[Pkg-fedora-ds-maintainers] 389-ds-base: Changes to 'master'
Timo Aaltonen
tjaalton at moszumanska.debian.org
Wed Oct 12 09:00:01 UTC 2016
.gitignore | 155
Makefile.am | 314
VERSION.sh | 28
compile | 2
configure.ac | 150
debian/changelog | 13
debian/control | 4
debian/patches/default_user | 16
debian/patches/fix-bsd.patch | 4
debian/patches/fix-obsolete-target.diff | 8
debian/patches/fix-saslpath.diff | 4
debian/patches/fix-systemctl-path.diff | 6
debian/patches/series | 2
debian/patches/support-kfreebsd.patch | 12
debian/patches/support-non-nss-libldap.diff | 1811 --
debian/rules | 1
depcomp | 2
dirsrvtests/README | 28
dirsrvtests/create_test.py | 14
dirsrvtests/tests/stress/README | 13
dirsrvtests/tests/stress/__init__.py | 1
dirsrvtests/tests/stress/reliabilty/reliab_7_5_test.py | 568
dirsrvtests/tests/stress/reliabilty/reliab_conn_test.py | 289
dirsrvtests/tests/stress/replication/mmr_01_4m-2h-4c_test.py | 969 +
dirsrvtests/tests/stress/replication/mmr_01_4m_test.py | 572
dirsrvtests/tests/suites/acct_usability_plugin/acct_usability_test.py | 27
dirsrvtests/tests/suites/acctpolicy_plugin/acctpolicy_test.py | 30
dirsrvtests/tests/suites/acl/acl_test.py | 6
dirsrvtests/tests/suites/attr_encryption/attr_encrypt_test.py | 29
dirsrvtests/tests/suites/attr_uniqueness_plugin/attr_uniqueness_test.py | 32
dirsrvtests/tests/suites/automember_plugin/automember_test.py | 29
dirsrvtests/tests/suites/basic/basic_test.py | 31
dirsrvtests/tests/suites/betxns/betxn_test.py | 29
dirsrvtests/tests/suites/chaining_plugin/chaining_test.py | 30
dirsrvtests/tests/suites/clu/clu_test.py | 34
dirsrvtests/tests/suites/clu/db2ldif_test.py | 36
dirsrvtests/tests/suites/collation_plugin/collatation_test.py | 28
dirsrvtests/tests/suites/config/config_test.py | 403
dirsrvtests/tests/suites/cos_plugin/cos_test.py | 28
dirsrvtests/tests/suites/deref_plugin/deref_test.py | 28
dirsrvtests/tests/suites/disk_monitoring/disk_monitor_test.py | 28
dirsrvtests/tests/suites/distrib_plugin/distrib_test.py | 28
dirsrvtests/tests/suites/dna_plugin/dna_test.py | 184
dirsrvtests/tests/suites/ds_logs/ds_logs_test.py | 28
dirsrvtests/tests/suites/dynamic-plugins/test_dynamic_plugins.py | 31
dirsrvtests/tests/suites/filter/filter_test.py | 29
dirsrvtests/tests/suites/filter/rfc3673_all_oper_attrs_test.py | 209
dirsrvtests/tests/suites/get_effective_rights/ger_test.py | 28
dirsrvtests/tests/suites/gssapi_repl/gssapi_repl_test.py | 217
dirsrvtests/tests/suites/ldapi/__init__.py | 1
dirsrvtests/tests/suites/ldapi/ldapi_test.py | 28
dirsrvtests/tests/suites/linkedattrs_plugin/linked_attrs_test.py | 28
dirsrvtests/tests/suites/mapping_tree/mapping_tree_test.py | 28
dirsrvtests/tests/suites/memberof_plugin/memberof_test.py | 1
dirsrvtests/tests/suites/memory_leaks/range_search_test.py | 4
dirsrvtests/tests/suites/mep_plugin/mep_test.py | 93
dirsrvtests/tests/suites/monitor/monitor_test.py | 28
dirsrvtests/tests/suites/paged_results/paged_results_test.py | 522
dirsrvtests/tests/suites/pam_passthru_plugin/pam_test.py | 28
dirsrvtests/tests/suites/passthru_plugin/passthru_test.py | 28
dirsrvtests/tests/suites/password/password_test.py | 26
dirsrvtests/tests/suites/password/pwdAdmin_test.py | 27
dirsrvtests/tests/suites/password/pwdPolicy_test.py | 200
dirsrvtests/tests/suites/password/pwd_change_policytest.py | 240
dirsrvtests/tests/suites/posix_winsync_plugin/posix_winsync_test.py | 28
dirsrvtests/tests/suites/psearch/psearch_test.py | 28
dirsrvtests/tests/suites/referint_plugin/referint_test.py | 28
dirsrvtests/tests/suites/replication/cleanallruv_test.py | 735
dirsrvtests/tests/suites/replication/wait_for_async_feature_test.py | 17
dirsrvtests/tests/suites/replsync_plugin/repl_sync_test.py | 28
dirsrvtests/tests/suites/resource_limits/res_limits_test.py | 28
dirsrvtests/tests/suites/retrocl_plugin/retrocl_test.py | 28
dirsrvtests/tests/suites/reverpwd_plugin/reverpwd_test.py | 28
dirsrvtests/tests/suites/roles_plugin/roles_test.py | 28
dirsrvtests/tests/suites/rootdn_plugin/rootdn_plugin_test.py | 71
dirsrvtests/tests/suites/sasl/sasl_test.py | 28
dirsrvtests/tests/suites/schema/test_schema.py | 31
dirsrvtests/tests/suites/schema_reload_plugin/schema_reload_test.py | 28
dirsrvtests/tests/suites/snmp/snmp_test.py | 28
dirsrvtests/tests/suites/ssl/ssl_test.py | 28
dirsrvtests/tests/suites/syntax_plugin/syntax_test.py | 28
dirsrvtests/tests/suites/usn_plugin/usn_test.py | 28
dirsrvtests/tests/suites/views_plugin/views_test.py | 28
dirsrvtests/tests/suites/vlv/vlv_test.py | 28
dirsrvtests/tests/suites/whoami_plugin/whoami_test.py | 28
dirsrvtests/tests/tickets/ticket1347760_test.py | 79
dirsrvtests/tests/tickets/ticket142_test.py | 307
dirsrvtests/tests/tickets/ticket365_test.py | 67
dirsrvtests/tests/tickets/ticket47313_test.py | 32
dirsrvtests/tests/tickets/ticket47384_test.py | 41
dirsrvtests/tests/tickets/ticket47431_test.py | 42
dirsrvtests/tests/tickets/ticket47462_test.py | 4
dirsrvtests/tests/tickets/ticket47490_test.py | 48
dirsrvtests/tests/tickets/ticket47536_test.py | 522
dirsrvtests/tests/tickets/ticket47560_test.py | 31
dirsrvtests/tests/tickets/ticket47573_test.py | 37
