( --enable-syncprov=yes )
use overlays && myconf+=( --enable-overlays=mod )
else
myconf+=(
--disable-backends
--disable-slapd
--disable-bdb
--disable-hdb
--disable-mdb
--disable-overlays
--disable-syslog
)
fi
# basic functionality stuff
myconf+=(
$(use_enable ipv6)
$(multilib_native_use_with sasl cyrus-sasl)
$(multilib_native_use_enable sasl spasswd)
$(use_enable tcpd wrappers)
)
# Some cross-compiling tests don't pan out well.
tc-is-cross-compiler && myconf+=(
--with-yielding-select=yes
)
local ssl_lib="no"
if use ssl || ( ! use minimal && use samba ) ; then
ssl_lib="openssl"
use gnutls && ssl_lib="gnutls"
fi
myconf+=( --with-tls=${ssl_lib} )
for basicflag in dynamic local proctitle shared; do
myconf+=( --enable-${basicflag} )
done
tc-export AR CC CXX
ECONF_SOURCE=${S} \
STRIP=/bin/true \
econf \
--libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
$(use_enable static-libs static) \
"${myconf[@]}"
emake depend
}
src_configure_cxx() {
# This needs the libraries built by the first build run.
# So we have to run it AFTER the main build, not just after the main
# configure.
local myconf_ldapcpp=(
--with-ldap-includes="${S}"/include
)
mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die
cd "${BUILD_DIR}/contrib/ldapc++" || die
local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS}
append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
-L"${BUILD_DIR}"/libraries/libldap/.libs
append-cppflags -I"${BUILD_DIR}"/include
ECONF_SOURCE=${S}/contrib/ldapc++ \
econf "${myconf_ldapcpp[@]}" \
CC="${CC}" \
CXX="${CXX}"
}
multilib_src_compile() {
tc-export AR CC CXX
emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash
local lt="${BUILD_DIR}/libtool"
export echo="echo"
if ! use minimal && multilib_is_native_abi ; then
if use cxx ; then
einfo "Building contrib library: ldapc++"
src_configure_cxx
cd "${BUILD_DIR}/contrib/ldapc++" || die
emake \
CC="${CC}" CXX="${CXX}"
fi
if use smbkrb5passwd ; then
einfo "Building contrib-module: smbk5pwd"
cd "${S}/contrib/slapd-modules/smbk5pwd" || die
MY_DEFS="-DDO_SHADOW"
if use samba ; then
MY_DEFS="${MY_DEFS} -DDO_SAMBA"
MY_KRB5_INC=""
fi
if use kerberos ; then
MY_DEFS="${MY_DEFS} -DDO_KRB5"
MY_KRB5_INC="$(krb5-config --cflags)"
fi
emake \
DEFS="${MY_DEFS}" \
KRB5_INC="${MY_KRB5_INC}" \
LDAP_BUILD="${BUILD_DIR}" \
CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
fi
if use overlays ; then
einfo "Building contrib-module: samba4"
cd "${S}/contrib/slapd-modules/samba4" || die
emake \
LDAP_BUILD="${BUILD_DIR}" \
CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap"
fi
if use kerberos ; then
if use kinit ; then
build_contrib_module "kinit" "kinit.c" "kinit"
fi
cd "${S}/contrib/slapd-modules/passwd" || die
einfo "Compiling contrib-module: pw-kerberos"
"${lt}" --mode=compile --tag=CC \
"${CC}" \
-I"${BUILD_DIR}"/include \
-I../../../include \
${CFLAGS} \
$(krb5-config --cflags) \
-DHAVE_KRB5 \
-o kerberos.lo \
-c kerberos.c || die "compiling pw-kerberos failed"
einfo "Linking contrib-module: pw-kerberos"
"${lt}" --mode=link --tag=CC \
"${CC}" -module \
${CFLAGS} \
${LDFLAGS} \
-rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
-o pw-kerberos.la \
kerberos.lo || die "linking pw-kerberos failed"
fi
# We could build pw-radius if GNURadius would install radlib.h
cd "${S}/contrib/slapd-modules/passwd" || die
einfo "Compiling contrib-module: pw-netscape"
"${lt}" --mode=compile --tag=CC \
"${CC}" \
-I"${BUILD_DIR}"/include \
-I../../../include \
${CFLAGS} \
-o netscape.lo \
-c netscape.c || die "compiling pw-netscape failed"
einfo "Linking contrib-module: pw-netscape"
"${lt}" --mode=link --tag=CC \
"${CC}" -module \
${CFLAGS} \
${LDFLAGS} \
-rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
-o pw-netscape.la \
netscape.lo || die "linking pw-netscape failed"
#build_contrib_module "acl" "posixgroup.c" "posixGroup" # example code only
#build_contrib_module "acl" "gssacl.c" "gss" # example code only, also needs kerberos
build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
build_contrib_module "allop" "allop.c" "overlay-allop"
build_contrib_module "allowed" "allowed.c" "allowed"
build_contrib_module "autogroup" "autogroup.c" "autogroup"
build_contrib_module "cloak" "cloak.c" "cloak"
# build_contrib_module "comp_match" "comp_match.c" "comp_match" # really complex, adds new external deps, questionable demand
build_contrib_module "denyop" "denyop.c" "denyop-overlay"
build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
build_contrib_module "dupent" "dupent.c" "dupent"
build_contrib_module "lastbind" "lastbind.c" "lastbind"
# lastmod may not play well with other overlays
build_contrib_module "lastmod" "lastmod.c" "lastmod"
build_contrib_module "noopsrch" "noopsrch.c" "noopsrch"
build_contrib_module "nops" "nops.c" "nops-overlay"
#build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER
build_contrib_module "trace" "trace.c" "trace"
# build slapi-plugins
cd "${S}/contrib/slapi-plugins/addrdnvalues" || die
einfo "Building contrib-module: addrdnvalues plugin"
"${CC}" -shared \
-I"${BUILD_DIR}"/include \
-I../../../include \
${CFLAGS} \
-fPIC \
${LDFLAGS} \
