Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Mikle Kolyada <zlogene@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: net-nds/openldap/
Date: Fri, 08 May 2020 10:21:41
Message-Id: 1588933292.dba9e43f67808bec3df18c99eeb76edd4d17cde3.zlogene@gentoo
1 commit: dba9e43f67808bec3df18c99eeb76edd4d17cde3
2 Author: Mikle Kolyada <zlogene <AT> gentoo <DOT> org>
3 AuthorDate: Fri May 8 10:21:05 2020 +0000
4 Commit: Mikle Kolyada <zlogene <AT> gentoo <DOT> org>
5 CommitDate: Fri May 8 10:21:32 2020 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dba9e43f
7
8 net-nds/openldap: Security cleanup
9
10 Package-Manager: Portage-2.3.99, Repoman-2.3.22
11 Signed-off-by: Mikle Kolyada <zlogene <AT> gentoo.org>
12
13 net-nds/openldap/Manifest | 2 -
14 net-nds/openldap/openldap-2.4.48.ebuild | 904 -----------------------------
15 net-nds/openldap/openldap-2.4.49-r1.ebuild | 901 ----------------------------
16 net-nds/openldap/openldap-2.4.49-r2.ebuild | 903 ----------------------------
17 4 files changed, 2710 deletions(-)
18
19 diff --git a/net-nds/openldap/Manifest b/net-nds/openldap/Manifest
20 index 535c953b507..12dd61f09da 100644
21 --- a/net-nds/openldap/Manifest
22 +++ b/net-nds/openldap/Manifest
23 @@ -1,4 +1,2 @@
24 -DIST openldap-2.4.48.tgz 5704883 BLAKE2B ef856ff0b22c9187e68e9c09583a176fe4c2ee1f5bfe6b169f03bc0058294170ec4d1aa1b164e28eecd2ef6bafab539c1b942b0bd74e93852205beeaff39aeef SHA512 cf694a415be0bd55cc7f606099da2ed461748efd276561944cd29d7f5a8252a9be799d8778fac2d4fa9f382731eb4ca48c6b85630cb58a3b8249843561ae8feb
25 -DIST openldap-2.4.49.tgz 5704723 BLAKE2B ee777588d758f6704b0d38b90feb85b27e2307510a05d1d147324e9958a6f6fc5bc7dd521a1462971c3f707429ad38fab734f508d71fd88b447770e112e844a2 SHA512 99d1943d126b06e62865e31e5825fcff2cb15415f7f85ae4962fa0e7425bc3b58db5b9639150d7b09e3642c80257724c745e47c25ab4fcb1bba0ba771011dd49
26 DIST openldap-2.4.50.tgz 5712635 BLAKE2B 6a7d864a44c411b82cf703585c4a81954a02497e8510c84e29070dd120da0181e8425fd2b8bb7616e42e6e26d0f06db5ffdf50fb1cd97943d23f9914eb4f1260 SHA512 f528043ff9de36f7b65d8816c9a9c24f0ac400041b2969965178ee6eae62c92a11af33a0a883e4954e5fff98a0738a9f9aa2faf5b385d21974754e045aab31ae
27 DIST rfc2307bis.schema-20140524 12262 BLAKE2B 98031f49e9bde1e4821e637af3382364d8344ed7017649686a088070d96a632dffa6c661552352656b1b159c0fd962965580069a64c7f3d5bb6a3ed75f60fd99 SHA512 83b89a1deeefc8566b97e7e865b9b6d04541099cbdf719e24538a7d27d61b6209e87ab9003a9f140bd9afd018ec569e71721e3a24090e1902c8b6659d2ba103e
28
29 diff --git a/net-nds/openldap/openldap-2.4.48.ebuild b/net-nds/openldap/openldap-2.4.48.ebuild
30 deleted file mode 100644
31 index d25e104dc3e..00000000000
32 --- a/net-nds/openldap/openldap-2.4.48.ebuild
33 +++ /dev/null
34 @@ -1,904 +0,0 @@
35 -# Copyright 1999-2020 Gentoo Authors
36 -# Distributed under the terms of the GNU General Public License v2
37 -
38 -EAPI=6
39 -
40 -inherit autotools db-use eapi7-ver flag-o-matic multilib multilib-minimal preserve-libs ssl-cert toolchain-funcs user systemd
41 -
42 -BIS_PN=rfc2307bis.schema
43 -BIS_PV=20140524
44 -BIS_P="${BIS_PN}-${BIS_PV}"
45 -
46 -DESCRIPTION="LDAP suite of application and development tools"