dirsrvtests/tests/tickets/ticket47619_test.py | 46
dirsrvtests/tests/tickets/ticket47640_test.py | 25
dirsrvtests/tests/tickets/ticket47653MMR_test.py | 44
dirsrvtests/tests/tickets/ticket47653_test.py | 45
dirsrvtests/tests/tickets/ticket47664_test.py | 225
dirsrvtests/tests/tickets/ticket47669_test.py | 35
dirsrvtests/tests/tickets/ticket47676_test.py | 43
dirsrvtests/tests/tickets/ticket47714_test.py | 49
dirsrvtests/tests/tickets/ticket47721_test.py | 46
dirsrvtests/tests/tickets/ticket47781_test.py | 31
dirsrvtests/tests/tickets/ticket47787_test.py | 42
dirsrvtests/tests/tickets/ticket47808_test.py | 36
dirsrvtests/tests/tickets/ticket47815_test.py | 30
dirsrvtests/tests/tickets/ticket47819_test.py | 37
dirsrvtests/tests/tickets/ticket47823_test.py | 57
dirsrvtests/tests/tickets/ticket47824_test.py | 265
dirsrvtests/tests/tickets/ticket47828_test.py | 251
dirsrvtests/tests/tickets/ticket47829_test.py | 57
dirsrvtests/tests/tickets/ticket47833_test.py | 73
dirsrvtests/tests/tickets/ticket47838_test.py | 142
dirsrvtests/tests/tickets/ticket47869MMR_test.py | 41
dirsrvtests/tests/tickets/ticket47871_test.py | 39
dirsrvtests/tests/tickets/ticket47900_test.py | 30
dirsrvtests/tests/tickets/ticket47910_test.py | 44
dirsrvtests/tests/tickets/ticket47920_test.py | 32
dirsrvtests/tests/tickets/ticket47921_test.py | 25
dirsrvtests/tests/tickets/ticket47927_test.py | 31
dirsrvtests/tests/tickets/ticket47937_test.py | 31
dirsrvtests/tests/tickets/ticket47950_test.py | 31
dirsrvtests/tests/tickets/ticket47953_test.py | 44
dirsrvtests/tests/tickets/ticket47963_test.py | 25
dirsrvtests/tests/tickets/ticket47966_test.py | 35
dirsrvtests/tests/tickets/ticket47970_test.py | 31
dirsrvtests/tests/tickets/ticket47973_test.py | 36
dirsrvtests/tests/tickets/ticket47976_test.py | 203
dirsrvtests/tests/tickets/ticket47980_test.py | 31
dirsrvtests/tests/tickets/ticket47981_test.py | 31
dirsrvtests/tests/tickets/ticket47988_test.py | 42
dirsrvtests/tests/tickets/ticket48005_test.py | 67
dirsrvtests/tests/tickets/ticket48013_test.py | 44
dirsrvtests/tests/tickets/ticket48026_test.py | 29
dirsrvtests/tests/tickets/ticket48170_test.py | 27
dirsrvtests/tests/tickets/ticket48191_test.py | 323
dirsrvtests/tests/tickets/ticket48194_test.py | 83
dirsrvtests/tests/tickets/ticket48212_test.py | 103
dirsrvtests/tests/tickets/ticket48214_test.py | 35
dirsrvtests/tests/tickets/ticket48226_test.py | 31
dirsrvtests/tests/tickets/ticket48228_test.py | 61
dirsrvtests/tests/tickets/ticket48234_test.py | 139
dirsrvtests/tests/tickets/ticket48252_test.py | 44
dirsrvtests/tests/tickets/ticket48265_test.py | 40
dirsrvtests/tests/tickets/ticket48266_test.py | 431
dirsrvtests/tests/tickets/ticket48270_test.py | 153
dirsrvtests/tests/tickets/ticket48294_test.py | 268
dirsrvtests/tests/tickets/ticket48295_test.py | 191
dirsrvtests/tests/tickets/ticket48342_test.py | 316
dirsrvtests/tests/tickets/ticket48354_test.py | 109
dirsrvtests/tests/tickets/ticket48362_test.py | 58
dirsrvtests/tests/tickets/ticket48366_test.py | 195
dirsrvtests/tests/tickets/ticket48369_test.py | 2
dirsrvtests/tests/tickets/ticket48383_test.py | 138
dirsrvtests/tests/tickets/ticket48497_test.py | 55
dirsrvtests/tests/tickets/ticket48637_test.py | 197
dirsrvtests/tests/tickets/ticket48665_test.py | 106
dirsrvtests/tests/tickets/ticket48745_test.py | 32
dirsrvtests/tests/tickets/ticket48746_test.py | 37
dirsrvtests/tests/tickets/ticket48755_test.py | 7
dirsrvtests/tests/tickets/ticket48759_test.py | 41
dirsrvtests/tests/tickets/ticket48784_test.py | 437
dirsrvtests/tests/tickets/ticket48798_test.py | 10
dirsrvtests/tests/tickets/ticket48799_test.py | 6
dirsrvtests/tests/tickets/ticket48844_test.py | 179
dirsrvtests/tests/tickets/ticket48891_test.py | 152
dirsrvtests/tests/tickets/ticket48893_test.py | 105
dirsrvtests/tests/tickets/ticket48916_test.py | 253
dirsrvtests/tests/tickets/ticket548_test.py | 421
install-sh | 366
ldap/admin/src/base-initconfig.in | 6
ldap/admin/src/logconv.pl | 143
ldap/admin/src/scripts/52updateAESplugin.pl | 3
ldap/admin/src/scripts/DSCreate.pm.in | 364
ldap/admin/src/scripts/DSUpdate.pm.in | 12
ldap/admin/src/scripts/DSUtil.pm.in | 20
ldap/admin/src/scripts/db2index.in | 31
ldap/admin/src/scripts/db2ldif.in | 6
ldap/admin/src/scripts/ds-logpipe.py | 2
ldap/admin/src/scripts/ds_selinux_enabled.in | 23
ldap/admin/src/scripts/ds_selinux_port_query.in | 69
ldap/admin/src/scripts/ns-accountstatus.pl.in | 923 -
ldap/admin/src/scripts/ns-activate.pl.in | 361
ldap/admin/src/scripts/ns-inactivate.pl.in | 220
ldap/admin/src/scripts/readnsstate.in | 100
ldap/admin/src/scripts/remove-ds.pl.in | 4
ldap/admin/src/scripts/repl-monitor.pl.in | 7
ldap/admin/src/scripts/setup-ds.res.in | 1
ldap/admin/src/scripts/start-dirsrv.in | 55
ldap/admin/src/scripts/status-dirsrv.in | 85
ldap/ldif/template-baseacis.ldif.in | 2
ldap/ldif/template-dse.ldif.in | 3
ldap/schema/01core389.ldif | 22
ldap/schema/50ns-directory.ldif | 3
ldap/schema/slapd-collations.conf | 12
ldap/servers/plugins/acctpolicy/acct_util.c | 2
ldap/servers/plugins/acl/acl.c | 21
ldap/servers/plugins/acl/acl.h | 2
ldap/servers/plugins/acl/acleffectiverights.c | 2