-o libaddrdnvalues-plugin.so \
addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
fi
}
multilib_src_test() {
if multilib_is_native_abi; then
cd tests || die
emake tests || die "make tests failed"
fi
}
multilib_src_install() {
local lt="${BUILD_DIR}/libtool"
emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install
use static-libs || prune_libtool_files --all
if ! use minimal && multilib_is_native_abi; then
# openldap modules go here
# TODO: write some code to populate slapd.conf with moduleload statements
keepdir /usr/$(get_libdir)/openldap/openldap/
# initial data storage dir
keepdir /var/lib/openldap-data
use prefix || fowners ldap:ldap /var/lib/openldap-data
fperms 0700 /var/lib/openldap-data
echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
# use our config
rm "${ED}"etc/openldap/slapd.conf
insinto /etc/openldap
newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf
configfile="${ED}"etc/openldap/slapd.conf
# populate with built backends
ebegin "populate config with built backends"
for x in "${ED}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
einfo "Adding $(basename ${x})"
sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
done
sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
use prefix || fowners root:ldap /etc/openldap/slapd.conf
fperms 0640 /etc/openldap/slapd.conf
cp "${configfile}" "${configfile}".default
eend
# install our own init scripts and systemd unit files
einfo "Install init scripts"
newinitd "${FILESDIR}"/slapd-initd-2.4.40-r2 slapd
newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd
einfo "Install systemd service"
systemd_dounit "${FILESDIR}"/slapd.service
systemd_install_serviced "${FILESDIR}"/slapd.service.conf
systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf
if [[ $(get_libdir) != lib ]]; then
sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i \
"${ED}"/etc/init.d/slapd \
"${ED}"/usr/lib/systemd/system/slapd.service || die
fi
# If built without SLP, we don't need to be before avahi
use slp \
|| sed -i \
-e '/before/{s/avahi-daemon//g}' \
"${ED}"etc/init.d/slapd
if use cxx ; then
einfo "Install the ldapc++ library"
cd "${BUILD_DIR}/contrib/ldapc++" || die
emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
cd "${S}"/contrib/ldapc++ || die
newdoc README ldapc++-README
fi
if use smbkrb5passwd ; then
einfo "Install the smbk5pwd module"
cd "${S}/contrib/slapd-modules/smbk5pwd" || die
emake DESTDIR="${D}" \
LDAP_BUILD="${BUILD_DIR}" \
libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
newdoc README smbk5pwd-README
fi
if use overlays ; then
einfo "Install the samba4 module"
cd "${S}/contrib/slapd-modules/samba4" || die
emake DESTDIR="${D}" \
LDAP_BUILD="${BUILD_DIR}" \
libexecdir="/usr/$(get_libdir)/openldap" install
newdoc README samba4-README
fi
einfo "Installing contrib modules"
cd "${S}/contrib/slapd-modules" || die
for l in */*.la; do
"${lt}" --mode=install cp ${l} \
"${ED}"usr/$(get_libdir)/openldap/openldap || \
die "installing ${l} failed"
done
dodoc "${FILESDIR}"/DB_CONFIG.fast.example
docinto contrib
doman */*.5
#newdoc acl/README*
newdoc addpartial/README addpartial-README
newdoc allop/README allop-README
newdoc allowed/README allowed-README
newdoc autogroup/README autogroup-README
newdoc dsaschema/README dsaschema-README
newdoc passwd/README passwd-README
cd "${S}/contrib/slapi-plugins" || die
insinto /usr/$(get_libdir)/openldap/openldap
doins */*.so
docinto contrib
newdoc addrdnvalues/README addrdnvalues-README
insinto /etc/openldap/schema
newins "${DISTDIR}"/${BIS_P} ${BIS_PN}
docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample*
docinto back-shell ; dodoc "${S}"/servers/slapd/back-shell/searchexample*
docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm
dosbin "${S}"/contrib/slapd-tools/statslog
newdoc "${S}"/contrib/slapd-tools/README README.statslog
fi
}
multilib_src_install_all() {
dodoc ANNOUNCEMENT CHANGES COPYRIGHT README
docinto rfc ; dodoc doc/rfc/*.txt
}
pkg_preinst() {
# keep old libs if any
preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0)
# bug 440470, only display the getting started help there was no openldap before,
# or we are going to a non-minimal build
! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]'
OPENLDAP_PRINT_MESSAGES=$((! $?))
}
pkg_postinst() {
if ! use minimal ; then
# You cannot build SSL certificates during src_install that will make
# binary packages containing your SSL key, which is both a security risk
# and a misconfiguration if multiple machines use the same key and cert.
if use ssl; then
install_cert /etc/openldap/ssl/ldap
use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.*
ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
ewarn "add 'TLS_REQCERT allow' if you want to use them."
fi
if use prefix; then
# Warn about prefix issues with slapd
eerror "slapd might NOT be usable on Prefix systems as it requires root privileges"
eerror "to start up, and requires that certain files directories be owned by"
eerror "ldap:ldap. As Prefix does not support changing ownership of files and"
eerror "directories, you will have to manually fix this yourself."