47 -HOMEPAGE="http://www.OpenLDAP.org/"
48 -
49 -# mirrors are mostly not working, using canonical URI
50 -SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz
51 - mirror://gentoo/${BIS_P}"
52 -
53 -LICENSE="OPENLDAP GPL-2"
54 -SLOT="0"
55 -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~mips ppc ppc64 ~riscv s390 sparc x86 ~ppc-aix ~amd64-linux ~x86-linux ~x86-solaris"
56 -
57 -IUSE_DAEMON="crypt samba slp tcpd experimental minimal"
58 -IUSE_BACKEND="+berkdb"
59 -IUSE_OVERLAY="overlays perl"
60 -IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 libressl +syslog selinux static-libs test"
61 -IUSE_CONTRIB="smbkrb5passwd kerberos kinit pbkdf2 sha2"
62 -IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
63 -IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
64 -
65 -RESTRICT="!test? ( test )"
66 -REQUIRED_USE="cxx? ( sasl )
67 - pbkdf2? ( ssl )
68 - test? ( berkdb )
69 - ?? ( test minimal )"
70 -
71 -# always list newer first
72 -# Do not add any AGPL-3 BDB here!
73 -# See bug 525110, comment 15.
74 -# Advanced usage: OPENLDAP_BDB_SLOTS in the environment can be used to force a slot during build.
75 -BDB_SLOTS="${OPENLDAP_BDB_SLOTS:=5.3 5.1 4.8 4.7 4.6 4.5 4.4}"
76 -BDB_PKGS=''
77 -for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done
78 -
79 -# openssl is needed to generate lanman-passwords required by samba
80 -CDEPEND="
81 - ssl? (
82 - !gnutls? (
83 - !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] )
84 - libressl? ( dev-libs/libressl:0=[${MULTILIB_USEDEP}] )
85 - )
86 - gnutls? (
87 - >=net-libs/gnutls-2.12.23-r6:=[${MULTILIB_USEDEP}]
88 - >=dev-libs/libgcrypt-1.5.3:0=[${MULTILIB_USEDEP}]
89 - )
90 - )
91 - sasl? ( dev-libs/cyrus-sasl:= )
92 - !minimal? (
93 - sys-devel/libtool
94 - sys-libs/e2fsprogs-libs
95 - >=dev-db/lmdb-0.9.18:=
96 - tcpd? ( sys-apps/tcp-wrappers )
97 - odbc? ( !iodbc? ( dev-db/unixODBC )
98 - iodbc? ( dev-db/libiodbc ) )
99 - slp? ( net-libs/openslp )
100 - perl? ( dev-lang/perl:=[-build(-)] )
101 - samba? (
102 - !libressl? ( dev-libs/openssl:0= )
103 - libressl? ( dev-libs/libressl:0= )
104 - )
105 - berkdb? (
106 - <sys-libs/db-6.0:=
107 - || ( ${BDB_PKGS} )
108 - )
109 - smbkrb5passwd? (
110 - !libressl? ( dev-libs/openssl:0= )
111 - libressl? ( dev-libs/libressl:0= )
112 - kerberos? ( app-crypt/heimdal )
113 - )
114 - kerberos? (
115 - virtual/krb5
116 - kinit? ( !app-crypt/heimdal )
117 - )
118 - cxx? ( dev-libs/cyrus-sasl:= )
119 - )
120 -"
121 -DEPEND="${CDEPEND}
122 - sys-apps/groff
123 -"
124 -RDEPEND="${CDEPEND}
125 - selinux? ( sec-policy/selinux-ldap )
126 -"
127 -# for tracking versions
128 -OPENLDAP_VERSIONTAG=".version-tag"
129 -OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
130 -
131 -MULTILIB_WRAPPED_HEADERS=(
132 - # USE=cxx
133 - /usr/include/LDAPAsynConnection.h
134 - /usr/include/LDAPAttrType.h
135 - /usr/include/LDAPAttribute.h
136 - /usr/include/LDAPAttributeList.h
137 - /usr/include/LDAPConnection.h
138 - /usr/include/LDAPConstraints.h
139 - /usr/include/LDAPControl.h
140 - /usr/include/LDAPControlSet.h
141 - /usr/include/LDAPEntry.h
142 - /usr/include/LDAPEntryList.h