ldap/servers/plugins/acl/acllas.c | 65
ldap/servers/plugins/acl/acllist.c | 2
ldap/servers/plugins/acl/aclplugin.c | 10
ldap/servers/plugins/acl/aclutil.c | 56
ldap/servers/plugins/cos/cos_cache.c | 12
ldap/servers/plugins/dna/dna.c | 218
ldap/servers/plugins/linkedattrs/linked_attrs.c | 30
ldap/servers/plugins/passthru/ptpreop.c | 3
ldap/servers/plugins/pwdstorage/pwd_init.c | 52
ldap/servers/plugins/referint/referint.c | 5
ldap/servers/plugins/replication/repl5_connection.c | 49
ldap/servers/plugins/replication/repl5_plugins.c | 2
ldap/servers/plugins/replication/repl5_replica.c | 131
ldap/servers/plugins/replication/repl5_replica_config.c | 43
ldap/servers/plugins/replication/repl5_tot_protocol.c | 4
ldap/servers/plugins/replication/repl5_total.c | 3
ldap/servers/plugins/replication/repl5_updatedn_list.c | 5
ldap/servers/plugins/replication/windows_connection.c | 14
ldap/servers/plugins/retrocl/retrocl.c | 24
ldap/servers/plugins/rever/rever.c | 6
ldap/servers/plugins/syntaxes/string.c | 13
ldap/servers/plugins/uiduniq/7bit.c | 13
ldap/servers/slapd/add.c | 13
ldap/servers/slapd/agtmmap.c | 11
ldap/servers/slapd/attr.c | 23
ldap/servers/slapd/attrsyntax.c | 4
ldap/servers/slapd/auditlog.c | 380
ldap/servers/slapd/back-ldbm/cache.c | 26
ldap/servers/slapd/back-ldbm/dblayer.c | 307
ldap/servers/slapd/back-ldbm/idl_new.c | 4
ldap/servers/slapd/back-ldbm/import-threads.c | 49
ldap/servers/slapd/back-ldbm/import.c | 45
ldap/servers/slapd/back-ldbm/import.h | 1
ldap/servers/slapd/back-ldbm/ldbm_add.c | 7
ldap/servers/slapd/back-ldbm/ldbm_config.c | 172
ldap/servers/slapd/back-ldbm/ldbm_index_config.c | 2
ldap/servers/slapd/back-ldbm/ldbm_instance_config.c | 76
ldap/servers/slapd/back-ldbm/ldbm_modify.c | 7
ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 7
ldap/servers/slapd/back-ldbm/ldif2ldbm.c | 36
ldap/servers/slapd/back-ldbm/monitor.c | 4
ldap/servers/slapd/back-ldbm/proto-back-ldbm.h | 2
ldap/servers/slapd/back-ldbm/start.c | 164
ldap/servers/slapd/bind.c | 16
ldap/servers/slapd/compare.c | 4
ldap/servers/slapd/config.c | 4
ldap/servers/slapd/connection.c | 8
ldap/servers/slapd/conntable.c | 2
ldap/servers/slapd/csngen.c | 8
ldap/servers/slapd/daemon.c | 97
ldap/servers/slapd/delete.c | 9
ldap/servers/slapd/detach.c | 115
ldap/servers/slapd/dn.c | 6
ldap/servers/slapd/extendop.c | 449
ldap/servers/slapd/features.c | 54
ldap/servers/slapd/fedse.c | 1
ldap/servers/slapd/filter.c | 18
ldap/servers/slapd/filter.h | 6
ldap/servers/slapd/filterentry.c | 208
ldap/servers/slapd/globals.c | 2
ldap/servers/slapd/ldaputil.c | 589
ldap/servers/slapd/libglobs.c | 890 -
ldap/servers/slapd/localhost.c | 10
ldap/servers/slapd/log.c | 1495 +
ldap/servers/slapd/log.h | 32
ldap/servers/slapd/main.c | 28
ldap/servers/slapd/mapping_tree.c | 86
ldap/servers/slapd/modify.c | 54
ldap/servers/slapd/modrdn.c | 11
ldap/servers/slapd/opshared.c | 11
ldap/servers/slapd/pagedresults.c | 2
ldap/servers/slapd/pblock.c | 59
ldap/servers/slapd/plugin.c | 240
ldap/servers/slapd/plugin_mr.c | 81
ldap/servers/slapd/protect_db.c | 22
ldap/servers/slapd/protect_db.h | 3
ldap/servers/slapd/proto-slap.h | 54
ldap/servers/slapd/pw.c | 359
ldap/servers/slapd/pw.h | 6
ldap/servers/slapd/pw_mgmt.c | 45
ldap/servers/slapd/result.c | 61
ldap/servers/slapd/rootdse.c | 13
ldap/servers/slapd/saslbind.c | 6
ldap/servers/slapd/schema.c | 19
ldap/servers/slapd/slap.h | 112
ldap/servers/slapd/slapi-plugin.h | 73
ldap/servers/slapd/slapi-private.h | 40
ldap/servers/slapd/slapi2nspr.c | 2
ldap/servers/slapd/ssl.c | 1055 +
ldap/servers/slapd/str2filter.c | 145
ldap/servers/slapd/time.c | 179
ldap/servers/slapd/tools/ldclt/ldapfct.c | 15
ldap/servers/slapd/tools/ldclt/ldclt.c | 18
ldap/servers/slapd/tools/ldclt/ldclt.h | 1
ldap/servers/slapd/tools/ldclt/ldcltU.c | 2
ldap/servers/slapd/tools/ldclt/threadMain.c | 90
ldap/servers/slapd/tools/ldif.c | 5
ldap/servers/slapd/tools/mmldif.c | 20
ldap/servers/slapd/tools/pwenc.c | 84
ldap/servers/slapd/util.c | 509
ldap/servers/slapd/value.c | 16
ldap/servers/snmp/main.c | 15
ldap/systools/idsktune.c | 3765 ++--
lib/base/file.cpp | 1
lib/base/fsmutex.cpp | 10
m4/libtool.m4 | 7992 ++++++++++
m4/ltoptions.m4 | 384
m4/ltsugar.m4 | 123
m4/ltversion.m4 | 23
m4/lt~obsolete.m4 | 98
m4/systemd.m4 | 123
man/man1/dbgen.pl.1 | 3
man/man1/ldclt.1 | 3
man/man1/readnsstate.1 | 50
man/man8/ns-accountstatus.pl.8 | 35
man/man8/status-dirsrv.8 | 55
missing | 6
rpm.mk | 20
rpm/389-ds-base.spec.in | 151
wrappers/ds_systemd_ask_password_acl.in | 34
wrappers/systemd.group.in | 2
wrappers/systemd.template.asan.service.in | 36
wrappers/systemd.template.service.in | 13
325 files changed, 31009 insertions(+), 12128 deletions(-)
New commits:
commit 0d860bcdd04053a939e8cc921543b0e8cfaed625
Author: Timo Aaltonen <tjaalton at debian.org>
Date: Wed Oct 12 11:38:42 2016 +0300
releasing package 389-ds-base version 1.3.5.13-1
diff --git a/debian/changelog b/debian/changelog
index 4252dba..2bf8615 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,4 @@
-389-ds-base (1.3.5.13-1) UNRELEASED; urgency=medium
+389-ds-base (1.3.5.13-1) unstable; urgency=medium
* New upstream release.
