drop the evolution patch

2013-04-05 09:39:17 +02:00 · 2013-04-05 09:39:17 +02:00 · 44107bb150
commit 44107bb150
parent 2f8c754907
3 changed files with 4 additions and 276 deletions
--- a/README.evolution
+++ b/README.evolution
@ -1,22 +0,0 @@
-These files are here specifically for use in building the evolution-connector
-package, and should not be used for any other purpose.
-
-In order to authenticate to older servers, an LDAP client must perform an
-ntlm_bind operation instead of a simple or SASL bind.  The ntlm_bind is not the
-same thing as performing SASL authentication using NTLM as the mechanism, which
-wouldn't require any patching.  Newer servers properly support DIGEST-MD5, so
-this requirement only applies to clients which want to authenticate to older
-servers, and this requirement will hopefully go away at some point.
-
-Because the changes involved both modify the libldap ABI and add
-non-standardized messages to the protocol, changed libraries are built
-statically and stashed in a directory where they will not be found by a
-compiler using the default search paths.
-
-The openldap-devel package provides "openldap-evolution-devel" if it includes a
-patched version of these libraries in such a directory.  Packages which depend
-on these libraries should BuildRequire this virtual provision so that they
-don't fail to compile or get miscompiled if the libraries are not present.
-
-If/when the evolution-connector package stops requiring these changes, the
-changed libraries will simply disappear.
--- a/openldap-evolution-ntlm.patch
+++ b/openldap-evolution-ntlm.patch
@ -1,199 +0,0 @@
-Get rid of this patch as soon as possible.
-More details are provided in README.evolution
-
-diff --git a/include/ldap.h b/include/ldap.h
-index 3791732..fe01b18 100644
--- a/include/ldap.h
-+++ b/include/ldap.h
-@@ -2517,5 +2517,26 @@ ldap_parse_deref_control LDAP_P((
- 	LDAPControl	**ctrls,
- 	LDAPDerefRes	**drp ));
- 
-+/*
-+ * hacks for NTLM
-+ */
-+#define LDAP_AUTH_NTLM_REQUEST	((ber_tag_t) 0x8aU)
-+#define LDAP_AUTH_NTLM_RESPONSE	((ber_tag_t) 0x8bU)
-+LDAP_F( int )
-+ldap_ntlm_bind LDAP_P((
-+	LDAP		*ld,
-+	LDAP_CONST char	*dn,
-+	ber_tag_t	tag,
-+	struct berval	*cred,
-+	LDAPControl	**sctrls,
-+	LDAPControl	**cctrls,
-+	int		*msgidp ));
-+LDAP_F( int )
-+ldap_parse_ntlm_bind_result LDAP_P((
-+	LDAP		*ld,
-+	LDAPMessage	*res,
-+	struct berval	*challenge));
-+
-+
- LDAP_END_DECL
- #endif /* _LDAP_H */
-diff --git a/libraries/libldap/Makefile.in b/libraries/libldap/Makefile.in
-index ce4be1b..2326680 100644
--- a/libraries/libldap/Makefile.in
-+++ b/libraries/libldap/Makefile.in
-@@ -20,7 +20,7 @@ PROGRAMS = apitest dntest ftest ltest urltest
- SRCS	= bind.c open.c result.c error.c compare.c search.c \
- 	controls.c messages.c references.c extended.c cyrus.c \
- 	modify.c add.c modrdn.c delete.c abandon.c \
-	sasl.c gssapi.c sbind.c unbind.c cancel.c  \
-+	sasl.c ntlm.c gssapi.c sbind.c unbind.c cancel.c  \
- 	filter.c free.c sort.c passwd.c whoami.c \
- 	getdn.c getentry.c getattr.c getvalues.c addentry.c \
- 	request.c os-ip.c url.c pagectrl.c sortctrl.c vlvctrl.c \
-@@ -33,7 +33,7 @@ SRCS	= bind.c open.c result.c error.c compare.c search.c \
- OBJS	= bind.lo open.lo result.lo error.lo compare.lo search.lo \
- 	controls.lo messages.lo references.lo extended.lo cyrus.lo \
- 	modify.lo add.lo modrdn.lo delete.lo abandon.lo \
-	sasl.lo gssapi.lo sbind.lo unbind.lo cancel.lo \