143 - /usr/include/LDAPException.h
144 - /usr/include/LDAPExtResult.h
145 - /usr/include/LDAPMessage.h
146 - /usr/include/LDAPMessageQueue.h
147 - /usr/include/LDAPModList.h
148 - /usr/include/LDAPModification.h
149 - /usr/include/LDAPObjClass.h
150 - /usr/include/LDAPRebind.h
151 - /usr/include/LDAPRebindAuth.h
152 - /usr/include/LDAPReferenceList.h
153 - /usr/include/LDAPResult.h
154 - /usr/include/LDAPSaslBindResult.h
155 - /usr/include/LDAPSchema.h
156 - /usr/include/LDAPSearchReference.h
157 - /usr/include/LDAPSearchResult.h
158 - /usr/include/LDAPSearchResults.h
159 - /usr/include/LDAPUrl.h
160 - /usr/include/LDAPUrlList.h
161 - /usr/include/LdifReader.h
162 - /usr/include/LdifWriter.h
163 - /usr/include/SaslInteraction.h
164 - /usr/include/SaslInteractionHandler.h
165 - /usr/include/StringList.h
166 - /usr/include/TlsOptions.h
167 -)
168 -
169 -PATCHES=(
170 - "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
171 -
172 - "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch
173 - "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
174 -
175 - # bug #116045 - still present in 2.4.28
176 - "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
177 - # bug #408077 - samba4
178 - "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
179 -
180 - # bug #189817
181 - "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
182 -
183 - # bug #233633
184 - "${FILESDIR}"/${PN}-2.4.45-fix-lmpasswd-gnutls-symbols.patch
185 -
186 - # bug #281495
187 - "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
188 -
189 - # bug #294350
190 - "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
191 -
192 - # unbreak /bin/sh -> dash
193 - "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
194 -
195 - # bug #420959
196 - "${FILESDIR}"/${PN}-2.4.31-gcc47.patch
197 -
198 - # unbundle lmdb
199 - "${FILESDIR}"/${PN}-2.4.42-mdb-unbundle.patch
200 -
201 - # bug #622464
202 - "${FILESDIR}"/${PN}-2.4.47-libressl.patch
203 -
204 - # fix some compiler warnings
205 - "${FILESDIR}"/${PN}-2.4.47-warnings.patch
206 -)
207 -
208 -openldap_filecount() {
209 - local dir="$1"
210 - find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
211 -}
212 -
213 -openldap_find_versiontags() {
214 - # scan for all datadirs
215 - local openldap_datadirs=()
216 - if [[ -f "${EROOT}"/etc/openldap/slapd.conf ]]; then
217 - openldap_datadirs=( $(awk '{if($1 == "directory") print $2 }' "${EROOT}"/etc/openldap/slapd.conf) )
218 - fi
219 - openldap_datadirs+=( ${OPENLDAP_DEFAULTDIR_VERSIONTAG} )
220 -
221 - einfo
222 - einfo "Scanning datadir(s) from slapd.conf and"
223 - einfo "the default installdir for Versiontags"
224 - einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
225 - einfo
226 -
227 - # scan datadirs if we have a version tag
228 - openldap_found_tag=0
229 - have_files=0
230 - for each in ${openldap_datadirs[@]} ; do
231 - CURRENT_TAGDIR="${ROOT}$(sed "s:\/::" <<< ${each})"
232 - CURRENT_TAG="${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}"
233 - if [[ -d "${CURRENT_TAGDIR}" ]] && [[ "${openldap_found_tag}" == 0 ]] ; then
234 - einfo "- Checking ${each}..."