* control: Bump policy to 3.9.8, no changes.
@@ -9,7 +9,7 @@
* control: Add libsystemd-dev to build-deps.
* control: Add acl to -base depends.
- -- Timo Aaltonen <tjaalton at debian.org> Wed, 05 Oct 2016 15:16:09 +0300
+ -- Timo Aaltonen <tjaalton at debian.org> Wed, 12 Oct 2016 11:11:20 +0300
389-ds-base (1.3.4.14-2) unstable; urgency=medium
commit b1252e974c34c4b0b51837eb580872425dc0cb10
Author: Timo Aaltonen <tjaalton at debian.org>
Date: Wed Oct 12 11:10:45 2016 +0300
control: Add acl to -base depends.
diff --git a/debian/changelog b/debian/changelog
index f86e2ca..4252dba 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -7,6 +7,7 @@
* fix-obsolete-target.diff: Updated.
* patches: Refreshed.
* control: Add libsystemd-dev to build-deps.
+ * control: Add acl to -base depends.
-- Timo Aaltonen <tjaalton at debian.org> Wed, 05 Oct 2016 15:16:09 +0300
diff --git a/debian/control b/debian/control
index 56669fb..5a659e8 100644
--- a/debian/control
+++ b/debian/control
@@ -91,6 +91,7 @@ Pre-Depends: debconf (>= 0.5) | debconf-2.0
Depends:
389-ds-base-libs (= ${binary:Version}),
adduser,
+ acl,
ldap-utils,
libmozilla-ldap-perl,
libnetaddr-ip-perl,
commit ad62fc50ece1b10ba2322a76c1541dcda50e97f5
Author: Timo Aaltonen <tjaalton at debian.org>
Date: Wed Oct 5 17:35:10 2016 +0300
control: Add libsystemd-dev to build-deps.
diff --git a/debian/changelog b/debian/changelog
index 7de9324..f86e2ca 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -6,6 +6,7 @@
* support-non-nss-libldap.diff: Dropped, upstream.
* fix-obsolete-target.diff: Updated.
* patches: Refreshed.
+ * control: Add libsystemd-dev to build-deps.
-- Timo Aaltonen <tjaalton at debian.org> Wed, 05 Oct 2016 15:16:09 +0300
diff --git a/debian/control b/debian/control
index 8538ac3..56669fb 100644
--- a/debian/control
+++ b/debian/control
@@ -24,6 +24,7 @@ Build-Depends:
libsnmp-dev,
libssl-dev,
libsvrcore-dev,
+ libsystemd-dev,
pkg-config,
zlib1g-dev,
Standards-Version: 3.9.8
diff --git a/debian/rules b/debian/rules
index 5cfdfba..d812ff0 100755
--- a/debian/rules
+++ b/debian/rules
@@ -52,6 +52,7 @@ REALFILE_ONLINE = \
override_dh_auto_configure:
dh_auto_configure -- \
--with-openldap \
+ --with-systemd \
--with-systemdsystemunitdir=/lib/systemd/system \
--with-systemdsystemconfdir=/etc/systemd/system \
--with-systemdgroupname=dirsrv.target \
commit fcf144e59fb3e0d9746887f1e89746f37b96f214
Author: Timo Aaltonen <tjaalton at debian.org>
Date: Wed Oct 5 15:43:09 2016 +0300
patches: Refreshed.
diff --git a/debian/changelog b/debian/changelog
index b238a36..7de9324 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,6 +5,7 @@
* patches/default_user: Dropped, upstream.
* support-non-nss-libldap.diff: Dropped, upstream.
* fix-obsolete-target.diff: Updated.
+ * patches: Refreshed.
-- Timo Aaltonen <tjaalton at debian.org> Wed, 05 Oct 2016 15:16:09 +0300
diff --git a/debian/patches/fix-bsd.patch b/debian/patches/fix-bsd.patch
index ea3fecf..44b8bd5 100644
--- a/debian/patches/fix-bsd.patch
+++ b/debian/patches/fix-bsd.patch
@@ -19,8 +19,8 @@ Author: Benjamin Drung <benjamin.drung at profitbricks.com>
"nsuniqueid=ffffffff-ffffffff-ffffffff-ffffffff",
--- a/ldap/systools/idsktune.c
+++ b/ldap/systools/idsktune.c
-@@ -164,6 +164,11 @@ int mem_rec = 1024;
- #define NAME_TCP_KEEPALIVE_INTERVAL "net.ipv4.tcp_keepalive_time"
+@@ -165,6 +165,11 @@ int mem_rec = 1024;
+ #define NAME_TCP_KEEPALIVE_INTERVAL "net.ipv4.tcp_keepalive_time"
#endif
+#if defined(IDDS_BSD_SYSCTL)
diff --git a/debian/patches/fix-saslpath.diff b/debian/patches/fix-saslpath.diff
index 500572c..7ab7b06 100644
--- a/debian/patches/fix-saslpath.diff
+++ b/debian/patches/fix-saslpath.diff
@@ -1,6 +1,6 @@
--- a/ldap/servers/slapd/ldaputil.c
+++ b/ldap/servers/slapd/ldaputil.c
-@@ -937,10 +937,10 @@ ldaputil_get_saslpath()
+@@ -980,10 +980,10 @@ ldaputil_get_saslpath()
if (PR_SUCCESS != PR_Access(saslpath, PR_ACCESS_EXISTS)) {
#ifdef CPU_arm
/* the 64-bit ARMv8 architecture. */
@@ -13,7 +13,7 @@
#endif
}
#else
-@@ -948,14 +948,14 @@ ldaputil_get_saslpath()
+@@ -991,14 +991,14 @@ ldaputil_get_saslpath()
if (PR_SUCCESS != PR_Access(saslpath, PR_ACCESS_EXISTS)) {
#ifdef CPU_arm
/* the latest 32 bit ARM architecture using the hard-float version of EABI. */
diff --git a/debian/patches/fix-systemctl-path.diff b/debian/patches/fix-systemctl-path.diff
index 5ef17d6..aaaeb8c 100644
--- a/debian/patches/fix-systemctl-path.diff
+++ b/debian/patches/fix-systemctl-path.diff
@@ -1,11 +1,9 @@
Description: Fix the path to systemctl binary
Author: Timo Aaltonen <tjaalton at debian.org>
-diff --git a/ldap/admin/src/scripts/start-dirsrv.in b/ldap/admin/src/scripts/start-dirsrv.in
