diff --git a/openldap-1.2.11-cldap.patch b/openldap-1.2.11-cldap.patch deleted file mode 100644 index 41afbba..0000000 --- a/openldap-1.2.11-cldap.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- openldap-1.2.11/servers/slapd/slap.h.cldap Tue Aug 8 17:05:58 2000 -+++ openldap-1.2.11/servers/slapd/slap.h Tue Aug 8 17:06:03 2000 -@@ -10,6 +10,7 @@ - #endif - - #include -+#include - #include - #include - #include diff --git a/openldap-2.2.15-config.patch b/openldap-2.2.15-config.patch deleted file mode 100644 index 7b7535f..0000000 --- a/openldap-2.2.15-config.patch +++ /dev/null @@ -1,106 +0,0 @@ -Force the default db directory to /var/lib/ldap, default to including -nis.schema and its prerequisites, allow LDAPv2 clients, increase the set of -indexed attributes for the default database. - ---- openldap-2.2.13/doc/man/man8/slurpd.8 2004-01-01 13:16:27.000000000 -0500 -+++ openldap-2.2.13/doc/man/man8/slurpd.8 2004-06-15 11:40:04.000000000 -0400 -@@ -120,7 +120,7 @@ - temporary files may contain sensitive information. - This option allows you to specify the location of these temporary files. - The default is --.BR LOCALSTATEDIR/openldap-slurp . -+.BR /var/lib/ldap . - .TP - .BI \-k " srvtab\-file" - Specify the location of the kerberos srvtab file which contains keys ---- openldap-2.2.13/servers/slapd/slapd.conf 2003-12-29 13:10:40.000000000 -0500 -+++ openldap-2.2.13/servers/slapd/slapd.conf 2004-06-15 11:44:23.000000000 -0400 -@@ -3,8 +3,12 @@ - # This file should NOT be world readable. - # - include %SYSCONFDIR%/schema/core.schema -+include %SYSCONFDIR%/schema/cosine.schema -+include %SYSCONFDIR%/schema/inetorgperson.schema -+include %SYSCONFDIR%/schema/nis.schema - --# Define global ACLs to disable default read access. -+# Allow LDAPv2 client connections. This is NOT the default. -+allow bind_v2 - - # Do not enable referrals until AFTER you have a working directory - # service AND an understanding of referrals. -@@ -21,6 +25,15 @@ - # moduleload back_passwd.la - # moduleload back_shell.la - -+# The next three lines allow use of TLS for encrypting connections using a -+# dummy test certificate which you can generate by changing to -+# /etc/pki/tls/certs, running "make slapd.pem", and fixing permissions on -+# slapd.pem so that the ldap user or group can read it. Your client software -+# may balk at self-signed certificates, however. -+# TLSCACertificateFile /etc/pki/tls/certs/ca-bundle.crt -+# TLSCertificateFile /etc/pki/tls/certs/slapd.pem -+# TLSCertificateKeyFile /etc/pki/tls/certs/slapd.pem -+ - # Sample security restrictions - # Require integrity protection (prevent hijacking) - # Require 112-bit (3DES or better) encryption for updates -@@ -49,19 +62,32 @@ - # rootdn can always read and write EVERYTHING! - - ####################################################################### --# BDB database definitions -+# ldbm and/or bdb database definitions - ####################################################################### - - database bdb - suffix "dc=my-domain,dc=com" - rootdn "cn=Manager,dc=my-domain,dc=com" - # Cleartext passwords, especially for the rootdn, should --# be avoid. See slappasswd(8) and slapd.conf(5) for details. -+# be avoided. See slappasswd(8) and slapd.conf(5) for details. - # Use of strong authentication encouraged. --rootpw secret -+# rootpw secret -+# rootpw {crypt}ijFYNcSNctBYg -+ - # The database directory MUST exist prior to running slapd AND - # should only be accessible by the slapd and slap tools. - # Mode 700 recommended. --directory %LOCALSTATEDIR%/openldap-data -+directory /var/lib/ldap -+ --# Indices to maintain --index objectClass eq -+# Indices to maintain for this database -+index objectClass eq,pres -+index ou,cn,mail,surname,givenname eq,pres,sub -+index uidNumber,gidNumber,loginShell eq,pres -+index uid,memberUid eq,pres,sub -+index nisMapName,nisMapEntry eq,pres,sub -+ -+# Replicas of this database -+#replogfile /var/lib/ldap/openldap-master-replog -+#replica host=ldap-1.example.com:389 starttls=critical -+# bindmethod=sasl saslmech=GSSAPI -+# authcId=host/ldap-master.example.com@EXAMPLE.COM ---- openldap-2.2.13/servers/slurpd/slurp.h 2004-01-01 13:16:42.000000000 -0500 -+++ openldap-2.2.13/servers/slurpd/slurp.h 2004-06-15 11:40:04.000000000 -0400 -@@ -66,7 +66,7 @@ - #define SERVICE_NAME OPENLDAP_PACKAGE "-slurpd" - - /* Default directory for slurpd's private copy of replication logs */ --#define DEFAULT_SLURPD_REPLICA_DIR LDAP_RUNDIR LDAP_DIRSEP "openldap-slurp" -+#define DEFAULT_SLURPD_REPLICA_DIR "/var/lib/ldap" - - /* Default name for slurpd's private copy of the replication log */ - #define DEFAULT_SLURPD_REPLOGFILE "slurpd.replog" -@@ -75,7 +75,7 @@ - #define DEFAULT_SLURPD_STATUS_FILE "slurpd.status" - - /* slurpd dump file - contents of rq struct are written here (debugging) */ --#define SLURPD_DUMPFILE LDAP_TMPDIR LDAP_DIRSEP "slurpd.dump" -+#define SLURPD_DUMPFILE DEFAULT_SLURPD_REPLICA_DIR "/slurpd.dump" - - /* Amount of time to sleep if no more work to do */ - #define DEFAULT_NO_WORK_INTERVAL 3 diff --git a/openldap-2.3.11-ads.patch b/openldap-2.3.11-ads.patch deleted file mode 100644 index 50335d9..0000000 --- a/openldap-2.3.11-ads.patch +++ /dev/null @@ -1,16 +0,0 @@ ---- openldap-2.3.11/libraries/libldap/cyrus.c.ads 2005-10-05 13:42:19.000000000 -0400 -+++ openldap-2.3.11/libraries/libldap/cyrus.c 2005-11-10 13:08:04.000000000 -0500 -@@ -734,10 +734,11 @@ - Debug( LDAP_DEBUG_TRACE, - "ldap_int_sasl_bind: rc=%d sasl=%d len=%ld\n", - rc, saslrc, scred->bv_len ); -+ ber_bvfree( scred ); -+ rc = ld->ld_errno = LDAP_LOCAL_ERROR; -+ goto done; - } - ber_bvfree( scred ); -- rc = ld->ld_errno = LDAP_LOCAL_ERROR; -- goto done; - } - break; - } diff --git a/openldap-2.3.37-smbk5pwd.patch b/openldap-2.3.37-smbk5pwd.patch index 95f9c27..b482fe9 100644 --- a/openldap-2.3.37-smbk5pwd.patch +++ b/openldap-2.3.37-smbk5pwd.patch @@ -1,3 +1,5 @@ +Compile smbk5pwd together with other overlays. + --- openldap-2.3.34/contrib/slapd-modules/smbk5pwd/README.smbk5pwd 2005-11-14 19:06:04.000000000 +0100 +++ openldap-2.3.34/contrib/slapd-modules/smbk5pwd/README 2007-07-09 09:44:43.000000000 +0200 @@ -1,3 +1,8 @@ diff --git a/openldap.spec b/openldap.spec index 918e145..3f69a7b 100644 --- a/openldap.spec +++ b/openldap.spec @@ -32,23 +32,20 @@ Source12: README.evolution # Patches that are still valid for 2.3 Patch0: openldap-2.3.34-config.patch -Patch1: openldap-1.2.11-cldap.patch -Patch2: openldap-2.0.11-ldaprc.patch -Patch3: openldap-2.2.13-setugid.patch -Patch4: openldap-2.2.13-pie.patch -Patch5: openldap-2.3.11-toollinks.patch -Patch6: openldap-2.3.11-nosql.patch -#Patch7: openldap-2.3.19-nostrip.patch -Patch8: openldap-2.3.19-gethostbyXXXX_r.patch -Patch9: openldap-2.3.34-quiet-slaptest.patch -Patch10: openldap-2.3.34-pthread.patch -Patch11: openldap-2.3.37-smbk5pwd.patch +Patch1: openldap-2.0.11-ldaprc.patch +Patch2: openldap-2.2.13-setugid.patch +Patch3: openldap-2.2.13-pie.patch +Patch4: openldap-2.3.11-toollinks.patch +Patch5: openldap-2.3.11-nosql.patch +Patch6: openldap-2.3.19-gethostbyXXXX_r.patch +Patch7: openldap-2.3.34-quiet-slaptest.patch +Patch8: openldap-2.3.34-pthread.patch +Patch9: openldap-2.3.37-smbk5pwd.patch # Patches for 2.2.29 for the compat-openldap package. Patch100: openldap-2.2.13-tls-fix-connection-test.patch Patch101: openldap-2.2.23-resolv.patch Patch102: openldap-2.2.29-ads.patch -#Patch103: openldap-2.2.29-nostrip.patch # Patches for the evolution library Patch200: openldap-ntlm.diff @@ -171,17 +168,15 @@ popd pushd openldap-%{version_23} %patch0 -p1 -b .config -%patch1 -p1 -b .cldap -%patch2 -p1 -b .ldaprc -%patch3 -p1 -b .setugid -%patch4 -p1 -b .pie -%patch5 -p1 -b .toollinks -%patch6 -p1 -b .nosql -#%patch7 -p1 -b .nostrip -%patch8 -p1 -b .gethostbyname_r -%patch9 -p1 -b .quiet-slaptest -%patch10 -p1 -b .pthread -%patch11 -p1 -b .smbk5pwd +%patch1 -p1 -b .ldaprc +%patch2 -p1 -b .setugid +%patch3 -p1 -b .pie +%patch4 -p1 -b .toollinks +%patch5 -p1 -b .nosql +%patch6 -p1 -b .gethostbyname_r +%patch7 -p1 -b .quiet-slaptest +%patch8 -p1 -b .pthread +%patch9 -p1 -b .smbk5pwd cp %{_datadir}/libtool/config.{sub,guess} build/ popd