235 - if [[ -r "${CURRENT_TAG}" ]] ; then
236 - # yey, we have one :)
237 - einfo " Found Versiontag in ${each}"
238 - source "${CURRENT_TAG}"
239 - if [[ "${OLDPF}" == "" ]] ; then
240 - eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
241 - eerror "Please delete it"
242 - eerror
243 - die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
244 - fi
245 -
246 - OLD_MAJOR=$(ver_cut 2-3 ${OLDPF})
247 -
248 - [[ "$(openldap_filecount ${CURRENT_TAGDIR})" -gt 0 ]] && have_files=1
249 -
250 - # are we on the same branch?
251 - if [[ "${OLD_MAJOR}" != "${PV:0:3}" ]] ; then
252 - ewarn " Versiontag doesn't match current major release!"
253 - if [[ "${have_files}" == "1" ]] ; then
254 - eerror " Versiontag says other major and you (probably) have datafiles!"
255 - echo
256 - openldap_upgrade_howto
257 - else
258 - einfo " No real problem, seems there's no database."
259 - fi
260 - else
261 - einfo " Versiontag is fine here :)"
262 - fi
263 - else
264 - einfo " Non-tagged dir ${each}"
265 - [[ "$(openldap_filecount ${each})" -gt 0 ]] && have_files=1
266 - if [[ "${have_files}" == "1" ]] ; then
267 - einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
268 - echo
269 -
270 - eerror
271 - eerror "Your OpenLDAP Installation has a non tagged datadir that"
272 - eerror "possibly contains a database at ${CURRENT_TAGDIR}"
273 - eerror
274 - eerror "Please export data if any entered and empty or remove"
275 - eerror "the directory, installation has been stopped so you"
276 - eerror "can take required action"
277 - eerror
278 - eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
279 - eerror
280 - openldap_upgrade_howto
281 - die "Please move the datadir ${CURRENT_TAGDIR} away"
282 - fi
283 - fi
284 - einfo
285 - fi
286 - done
287 - [[ "${have_files}" == "1" ]] && einfo "DB files present" || einfo "No DB files present"
288 -
289 - # Now we must check for the major version of sys-libs/db linked against.
290 - SLAPD_PATH="${EROOT}/usr/$(get_libdir)/openldap/slapd"
291 - if [[ "${have_files}" == "1" ]] && [[ -f "${SLAPD_PATH}" ]]; then
292 - OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
293 - | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
294 - if use berkdb; then
295 - # find which one would be used
296 - for bdb_slot in ${BDB_SLOTS} ; do
297 - NEWVER="$(db_findver "=sys-libs/db-${bdb_slot}*")"
298 - [[ -n "${NEWVER}" ]] && break
299 - done
300 - fi
301 - local fail=0
302 - if [[ -z "${OLDVER}" ]] && [[ -z "${NEWVER}" ]]; then
303 - :
304 - # Nothing wrong here.
305 - elif [[ -z "${OLDVER}" ]] && [[ -n "${NEWVER}" ]]; then
306 - eerror " Your existing version of OpenLDAP was not built against"
307 - eerror " any version of sys-libs/db, but the new one will build"
308 - eerror " against ${NEWVER} and your database may be inaccessible."
309 - echo
310 - fail=1
311 - elif [[ -n "${OLDVER}" ]] && [[ -z "${NEWVER}" ]]; then
312 - eerror " Your existing version of OpenLDAP was built against"
313 - eerror " sys-libs/db:${OLDVER}, but the new one will not be"
314 - eerror " built against any version and your database may be"
315 - eerror " inaccessible."
316 - echo
317 - fail=1
318 - elif [[ "${OLDVER}" != "${NEWVER}" ]]; then
319 - eerror " Your existing version of OpenLDAP was built against"
320 - eerror " sys-libs/db:${OLDVER}, but the new one will build against"
321 - eerror " ${NEWVER} and your database would be inaccessible."
322 - echo
323 - fail=1
324 - fi
325 - [[ "${fail}" == "1" ]] && openldap_upgrade_howto
326 - fi
327 -
328 - echo
329 - einfo
330 - einfo "All datadirs are fine, proceeding with merge now..."