fi
# These lines force the permissions of various content to be correct
use prefix || chown ldap:ldap "${EROOT}"var/run/openldap
chmod 0755 "${EROOT}"var/run/openldap
use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default}
chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default}
use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data
fi
if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then
elog "Getting started using OpenLDAP? There is some documentation available:"
elog "Gentoo Guide to OpenLDAP Authentication"
elog "(https://www.gentoo.org/doc/en/ldap-howto.xml)"
elog "---"
elog "An example file for tuning BDB backends with openldap is"
elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
fi
preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0)
}

305
sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.4.45.ebuild → sdk_container/src/third_party/portage-stable/net-nds/openldap/openldap-2.4.50.ebuild vendored
View File

@ -1,36 +1,42 @@
# Copyright 1999-2017 Gentoo Foundation # Copyright 1999-2020 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2 # Distributed under the terms of the GNU General Public License v2
EAPI="5" EAPI=7
inherit db-use eutils flag-o-matic multilib multilib-minimal ssl-cert versionator toolchain-funcs autotools user systemd inherit autotools db-use flag-o-matic multilib-minimal ssl-cert toolchain-funcs user systemd
BIS_PN=rfc2307bis.schema BIS_PN=rfc2307bis.schema
BIS_PV=20140524 BIS_PV=20140524
BIS_P="${BIS_PN}-${BIS_PV}" BIS_P="${BIS_PN}-${BIS_PV}"
DESCRIPTION="LDAP suite of application and development tools" DESCRIPTION="LDAP suite of application and development tools"
HOMEPAGE="http://www.OpenLDAP.org/" HOMEPAGE="https://www.OpenLDAP.org/"
# mirrors are mostly not working, using canonical URI # upstream mirrors are mostly not working, using canonical URI
SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz SRC_URI="
mirror://gentoo/${BIS_P}" https://openldap.org/software/download/OpenLDAP/openldap-release/${P}.tgz
http://gpl.savoirfairelinux.net/pub/mirrors/openldap/openldap-release/${P}.tgz
http://repository.linagora.org/OpenLDAP/openldap-release/${P}.tgz
http://mirror.eu.oneandone.net/software/openldap/openldap-release/${P}.tgz
mirror://gentoo/${BIS_P}"
LICENSE="OPENLDAP GPL-2" LICENSE="OPENLDAP GPL-2"
SLOT="0" SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~x86-solaris" KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~mips ppc ppc64 ~riscv s390 sparc x86 ~ppc-aix ~amd64-linux ~x86-linux ~x86-solaris"
IUSE_DAEMON="crypt samba slp tcpd experimental minimal" IUSE_DAEMON="crypt samba tcpd experimental minimal"
IUSE_BACKEND="+berkdb" IUSE_BACKEND="+berkdb"
IUSE_OVERLAY="overlays perl" IUSE_OVERLAY="overlays perl"
IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 libressl +syslog selinux static-libs" IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 libressl +syslog selinux static-libs test"
IUSE_CONTRIB="smbkrb5passwd kerberos kinit pbkdf2 sha2" IUSE_CONTRIB="smbkrb5passwd kerberos kinit pbkdf2 sha2"
IUSE_CONTRIB="${IUSE_CONTRIB} -cxx" IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}" IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
RESTRICT="!test? ( test )"
REQUIRED_USE="cxx? ( sasl ) REQUIRED_USE="cxx? ( sasl )
?? ( gnutls libressl ) pbkdf2? ( ssl )
pbkdf2? ( ssl )" test? ( berkdb )
?? ( test minimal )"
# always list newer first # always list newer first
# Do not add any AGPL-3 BDB here! # Do not add any AGPL-3 BDB here!
@ -41,14 +47,17 @@ BDB_PKGS=''
for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done
# openssl is needed to generate lanman-passwords required by samba # openssl is needed to generate lanman-passwords required by samba
CDEPEND=" COMMON_DEPEND="
ssl? ( ssl? (
!gnutls? ( !gnutls? (
!libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] ) !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] )
libressl? ( dev-libs/libressl:0=[${MULTILIB_USEDEP}] )
) )
gnutls? ( >=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}] gnutls? (
libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] ) >=net-libs/gnutls-2.12.23-r6:=[${MULTILIB_USEDEP}]
>=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] ) ) >=dev-libs/libgcrypt-1.5.3:0=[${MULTILIB_USEDEP}]
)
)
sasl? ( dev-libs/cyrus-sasl:= ) sasl? ( dev-libs/cyrus-sasl:= )
!minimal? ( !minimal? (
sys-devel/libtool sys-devel/libtool
@ -57,19 +66,18 @@ CDEPEND="
tcpd? ( sys-apps/tcp-wrappers ) tcpd? ( sys-apps/tcp-wrappers )
odbc? ( !iodbc? ( dev-db/unixODBC ) odbc? ( !iodbc? ( dev-db/unixODBC )
iodbc? ( dev-db/libiodbc ) ) iodbc? ( dev-db/libiodbc ) )
slp? ( net-libs/openslp )
perl? ( dev-lang/perl:=[-build(-)] ) perl? ( dev-lang/perl:=[-build(-)] )
samba? ( samba? (
!libressl? ( dev-libs/openssl:0 ) !libressl? ( dev-libs/openssl:0= )
libressl? ( dev-libs/libressl ) libressl? ( dev-libs/libressl:0= )
) )
berkdb? ( berkdb? (
<sys-libs/db-6.0:= <sys-libs/db-6.0:=
|| ( ${BDB_PKGS} ) || ( ${BDB_PKGS} )
) )
smbkrb5passwd? ( smbkrb5passwd? (
!libressl? ( dev-libs/openssl:0 ) !libressl? ( dev-libs/openssl:0= )
libressl? ( dev-libs/libressl ) libressl? ( dev-libs/libressl:0= )
kerberos? ( app-crypt/heimdal ) kerberos? ( app-crypt/heimdal )
) )
kerberos? ( kerberos? (
@ -78,13 +86,11 @@ CDEPEND="
