diff options
| -rw-r--r-- | openldap/.footprint | 157 | ||||
| -rw-r--r-- | openldap/.signature | 9 | ||||
| -rw-r--r-- | openldap/Pkgfile | 75 | ||||
| -rw-r--r-- | openldap/README | 2 | ||||
| -rw-r--r-- | openldap/openldap-ntlm.patch | 230 | ||||
| -rwxr-xr-x | openldap/pre-install | 42 | ||||
| -rwxr-xr-x | openldap/slapd.rc (renamed from openldap/slapd) | 2 |
7 files changed, 470 insertions, 47 deletions
diff --git a/openldap/.footprint b/openldap/.footprint index a00138288..7df32a05c 100644 --- a/openldap/.footprint +++ b/openldap/.footprint @@ -1,8 +1,7 @@ drwxr-xr-x root/root etc/ drwxr-xr-x root/root etc/openldap/ --rw------- root/root etc/openldap/DB_CONFIG.example +-rw-r----- root/ldap etc/openldap/DB_CONFIG.example -rw-r--r-- root/root etc/openldap/ldap.conf --rw-r--r-- root/root etc/openldap/ldap.conf.default drwxr-xr-x root/root etc/openldap/schema/ -r--r--r-- root/root etc/openldap/schema/collective.ldif -r--r--r-- root/root etc/openldap/schema/collective.schema @@ -20,6 +19,7 @@ drwxr-xr-x root/root etc/openldap/schema/ -r--r--r-- root/root etc/openldap/schema/inetorgperson.schema -r--r--r-- root/root etc/openldap/schema/java.ldif -r--r--r-- root/root etc/openldap/schema/java.schema +-rw-r--r-- root/root etc/openldap/schema/ldapns.schema -r--r--r-- root/root etc/openldap/schema/misc.ldif -r--r--r-- root/root etc/openldap/schema/misc.schema -r--r--r-- root/root etc/openldap/schema/nis.ldif @@ -30,10 +30,9 @@ drwxr-xr-x root/root etc/openldap/schema/ -r--r--r-- root/root etc/openldap/schema/pmi.schema -r--r--r-- root/root etc/openldap/schema/ppolicy.ldif -r--r--r-- root/root etc/openldap/schema/ppolicy.schema --rw------- root/root etc/openldap/slapd.conf --rw------- root/root etc/openldap/slapd.conf.default --rw------- root/root etc/openldap/slapd.ldif --rw------- root/root etc/openldap/slapd.ldif.default +-rw-r----- root/ldap etc/openldap/slapd.conf +drwx------ ldap/ldap etc/openldap/slapd.d/ +-rw-r----- root/ldap etc/openldap/slapd.ldif drwxr-xr-x root/root etc/rc.d/ -rwxr-xr-x root/root etc/rc.d/slapd drwxr-xr-x root/root usr/ @@ -48,6 +47,7 @@ lrwxrwxrwx root/root usr/bin/ldapadd -> ldapmodify -rwxr-xr-x root/root usr/bin/ldapsearch -rwxr-xr-x root/root usr/bin/ldapurl -rwxr-xr-x root/root usr/bin/ldapwhoami +lrwxrwxrwx root/root usr/bin/slapd -> ../lib/slapd drwxr-xr-x root/root usr/include/ -rw-r--r-- root/root usr/include/lber.h -rw-r--r-- root/root usr/include/lber_types.h @@ -61,34 +61,135 @@ drwxr-xr-x root/root usr/include/ -rw-r--r-- root/root usr/include/slapi-plugin.h drwxr-xr-x root/root usr/lib/ lrwxrwxrwx root/root usr/lib/liblber-2.4.so.2 -> liblber-2.4.so.2.10.12 --rw-r--r-- root/root usr/lib/liblber-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/liblber-2.4.so.2.10.12 -rw-r--r-- root/root usr/lib/liblber.a --rw-r--r-- root/root usr/lib/liblber.la +-rwxr-xr-x root/root usr/lib/liblber.la lrwxrwxrwx root/root usr/lib/liblber.so -> liblber-2.4.so.2.10.12 lrwxrwxrwx root/root usr/lib/liblber.so.2 -> liblber.so lrwxrwxrwx root/root usr/lib/libldap-2.4.so.2 -> libldap-2.4.so.2.10.12 --rw-r--r-- root/root usr/lib/libldap-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/libldap-2.4.so.2.10.12 -rw-r--r-- root/root usr/lib/libldap.a --rw-r--r-- root/root usr/lib/libldap.la +-rwxr-xr-x root/root usr/lib/libldap.la lrwxrwxrwx root/root usr/lib/libldap.so -> libldap-2.4.so.2.10.12 lrwxrwxrwx root/root usr/lib/libldap.so.2 -> libldap.so lrwxrwxrwx