331 - einfo
332 -}
333 -
334 -openldap_upgrade_howto() {
335 - local d l i
336 - eerror
337 - eerror "A (possible old) installation of OpenLDAP was detected,"
338 - eerror "installation will not proceed for now."
339 - eerror
340 - eerror "As major version upgrades can corrupt your database,"
341 - eerror "you need to dump your database and re-create it afterwards."
342 - eerror
343 - eerror "Additionally, rebuilding against different major versions of the"
344 - eerror "sys-libs/db libraries will cause your database to be inaccessible."
345 - eerror ""
346 - d="$(date -u +%s)"
347 - l="/root/ldapdump.${d}"
348 - i="${l}.raw"
349 - eerror " 1. /etc/init.d/slapd stop"
350 - eerror " 2. slapcat -l ${i}"
351 - eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
352 - eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
353 - eerror " 5. emerge --update \=net-nds/${PF}"
354 - eerror " 6. etc-update, and ensure that you apply the changes"
355 - eerror " 7. slapadd -l ${l}"
356 - eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
357 - eerror " 9. /etc/init.d/slapd start"
358 - eerror "10. check that your data is intact."
359 - eerror "11. set up the new replication system."
360 - eerror
361 - if [[ "${FORCE_UPGRADE}" != "1" ]]; then
362 - die "You need to upgrade your database first"
363 - else
364 - eerror "You have the magical FORCE_UPGRADE=1 in place."
365 - eerror "Don't say you weren't warned about data loss."
366 - fi
367 -}
368 -
369 -pkg_setup() {
370 - if ! use sasl && use cxx ; then
371 - die "To build the ldapc++ library you must emerge openldap with sasl support"
372 - fi
373 - # Bug #322787
374 - if use minimal && ! has_version "net-nds/openldap" ; then
375 - einfo "No datadir scan needed, openldap not installed"
376 - elif use minimal && has_version 'net-nds/openldap[minimal]' ; then
377 - einfo "Skipping scan for previous datadirs as requested by minimal useflag"
378 - else
379 - openldap_find_versiontags
380 - fi
381 -
382 - # The user/group are only used for running daemons which are
383 - # disabled in minimal builds, so elide the accounts too.
384 - if ! use minimal ; then
385 - enewgroup ldap 439
386 - enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
387 - fi
388 -}
389 -
390 -src_prepare() {
391 - # ensure correct SLAPI path by default
392 - sed -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \
393 - -i include/ldap_defaults.h || die
394 -
395 - default
396 - rm -r libraries/liblmdb || die
397 -
398 - pushd build &>/dev/null || die "pushd build"
399 - einfo "Making sure upstream build strip does not do stripping too early"
400 - sed -i.orig \
401 - -e '/^STRIP/s,-s,,g' \
402 - top.mk || die "Failed to block stripping"
403 - popd &>/dev/null || die
404 -
405 - # wrong assumption that /bin/sh is /bin/bash
406 - sed \
407 - -e 's|/bin/sh|/bin/bash|g' \
408 - -i tests/scripts/* || die "sed failed"
409 -
410 - AT_NOEAUTOMAKE=yes eautoreconf
411 -}
412 -
413 -build_contrib_module() {
414 - # <dir> <sources> <outputname>
415 - pushd "${S}/contrib/slapd-modules/$1" &>/dev/null || die "pushd contrib/slapd-modules/$1"
416 - einfo "Compiling contrib-module: $3"
417 - # Make sure it's uppercase
418 - local define_name="$(LC_ALL=C tr '[:lower:]' '[:upper:]' <<< "SLAPD_OVER_${1}")"