) )
cxx? ( dev-libs/cyrus-sasl:= ) cxx? ( dev-libs/cyrus-sasl:= )
) )
abi_x86_32? ( "
!<=app-emulation/emul-linux-x86-baselibs-20140508-r3 DEPEND="${COMMON_DEPEND}
!app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] sys-apps/groff
)" "
DEPEND="${CDEPEND} RDEPEND="${COMMON_DEPEND}
sys-apps/groff"
RDEPEND="${CDEPEND}
selinux? ( sec-policy/selinux-ldap ) selinux? ( sec-policy/selinux-ldap )
" "
# for tracking versions # for tracking versions
@ -129,6 +135,45 @@ MULTILIB_WRAPPED_HEADERS=(
/usr/include/TlsOptions.h /usr/include/TlsOptions.h
) )
PATCHES=(
"${FILESDIR}"/${PN}-2.4.17-gcc44.patch
"${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch
"${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
# bug #116045 - still present in 2.4.28
"${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
# bug #408077 - samba4
"${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
# bug #189817
"${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
# bug #233633
"${FILESDIR}"/${PN}-2.4.45-fix-lmpasswd-gnutls-symbols.patch
# bug #281495
"${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
# bug #294350
"${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
# unbreak /bin/sh -> dash
"${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
# bug #420959
"${FILESDIR}"/${PN}-2.4.31-gcc47.patch
# unbundle lmdb
"${FILESDIR}"/${PN}-2.4.42-mdb-unbundle.patch
# bug #622464
"${FILESDIR}"/${PN}-2.4.47-libressl.patch
# fix some compiler warnings
"${FILESDIR}"/${PN}-2.4.47-warnings.patch
)
openldap_filecount() { openldap_filecount() {
local dir="$1" local dir="$1"
find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
@ -136,11 +181,11 @@ openldap_filecount() {
openldap_find_versiontags() { openldap_find_versiontags() {
# scan for all datadirs # scan for all datadirs
openldap_datadirs="" local openldap_datadirs=()
if [ -f "${EROOT}"/etc/openldap/slapd.conf ]; then if [[ -f "${EROOT}"/etc/openldap/slapd.conf ]]; then
openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${EROOT}/etc/openldap/slapd.conf)" openldap_datadirs=( $(awk '{if($1 == "directory") print $2 }' "${EROOT}"/etc/openldap/slapd.conf) )
fi fi
openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}" openldap_datadirs+=( ${OPENLDAP_DEFAULTDIR_VERSIONTAG} )
einfo einfo
einfo "Scanning datadir(s) from slapd.conf and" einfo "Scanning datadir(s) from slapd.conf and"
@ -151,28 +196,28 @@ openldap_find_versiontags() {
# scan datadirs if we have a version tag # scan datadirs if we have a version tag
openldap_found_tag=0 openldap_found_tag=0
have_files=0 have_files=0
for each in ${openldap_datadirs}; do for each in ${openldap_datadirs[@]} ; do
CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"` CURRENT_TAGDIR="${ROOT}$(sed "s:\/::" <<< ${each})"
CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG} CURRENT_TAG="${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}"
if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then if [[ -d "${CURRENT_TAGDIR}" ]] && [[ "${openldap_found_tag}" == 0 ]] ; then
einfo "- Checking ${each}..." einfo "- Checking ${each}..."
if [ -r ${CURRENT_TAG} ] ; then if [[ -r "${CURRENT_TAG}" ]] ; then
# yey, we have one :) # yey, we have one :)
einfo " Found Versiontag in ${each}" einfo " Found Versiontag in ${each}"
source ${CURRENT_TAG} source "${CURRENT_TAG}"
if [ "${OLDPF}" == "" ] ; then if [[ "${OLDPF}" == "" ]] ; then
eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}" eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
eerror "Please delete it" eerror "Please delete it"
eerror eerror
die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}" die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
fi fi
OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}` OLD_MAJOR=$(ver_cut 2-3 ${OLDPF})
[ $(openldap_filecount ${CURRENT_TAGDIR}) -gt 0 ] && have_files=1 [[ "$(openldap_filecount ${CURRENT_TAGDIR})" -gt 0 ]] && have_files=1
# are we on the same branch? # are we on the same branch?
if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then if [[ "${OLD_MAJOR}" != "${PV:0:3}" ]] ; then
ewarn " Versiontag doesn't match current major release!" ewarn " Versiontag doesn't match current major release!"
if [[ "${have_files}" == "1" ]] ; then if [[ "${have_files}" == "1" ]] ; then
eerror " Versiontag says other major and you (probably) have datafiles!" eerror " Versiontag says other major and you (probably) have datafiles!"
@ -186,7 +231,7 @@ openldap_find_versiontags() {
fi fi
else else
einfo " Non-tagged dir ${each}" einfo " Non-tagged dir ${each}"
[ $(openldap_filecount ${each}) -gt 0 ] && have_files=1 [[ "$(openldap_filecount ${each})" -gt 0 ]] && have_files=1
if [[ "${have_files}" == "1" ]] ; then if [[ "${have_files}" == "1" ]] ; then
einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files" einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
echo echo
@ -208,45 +253,45 @@ openldap_find_versiontags() {
einfo einfo
fi fi
done done
[ "${have_files}" == "1" ] && einfo "DB files present" || einfo "No DB files present" [[ "${have_files}" == "1" ]] && einfo "DB files present" || einfo "No DB files present"
# Now we must check for the major version of sys-libs/db linked against. # Now we must check for the major version of sys-libs/db linked against.