root/root usr/lib/libldap_r-2.4.so.2 -> libldap_r-2.4.so.2.10.12 --rw-r--r-- root/root usr/lib/libldap_r-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/libldap_r-2.4.so.2.10.12 -rw-r--r-- root/root usr/lib/libldap_r.a --rw-r--r-- root/root usr/lib/libldap_r.la +-rwxr-xr-x root/root usr/lib/libldap_r.la lrwxrwxrwx root/root usr/lib/libldap_r.so -> libldap_r-2.4.so.2.10.12 lrwxrwxrwx root/root usr/lib/libldap_r.so.2 -> libldap_r.so +drwxr-xr-x root/root usr/lib/openldap/ +lrwxrwxrwx root/root usr/lib/openldap/accesslog-2.4.so.2 -> accesslog-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/accesslog-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/accesslog.la +lrwxrwxrwx root/root usr/lib/openldap/accesslog.so -> accesslog-2.4.so.2.10.12 +lrwxrwxrwx root/root usr/lib/openldap/auditlog-2.4.so.2 -> auditlog-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/auditlog-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/auditlog.la +lrwxrwxrwx root/root usr/lib/openldap/auditlog.so -> auditlog-2.4.so.2.10.12 +-rw-r--r-- root/root usr/lib/openldap/autogroup.a +-rw-r--r-- root/root usr/lib/openldap/autogroup.la +lrwxrwxrwx root/root usr/lib/openldap/autogroup.so -> autogroup.so.0.0.0 +lrwxrwxrwx root/root usr/lib/openldap/autogroup.so.0 -> autogroup.so.0.0.0 +-rwxr-xr-x root/root usr/lib/openldap/autogroup.so.0.0.0 +lrwxrwxrwx root/root usr/lib/openldap/collect-2.4.so.2 -> collect-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/collect-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/collect.la +lrwxrwxrwx root/root usr/lib/openldap/collect.so -> collect-2.4.so.2.10.12 +lrwxrwxrwx root/root usr/lib/openldap/constraint-2.4.so.2 -> constraint-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/constraint-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/constraint.la +lrwxrwxrwx root/root usr/lib/openldap/constraint.so -> constraint-2.4.so.2.10.12 +lrwxrwxrwx root/root usr/lib/openldap/dds-2.4.so.2 -> dds-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/dds-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/dds.la +lrwxrwxrwx root/root usr/lib/openldap/dds.so -> dds-2.4.so.2.10.12 +lrwxrwxrwx root/root usr/lib/openldap/deref-2.4.so.2 -> deref-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/deref-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/deref.la +lrwxrwxrwx root/root usr/lib/openldap/deref.so -> deref-2.4.so.2.10.12 +lrwxrwxrwx root/root usr/lib/openldap/dyngroup-2.4.so.2 -> dyngroup-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/dyngroup-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/dyngroup.la +lrwxrwxrwx root/root usr/lib/openldap/dyngroup.so -> dyngroup-2.4.so.2.10.12 +lrwxrwxrwx root/root usr/lib/openldap/dynlist-2.4.so.2 -> dynlist-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/dynlist-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/dynlist.la +lrwxrwxrwx root/root usr/lib/openldap/dynlist.so -> dynlist-2.4.so.2.10.12 +-rw-r--r-- root/root usr/lib/openldap/lastbind.a +-rw-r--r-- root/root usr/lib/openldap/lastbind.la +lrwxrwxrwx root/root usr/lib/openldap/lastbind.so -> lastbind.so.0.0.0 +lrwxrwxrwx root/root usr/lib/openldap/lastbind.so.0 -> lastbind.so.0.0.0 +-rwxr-xr-x root/root usr/lib/openldap/lastbind.so.0.0.0 +lrwxrwxrwx root/root usr/lib/openldap/memberof-2.4.so.2 -> memberof-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/memberof-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/memberof.la +lrwxrwxrwx root/root usr/lib/openldap/memberof.so -> memberof-2.4.so.2.10.12 +-rw-r--r-- root/root usr/lib/openldap/nssov.a +-rw-r--r-- root/root usr/lib/openldap/nssov.la +lrwxrwxrwx root/root usr/lib/openldap/nssov.so -> nssov.so.0.0.0 +lrwxrwxrwx root/root usr/lib/openldap/nssov.so.0 -> nssov.so.0.0.0 +-rwxr-xr-x root/root usr/lib/openldap/nssov.so.0.0.0 +lrwxrwxrwx root/root usr/lib/openldap/pcache-2.4.so.2 -> pcache-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/pcache-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/pcache.la +lrwxrwxrwx root/root usr/lib/openldap/pcache.so -> pcache-2.4.so.2.10.12 +lrwxrwxrwx root/root usr/lib/openldap/ppolicy-2.4.so.2 -> ppolicy-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/ppolicy-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/ppolicy.la +lrwxrwxrwx root/root usr/lib/openldap/ppolicy.so -> ppolicy-2.4.so.2.10.12 +-rw-r--r-- root/root usr/lib/openldap/pw-sha2.a +-rw-r--r-- root/root usr/lib/openldap/pw-sha2.la +lrwxrwxrwx root/root usr/lib/openldap/pw-sha2.so -> pw-sha2.so.0.0.0 +lrwxrwxrwx root/root usr/lib/openldap/pw-sha2.so.0 -> pw-sha2.so.0.0.0 +-rwxr-xr-x root/root usr/lib/openldap/pw-sha2.so.0.0.0 +lrwxrwxrwx root/root usr/lib/openldap/refint-2.4.so.2 -> refint-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/refint-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/refint.la +lrwxrwxrwx root/root usr/lib/openldap/refint.so -> refint-2.4.so.2.10.12 +lrwxrwxrwx root/root usr/lib/openldap/retcode-2.4.so.2 -> retcode-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/retcode-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/retcode.la +lrwxrwxrwx root/root usr/lib/openldap/retcode.so -> retcode-2.4.so.2.10.12 +lrwxrwxrwx root/root usr/lib/openldap/rwm-2.4.so.2 -> rwm-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/rwm-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/rwm.la +lrwxrwxrwx root/root usr/lib/openldap/rwm.so -> rwm-2.4.so.2.10.12 +lrwxrwxrwx root/root usr/lib/openldap/seqmod-2.4.so.2 -> seqmod-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/seqmod-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/seqmod.la +lrwxrwxrwx root/root usr/lib/openldap/seqmod.so -> seqmod-2.4.so.2.10.12 +lrwxrwxrwx root/root usr/lib/openldap/sssvlv-2.4.so.2 -> sssvlv-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/sssvlv-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/sssvlv.la +lrwxrwxrwx root/root usr/lib/openldap/sssvlv.so -> sssvlv-2.4.so.2.10.12 +lrwxrwxrwx root/root usr/lib/openldap/syncprov-2.4.so.2 -> syncprov-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/syncprov-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/syncprov.la +lrwxrwxrwx root/root usr/lib/openldap/syncprov.so -> syncprov-2.4.so.2.10.12 +lrwxrwxrwx root/root usr/lib/openldap/translucent-2.4.so.2 -> translucent-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/translucent-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/translucent.la +lrwxrwxrwx root/root usr/lib/openldap/translucent.so -> translucent-2.4.so.2.10.12 +lrwxrwxrwx root/root usr/lib/openldap/unique-2.4.so.2 -> unique-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/unique-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/unique.la +lrwxrwxrwx root/root usr/lib/openldap/unique.so -> unique-2.4.so.2.10.12 +lrwxrwxrwx root/root usr/lib/openldap/valsort-2.4.so.2 -> valsort-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/valsort-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/openldap/valsort.la +lrwxrwxrwx root/root usr/lib/openldap/valsort.so -> valsort-2.4.so.2.10.12 +-rwxr-xr-x root/root usr/lib/slapd drwxr-xr-x root/root usr/sbin/ -lrwxrwxrwx root/root usr/sbin/slapacl -> slapd -lrwxrwxrwx root/root usr/sbin/slapadd -> slapd -lrwxrwxrwx root/root usr/sbin/slapauth -> slapd -lrwxrwxrwx root/root usr/sbin/slapcat -> slapd --rwxr-xr-x root/root usr/sbin/slapd -lrwxrwxrwx root/root usr/sbin/slapdn -> slapd -lrwxrwxrwx root/root usr/sbin/slapindex -> slapd -lrwxrwxrwx root/root usr/sbin/slappasswd -> slapd -lrwxrwxrwx root/root usr/sbin/slapschema -> slapd -lrwxrwxrwx root/root usr/sbin/slaptest -> slapd +lrwxrwxrwx root/root usr/sbin/slapacl -> ../lib/slapd +lrwxrwxrwx root/root usr/sbin/slapadd -> ../lib/slapd +lrwxrwxrwx root/root usr/sbin/slapauth -> ../lib/slapd +lrwxrwxrwx root/root usr/sbin/slapcat -> ../lib/slapd +lrwxrwxrwx root/root usr/sbin/slapdn -> ../lib/slapd +lrwxrwxrwx root/root usr/sbin/slapindex -> ../lib/slapd +lrwxrwxrwx root/root usr/sbin/slappasswd -> ../lib/slapd +lrwxrwxrwx root/root usr/sbin/slapschema -> ../lib/slapd +lrwxrwxrwx root/root usr/sbin/slaptest -> ../lib/slapd drwxr-xr-x root/root usr/share/ drwxr-xr-x root/root usr/share/man/ drwxr-xr-x root/root usr/share/man/man1/ @@ -286,7 +387,6 @@ lrwxrwxrwx root/root usr/share/man/man3/ldap_url_parse.3.gz -> ldap_url.3.gz lrwxrwxrwx root/root usr/share/man/man3/ldap_value_free.3.gz -> ldap_get_values.3.gz lrwxrwxrwx root/root usr/share/man/man3/ldap_value_free_len.3.gz -> ldap_get_values.3.gz drwxr-xr-x root/root usr/share/man/man5/ --rw-r--r-- root/root usr/share/man/man5/ldap.conf.5.gz -rw-r--r-- root/root usr/share/man/man5/ldif.5.gz -rw-r--r-- root/root usr/share/man/man5/slapd-bdb.5.gz -rw-r--r-- root/root usr/share/man/man5/slapd-config.5.gz @@ -312,13 +412,16 @@ lrwxrwxrwx root/root usr/share/man/man5/slapd-hdb.5.gz -> slapd-bdb.5.gz -rw-r--r-- root/root usr/share/man/man5/slapd.plugin.5.gz -rw-r--r-- root/root usr/share/man/man5/slapo-accesslog.5.gz -rw-r--r-- root/root usr/share/man/man5/slapo-auditlog.5.gz +-rw-r--r-- root/root usr/share/man/man5/slapo-autogroup.5.gz -rw-r--r-- root/root usr/share/man/man5/slapo-chain.5.gz -rw-r--r-- root/root usr/share/man/man5/slapo-collect.5.gz -rw-r--r-- root/root usr/share/man/man5/slapo-constraint.5.gz -rw-r--r-- root/root usr/share/man/man5/slapo-dds.5.gz -rw-r--r-- root/root usr/share/man/man5/slapo-dyngroup.5.gz -rw-r--r-- root/root usr/share/man/man5/slapo-dynlist.5.gz +-rw-r--r-- root/root usr/share/man/man5/slapo-lastbind.5.gz -rw-r--r-- root/root usr/share/man/man5/slapo-memberof.5.gz +-rw-r--r-- root/root usr/share/man/man5/slapo-nssov.5.gz -rw-r--r-- root/root usr/share/man/man5/slapo-pbind.5.gz -rw-r--r-- root/root usr/share/man/man5/slapo-pcache.5.gz -rw-r--r-- root/root usr/share/man/man5/slapo-ppolicy.5.gz @@ -343,7 +446,7 @@ drwxr-xr-x root/root usr/share/man/man8/ -rw-r--r-- root/root usr/share/man/man8/slapschema.8.gz -rw-r--r-- root/root usr/share/man/man8/slaptest.8.gz drwxr-xr-x root/root var/ -drwxr-xr-x root/root var/openldap/ -drwxr-xr-x root/root var/openldap/openldap-data/ --rw------- root/root var/openldap/openldap-data/DB_CONFIG.example -drwxr-xr-x root/root var/openldap/run/ +drwxr-xr-x root/root var/lib/ +drwx------ ldap/ldap var/lib/openldap/ +drwxr-xr-x ldap/ldap var/lib/openldap/openldap-data/ +-rw------- ldap/ldap