419 - "${lt}" --mode=compile --tag=CC \
420 - "${CC}" \
421 - -D${define_name}=SLAPD_MOD_DYNAMIC \
422 - -I"${BUILD_DIR}"/include \
423 - -I../../../include -I../../../servers/slapd ${CFLAGS} \
424 - -o ${2%.c}.lo -c $2 || die "compiling $3 failed"
425 - einfo "Linking contrib-module: $3"
426 - "${lt}" --mode=link --tag=CC \
427 - "${CC}" -module \
428 - ${CFLAGS} \
429 - ${LDFLAGS} \
430 - -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
431 - -o $3.la ${2%.c}.lo || die "linking $3 failed"
432 - popd &>/dev/null || die
433 -}
434 -
435 -src_configure() {
436 - # Bug 408001
437 - use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync
438 -
439 - # connectionless ldap per bug #342439
440 - append-cppflags -DLDAP_CONNECTIONLESS
441 -
442 - multilib-minimal_src_configure
443 -}
444 -
445 -multilib_src_configure() {
446 - local myconf=()
447 -
448 - use debug && myconf+=( $(use_enable debug) )
449 -
450 - # ICU exists only in the configure, nowhere in the codebase, bug #510858
451 - export ac_cv_header_unicode_utypes_h=no ol_cv_lib_icu=no
452 -
453 - if ! use minimal && multilib_is_native_abi; then
454 - local CPPFLAGS=${CPPFLAGS}
455 -
456 - # re-enable serverside overlay chains per bug #296567
457 - # see ldap docs chaper 12.3.1 for details
458 - myconf+=( --enable-ldap )
459 -
460 - # backends
461 - myconf+=( --enable-slapd )
462 - if use berkdb ; then
463 - einfo "Using Berkeley DB for local backend"
464 - myconf+=( --enable-bdb --enable-hdb )
465 - DBINCLUDE=$(db_includedir ${BDB_SLOTS})
466 - einfo "Using ${DBINCLUDE} for sys-libs/db version"
467 - # We need to include the slotted db.h dir for FreeBSD
468 - append-cppflags -I${DBINCLUDE}
469 - else
470 - myconf+=( --disable-bdb --disable-hdb )
471 - fi
472 - for backend in dnssrv ldap mdb meta monitor null passwd relay shell sock; do
473 - myconf+=( --enable-${backend}=mod )
474 - done
475 -
476 - myconf+=( $(use_enable perl perl mod) )
477 -
478 - myconf+=( $(use_enable odbc sql mod) )
479 - if use odbc ; then
480 - local odbc_lib="unixodbc"
481 - if use iodbc ; then
482 - odbc_lib="iodbc"
483 - append-cppflags -I"${EPREFIX}"/usr/include/iodbc
484 - fi
485 - myconf+=( --with-odbc=${odbc_lib} )
486 - fi
487 -
488 - # slapd options
489 - myconf+=(
490 - $(use_enable crypt)
491 - $(use_enable slp)
492 - $(use_enable samba lmpasswd)
493 - $(use_enable syslog)
494 - )
495 - if use experimental ; then
496 - myconf+=(
497 - --enable-dynacl
498 - --enable-aci=mod
499 - )
500 - fi
501 - for option in aci cleartext modules rewrite rlookups slapi; do
502 - myconf+=( --enable-${option} )
503 - done
504 -
505 - # slapd overlay options
506 - # Compile-in the syncprov, the others as module
507 - myconf+=( --enable-syncprov=yes )
508 - use overlays && myconf+=( --enable-overlays=mod )
509 -
510 - else
511 - myconf+=(
512 - --disable-backends
513 - --disable-slapd
514 - --disable-bdb
515 - --disable-hdb
516 - --disable-mdb
517 - --disable-overlays
518 - --disable-syslog
519 - )
520 - fi
521 -
522 - # basic functionality stuff
523 - myconf+=(
524 - $(use_enable ipv6)
525 - $(multilib_native_use_with sasl cyrus-sasl)
526 - $(multilib_native_use_enable sasl spasswd)
527 - $(use_enable tcpd wrappers)
528 - )
529 -
530 - # Some cross-compiling tests don't pan out well.