-index 458f0e8..8285070 100755
--- a/ldap/admin/src/scripts/start-dirsrv.in
+++ b/ldap/admin/src/scripts/start-dirsrv.in
-@@ -65,7 +65,7 @@ start_instance() {
+@@ -55,7 +55,7 @@ start_instance() {
# otherwise start the instance the old way.
#
if [ -d "@systemdsystemunitdir@" ] && [ $(id -u) -eq 0 ];then
@@ -14,8 +12,6 @@ index 458f0e8..8285070 100755
if [ $? -ne 0 ]; then
return 1
fi
-diff --git a/ldap/admin/src/scripts/stop-dirsrv.in b/ldap/admin/src/scripts/stop-dirsrv.in
-index 72e2b85..cb5b690 100755
--- a/ldap/admin/src/scripts/stop-dirsrv.in
+++ b/ldap/admin/src/scripts/stop-dirsrv.in
@@ -43,12 +43,12 @@ stop_instance() {
diff --git a/debian/patches/support-kfreebsd.patch b/debian/patches/support-kfreebsd.patch
index 074471d..729d496 100644
--- a/debian/patches/support-kfreebsd.patch
+++ b/debian/patches/support-kfreebsd.patch
@@ -8,7 +8,7 @@ Author: Benjamin Drung <benjamin.drung at profitbricks.com>
--- a/configure.ac
+++ b/configure.ac
-@@ -569,6 +569,46 @@ case $host in
+@@ -544,6 +544,46 @@ case $host in
AC_SUBST([LIBCRYPT], [$LIBCRYPT])
AC_DEFINE([USE_POSIX_RWLOCKS], [1], [POSIX rwlocks])
;;
@@ -117,7 +117,7 @@ Author: Benjamin Drung <benjamin.drung at profitbricks.com>
#undef CTIME
#include <sys/statfs.h>
#else
-@@ -380,7 +380,7 @@ disk_mon_get_dirs(char ***list, int logs
+@@ -442,7 +442,7 @@ disk_mon_get_dirs(char ***list, int logs
char *
disk_mon_check_diskspace(char **dirs, PRUint64 threshold, PRUint64 *disk_space)
{
@@ -126,7 +126,7 @@ Author: Benjamin Drung <benjamin.drung at profitbricks.com>
struct statfs buf;
#else
struct statvfs buf;
-@@ -393,7 +393,7 @@ disk_mon_check_diskspace(char **dirs, PR
+@@ -455,7 +455,7 @@ disk_mon_check_diskspace(char **dirs, PR
int i = 0;
for(i = 0; dirs && dirs[i]; i++){
@@ -148,9 +148,9 @@ Author: Benjamin Drung <benjamin.drung at profitbricks.com>
#include <unistd.h>
--- a/ldap/systools/idsktune.c
+++ b/ldap/systools/idsktune.c
-@@ -17,6 +17,11 @@
+@@ -16,6 +16,11 @@
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! */
- static char *build_date = "23-FEBRUARY-2012";
+ static char *build_date = "14-JULY-2016";
+#if defined(freebsd)
+#define IDDS_BSD_INCLUDE 1
@@ -179,7 +179,7 @@ Author: Benjamin Drung <benjamin.drung at profitbricks.com>
extern int gethostname (char *name, int namelen);
--- a/lib/base/file.cpp
+++ b/lib/base/file.cpp
-@@ -214,7 +214,7 @@ NSAPI_PUBLIC int file_notfound(void)
+@@ -213,7 +213,7 @@ NSAPI_PUBLIC int file_notfound(void)
return (errno == ENOENT);
}
commit 9a2b0135deeaca4876d8d9e5fbd1867db02a027b
Author: Timo Aaltonen <tjaalton at debian.org>
Date: Wed Oct 5 15:41:46 2016 +0300
fix-obsolete-target.diff: Updated.
diff --git a/debian/changelog b/debian/changelog
index c77df82..b238a36 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,6 +4,7 @@
* control: Bump policy to 3.9.8, no changes.
* patches/default_user: Dropped, upstream.
* support-non-nss-libldap.diff: Dropped, upstream.
+ * fix-obsolete-target.diff: Updated.
-- Timo Aaltonen <tjaalton at debian.org> Wed, 05 Oct 2016 15:16:09 +0300
diff --git a/debian/patches/fix-obsolete-target.diff b/debian/patches/fix-obsolete-target.diff
index fcfdcc4..4befbaf 100644
--- a/debian/patches/fix-obsolete-target.diff
+++ b/debian/patches/fix-obsolete-target.diff
@@ -1,5 +1,3 @@
-diff --git a/wrappers/systemd-snmp.service.in b/wrappers/systemd-snmp.service.in
-index f1b895c..2278c97 100644
--- a/wrappers/systemd-snmp.service.in
+++ b/wrappers/systemd-snmp.service.in
@@ -5,7 +5,7 @@
@@ -11,15 +9,13 @@ index f1b895c..2278c97 100644
[Service]
Type=forking
-diff --git a/wrappers/systemd.group.in b/wrappers/systemd.group.in
-index 135affc..d195c6e 100644
--- a/wrappers/systemd.group.in
+++ b/wrappers/systemd.group.in
@@ -1,6 +1,6 @@
[Unit]
Description=@capbrand@ Directory Server
--After=syslog.target network.target ntpd.service
-+After=network.target ntpd.service
+-After=chronyd.service ntpd.service network-online.target syslog.target
++After=chronyd.service ntpd.service network-online.target
[Install]
WantedBy=multi-user.target
commit 89ca742c1f8e1f0dd34742c8b68fbe25a0bf6fa2
Author: Timo Aaltonen <tjaalton at debian.org>
Date: Wed Oct 5 15:39:55 2016 +0300
support-non-nss-libldap.diff: Dropped, upstream.
diff --git a/debian/changelog b/debian/changelog
index e1244a4..c77df82 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,6 +3,7 @@
* New upstream release.
* control: Bump policy to 3.9.8, no changes.
* patches/default_user: Dropped, upstream.
+ * support-non-nss-libldap.diff: Dropped, upstream.
-- Timo Aaltonen <tjaalton at debian.org> Wed, 05 Oct 2016 15:16:09 +0300
diff --git a/debian/patches/series b/debian/patches/series
index ed4d76b..150992f 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -7,4 +7,3 @@ fix-obsolete-target.diff
fix-saslpath.diff
reproducible-build.diff
fix-systemctl-path.diff
-support-non-nss-libldap.diff
diff --git a/debian/patches/support-non-nss-libldap.diff b/debian/patches/support-non-nss-libldap.diff
deleted file mode 100644
index 9e654ef..0000000
--- a/debian/patches/support-non-nss-libldap.diff
+++ /dev/null
@@ -1,1811 +0,0 @@
-From 2d268628ba9a8fef7648af4498cadaba9e963153 Mon Sep 17 00:00:00 2001
-From: Noriko Hosoi <nhosoi at redhat.com>
-Date: Thu, 14 Apr 2016 12:56:19 -0700
-Subject: [PATCH] Ticket #47536 - Allow usage of OpenLDAP libraries that don't
- use NSS for crypto
-
-Design Doc: http://www.port389.org/docs/389ds/design/allow-usage-of-openldap-lib-w-openssl.html
-
-This patch also addresses the issue described in
- Ticket #48756 - if startTLS is enabled, perl utilities fail to start.
-The ticket #48756 is closed as dup of Ticket #47536.