-+	sasl.lo ntlm.lo gssapi.lo sbind.lo unbind.lo cancel.lo \
- 	filter.lo free.lo sort.lo passwd.lo whoami.lo \
- 	getdn.lo getentry.lo getattr.lo getvalues.lo addentry.lo \
- 	request.lo os-ip.lo url.lo pagectrl.lo sortctrl.lo vlvctrl.lo \
-diff --git a/libraries/libldap/ntlm.c b/libraries/libldap/ntlm.c
-new file mode 100644
-index 0000000..e0734d5
--- /dev/null
-+++ b/libraries/libldap/ntlm.c
-@@ -0,0 +1,137 @@
-+/* $OpenLDAP: pkg/ldap/libraries/libldap/ntlm.c,v 1.1.4.10 2002/01/04 20:38:21 kurt Exp $ */
-+/*
-+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
-+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
-+ */
-+
-+/* Mostly copied from sasl.c */
-+
-+#include "portable.h"
-+
-+#include <stdlib.h>
-+#include <stdio.h>
-+
-+#include <ac/socket.h>
-+#include <ac/string.h>
-+#include <ac/time.h>
-+#include <ac/errno.h>
-+
-+#include "ldap-int.h"
-+
-+int
-+ldap_ntlm_bind(
-+	LDAP		*ld,
-+	LDAP_CONST char	*dn,
-+	ber_tag_t	tag,
-+	struct berval	*cred,
-+	LDAPControl	**sctrls,
-+	LDAPControl	**cctrls,
-+	int		*msgidp )
-+{
-+	BerElement	*ber;
-+	int rc;
-+	ber_int_t id;
-+
-+	Debug( LDAP_DEBUG_TRACE, "ldap_ntlm_bind\n", 0, 0, 0 );
-+
-+	assert( ld != NULL );
-+	assert( LDAP_VALID( ld ) );
-+	assert( msgidp != NULL );
-+
-+	if( msgidp == NULL ) {
-+		ld->ld_errno = LDAP_PARAM_ERROR;
-+		return ld->ld_errno;
-+	}
-+
-+	/* create a message to send */
-+	if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
-+		ld->ld_errno = LDAP_NO_MEMORY;
-+		return ld->ld_errno;
-+	}
-+
-+	assert( LBER_VALID( ber ) );
-+
-+	LDAP_NEXT_MSGID( ld, id );
-+	rc = ber_printf( ber, "{it{istON}" /*}*/,
-+			 id, LDAP_REQ_BIND,
-+			 ld->ld_version, dn, tag,
-+			 cred );
-+
-+	/* Put Server Controls */
-+	if( ldap_int_put_controls( ld, sctrls, ber ) != LDAP_SUCCESS ) {
-+		ber_free( ber, 1 );
-+		return ld->ld_errno;
-+	}
-+
-+	if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) {
-+		ld->ld_errno = LDAP_ENCODING_ERROR;
-+		ber_free( ber, 1 );
-+		return ld->ld_errno;
-+	}
-+
-+	/* send the message */
-+	*msgidp = ldap_send_initial_request( ld, LDAP_REQ_BIND, dn, ber, id );
-+
-+	if(*msgidp < 0)
-+		return ld->ld_errno;
-+
-+	return LDAP_SUCCESS;
-+}
-+
-+int
-+ldap_parse_ntlm_bind_result(
-+	LDAP		*ld,
-+	LDAPMessage	*res,
-+	struct berval	*challenge)
-+{
-+	ber_int_t	errcode;
-+	ber_tag_t	tag;
-+	BerElement	*ber;
-+	ber_len_t	len;
-+
-+	Debug( LDAP_DEBUG_TRACE, "ldap_parse_ntlm_bind_result\n", 0, 0, 0 );
-+
-+	assert( ld != NULL );
-+	assert( LDAP_VALID( ld ) );
-+	assert( res != NULL );
-+
-+	if ( ld == NULL || res == NULL ) {
-+		return LDAP_PARAM_ERROR;
-+	}
-+
-+	if( res->lm_msgtype != LDAP_RES_BIND ) {
-+		ld->ld_errno = LDAP_PARAM_ERROR;
-+		return ld->ld_errno;
-+	}
-+
-+	if ( ld->ld_error ) {
-+		LDAP_FREE( ld->ld_error );
-+		ld->ld_error = NULL;
-+	}
-+	if ( ld->ld_matched ) {
-+		LDAP_FREE( ld->ld_matched );
-+		ld->ld_matched = NULL;
-+	}
-+
-+	/* parse results */
-+
-+	ber = ber_dup( res->lm_ber );
-+
-+	if( ber == NULL ) {
-+		ld->ld_errno = LDAP_NO_MEMORY;
-+		return ld->ld_errno;
-+	}
-+
-+	tag = ber_scanf( ber, "{ioa" /*}*/,
-+			 &errcode, challenge, &ld->ld_error );
-+	ber_free( ber, 0 );
-+
-+	if( tag == LBER_ERROR ) {
-+		ld->ld_errno = LDAP_DECODING_ERROR;
-+		return ld->ld_errno;
-+	}
-+
-+	ld->ld_errno = errcode;
-+
-+	return( ld->ld_errno );
-+}
--- a/openldap.spec
+++ b/openldap.spec
@ -1,15 +1,11 @@
 %global _hardened_build 1

