5568103a57
Workaround for bug #858274 in m4 (autoreconf fails on i686)
2012-09-19 10:30:03 +02:00
749896483d
fix bug number in recent patch
2012-09-14 16:56:03 +02:00
331465716f
fix: libldap does not load PEM certificate if certdb is used as TLS_CACERTDIR
...
Resolves : #857455
2012-09-14 16:14:43 +02:00
557bf01306
fix: MozNSS certificate database in SQL format cannot be used
...
Resolves : #857390
2012-09-14 16:14:21 +02:00
060a306e1e
fix: not all certificates in OpenSSL compatible CA certificate directory format are loaded
...
Resolves : #852786
2012-09-14 16:13:59 +02:00
1f24c419dd
fix: connection hangs after fallback to second server when certificate hostname verification fails
...
Resolves : #852476
2012-09-14 16:13:39 +02:00
9627ad75ef
fix: some TLS ciphers cannot be enabled
...
Resolves : #852338
2012-09-14 16:13:12 +02:00
ad070fca8d
prefer key from authenticated slot, allow certificate name with token
...
Resolves TLS failures in replication in 389 Directory Server introduced
by recent Mozilla NSS backend fixes.
2012-08-20 20:34:34 +02:00
6304a48a54
new upstream release (2.4.32)
2012-08-01 13:39:25 +02:00
c736adad77
use tabs consistently
2012-08-01 10:21:44 +02:00
2d64625e78
fix: slapd refuses to set up TLS with self-signed PEM certificate
...
Resolves : #842022
2012-07-21 17:59:04 +02:00
54e357771f
multilib fix: move libslapi from openldap-servers to openldap package
2012-07-20 16:59:28 +02:00
9e7cf6735d
fix: smbk5pwd module computes invalid LM hashes
...
Resolves : #841560
2012-07-19 14:27:10 +02:00
20875f4fb9
fix: querying for IPv6 DNS records when IPv6 is disabled on the host
...
Resolves : #835013
2012-07-19 11:00:43 +02:00
824671e8d7
clean the package build process
2012-07-18 19:02:28 +02:00
9eda95bba4
fix: remove isa macro from BuildRequires
2012-07-18 09:37:59 +02:00
50ed49760b
fix: less influence between individual TLS contexts
...
Resolves : #795763 (and possibly others)
2012-06-27 14:40:59 +02:00
397ce0c946
fix: default cipher suite is always selected
...
Resolves : #828790
2012-06-27 14:10:28 +02:00
916cbca281
fix: slapd fails to start on reboot
...
Resolves : #829272
2012-06-27 14:05:10 +02:00
904778f620
CVE-2012-2668: cipher suite selection by name can be ignored
...
Resolves : #825875
2012-06-27 13:55:02 +02:00
fe1c1e0eeb
fix: reading pin from file can make all TLS connections hang
...
Resolves : #829317
2012-06-27 13:48:40 +02:00
0cda8087e0
fix: TLS error messages overwriting in tlsm_verify_cert()
...
Resolves : #810462
2012-06-27 13:36:51 +02:00
ac8a31ed53
fix: invalid order of TLS shutdown operations
...
Resolves : #808465
2012-06-27 13:31:05 +02:00
5172ff7830
update fix: count constraint broken when using multiple modifications
...
Resolves : #795766
2012-06-27 13:26:24 +02:00
60d09d71cf
fix: MozNSS CA certdir does not work together with PEM CA cert file
...
Resolves : #819536
2012-05-18 12:47:45 +02:00
61feb71485
changelog: nss-tools has to be required by base package
2012-05-18 12:47:41 +02:00
f8f3a2b33f
nss-tools has to be required by base package
2012-05-02 11:25:36 +02:00
05bc41c858
remove upstream merged patches
2012-04-24 10:44:16 +02:00
6e16cb7901
new upstream release (2.4.31)
2012-04-24 10:35:02 +02:00
440b96e85c
rebuild due to libdb rebase
2012-04-05 20:41:25 +02:00
0992cf19a9
fix: Re-binding to a failed connection can segfault
...
Resolves : #784989
2012-03-26 13:41:40 +02:00
a4d33565bb
new upstream release (2.4.30)
...
Resolves : #798958
2012-03-01 14:24:19 +01:00
862f73dffa
fix: SASL_NOCANON option missing in ldap.conf manual page
...
Resolves : #732915
2012-02-22 15:46:23 +01:00
c2db986060
fix: missing options in manual pages of client tools
...
Resolves : #796232
2012-02-22 15:41:53 +01:00
b2b2825914
fix: count constraint broken when using multiple modifications
...