-
-Note: Instead of checking with "OpenSSL" for the openldap client library,
- this patch checks with "Not MozNSS" for non-Fedora/RHEL platform support.
----
- ldap/admin/src/scripts/DSUtil.pm.in | 13 +
- ldap/schema/01core389.ldif | 7 +-
- .../servers/plugins/replication/repl5_connection.c | 8 +-
- .../plugins/replication/windows_connection.c | 8 +-
- ldap/servers/slapd/ldaputil.c | 120 ++-
- ldap/servers/slapd/libglobs.c | 26 +
- ldap/servers/slapd/proto-slap.h | 2 +
- ldap/servers/slapd/slap.h | 4 +-
- ldap/servers/slapd/slapi-plugin.h | 23 +-
- ldap/servers/slapd/slapi-private.h | 3 +
- ldap/servers/slapd/ssl.c | 919 ++++++++++++++++++---
- ldap/servers/slapd/util.c | 123 +--
- 12 files changed, 1054 insertions(+), 202 deletions(-)
-
---- a/ldap/admin/src/scripts/DSUtil.pm.in
-+++ b/ldap/admin/src/scripts/DSUtil.pm.in
-@@ -1245,6 +1245,19 @@ sub get_info {
- $info{ldapiURL} = "ldapi://" . $value;
- }
-
-+ while($entry = readOneEntry $ldif){
-+ if($entry->getDN() eq "cn=encryption,cn=config"){
-+ $foundcfg = "yes";
-+ last;
-+ }
-+ }
-+ if($foundcfg eq "yes"){
-+ $info{cacertfile} = $entry->getValues("CACertExtractFile");
-+ if ($info{cacertfile}) {
-+ $ENV{LDAPTLS_CACERT}=$info{cacertfile};
-+ }
-+ }
-+
- close (DSE);
- return %info;
- }
---- a/ldap/schema/01core389.ldif
-+++ b/ldap/schema/01core389.ldif
-@@ -103,6 +103,9 @@ attributeTypes: ( allowWeakCipher-oid NA
- attributeTypes: ( nsSSLToken-oid NAME 'nsSSLToken' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape' )
- attributeTypes: ( nsSSLPersonalitySSL-oid NAME 'nsSSLPersonalitySSL' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape' )
- attributeTypes: ( nsSSLActivation-oid NAME 'nsSSLActivation' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape' )
-+attributeTypes: ( CACertExtractFile-oid NAME 'CACertExtractFile' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape' )
-+attributeTypes: ( ServerKeyExtractFile-oid NAME 'ServerKeyExtractFile' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape' )
-+attributeTypes: ( ServerCertExtractFile-oid NAME 'ServerCertExtractFile' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape' )
- attributeTypes: ( 2.16.840.1.113730.3.1.2091 NAME 'nsslapd-suffix' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'Netscape' )
- attributeTypes: ( 2.16.840.1.113730.3.1.2092 NAME 'nsslapd-ldapiautodnsuffix' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'Netscape' )
- attributeTypes: ( 2.16.840.1.113730.3.1.2095 NAME 'connection' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape' )
-@@ -295,8 +298,8 @@ objectClasses: ( 2.16.840.1.113730.3.2.1
- objectClasses: ( 2.16.840.1.113730.3.2.39 NAME 'nsslapdConfig' DESC 'Netscape defined objectclass' SUP top MAY ( cn ) X-ORIGIN 'Netscape Directory Server' )
- objectClasses: ( 2.16.840.1.113730.3.2.317 NAME 'nsSaslMapping' DESC 'Netscape defined objectclass' SUP top MUST ( cn $ nsSaslMapRegexString $ nsSaslMapBaseDNTemplate $ nsSaslMapFilterTemplate ) MAY ( nsSaslMapPriority ) X-ORIGIN 'Netscape Directory Server' )
- objectClasses: ( 2.16.840.1.113730.3.2.43 NAME 'nsSNMP' DESC 'Netscape defined objectclass' SUP top MUST ( cn $ nsSNMPEnabled ) MAY ( nsSNMPOrganization $ nsSNMPLocation $ nsSNMPContact $ nsSNMPDescription $ nsSNMPName $ nsSNMPMasterHost $ nsSNMPMasterPort ) X-ORIGIN 'Netscape Directory Server' )
--objectClasses: ( nsEncryptionConfig-oid NAME 'nsEncryptionConfig' DESC 'Netscape defined objectclass' SUP top MUST ( cn ) MAY ( nsCertfile $ nsKeyfile $ nsSSL2 $ nsSSL3 $ nsTLS1 $ sslVersionMin $ sslVersionMax $ nsSSLSessionTimeout $ nsSSL3SessionTimeout $ nsSSLClientAuth $ nsSSL2Ciphers $ nsSSL3Ciphers $ nsSSLSupportedCiphers $ allowWeakCipher $ allowWeakDHParam ) X-ORIGIN 'Netscape' )
--objectClasses: ( nsEncryptionModule-oid NAME 'nsEncryptionModule' DESC 'Netscape defined objectclass' SUP top MUST ( cn ) MAY ( nsSSLToken $ nsSSLPersonalityssl $ nsSSLActivation ) X-ORIGIN 'Netscape' )
-+objectClasses: ( nsEncryptionConfig-oid NAME 'nsEncryptionConfig' DESC 'Netscape defined objectclass' SUP top MUST ( cn ) MAY ( nsCertfile $ nsKeyfile $ nsSSL2 $ nsSSL3 $ nsTLS1 $ sslVersionMin $ sslVersionMax $ nsSSLSessionTimeout $ nsSSL3SessionTimeout $ nsSSLClientAuth $ nsSSL2Ciphers $ nsSSL3Ciphers $ nsSSLSupportedCiphers $ allowWeakCipher $ allowWeakDHParam $ CACertExtractFile ) X-ORIGIN 'Netscape' )
-+objectClasses: ( nsEncryptionModule-oid NAME 'nsEncryptionModule' DESC 'Netscape defined objectclass' SUP top MUST ( cn ) MAY ( nsSSLToken $ nsSSLPersonalityssl $ nsSSLActivation $ ServerKeyExtractFile $ ServerCertExtractFile ) X-ORIGIN 'Netscape' )
- objectClasses: ( 2.16.840.1.113730.3.2.327 NAME 'rootDNPluginConfig' DESC 'Netscape defined objectclass' SUP top MUST ( cn ) MAY ( rootdn-open-time $ rootdn-close-time $ rootdn-days-allowed $ rootdn-allow-host $ rootdn-deny-host $ rootdn-allow-ip $ rootdn-deny-ip ) X-ORIGIN 'Netscape' )
- objectClasses: ( 2.16.840.1.113730.3.2.328 NAME 'nsSchemaPolicy' DESC 'Netscape defined objectclass' SUP top MAY ( cn $ schemaUpdateObjectclassAccept $ schemaUpdateObjectclassReject $ schemaUpdateAttributeAccept $ schemaUpdateAttributeReject) X-ORIGIN 'Netscape Directory Server' )
-
---- a/ldap/servers/plugins/replication/repl5_connection.c
-+++ b/ldap/servers/plugins/replication/repl5_connection.c
-@@ -1234,9 +1234,9 @@ conn_connect(Repl_Connection *conn)
- * initialisation should be done before ever trying to open any connection at all.