SLAPD_PATH=${EROOT}/usr/$(get_libdir)/openldap/slapd SLAPD_PATH="${EROOT}/usr/$(get_libdir)/openldap/slapd"
if [ "${have_files}" == "1" -a -f "${SLAPD_PATH}" ]; then if [[ "${have_files}" == "1" ]] && [[ -f "${SLAPD_PATH}" ]]; then
OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \ OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
| awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')" | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
if use berkdb; then if use berkdb; then
# find which one would be used # find which one would be used
for bdb_slot in $BDB_SLOTS ; do for bdb_slot in ${BDB_SLOTS} ; do
NEWVER="$(db_findver "=sys-libs/db-${bdb_slot}*")" NEWVER="$(db_findver "=sys-libs/db-${bdb_slot}*")"
[[ -n "$NEWVER" ]] && break [[ -n "${NEWVER}" ]] && break
done done
fi fi
local fail=0 local fail=0
if [ -z "${OLDVER}" -a -z "${NEWVER}" ]; then if [[ -z "${OLDVER}" ]] && [[ -z "${NEWVER}" ]]; then
: :
# Nothing wrong here. # Nothing wrong here.
elif [ -z "${OLDVER}" -a -n "${NEWVER}" ]; then elif [[ -z "${OLDVER}" ]] && [[ -n "${NEWVER}" ]]; then
eerror " Your existing version of OpenLDAP was not built against" eerror " Your existing version of OpenLDAP was not built against"
eerror " any version of sys-libs/db, but the new one will build" eerror " any version of sys-libs/db, but the new one will build"
eerror " against ${NEWVER} and your database may be inaccessible." eerror " against ${NEWVER} and your database may be inaccessible."
echo echo
fail=1 fail=1
elif [ -n "${OLDVER}" -a -z "${NEWVER}" ]; then elif [[ -n "${OLDVER}" ]] && [[ -z "${NEWVER}" ]]; then
eerror " Your existing version of OpenLDAP was built against" eerror " Your existing version of OpenLDAP was built against"
eerror " sys-libs/db:${OLDVER}, but the new one will not be" eerror " sys-libs/db:${OLDVER}, but the new one will not be"
eerror " built against any version and your database may be" eerror " built against any version and your database may be"
eerror " inaccessible." eerror " inaccessible."
echo echo
fail=1 fail=1
elif [ "${OLDVER}" != "${NEWVER}" ]; then elif [[ "${OLDVER}" != "${NEWVER}" ]]; then
eerror " Your existing version of OpenLDAP was built against" eerror " Your existing version of OpenLDAP was built against"
eerror " sys-libs/db:${OLDVER}, but the new one will build against" eerror " sys-libs/db:${OLDVER}, but the new one will build against"
eerror " ${NEWVER} and your database would be inaccessible." eerror " ${NEWVER} and your database would be inaccessible."
echo echo
fail=1 fail=1
fi fi
[ "${fail}" == "1" ] && openldap_upgrade_howto [[ "${fail}" == "1" ]] && openldap_upgrade_howto
fi fi
echo echo
@ -256,6 +301,7 @@ openldap_find_versiontags() {
} }
openldap_upgrade_howto() { openldap_upgrade_howto() {
local d l i
eerror eerror
eerror "A (possible old) installation of OpenLDAP was detected," eerror "A (possible old) installation of OpenLDAP was detected,"
eerror "installation will not proceed for now." eerror "installation will not proceed for now."
@ -269,7 +315,7 @@ openldap_upgrade_howto() {
d="$(date -u +%s)" d="$(date -u +%s)"
l="/root/ldapdump.${d}" l="/root/ldapdump.${d}"
i="${l}.raw" i="${l}.raw"
eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop" eerror " 1. /etc/init.d/slapd stop"
eerror " 2. slapcat -l ${i}" eerror " 2. slapcat -l ${i}"
eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}" eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/" eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
@ -281,7 +327,7 @@ openldap_upgrade_howto() {
eerror "10. check that your data is intact." eerror "10. check that your data is intact."
eerror "11. set up the new replication system." eerror "11. set up the new replication system."
eerror eerror
if [ "${FORCE_UPGRADE}" != "1" ]; then if [[ "${FORCE_UPGRADE}" != "1" ]]; then
die "You need to upgrade your database first" die "You need to upgrade your database first"
else else
eerror "You have the magical FORCE_UPGRADE=1 in place." eerror "You have the magical FORCE_UPGRADE=1 in place."
