Commit Graph

488 Commits

Author SHA1 Message Date
Jan Vcelak
865ea62898 fix: connection failure if TLS_CACERTDIR doesn't exist but TLS_REQCERT is set to 'never'
Resolves: #716854
2011-06-27 18:53:28 +02:00
Jan Vcelak
cea83df834 openldap-servers scriptlets require initscripts package
Resolves: #716857
2011-06-27 18:53:28 +02:00
Jan Vcelak
2ce75ca315 root user management ACLs on cn=config
Resolves: #712495
2011-06-27 18:53:28 +02:00
Jan Vcelak
356967b885 default database type BDB -> HDB 2011-06-27 18:53:28 +02:00
Jan Vcelak
bf7ea0e4df slapd.conf as separate source, not patch 2011-06-27 18:53:28 +02:00
Jan Vcelak
31a7816a3a add ldif.h interface into -devel subpackage 2011-06-27 18:53:28 +02:00
Jan Vcelak
b2338c38f5 remove obsolete configure options 2011-06-27 18:53:28 +02:00
Jan Vcelak
a40d05ac93 rebase to 2.4.25
- remove upstream included patches
2011-06-27 18:11:38 +02:00
Jan Vcelak
d1578e311f release bump (2.4.24-2) 2011-03-18 23:15:56 +01:00
Jan Vcelak
1db8d2e348 server upgrade hangs or do not upgrade the database
Resolves: #664433
2011-03-18 23:15:49 +01:00
Jan Vcelak
86c082e423 fix: possible null pointer dereference in NSS implementation
Resolves: #684035 (RHEL)
2011-03-18 20:09:39 +01:00
Jan Vcelak
1f856268f5 fix update: openldap can't use TLS after fork()
Resolves: #636956
2011-03-18 19:50:00 +01:00
Jan Vcelak
91ac19e61e system resource limiting for slapd using ulimit 2011-03-18 12:51:00 +01:00
Jan Vcelak
89eb4eb56b version bump (2.4.24-1) 2011-02-14 14:33:45 +01:00
Jan Vcelak
d433ca0255 BDB backend switch from DB4 to DB5 2011-02-14 14:33:18 +01:00
Jan Vcelak
f81fb151c9 reapplied all patches
added series file to support quilt
2011-02-14 14:30:30 +01:00
Jan Vcelak
202278bcf4 new sources (2.4.24), remove old patches 2011-02-14 13:06:31 +01:00
Dennis Gilmore
84e21763c3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild 2011-02-08 21:15:56 -06:00
Jan Vcelak
8e5df252b6 fix update: restart NSS modules after fork
version bump 2.4.23-8

Resolves: #636956
2011-02-02 12:55:23 +01:00
Jan Vcelak
b791235bfc release bump 2.4.23-7 2011-01-25 14:12:34 +01:00
Jan Vcelak
a56681c41a fix: upgrade gets stuck when the database is damaged
Resolves: #664433
2011-01-25 14:11:40 +01:00
Jan Vcelak
2ace38858b fix: invalid path to db_recover 2011-01-25 14:10:47 +01:00
Jan Vcelak
2bfd76d18f fix: restart NSS modules after fork
Resolves: #636956
2011-01-25 11:36:54 +01:00
Jan Vcelak
2098ace56c release bump 2.4.23-6 2011-01-20 17:38:36 +01:00
Jan Vcelak
d70540ff1d setup tempfiles.d to create runtime directory when using tmpfs 2011-01-20 17:38:36 +01:00
Jan Vcelak
a44fb64495 fix: default encryption strength dropped in switch to using NSS
Resolves: #669446
2011-01-20 16:35:38 +01:00
Jan Vcelak
4afcb000ed fix: some server certificates refused with inadequate type error
Resolves: #668899
2011-01-20 16:23:28 +01:00
Jan Vcelak
660d07ac75 release bump 2.4.23-5 2011-01-06 21:00:53 +01:00
Jan Vcelak
5ae2484fb8 fix: verification of self issued certificates
Resolves: #657984
2011-01-06 20:59:33 +01:00
Jan Vcelak
9320cfab96 removed slurpd options from sysconfig/ldap
slurpd is obsolete and was removed from OpenLDAP some time ago
2011-01-06 19:20:39 +01:00
Jan Vcelak
edebe64186 initscript: slaptest with '-u' to skip database opening
Resolves: #667768
2011-01-06 19:19:07 +01:00
Jan Vcelak
40bc33f600 fix database upgrade process
Resolves: #656257
2010-11-23 17:45:47 +01:00
Jan Vcelak
82b8ccaded update list of overlays in slapd.conf
Resolves: #655899
2010-11-22 18:49:05 +01:00
Jan Vcelak
bff7316e6d MozNSS - implement full non-blocking semantics
fix: ldapsearch -Z hangs server if starttls fails (#652822)