Resolves : #795766
2012-02-21 15:44:56 +01:00
20125eca06
fix: ldap_result does not succeed for sssd
...
Resolves : #771484
2012-02-21 15:37:51 +01:00
558f709787
fix update provide ldif2ldbm, not ldib2ldbm
...
Resolves : #437104
2012-02-20 15:31:58 +01:00
f25689a388
unify systemctl binary paths throughout the specfile and make them usrmove compliant
...
make path to chkconfig binary usrmove compliant
2012-02-20 15:14:53 +01:00
d5cbb774ed
fix: check-config.sh get stuck when executing command as a ldap user
2012-02-15 14:26:49 +01:00
dc2b490d64
temporarily disable certificates checking in check-config.sh
...
MozNSS support is missing yet.
2012-02-15 13:15:07 +01:00
b95104a6a1
fix: correct path to check-config.sh in service file
2012-02-15 09:10:16 +01:00
b5e66b7ea2
remove obsoleted slapd.conf
2012-02-14 17:22:53 +01:00
a7572065e5
certificates management improvements
...
Resolves : #772890
2012-02-14 17:22:50 +01:00
934ba146a8
move maintainance scripts from libexec/slapd to libexec/openldap
2012-02-14 13:42:07 +01:00
78a563b273
openldap-servers: provide ldib2ldbm for migrationtools
...
References: #437104
2012-02-14 13:40:58 +01:00
5e3dba33db
clean requirements: remove explicit versions, add %{_isa} macro
2012-02-14 13:40:42 +01:00
31026088da
new upstream release (2.4.29)
2012-02-13 13:07:11 +01:00
65b981d99e
fix: slapd segfaults when PEM certificate is used and key is not set
...
Resolves : #772890
2012-01-31 18:11:36 +01:00
f47de25361
fix: replication (syncrepl) with TLS causes segfault
...
Resolves : #783431
2012-01-31 18:10:55 +01:00
328c8e208b
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
2012-01-13 05:40:42 -06:00
c60a3191a5
fix: reload systemd daemon after installation
2011-11-30 18:58:19 +01:00
8bd37126ac
configuration initialization from LDIF file
2011-11-30 18:40:25 +01:00
1cd7d29c02
compile backends as modules (except BDB, HDB, and monitor)
2011-11-30 16:51:14 +01:00
ad3da8cc04
new upstream release (2.4.28)
...
- upstream changes:
- server: support for delta-syncrepl in multi master replication
- server: add experimental backend - MDB
- server: dynamic configuration for passwd, perl, shell, sock,
and sql backends
- server: support passwords in APR1
- library: support for Wahl (draft)
- a lot of bugfixes
- remove patches which were merged upstream
2011-11-30 16:51:05 +01:00
0fcc2f2eb2
release bump (2.4.26-6)
2011-11-01 15:25:46 +01:00
356af46ea6
CVE-2011-4079 one-byte buffer overflow in slapd
...
Resolves : #749324
2011-11-01 15:25:46 +01:00
25e27999de
servers: add libdb-utils to Requires
2011-11-01 13:34:30 +01:00
a0c545d1a7
patch slapd to skip empty arguments
...
This is required by systemd, as variable expansion works there different
than in shell. Empty SLAPD_OPTIONS in environment file would not work.
(The patch is Fedora specific.)
2011-11-01 13:34:30 +01:00
33514c3f00
scriptlet: convert sysconfig/ldap to sysconfig/slapd
2011-11-01 13:34:17 +01:00
62f9c65cff
rpmlint warnings: doc in non utf-8 encoding
2011-11-01 13:34:17 +01:00
8f315f552e
rpmlint warnings: macro in comment/changelog
2011-11-01 13:34:17 +01:00
b6085c259f
specfile: clean %files, drop defattr macros
...
- %defattr is not needed since Fedora 14
- permissions are taken from installed files
(removed chmod and added install where possible)
- %attr was left only on places, where non-root owner is needed
- removed slashes between: %{buildroot}%{_somedir}
- files reordered by type
- merged "%dir dir" and "dir/files*"
2011-11-01 13:34:17 +01:00
05cb2507b0
specfile: handle upgrades with new maintainance scripts
2011-11-01 13:34:08 +01:00
2d2d8a4c8a
specfile: migrate initscript to systemd service
2011-10-27 17:27:43 +02:00
0a9b211e8c
specfile: reorder sources
2011-10-27 17:27:43 +02:00
10e4a847f6
remove old provides/obsoletes
2011-10-27 15:00:20 +02:00
9a8ced65aa
hardened build: remove LDFLAGS, enable macro
2011-10-27 14:45:10 +02:00
8d476e4dbd
rebuild: openldap does not work after libdb rebase
...