@ -312,64 +358,33 @@ pkg_setup() {
src_prepare() { src_prepare() {
# ensure correct SLAPI path by default # ensure correct SLAPI path by default
sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \ sed -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \
"${S}"/include/ldap_defaults.h -i include/ldap_defaults.h || die
epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch default
rm -r libraries/liblmdb || die
epatch \ pushd build &>/dev/null || die "pushd build"
"${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \
"${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
# bug #116045 - still present in 2.4.28
epatch "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
# bug #408077 - samba4
epatch "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
# bug #189817
epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
# bug #233633
epatch "${FILESDIR}"/${PN}-2.4.45-fix-lmpasswd-gnutls-symbols.patch
# bug #281495
epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
# bug #294350
epatch "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
# unbreak /bin/sh -> dash
epatch "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
# bug #420959
epatch "${FILESDIR}"/${PN}-2.4.31-gcc47.patch
# unbundle lmdb
epatch "${FILESDIR}"/${PN}-2.4.42-mdb-unbundle.patch
rm -rf "${S}"/libraries/liblmdb
cd "${S}"/build || die
einfo "Making sure upstream build strip does not do stripping too early" einfo "Making sure upstream build strip does not do stripping too early"
sed -i.orig \ sed -i.orig \
-e '/^STRIP/s,-s,,g' \ -e '/^STRIP/s,-s,,g' \
top.mk || die "Failed to block stripping" top.mk || die "Failed to block stripping"
popd &>/dev/null || die
# wrong assumption that /bin/sh is /bin/bash # wrong assumption that /bin/sh is /bin/bash
sed -i \ sed \
-e 's|/bin/sh|/bin/bash|g' \ -e 's|/bin/sh|/bin/bash|g' \
"${S}"/tests/scripts/* || die "sed failed" -i tests/scripts/* || die "sed failed"
cd "${S}" || die
AT_NOEAUTOMAKE=yes eautoreconf AT_NOEAUTOMAKE=yes eautoreconf
} }
build_contrib_module() { build_contrib_module() {
# <dir> <sources> <outputname> # <dir> <sources> <outputname>
cd "${S}/contrib/slapd-modules/$1" || die pushd "${S}/contrib/slapd-modules/$1" &>/dev/null || die "pushd contrib/slapd-modules/$1"
einfo "Compiling contrib-module: $3" einfo "Compiling contrib-module: $3"
# Make sure it's uppercase # Make sure it's uppercase
local define_name="$(echo "SLAPD_OVER_${1}" | LC_ALL=C tr '[:lower:]' '[:upper:]')" local define_name="$(LC_ALL=C tr '[:lower:]' '[:upper:]' <<< "SLAPD_OVER_${1}")"
"${lt}" --mode=compile --tag=CC \ "${lt}" --mode=compile --tag=CC \
"${CC}" \ "${CC}" \
-D${define_name}=SLAPD_MOD_DYNAMIC \ -D${define_name}=SLAPD_MOD_DYNAMIC \
@ -383,6 +398,7 @@ build_contrib_module() {
${LDFLAGS} \ ${LDFLAGS} \
-rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
-o $3.la ${2%.c}.lo || die "linking $3 failed" -o $3.la ${2%.c}.lo || die "linking $3 failed"
popd &>/dev/null || die
} }
src_configure() { src_configure() {
@ -415,8 +431,8 @@ multilib_src_configure() {
if use berkdb ; then if use berkdb ; then
einfo "Using Berkeley DB for local backend" einfo "Using Berkeley DB for local backend"
myconf+=( --enable-bdb --enable-hdb ) myconf+=( --enable-bdb --enable-hdb )
DBINCLUDE=$(db_includedir $BDB_SLOTS) DBINCLUDE=$(db_includedir ${BDB_SLOTS})
einfo "Using $DBINCLUDE for sys-libs/db version" einfo "Using ${DBINCLUDE} for sys-libs/db version"
# We need to include the slotted db.h dir for FreeBSD # We need to include the slotted db.h dir for FreeBSD
append-cppflags -I${DBINCLUDE} append-cppflags -I${DBINCLUDE}
else else
@ -441,7 +457,7 @@ multilib_src_configure() {
# slapd options # slapd options
myconf+=( myconf+=(
$(use_enable crypt) $(use_enable crypt)
$(use_enable slp) --disable-slp
$(use_enable samba lmpasswd) $(use_enable samba lmpasswd)
$(use_enable syslog) $(use_enable syslog)
) )
@ -498,7 +514,8 @@ multilib_src_configure() {
done done
tc-export AR CC CXX tc-export AR CC CXX
ECONF_SOURCE=${S} \ CONFIG_SHELL="/bin/bash" \
ECONF_SOURCE="${S}" \
STRIP=/bin/true \ STRIP=/bin/true \
econf \ econf \
--libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \ --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
@ -516,7 +533,7 @@ src_configure_cxx() {
) )
mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die
cd "${BUILD_DIR}/contrib/ldapc++" || die pushd "${BUILD_DIR}/contrib/ldapc++" &>/dev/null || die "pushd contrib/ldapc++"
local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS} local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS}
append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \ append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
@ -526,6 +543,7 @@ src_configure_cxx() {
econf "${myconf_ldapcpp[@]}" \ econf "${myconf_ldapcpp[@]}" \
CC="${CC}" \ CC="${CC}" \
CXX="${CXX}" CXX="${CXX}"
popd &>/dev/null || die
} }
multilib_src_compile() { multilib_src_compile() {
@ -538,14 +556,14 @@ multilib_src_compile() {
if use cxx ; then if use cxx ; then
einfo "Building contrib library: ldapc++" einfo "Building contrib library: ldapc++"
src_configure_cxx src_configure_cxx
cd "${BUILD_DIR}/contrib/ldapc++" || die pushd "${BUILD_DIR}/contrib/ldapc++" &>/dev/null || die "pushd contrib/ldapc++"
emake \ emake CC="${CC}" CXX="${CXX}"
CC="${CC}" CXX="${CXX}" popd &>/dev/null || die
fi fi
if use smbkrb5passwd ; then if use smbkrb5passwd ; then
einfo "Building contrib-module: smbk5pwd" einfo "Building contrib-module: smbk5pwd"