var/lib/openldap/openldap-data/DB_CONFIG.example diff --git a/openldap/.signature b/openldap/.signature index 36dba6e2f..4985e31d2 100644 --- a/openldap/.signature +++ b/openldap/.signature @@ -1,7 +1,8 @@ untrusted comment: verify with /etc/ports/opt.pub -RWSE3ohX2g5d/eUYTSmB2k7xX//M7N4vYaM16Ae4ZuSFdMIjM/qf+hVtj67YCuVBiBUtBKRz7ahpbqku7vzGgfrDd+imN/An7Ao= -SHA256 (Pkgfile) = 95d89cfefe4a1c69142d179104a5baca73085d8056d71590def314c6036a429b -SHA256 (.footprint) = ff8d26917bec25978830fe2a0c936f7c76965cf5e3b27b4415616195f8c1e532 +RWSE3ohX2g5d/ZDgDm/Q90nwPTYuKRIpLI99IM5UgVbkt+yYJE3mhtaP9JP2SBm5X+zCw1QfzNq++U/wU06UHDYosSO/AYyecgE= +SHA256 (Pkgfile) = f7b0adf933a97bfeb6a9fa8d04a1a3c955f722772c5b9b731811616f7f9a6a08 +SHA256 (.footprint) = 88151254cde40c7b33778db7b965e68cf901ea4bbeabfa0627515b75f1fa991b SHA256 (openldap-2.4.49.tgz) = e3b117944b4180f23befe87d0dcf47f29de775befbc469dcf4ac3dab3311e56e +SHA256 (openldap-ntlm.patch) = 099eb217bf989da9c10e0df375f2c4dacf745db55cd1e89be07a09e502552f42 SHA256 (openldap-config.patch) = 4cc73b3acb468926f372b34e83ce9905ea026377b76cb5412d62ed4f483ff20c -SHA256 (slapd) = 944b82221355957485c9a4ccb34bc1e85631cc1bdd9ae480f70a3ab84780adc4 +SHA256 (slapd.rc) = 0a604ff031991547e2263b138ce2547cfcc3ac9001d0409f57212e14609a08ee diff --git a/openldap/Pkgfile b/openldap/Pkgfile index 46046476d..3068c5811 100644 --- a/openldap/Pkgfile +++ b/openldap/Pkgfile @@ -1,26 +1,38 @@ # Description: Lightweight Directory Access Protocol (LDAP) Toolkit -# URL: https://www.openldap.org/ -# Maintainer: CRUX System Team, core-ports at crux dot nu -# Depends on: cyrus-sasl libtool perl util-linux +# URL: https://www.openldap.org/ +# Maintainer: Danny Rawlins, crux at romster dot me +# Depends on: cyrus-sasl libtool perl util-linux name=openldap version=2.4.49 release=1 source=(ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/$name-$version.tgz - $name-config.patch slapd) + openldap-ntlm.patch + $name-config.patch slapd.rc) build() { cd $name-$version + + patch -p1 -i "${SRC}"/openldap-ntlm.patch + sed -i 's|-m 644 $(LIBRARY)|-m 755 $(LIBRARY)|' libraries/{liblber,libldap,libldap_r}/Makefile.in + sed -i 's|#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "ldapi"|#define LDAPI_SOCK LDAP_DIRSEP "run" LDAP_DIRSEP "openldap" LDAP_DIRSEP "ldapi"|' include/ldap_defaults.h + sed -i 's|%LOCALSTATEDIR%/run|/run/openldap|' servers/slapd/slapd.{conf,ldif} + sed -i 's|-$(MKDIR) $(DESTDIR)$(localstatedir)/run|-$(MKDIR) $(DESTDIR)/run/openldap|' servers/slapd/Makefile.in + patch -p0 -i $SRC/$name-config.patch - ./configure --prefix=/usr \ + autoconf + + ./configure \ + --prefix=/usr \ --sysconfdir=/etc \ - --libexecdir=/usr/sbin \ - --localstatedir=/var/openldap \ + --libexecdir=/usr/lib \ + --localstatedir=/var/lib/openldap \ --enable-syslog \ --with-threads \ --with-tls \ --with-cyrus-sasl \ + --enable-overlays=mod \ --enable-spasswd \ --enable-dynamic \ --enable-ipv6 \ @@ -38,14 +50,49 @@ build() { --enable-aci \ --enable-shared - make depend + sed -i -e 's/ -shared / -Wl,-O1,--as-needed\0/g' libtool + make - make DESTDIR=$PKG install + make -C contrib/slapd-modules/nssov OPT="$CFLAGS $CPPFLAGS" prefix=/usr libexecdir=/usr/lib sysconfdir=/etc/openldap + make -C contrib/slapd-modules/autogroup OPT="$CFLAGS $CPPFLAGS" prefix=/usr libexecdir=/usr/lib sysconfdir=/etc/openldap + make -C contrib/slapd-modules/lastbind OPT="$CFLAGS $CPPFLAGS" prefix=/usr libexecdir=/usr/lib sysconfdir=/etc/openldap + make -C contrib/slapd-modules/passwd/sha2 OPT="$CFLAGS $CPPFLAGS" prefix=/usr libexecdir=/usr/lib sysconfdir=/etc/openldap + + for dir in include libraries clients servers doc/man/man{1,3,5,8} ; do + pushd ${dir} + make DESTDIR="$PKG" install + popd + done + + make -C contrib/slapd-modules/autogroup prefix=/usr libexecdir=/usr/lib sysconfdir=/etc/openldap DESTDIR="$PKG" install + make -C contrib/slapd-modules/lastbind prefix=/usr libexecdir=/usr/lib sysconfdir=/etc/openldap DESTDIR="$PKG" install + make -C contrib/slapd-modules/passwd/sha2 prefix=/usr libexecdir=/usr/lib sysconfdir=/etc/openldap DESTDIR="$PKG" install + make -C contrib/slapd-modules/nssov prefix=/usr libexecdir=/usr/lib sysconfdir=/etc/openldap DESTDIR="$PKG" install + install -m644 contrib/slapd-modules/nssov/slapo-nssov.5 "$PKG"/usr/share/man/man5/slapo-nssov.5 + install -m644 contrib/slapd-modules/autogroup/slapo-autogroup.5 "$PKG"/usr/share/man/man5/slapo-autogroup.5 + install -m644 contrib/slapd-modules/lastbind/slapo-lastbind.5 "$PKG"/usr/share/man/man5/slapo-lastbind.5 + + rm "$PKG"/usr/share/man/man5/ldap.conf.5 + rm -r "$PKG"/run + + # remove duplicate default conf files + rm "$PKG"/etc/openldap/*.default + + ln -s ../lib/slapd "$PKG"/usr/bin/slapd + + chown root:ldap "$PKG"/etc/openldap/{slapd.{conf,ldif},DB_CONFIG.example} + chmod 640 "$PKG"/etc/openldap/{slapd.{conf,ldif},DB_CONFIG.example} + + install -dm700 -o ldap -g ldap "$PKG"/var/lib/openldap + chown -R ldap:ldap "$PKG"/var/lib/openldap + + install -dm700 -o ldap -g ldap "$PKG"/etc/openldap/slapd.d + + install -D -m 0755 $SRC/slapd.rc "$PKG"/etc/rc.d/slapd - ln -sf liblber.so $PKG/usr/lib/liblber.so.2 - ln -sf libldap.so $PKG/usr/lib/libldap.so.2 - ln -sf libldap_r.so $PKG/usr/lib/libldap_r.so.2 + ln -s liblber.so $PKG/usr/lib/liblber.so.2 + ln -s libldap.so $PKG/usr/lib/libldap.so.2 + ln -s libldap_r.so $PKG/usr/lib/libldap_r.so.2 - install -D -m 0755 $SRC/slapd $PKG/etc/rc.d/slapd - rm -f $PKG/etc/openldap/schema/README + rm "$PKG"/etc/openldap/schema/README } diff --git a/openldap/README b/openldap/README index b9129f16b..58eade9de 100644 --- a/openldap/README +++ b/openldap/README @@ -1,6 +1,6 @@ UPDATE: -When updateing openldap you should first create a backup of all your data with +When updating openldap you should first create a backup of all your data with slapcat, like: slapcat -l backup.ldif diff --git a/openldap/openldap-ntlm.patch b/openldap/openldap-ntlm.patch new file mode 100644 index 000000000..6804b610d --- /dev/null +++ b/openldap/openldap-ntlm.patch @@ -0,0 +1,230 @@ +Patch from evolution-exchange (2.10.3). The ldap_ntlm_bind function is +actually called by evolution-data-server, checked at version 1.12.2. +Without this patch, the Exchange addressbook integration uses simple binds +with cleartext passwords. + +Russ checked with openldap-software for upstream's opinion on this patch +on 2007-12-21. Upstream had never received it as a patch submission and +given that it's apparently only for older Exchange servers that can't do +SASL and DIGEST-MD5, it's not very appealing. + +Bug#457374 filed against evolution-data-server asking if this support is +still required on 2007-12-21. + +Index: trunk/include/ldap.h +=================================================================== +--- trunk.orig/include/ldap.h ++++ trunk/include/ldap.h +@@ -2461,5 +2461,25 @@ + LDAPControl **ctrls, + LDAPDerefRes **drp )); + ++/* ++ * hacks