Resolves : #743824
2011-10-06 10:22:14 +02:00
b4a9bf4dad
regression fix: enable TCP wrappers
...
Resolves : #743213
2011-10-06 10:19:51 +02:00
81680b05fb
new feature update: honor priority/weight with ldap_domain2hostlist
...
There was a typo in the patch. "weight" of the SRV records was not
taken correctly.
Resolves : #733078
2011-09-21 11:05:39 +02:00
9c0ef47ce4
fix: allow unsetting of tls_* syncrepl options
...
Resolves : #734187
2011-09-12 18:42:53 +02:00
af7e905857
fix: SSL_ForceHandshake function is not thread safe
...
Resolves : #701678
2011-09-12 15:35:09 +02:00
9ee41aa9a4
manpage fix: wrong ldap_sync_destroy() prototype in ldap_sync(3) manpage
...
Resolves : #717722
2011-08-24 19:24:49 +02:00
a551ec94d3
new feature: honor priority/weight with ldap_domain2hostlist
...
Resolves : #733078
2011-08-24 19:17:27 +02:00
3e083e8b93
fix: matching wildcard hostnames in certificate Subject field does not work
...
Resolves : #733073
2011-08-24 19:12:30 +02:00
482a20080c
manpage fix: errors in manual page slapo-unique
...
Resolves : #733070
2011-08-24 19:05:49 +02:00
c6479d1199
fix: DDS overlay tolerance parametr doesn't function and breakes default TTL
...
Resolves : #733069
2011-08-24 19:01:05 +02:00
a35a381613
fix: conversion of constraint overlay settings to cn=config is incorrect
...
Resolves : #733067
2011-08-24 18:58:45 +02:00
8ac21093cd
fix: memleak - free the return of tlsm_find_and_verify_cert_key
...
Resolves : #725818
2011-08-24 18:48:35 +02:00
49f6078a21
incorrect behavior of allow/try options of VerifyCert and TLS_REQCERT
...
Resolves : #725819
2011-08-24 18:40:37 +02:00
67c9630d50
fix: NSS_Init* functions are not thread safe
...
Resolves : #731112
2011-08-24 18:18:33 +02:00
924b91284d
add partial RELRO support
...
Resolves : #733071
2011-08-24 18:12:01 +02:00
a27bcf4338
Rebuilt for rpm ( #728707 )
2011-08-14 14:09:44 -05:00
c90fe38088
fix: memleak in tlsm_auth_cert_handler
...
Resolves : #717730
2011-07-20 16:44:40 +02:00
583cde50ed
rebase to 2.4.26
...
- remove upstream included patches
2011-07-20 16:44:30 +02:00
b35dfa8417
fix typo in patch name
2011-06-28 11:26:47 +02:00
fd3f90103e
allow build against DB 5.2
...
Resolves : #715827
2011-06-27 18:53:29 +02:00
2aeb38e146
fix: segfault when LDIF input is not terminated by newline
...
Resolves : #716858
2011-06-27 18:53:29 +02:00
4098fcd663
fix: segfault when input line in LDIF file is indented incorrectly
...
Resolves : #716855
2011-06-27 18:53:29 +02:00
9925959a7d
fix: segmentation fault caused by double-free in ldapexop
...
Resolves : #699683
2011-06-27 18:53:29 +02:00
865ea62898
fix: connection failure if TLS_CACERTDIR doesn't exist but TLS_REQCERT is set to 'never'
...
Resolves : #716854
2011-06-27 18:53:28 +02:00
cea83df834
openldap-servers scriptlets require initscripts package
...
Resolves : #716857
2011-06-27 18:53:28 +02:00
2ce75ca315
root user management ACLs on cn=config
...
Resolves : #712495
2011-06-27 18:53:28 +02:00
356967b885
default database type BDB -> HDB
2011-06-27 18:53:28 +02:00
bf7ea0e4df
slapd.conf as separate source, not patch
2011-06-27 18:53:28 +02:00
31a7816a3a
add ldif.h interface into -devel subpackage
2011-06-27 18:53:28 +02:00
b2338c38f5
remove obsolete configure options
2011-06-27 18:53:28 +02:00
a40d05ac93
rebase to 2.4.25
...
- remove upstream included patches
2011-06-27 18:11:38 +02:00
d1578e311f
release bump (2.4.24-2)
2011-03-18 23:15:56 +01:00
1db8d2e348
server upgrade hangs or do not upgrade the database
...
Resolves : #664433
2011-03-18 23:15:49 +01:00
Jan Vcelak
Jan Synacek
Dennis Gilmore
Rex Dieter