cd "${S}/contrib/slapd-modules/smbk5pwd" || die pushd "${S}/contrib/slapd-modules/smbk5pwd" &>/dev/null || die "pushd contrib/slapd-modules/smbk5pwd"
MY_DEFS="-DDO_SHADOW" MY_DEFS="-DDO_SHADOW"
if use samba ; then if use samba ; then
@ -562,22 +580,24 @@ multilib_src_compile() {
KRB5_INC="${MY_KRB5_INC}" \ KRB5_INC="${MY_KRB5_INC}" \
LDAP_BUILD="${BUILD_DIR}" \ LDAP_BUILD="${BUILD_DIR}" \
CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
popd &>/dev/null || die
fi fi
if use overlays ; then if use overlays ; then
einfo "Building contrib-module: samba4" einfo "Building contrib-module: samba4"
cd "${S}/contrib/slapd-modules/samba4" || die pushd "${S}/contrib/slapd-modules/samba4" &>/dev/null || die "pushd contrib/slapd-modules/samba4"
emake \ emake \
LDAP_BUILD="${BUILD_DIR}" \ LDAP_BUILD="${BUILD_DIR}" \
CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap" CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap"
popd &>/dev/null || die
fi fi
if use kerberos ; then if use kerberos ; then
if use kinit ; then if use kinit ; then
build_contrib_module "kinit" "kinit.c" "kinit" build_contrib_module "kinit" "kinit.c" "kinit"
fi fi
cd "${S}/contrib/slapd-modules/passwd" || die pushd "${S}/contrib/slapd-modules/passwd" &>/dev/null || die "pushd contrib/slapd-modules/passwd"
einfo "Compiling contrib-module: pw-kerberos" einfo "Compiling contrib-module: pw-kerberos"
"${lt}" --mode=compile --tag=CC \ "${lt}" --mode=compile --tag=CC \
"${CC}" \ "${CC}" \
@ -596,10 +616,11 @@ multilib_src_compile() {
-rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
-o pw-kerberos.la \ -o pw-kerberos.la \
kerberos.lo || die "linking pw-kerberos failed" kerberos.lo || die "linking pw-kerberos failed"
popd &>/dev/null || die
fi fi
if use pbkdf2; then if use pbkdf2; then
cd "${S}/contrib/slapd-modules/passwd/pbkdf2" || die pushd "${S}/contrib/slapd-modules/passwd/pbkdf2" &>/dev/null || die "pushd contrib/slapd-modules/passwd/pbkdf2"
einfo "Compiling contrib-module: pw-pbkdf2" einfo "Compiling contrib-module: pw-pbkdf2"
"${lt}" --mode=compile --tag=CC \ "${lt}" --mode=compile --tag=CC \
"${CC}" \ "${CC}" \
@ -616,10 +637,11 @@ multilib_src_compile() {
-rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
-o pw-pbkdf2.la \ -o pw-pbkdf2.la \
pbkdf2.lo || die "linking pw-pbkdf2 failed" pbkdf2.lo || die "linking pw-pbkdf2 failed"
popd &>/dev/null || die
fi fi
if use sha2 ; then if use sha2 ; then
cd "${S}/contrib/slapd-modules/passwd/sha2" || die pushd "${S}/contrib/slapd-modules/passwd/sha2" &>/dev/null || die "pushd contrib/slapd-modules/passwd/sha2"
einfo "Compiling contrib-module: pw-sha2" einfo "Compiling contrib-module: pw-sha2"
"${lt}" --mode=compile --tag=CC \ "${lt}" --mode=compile --tag=CC \
"${CC}" \ "${CC}" \
@ -643,10 +665,11 @@ multilib_src_compile() {
-rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
-o pw-sha2.la \ -o pw-sha2.la \
sha2.lo slapd-sha2.lo || die "linking pw-sha2 failed" sha2.lo slapd-sha2.lo || die "linking pw-sha2 failed"
popd &>/dev/null || die
fi fi
# We could build pw-radius if GNURadius would install radlib.h # We could build pw-radius if GNURadius would install radlib.h
cd "${S}/contrib/slapd-modules/passwd" || die pushd "${S}/contrib/slapd-modules/passwd" &>/dev/null || die "pushd contrib/slapd-modules/passwd"
einfo "Compiling contrib-module: pw-netscape" einfo "Compiling contrib-module: pw-netscape"
"${lt}" --mode=compile --tag=CC \ "${lt}" --mode=compile --tag=CC \
"${CC}" \ "${CC}" \
@ -679,11 +702,12 @@ multilib_src_compile() {
# lastmod may not play well with other overlays # lastmod may not play well with other overlays
build_contrib_module "lastmod" "lastmod.c" "lastmod" build_contrib_module "lastmod" "lastmod.c" "lastmod"
build_contrib_module "noopsrch" "noopsrch.c" "noopsrch" build_contrib_module "noopsrch" "noopsrch.c" "noopsrch"
build_contrib_module "nops" "nops.c" "nops-overlay" #build_contrib_module "nops" "nops.c" "nops-overlay" https://bugs.gentoo.org/641576
#build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER #build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER
build_contrib_module "trace" "trace.c" "trace" build_contrib_module "trace" "trace.c" "trace"
popd &>/dev/null || die
# build slapi-plugins # build slapi-plugins
cd "${S}/contrib/slapi-plugins/addrdnvalues" || die pushd "${S}/contrib/slapi-plugins/addrdnvalues" &>/dev/null || die "pushd contrib/slapi-plugins/addrdnvalues"
einfo "Building contrib-module: addrdnvalues plugin" einfo "Building contrib-module: addrdnvalues plugin"
"${CC}" -shared \ "${CC}" -shared \
-I"${BUILD_DIR}"/include \ -I"${BUILD_DIR}"/include \
@ -693,21 +717,20 @@ multilib_src_compile() {
${LDFLAGS} \ ${LDFLAGS} \
-o libaddrdnvalues-plugin.so \ -o libaddrdnvalues-plugin.so \
addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed" addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
popd &>/dev/null || die
fi fi
} }
multilib_src_test() { multilib_src_test() {
if multilib_is_native_abi; then if multilib_is_native_abi; then
cd tests || die cd tests || die
emake tests || die "make tests failed" emake tests
fi fi
} }
multilib_src_install() { multilib_src_install() {
local lt="${BUILD_DIR}/libtool" local lt="${BUILD_DIR}/libtool"
emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install
use static-libs || prune_libtool_files --all
if ! use minimal && multilib_is_native_abi; then if ! use minimal && multilib_is_native_abi; then
# openldap modules go here # openldap modules go here
@ -724,42 +747,40 @@ multilib_src_install() {
echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