Resolves: #652822
2010-11-22 18:49:05 +01:00
Jan Vcelak
98dd880921 remove old sources from gitignore 2010-11-18 12:00:08 +01:00
Jan Vcelak
ce2de9613d various TLS bugfixes
- reject non-file keyfiles in TLS_CACERTDIR (#652315)
- TLS_CACERTDIR precedence over TLS_CACERT (#652304)
- accept only files in hash.0 format in TLS_CACERTDIR (#650288)
- improve SSL/TLS trace messages (#652818)
- add support for multiple prefixed Mozilla NSS database files in TLS_CACERTDIR

Resolves: #652315 #652304 #650288 #652818
2010-11-18 11:28:30 +01:00
Jan Vcelak
ffc47c51f8 spec: forgot to remove autofs schema from %files 2010-11-01 14:16:53 +01:00
Jan Vcelak
b7ea9f6802 initscript: fix possible infinite loop
Resolves: #641946
2010-11-01 13:21:43 +01:00
Jan Vcelak
54ef52388e initscript: DB_CONFIG ownership check 2010-11-01 11:11:42 +01:00
Jan Vcelak
96238a3a52 initscript: replaced spaces with tabs 2010-11-01 10:32:22 +01:00
Jan Vcelak
60cf0d9290 removed outdated autofs.schema and old readmes
resolves: #643045
2010-11-01 10:19:07 +01:00
Jan Vcelak
86a180f019 fixed buildrequires for db4 2010-08-27 15:18:09 +02:00
Jan Vcelak
765f898f90 new sources for 2.4.23 2010-08-27 14:55:32 +02:00
Jan Vcelak
95d8d32fc5 rebase to 2.4.23
- package rebased
- removed embeded db4
- removed patches merged by upstream
- removed no longer required patches
- merged patches doing manpage changes
- merged patches exporting ldif API
- reapplied patches and added description to each one
- removed unnecessary BuildRequires
- cleaned %config, %build and %install sections
- updated database upgrade process:
  - database is exported (slapcat) and reimported (slapadd) when minor
	version of openldap changes (safe and recomended way)
  - database is upgraded (db4) when minor version of db4 package changes
	(this is not done in %post anymore, as the database is not embeded,
	but using triggers)

Resolved: #624616 Bogus links in "SEE ALSO" part of several man-pages
Resolved: #625740 openldap-2.4.23 is available
2010-08-27 14:45:25 +02:00
Jan Vcelak
b68d557f79 removed cvs Makefile 2010-08-24 18:44:48 +02:00
Fedora Release Engineering
4ce424b365 dist-git conversion 2010-07-29 07:25:48 +00:00
jvcelak
6468aa6a54 Mozilla NSS - delay token auth until needed (#616552)
Mozilla NSS - support use of self signed CA certs as server certs (#614545)
2010-07-22 08:11:30 +00:00
jvcelak
13c47e0e20 CVE-2010-0211 openldap: modrdn processing uninitialized pointer free (#605448)
CVE-2010-0212 openldap: modrdn processing IA5StringNormalize NULL pointer dereference (#605452)
obsolete configuration file moved to /usr/share/openldap-servers (#612602)
2010-07-20 14:58:07 +00:00
Jan Zeleny
2acd98790b another shot at previous fix 2010-07-01 08:57:32 +00:00
Jan Zeleny
ecf9ab4483 patches modifying openldap to work with mozilla NSS crypto 2010-06-28 15:09:10 +00:00