- */
- if (conn->transport_flags == TRANSPORT_FLAG_TLS) {
-- secure = 2;
-+ secure = SLAPI_LDAP_INIT_FLAG_startTLS;
- } else if (conn->transport_flags == TRANSPORT_FLAG_SSL) {
-- secure = 1;
-+ secure = SLAPI_LDAP_INIT_FLAG_SSL;
- }
-
- if (secure > 0) {
-@@ -1261,7 +1261,7 @@ conn_connect(Repl_Connection *conn)
- "%s: Trying %s%s slapi_ldap_init_ext\n",
- agmt_get_long_name(conn->agmt),
- secure ? "secure" : "non-secure",
-- (secure == 2) ? " startTLS" : "");
-+ (secure == SLAPI_LDAP_INIT_FLAG_startTLS) ? " startTLS" : "");
- /* shared = 1 because we will read results from a second thread */
- if (conn->ld) {
- /* Since we call slapi_ldap_init, we must call slapi_ldap_unbind */
-@@ -1279,7 +1279,7 @@ conn_connect(Repl_Connection *conn)
- "%s: Failed to establish %s%sconnection to the consumer\n",
- agmt_get_long_name(conn->agmt),
- secure ? "secure " : "",
-- (secure == 2) ? "startTLS " : "");
-+ (secure == SLAPI_LDAP_INIT_FLAG_startTLS) ? "startTLS " : "");
- goto done;
- }
-
---- a/ldap/servers/plugins/replication/windows_connection.c
-+++ b/ldap/servers/plugins/replication/windows_connection.c
-@@ -1313,9 +1313,9 @@ windows_conn_connect(Repl_Connection *co
- * initialisation should be done before ever trying to open any connection at all.
- */
- if (conn->transport_flags == TRANSPORT_FLAG_TLS) {
-- secure = 2;
-+ secure = SLAPI_LDAP_INIT_FLAG_startTLS;
- } else if (conn->transport_flags == TRANSPORT_FLAG_SSL) {
-- secure = 1;
-+ secure = SLAPI_LDAP_INIT_FLAG_SSL;
- }
-
- if (secure > 0) {
-@@ -1340,7 +1340,7 @@ windows_conn_connect(Repl_Connection *co
- "%s: Trying %s%s slapi_ldap_init_ext\n",
- agmt_get_long_name(conn->agmt),
- secure ? "secure" : "non-secure",
-- (secure == 2) ? " startTLS" : "");
-+ (secure == SLAPI_LDAP_INIT_FLAG_startTLS) ? " startTLS" : "");
-
- conn->ld = slapi_ldap_init_ext(NULL, conn->hostname, conn->port, secure, 0, NULL);
- if (NULL == conn->ld)
-@@ -1353,7 +1353,7 @@ windows_conn_connect(Repl_Connection *co
- "%s: Failed to establish %s%sconnection to the consumer\n",
- agmt_get_long_name(conn->agmt),
- secure ? "secure " : "",
-- (secure == 2) ? "startTLS " : "");
-+ (secure == SLAPI_LDAP_INIT_FLAG_startTLS) ? "startTLS " : "");
- goto done;
- }
-
---- a/ldap/servers/slapd/ldaputil.c
-+++ b/ldap/servers/slapd/ldaputil.c
-@@ -560,6 +560,7 @@ setup_ol_tls_conn(LDAP *ld, int clientau
- int optval = 0;
- int ssl_strength = 0;
- int rc = 0;
-+ const char *cacert = NULL;
-
- if (config_get_ssl_check_hostname()) {
- ssl_strength = LDAP_OPT_X_TLS_HARD;
-@@ -572,7 +573,29 @@ setup_ol_tls_conn(LDAP *ld, int clientau
- slapi_log_error(SLAPI_LOG_FATAL, "setup_ol_tls_conn",
- "failed: unable to set REQUIRE_CERT option to %d\n", ssl_strength);
- }
-- /* tell it where our cert db is */
-+ if (slapi_client_uses_non_nss(ld)) {
-+ cacert = slapi_get_cacertfile();
-+ if (cacert) {
-+ /* CA Cert PEM file exists. Set the path to openldap option. */
-+ rc = ldap_set_option(ld, LDAP_OPT_X_TLS_CACERTFILE, cacert);
-+ if (rc) {
-+ slapi_log_error(SLAPI_LOG_FATAL, "setup_ol_tls_conn",
-+ "Could not set CA cert path [%s]: %d:%s\n",
-+ cacert, rc, ldap_err2string(rc));
-+ }
-+ }
-+ if (!slapi_client_uses_openssl(ld)) {
-+ const int crlcheck = LDAP_OPT_X_TLS_CRL_ALL;
-+ /* Sets the CRL evaluation strategy. */
-+ rc = ldap_set_option(ld, LDAP_OPT_X_TLS_CRLCHECK, &crlcheck);
-+ if (rc) {
-+ slapi_log_error(SLAPI_LOG_FATAL, "setup_ol_tls_conn",
-+ "Could not set CRLCHECK [%d]: %d:%s\n",
-+ crlcheck, rc, ldap_err2string(rc));
-+ }
-+ }
-+ }
-+ /* tell it where our cert db/file is */
- if ((rc = ldap_set_option(ld, LDAP_OPT_X_TLS_CACERTDIR, certdir))) {
- slapi_log_error(SLAPI_LOG_FATAL, "setup_ol_tls_conn",
- "failed: unable to set CACERTDIR option to %s\n", certdir);
-@@ -616,8 +639,8 @@ setup_ol_tls_conn(LDAP *ld, int clientau
- on the secure setting (389 for ldap, 636 for ldaps, 389 for starttls)
- secure takes 1 of 3 values - 0 means regular ldap, 1 means ldaps, 2
- means regular ldap with starttls.
-- filename is the ldapi file name - if this is given, and no other options
-- are given, ldapi is assumed.
-+ ldapi_socket is the ldapi file name
-+ if this is given, and no other options are given, ldapi is assumed.
- */
- /* util_sasl_path: the string argument for putenv.