for NTLM ++ */ ++#define LDAP_AUTH_NTLM_REQUEST ((ber_tag_t) 0x8aU) ++#define LDAP_AUTH_NTLM_RESPONSE ((ber_tag_t) 0x8bU) ++LDAP_F( int ) ++ldap_ntlm_bind LDAP_P(( ++ LDAP *ld, ++ LDAP_CONST char *dn, ++ ber_tag_t tag, ++ struct berval *cred, ++ LDAPControl **sctrls, ++ LDAPControl **cctrls, ++ int *msgidp )); ++LDAP_F( int ) ++ldap_parse_ntlm_bind_result LDAP_P(( ++ LDAP *ld, ++ LDAPMessage *res, ++ struct berval *challenge)); ++ + LDAP_END_DECL + #endif /* _LDAP_H */ +Index: trunk/libraries/libldap/ntlm.c +=================================================================== +--- /dev/null ++++ trunk/libraries/libldap/ntlm.c +@@ -0,0 +1,138 @@ ++/* $OpenLDAP: pkg/ldap/libraries/libldap/ntlm.c,v 1.1.4.10 2002/01/04 20:38:21 kurt Exp $ */ ++/* ++ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved. ++ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file ++ */ ++ ++/* Mostly copied from sasl.c */ ++ ++#include "portable.h" ++ ++#include <stdlib.h> ++#include <stdio.h> ++ ++#include <ac/socket.h> ++#include <ac/string.h> ++#include <ac/time.h> ++#include <ac/errno.h> ++ ++#include "ldap-int.h" ++ ++int ++ldap_ntlm_bind( ++ LDAP *ld, ++ LDAP_CONST char *dn, ++ ber_tag_t tag, ++ struct berval *cred, ++ LDAPControl **sctrls, ++ LDAPControl **cctrls, ++ int *msgidp ) ++{ ++ BerElement *ber; ++ int rc; ++ ber_int_t id; ++ ++ Debug( LDAP_DEBUG_TRACE, "ldap_ntlm_bind\n", 0, 0, 0 ); ++ ++ assert( ld != NULL ); ++ assert( LDAP_VALID( ld ) ); ++ assert( msgidp != NULL ); ++ ++ if( msgidp == NULL ) { ++ ld->ld_errno = LDAP_PARAM_ERROR; ++ return ld->ld_errno; ++ } ++ ++ /* create a message to send */ ++ if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) { ++ ld->ld_errno = LDAP_NO_MEMORY; ++ return ld->ld_errno; ++ } ++ ++ assert( LBER_VALID( ber ) ); ++ ++ LDAP_NEXT_MSGID( ld, id ); ++ rc = ber_printf( ber, "{it{istON}" /*}*/, ++ id, LDAP_REQ_BIND, ++ ld->ld_version, dn, tag, ++ cred ); ++ ++ /* Put Server Controls */ ++ if( ldap_int_put_controls( ld, sctrls, ber ) != LDAP_SUCCESS ) { ++ ber_free( ber, 1 ); ++ return ld->ld_errno; ++ } ++ ++ if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) { ++ ld->ld_errno = LDAP_ENCODING_ERROR; ++ ber_free( ber, 1 ); ++ return ld->ld_errno; ++ } ++ ++ /* send the message */ ++ *msgidp = ldap_send_initial_request( ld, LDAP_REQ_BIND, dn, ber, id ); ++ ++ if(*msgidp < 0) ++ return ld->ld_errno; ++ ++ return LDAP_SUCCESS; ++} ++ ++int ++ldap_parse_ntlm_bind_result( ++ LDAP *ld, ++ LDAPMessage *res, ++ struct berval *challenge) ++{ ++ ber_int_t errcode; ++ ber_tag_t tag; ++ BerElement *ber; ++ ber_len_t len; ++ ++ Debug( LDAP_DEBUG_TRACE, "ldap_parse_ntlm_bind_result\n", 0, 0, 0 ); ++ ++ assert( ld != NULL ); ++ assert( LDAP_VALID( ld ) ); ++ assert( res != NULL ); ++ ++ if ( ld == NULL || res == NULL ) { ++ return LDAP_PARAM_ERROR; ++ } ++ ++ if( res->lm_msgtype != LDAP_RES_BIND ) { ++ ld->ld_errno = LDAP_PARAM_ERROR; ++ return ld->ld_errno; ++ } ++ ++ if ( ld->ld_error ) { ++ LDAP_FREE( ld->ld_error ); ++ ld->ld_error = NULL; ++ } ++ if ( ld->ld_matched ) { ++ LDAP_FREE( ld->ld_matched ); ++ ld->ld_matched = NULL; ++ } ++ ++ /* parse results */ ++ ++ ber = ber_dup( res->lm_ber ); ++ ++ if( ber == NULL ) { ++ ld->ld_errno = LDAP_NO_MEMORY; ++ return ld->ld_errno; ++ } ++ ++ tag = ber_scanf( ber, "{ioa" /*}*/, ++ &errcode, challenge, &ld->ld_error ); ++ ber_free( ber, 0 ); ++ ++ if( tag == LBER_ERROR ) { ++ ld->ld_errno = LDAP_DECODING_ERROR; ++ return ld->ld_errno; ++ } ++ ++ ld->ld_errno = errcode; ++ ++ return( ld->ld_errno ); ++} ++ +Index: trunk/libraries/libldap/Makefile.in +=================================================================== +--- trunk.orig/libraries/libldap/Makefile.in ++++ trunk/libraries/libldap/Makefile.in +@@ -27,7 +27,7 @@ + init.c options.c print.c string.c util-int.c schema.c \ + charray.c os-local.c dnssrv.c utf-8.c utf-8-conv.c \ + tls2.c tls_o.c tls_g.c tls_m.c \ +- turn.c ppolicy.c dds.c txn.c ldap_sync.c stctrl.c \ ++ turn.c ppolicy.c dds.c txn.c ldap_sync.c stctrl.c ntlm.c \ + assertion.c deref.c ldif.c fetch.c + + OBJS = bind.lo open.lo result.lo error.lo compare.lo search.lo \ +@@ -40,7 +40,7 @@ + init.lo options.lo print.lo string.lo util-int.lo schema.lo \ + charray.lo os-local.lo dnssrv.lo utf-8.lo utf-8-conv.lo \ + tls2.lo tls_o.lo tls_g.lo tls_m.lo \ +- turn.lo ppolicy.lo dds.lo txn.lo ldap_sync.lo stctrl.lo \ ++ turn.lo ppolicy.lo dds.lo txn.lo ldap_sync.lo stctrl.lo ntlm.lo \ + assertion.lo deref.lo ldif.lo fetch.lo + + LDAP_INCDIR= ../../include +Index: trunk/libraries/libldap_r/Makefile.in +=================================================================== +--- trunk.orig/libraries/libldap_r/Makefile.in ++++ trunk/libraries/libldap_r/Makefile.in +@@ -29,7 +29,7 @@ + init.c options.c print.c string.c util-int.c schema.c \ + charray.c os-local.c dnssrv.c utf-8.c utf-8-conv.c \ + tls2.c tls_o.c tls_g.c tls_m.c \ +- turn.c ppolicy.c dds.c txn.c ldap_sync.c stctrl.c \ ++ turn.c ppolicy.c dds.c txn.c ldap_sync.c stctrl.c ntlm.c \ + assertion.c deref.c ldif.c fetch.c + SRCS = threads.c rdwr.c rmutex.c tpool.c rq.c \ + thr_posix.c thr_cthreads.c thr_thr.c thr_lwp.c thr_nt.c \ +@@ -47,7 +47,7 @@ + init.lo options.lo print.lo string.lo util-int.lo schema.lo \ + charray.lo os-local.lo dnssrv.lo utf-8.lo utf-8-conv.lo \ + tls2.lo tls_o.lo tls_g.lo tls_m.lo \ +- turn.lo ppolicy.lo dds.lo txn.lo ldap_sync.lo stctrl.lo \ ++ turn.lo ppolicy.lo dds.lo txn.lo ldap_sync.lo stctrl.lo ntlm.lo \ + assertion.lo deref.lo ldif.lo fetch.lo + + LDAP_INCDIR= ../../include diff --git a/openldap/pre-install b/openldap/pre-install new file mode 100755 index 000000000..2f4e80d6f --- /dev/null +++ b/openldap/pre-install @@ -0,0 +1,42 @@ +#!/bin/sh + +# Created by Danny Rawlins, <crux at romster dot me> + +GROUP=ldap +USER=ldap +USER_COMMENT="OpenLDAP Daemon" +USER_HOME=/var/empty +USER_SHELL=/bin/sh + +if [ ! $(id -u) = 0 ]; then + echo "ERROR: you need to be root to run this!" + exit 1 +fi + +if [ $GROUP ]; then + if ! getent group $GROUP > /dev/null; then + /usr/sbin/groupadd $GROUP + if [ $? -eq 0 ]; then + echo "Group: $GROUP added." + fi + else + echo "Group: $GROUP already exists! Skipping." + fi +fi + +if ! getent passwd $USER > /dev/null; then + /usr/sbin/useradd -g $GROUP -c "$USER_COMMENT" -d $USER_HOME -s $USER_SHELL $USER + if [ $? -eq 0 ]; then + echo "User: $USER added." + /usr/bin/passwd -l $USER > /dev/null + if [ $? -eq 0 ]; then + echo "Locked: $USER account." + fi + else + echo "ERROR: unable to lock $USER account." + /usr/sbin/userdel $USER + fi + else + echo "User: $USER already exists! Skipping." +fi + diff --git a/openldap/slapd b/openldap/slapd.rc index 910bf4b33..25aeea2b5 100755 --- a/openldap/slapd +++ b/openldap/slapd.rc @@ -7,7 +7,7 @@ SLAPD_PID=/var/openldap/run/slapd.pid case $1 in start) - /usr/sbin/slapd + /usr/sbin/slapd -u ldap -g ldap ;; stop) if [ -f $SLAPD_PID ]; then |