# use our config # use our config
rm "${ED}"etc/openldap/slapd.conf rm "${ED}"/etc/openldap/slapd.conf
insinto /etc/openldap insinto /etc/openldap
newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf
configfile="${ED}"etc/openldap/slapd.conf configfile="${ED}"/etc/openldap/slapd.conf
# populate with built backends # populate with built backends
ebegin "populate config with built backends" ebegin "populate config with built backends"
for x in "${ED}"usr/$(get_libdir)/openldap/openldap/back_*.so; do for x in "${ED}"/usr/$(get_libdir)/openldap/openldap/back_*.so; do
einfo "Adding $(basename ${x})" einfo "Adding $(basename ${x})"
sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}" sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}" || die
done done
sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}" sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
use prefix || fowners root:ldap /etc/openldap/slapd.conf use prefix || fowners root:ldap /etc/openldap/slapd.conf
fperms 0640 /etc/openldap/slapd.conf fperms 0640 /etc/openldap/slapd.conf
cp "${configfile}" "${configfile}".default cp "${configfile}" "${configfile}".default || die
eend eend
# install our own init scripts and systemd unit files # install our own init scripts and systemd unit files
einfo "Install init scripts" einfo "Install init scripts"
newinitd "${FILESDIR}"/slapd-initd-2.4.40-r2 slapd sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd-initd-2.4.40-r2 > "${T}"/slapd || die
doinitd "${T}"/slapd
newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd
einfo "Install systemd service" einfo "Install systemd service"
systemd_dounit "${FILESDIR}"/slapd.service sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd.service > "${T}"/slapd.service || die
systemd_dounit "${T}"/slapd.service
systemd_install_serviced "${FILESDIR}"/slapd.service.conf systemd_install_serviced "${FILESDIR}"/slapd.service.conf
systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf
if [[ $(get_libdir) != lib ]]; then
sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i \
"${ED}"/etc/init.d/slapd \
"${ED}"/usr/lib/systemd/system/slapd.service || die
fi
# If built without SLP, we don't need to be before avahi # If built without SLP, we don't need to be before avahi
use slp \ sed -i \
|| sed -i \
-e '/before/{s/avahi-daemon//g}' \ -e '/before/{s/avahi-daemon//g}' \
"${ED}"etc/init.d/slapd "${ED}"/etc/init.d/slapd \
|| die
if use cxx ; then if use cxx ; then
einfo "Install the ldapc++ library" einfo "Install the ldapc++ library"
@ -792,7 +813,7 @@ multilib_src_install() {
for l in */*.la */*/*.la; do for l in */*.la */*/*.la; do
[[ -e ${l} ]] || continue [[ -e ${l} ]] || continue
"${lt}" --mode=install cp ${l} \ "${lt}" --mode=install cp ${l} \
"${ED}"usr/$(get_libdir)/openldap/openldap || \ "${ED}"/usr/$(get_libdir)/openldap/openldap || \
die "installing ${l} failed" die "installing ${l} failed"
done done
@ -822,6 +843,10 @@ multilib_src_install() {
dosbin "${S}"/contrib/slapd-tools/statslog dosbin "${S}"/contrib/slapd-tools/statslog
newdoc "${S}"/contrib/slapd-tools/README README.statslog newdoc "${S}"/contrib/slapd-tools/README README.statslog
fi fi
if ! use static-libs ; then
find "${ED}" \( -name '*.a' -o -name '*.la' \) -delete || die
fi
} }
multilib_src_install_all() { multilib_src_install_all() {
@ -845,7 +870,7 @@ pkg_postinst() {
# and a misconfiguration if multiple machines use the same key and cert. # and a misconfiguration if multiple machines use the same key and cert.
if use ssl; then if use ssl; then
install_cert /etc/openldap/ssl/ldap install_cert /etc/openldap/ssl/ldap
use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.* use prefix || chown ldap:ldap "${EROOT}"/etc/openldap/ssl/ldap.*
ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]" ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]" ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
ewarn "add 'TLS_REQCERT allow' if you want to use them." ewarn "add 'TLS_REQCERT allow' if you want to use them."
@ -860,17 +885,19 @@ pkg_postinst() {
fi fi
# These lines force the permissions of various content to be correct # These lines force the permissions of various content to be correct
use prefix || chown ldap:ldap "${EROOT}"var/run/openldap if [[ -d "${EROOT}"/var/run/openldap ]]; then
chmod 0755 "${EROOT}"var/run/openldap use prefix || { chown ldap:ldap "${EROOT}"/var/run/openldap || die; }
use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default} chmod 0755 "${EROOT}"/var/run/openldap || die
chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default} fi
use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data use prefix || chown root:ldap "${EROOT}"/etc/openldap/slapd.conf{,.default}
chmod 0640 "${EROOT}"/etc/openldap/slapd.conf{,.default} || die
use prefix || chown ldap:ldap "${EROOT}"/var/lib/openldap-data
fi fi
if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then
elog "Getting started using OpenLDAP? There is some documentation available:" elog "Getting started using OpenLDAP? There is some documentation available:"
elog "Gentoo Guide to OpenLDAP Authentication" elog "Gentoo Guide to OpenLDAP Authentication"
elog "(https://www.gentoo.org/doc/en/ldap-howto.xml)" elog "(https://wiki.gentoo.org/wiki/Centralized_authentication_using_OpenLDAP)"
elog "---" elog "---"
elog "An example file for tuning BDB backends with openldap is" elog "An example file for tuning BDB backends with openldap is"
elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/" elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"