- It must be a global or a static */
-@@ -627,12 +650,12 @@ LDAP *
- slapi_ldap_init_ext(
- const char *ldapurl, /* full ldap url */
- const char *hostname, /* can also use this to override
-- host in url */
-+ host in url */
- int port, /* can also use this to override port in url */
- int secure, /* 0 for ldap, 1 for ldaps, 2 for starttls -
-- override proto in url */
-+ override proto in url */
- int shared, /* if true, LDAP* will be shared among multiple threads */
-- const char *filename /* for ldapi */
-+ const char *ldapi_socket /* for ldapi */
- )
- {
- LDAPURLDesc *ludp = NULL;
-@@ -686,16 +709,16 @@ slapi_ldap_init_ext(
- /* use secure setting from url if none given */
- if (!secure && ludp) {
- if (secureurl) {
-- secure = 1;
-+ secure = SLAPI_LDAP_INIT_FLAG_SSL;
- } else if (0/* starttls option - not supported yet in LDAP URLs */) {
-- secure = 2;
-+ secure = SLAPI_LDAP_INIT_FLAG_startTLS;
- }
- }
-
- /* ldap_url_parse doesn't yet handle ldapi */
- /*
-- if (!filename && ludp && ludp->lud_file) {
-- filename = ludp->lud_file;
-+ if (!ldapi_socket && ludp && ludp->lud_file) {
-+ ldapi_socket = ludp->lud_file;
- }
- */
-
-@@ -743,10 +766,11 @@ slapi_ldap_init_ext(
- } else {
- char *makeurl = NULL;
-
-- if (filename) {
-- makeurl = slapi_ch_smprintf("ldapi://%s/", filename);
-+ if (ldapi_socket) {
-+ makeurl = slapi_ch_smprintf("ldapi://%s/", ldapi_socket);
- } else { /* host port */
-- makeurl = convert_to_openldap_uri(hostname, port, (secure == 1 ? "ldaps" : "ldap"));
-+ makeurl = convert_to_openldap_uri(hostname, port,
-+ (secure == SLAPI_LDAP_INIT_FLAG_SSL ? "ldaps" : "ldap"));
- }
- if (PR_SUCCESS != PR_CallOnce(&ol_init_callOnce, internal_ol_init_init)) {
- slapi_log_error(SLAPI_LOG_FATAL, "slapi_ldap_init_ext",
-@@ -777,15 +801,15 @@ slapi_ldap_init_ext(
- * hostname (such as localhost.localdomain).
- */
- if((rc = ldap_set_option(ld, LDAP_OPT_X_SASL_NOCANON, LDAP_OPT_ON))){
-- slapi_log_error(SLAPI_LOG_FATAL, "slapi_ldap_init_ext",
-+ slapi_log_error(SLAPI_LOG_FATAL, "slapi_ldap_init_ext",
- "Could not set ldap option LDAP_OPT_X_SASL_NOCANON for (%s), error %d (%s)\n",
- ldapurl, rc, ldap_err2string(rc) );
- }
- }
- #else /* !USE_OPENLDAP */
-- if (filename) {
-+ if (ldapi_socket) {
- /* ldapi in mozldap client is not yet supported */
-- } else if (secure == 1) {
-+ } else if (secure == SLAPI_LDAP_INIT_FLAG_SSL) {
- ld = ldapssl_init(hostname, port, secure);
- } else { /* regular ldap and/or starttls */
- /*
-@@ -809,7 +833,7 @@ slapi_ldap_init_ext(
- }
- }
-
-- if ((ld != NULL) && !filename) {
-+ if (ld && !ldapi_socket) {
- /*
- * Set the outbound LDAP I/O timeout based on the server config.
- */
-@@ -857,7 +881,7 @@ slapi_ldap_init_ext(
- * LDAP* if it has already gone through ldapssl_init -
- * so, use NULL if using starttls
- */
-- if (secure == 1) {
-+ if (secure == SLAPI_LDAP_INIT_FLAG_SSL) {
- myld = ld;
- }
-
-@@ -881,7 +905,7 @@ slapi_ldap_init_ext(
- SLAPI_COMPONENT_NAME_NSPR " error %d - %s)\n",
- prerr, slapd_pr_strerror(prerr));
- }
-- if (secure == 1) {
-+ if (secure == SLAPI_LDAP_INIT_FLAG_SSL) {
- /* tell bind code we are using SSL */
- ldap_set_option(ld, LDAP_OPT_SSL, LDAP_OPT_ON);
- }
-@@ -889,7 +913,7 @@ slapi_ldap_init_ext(
- }
- }
-
-- if (ld && (secure == 2)) {
-+ if (ld && (secure == SLAPI_LDAP_INIT_FLAG_startTLS)) {
- /*
- * We don't have a way to stash context data with the LDAP*, so we
- * stash the information in the client controls (currently unused).
-@@ -919,8 +943,8 @@ slapi_ldap_init_ext(
- slapi_log_error(SLAPI_LOG_SHELL, "slapi_ldap_init_ext",
- "Success: set up conn to [%s:%d]%s\n",
- hostname, port,
-- (secure == 2) ? " using startTLS" :
-- ((secure == 1) ? " using SSL" : ""));
-+ (secure == SLAPI_LDAP_INIT_FLAG_startTLS) ? " using startTLS" :
-+ ((secure == SLAPI_LDAP_INIT_FLAG_SSL) ? " using SSL" : ""));
- done:
- ldap_free_urldesc(ludp);
-
-@@ -974,7 +998,7 @@ ldaputil_get_saslpath()
- LDAP *
- slapi_ldap_init( char *ldaphost, int ldapport, int secure, int shared )
- {
-- return slapi_ldap_init_ext(NULL, ldaphost, ldapport, secure, shared, NULL);
-+ return slapi_ldap_init_ext(NULL, ldaphost, ldapport, secure, shared, NULL/*, NULL*/);
- }
-
- /*
-@@ -1011,7 +1035,7 @@ slapi_ldap_bind(
- ldap_get_option(ld, LDAP_OPT_CLIENT_CONTROLS, &clientctrls);
- if (clientctrls && clientctrls[0] &&
- slapi_control_present(clientctrls, START_TLS_OID, NULL, NULL)) {
-- secure = 2;
-+ secure = SLAPI_LDAP_INIT_FLAG_startTLS;
- } else {
- #if defined(USE_OPENLDAP)
- /* openldap doesn't have a SSL/TLS yes/no flag - so grab the
-@@ -1020,7 +1044,7 @@ slapi_ldap_bind(
-
- ldap_get_option(ld, LDAP_OPT_URI, &ldapurl);
- if (ldapurl && !PL_strncasecmp(ldapurl, "ldaps", 5)) {
-- secure = 1;
-+ secure = SLAPI_LDAP_INIT_FLAG_SSL;
- }
- slapi_ch_free_string(&ldapurl);
- #else /* !USE_OPENLDAP */
-@@ -1058,7 +1082,7 @@ slapi_ldap_bind(
- bvcreds.bv_len = creds ? strlen(creds) : 0;
- }
-
-- if (secure == 2) { /* send start tls */
-+ if (secure == SLAPI_LDAP_INIT_FLAG_startTLS) { /* send start tls */
- rc = ldap_start_tls_s(ld, NULL /* serverctrls?? */, NULL);
- if (LDAP_SUCCESS != rc) {
- slapi_log_error(SLAPI_LOG_FATAL, "slapi_ldap_bind",
-@@ -2367,3 +2391,47 @@ slapi_berval_get_msg_len(struct berval *
-
- return len;
- }
-+
-+int
-+slapi_client_uses_non_nss(LDAP *ld)
-+{
-+ static int not_nss = 0;
-+#if defined(USE_OPENLDAP)
-+ static int initialized = 0;
-+ char *package_name = NULL;
-+ int rc;
-+
-+ if (initialized) {
More information about the Pkg-fedora-ds-maintainers
mailing list