-%global evolution_connector_prefix %{_libdir}/evolution-openldap
-%global evolution_connector_includedir %{evolution_connector_prefix}/include
-%global evolution_connector_libdir %{evolution_connector_prefix}/%{_lib}
-
 %global systemctl_bin /usr/bin/systemctl
 %global check_password_version 1.1

 Name: openldap
 Version: 2.4.35
-Release: 1%{?dist}
+Release: 2%{?dist}
 Summary: LDAP support libraries
 Group: System Environment/Daemons
 License: OpenLDAP
@ -27,7 +23,6 @@ Source52: libexec-check-config.sh
 Source53: libexec-upgrade-db.sh
 Source54: libexec-create-certdb.sh
 Source55: libexec-generate-server-cert.sh
-Source100: README.evolution

 # patches for 2.4
 Patch0: openldap-manpages.patch
@ -52,9 +47,6 @@ Patch16: openldap-nss-pk11-freeslot.patch
 Patch100: openldap-autoconf-pkgconfig-nss.patch
 Patch102: openldap-fedora-systemd.patch

-# patches for the evolution library (see README.evolution)
-Patch200: openldap-evolution-ntlm.patch
-
 BuildRequires: cyrus-sasl-devel, nss-devel, krb5-devel, tcp_wrappers-devel, unixODBC-devel
 BuildRequires: glibc-devel, libtool, libtool-ltdl-devel, groff, perl, perl-devel, perl(ExtUtils::Embed)
 # smbk5pwd overlay:
@ -74,7 +66,6 @@ libraries, and documentation for OpenLDAP.
 Summary: LDAP development libraries and header files
 Group: Development/Libraries
 Requires: openldap%{?_isa} = %{version}-%{release}, cyrus-sasl-devel%{?_isa}
-Provides: openldap-evolution-devel%{?_isa} = %{version}-%{release}

 %description devel
 The openldap-devel package includes the development libraries and
@ -183,15 +174,6 @@ done

 popd

-# patched static libraries for Evolution
-if ! cp -al openldap-%{version} evo-openldap-%{version} ; then
-	rm -fr evo-openldap-%{version}
-	cp -a  openldap-%{version} evo-openldap-%{version}
-fi
-pushd evo-openldap-%{version}
-%patch200 -p1 -b .evolution-ntlm
-popd
-
 %build

 # avoid stray dependencies (linker flag --as-needed)
@ -244,34 +226,6 @@ pushd openldap-%{version}
 make %{_smp_mflags}
 popd

-# build patched static library for Evolution
-pushd evo-openldap-%{version}
-%configure \
-	--enable-debug \
-	--disable-dynamic \
-	--disable-syslog \
-	--disable-proctitle \
-	--enable-ipv6 \
-	--disable-local \
-	\
-	--disable-slapd \
-	\
-	--enable-static \
-	--disable-shared \
-	\
-	--with-cyrus-sasl \
-	--without-fetch \
-	--with-threads \
-	--with-pic \
-	--with-tls=moznss \
-	--with-gnu-ld \
-	\
-	--includedir=%{evolution_connector_includedir} \
-	--libdir=%{evolution_connector_libdir}
-
-make %{_smp_mflags}
-popd
-
 pushd ltb-project-openldap-ppolicy-check-password-%{check_password_version}
 make LDAP_INC="-I../openldap-%{version}/include \
 -I../openldap-%{version}/servers/slapd \
@ -282,12 +236,6 @@ popd

 mkdir -p %{buildroot}%{_libdir}/

-# install evolution-specific libraries (conflicting files will be overwriten by generic version)
-pushd evo-openldap-%{version}
-make install DESTDIR=%{buildroot} STRIP=""
-install -m 644 %SOURCE100 %{buildroot}%{evolution_connector_prefix}/
-popd
-
 pushd openldap-%{version}
 make install DESTDIR=%{buildroot} STRIP=""
 popd
@ -385,7 +333,6 @@ chmod 0644 %{buildroot}%{_datadir}/openldap-servers/DB_CONFIG.example

 # remove files which we don't want packaged
 rm -f %{buildroot}%{_libdir}/*.la
-rm -f %{buildroot}%{evolution_connector_libdir}/*.la
 rm -f %{buildroot}%{_libdir}/openldap/*.so

 rm -f %{buildroot}%{_localstatedir}/openldap-data/DB_CONFIG.example
@ -643,9 +590,11 @@ exit 0
 %{_libdir}/lib*.so
 %{_includedir}/*
 %{_mandir}/man3/*
-%{evolution_connector_prefix}/

 %changelog
+* Fri Apr 05 2013 Jan Synáček <jsynacek@redhat.com> 2.4.35-2
+- drop the evolution patch
+
 * Tue Apr 02 2013 Jan Synáček <jsynacek@redhat.com> 2.4.35-1
 - new upstream release (#947235)
 - fix: slapd.service should ensure that network is up before starting (#946921)