531 - tc-is-cross-compiler && myconf+=(
532 - --with-yielding-select=yes
533 - )
534 -
535 - local ssl_lib="no"
536 - if use ssl || ( ! use minimal && use samba ) ; then
537 - ssl_lib="openssl"
538 - use gnutls && ssl_lib="gnutls"
539 - fi
540 -
541 - myconf+=( --with-tls=${ssl_lib} )
542 -
543 - for basicflag in dynamic local proctitle shared; do
544 - myconf+=( --enable-${basicflag} )
545 - done
546 -
547 - tc-export AR CC CXX
548 - CONFIG_SHELL="/bin/bash" \
549 - ECONF_SOURCE="${S}" \
550 - STRIP=/bin/true \
551 - econf \
552 - --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
553 - $(use_enable static-libs static) \
554 - "${myconf[@]}"
555 - emake depend
556 -}
557 -
558 -src_configure_cxx() {
559 - # This needs the libraries built by the first build run.
560 - # So we have to run it AFTER the main build, not just after the main
561 - # configure.
562 - local myconf_ldapcpp=(
563 - --with-ldap-includes="${S}"/include
564 - )
565 -
566 - mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die
567 - pushd "${BUILD_DIR}/contrib/ldapc++" &>/dev/null || die "pushd contrib/ldapc++"
568 -
569 - local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS}
570 - append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
571 - -L"${BUILD_DIR}"/libraries/libldap/.libs
572 - append-cppflags -I"${BUILD_DIR}"/include
573 - ECONF_SOURCE=${S}/contrib/ldapc++ \
574 - econf "${myconf_ldapcpp[@]}" \
575 - CC="${CC}" \
576 - CXX="${CXX}"
577 - popd &>/dev/null || die
578 -}
579 -
580 -multilib_src_compile() {
581 - tc-export AR CC CXX
582 - emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash
583 - local lt="${BUILD_DIR}/libtool"
584 - export echo="echo"
585 -
586 - if ! use minimal && multilib_is_native_abi ; then
587 - if use cxx ; then
588 - einfo "Building contrib library: ldapc++"
589 - src_configure_cxx
590 - pushd "${BUILD_DIR}/contrib/ldapc++" &>/dev/null || die "pushd contrib/ldapc++"
591 - emake CC="${CC}" CXX="${CXX}"
592 - popd &>/dev/null || die
593 - fi
594 -
595 - if use smbkrb5passwd ; then
596 - einfo "Building contrib-module: smbk5pwd"
597 - pushd "${S}/contrib/slapd-modules/smbk5pwd" &>/dev/null || die "pushd contrib/slapd-modules/smbk5pwd"
598 -
599 - MY_DEFS="-DDO_SHADOW"
600 - if use samba ; then
601 - MY_DEFS="${MY_DEFS} -DDO_SAMBA"
602 - MY_KRB5_INC=""
603 - fi
604 - if use kerberos ; then
605 - MY_DEFS="${MY_DEFS} -DDO_KRB5"
606 - MY_KRB5_INC="$(krb5-config --cflags)"
607 - fi
608 -
609 - emake \
610 - DEFS="${MY_DEFS}" \
611 - KRB5_INC="${MY_KRB5_INC}" \
612 - LDAP_BUILD="${BUILD_DIR}" \
613 - CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
614 - popd &>/dev/null || die
615 - fi
616 -
617 - if use overlays ; then
618 - einfo "Building contrib-module: samba4"
619 - pushd "${S}/contrib/slapd-modules/samba4" &>/dev/null || die "pushd contrib/slapd-modules/samba4"
620 -
621 - emake \
622 - LDAP_BUILD="${BUILD_DIR}" \
623 - CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap"
624 - popd &>/dev/null || die
625 - fi
626 -
627 - if use kerberos ; then
628 - if use kinit ; then
629 - build_contrib_module "kinit" "kinit.c" "kinit"
630 - fi
631 - pushd "${S}/contrib/slapd-modules/passwd" &>/dev/null || die "pushd contrib/slapd-modules/passwd"
632 - einfo "Compiling contrib-module: pw-kerberos"
633 - "${lt}" --mode=compile --tag=CC \
634 - "${CC}" \
635 - -I"${BUILD_DIR}"/include \
636 - -I../../../include \
637 - ${CFLAGS} \
638 - $(krb5-config --cflags) \
639 - -DHAVE_KRB5 \
640 - -o kerberos.lo \
641 - -c kerberos.c || die "compiling pw-kerberos failed"
642 - einfo "Linking contrib-module: pw-kerberos"
643 - "${lt}" --mode=link --tag=CC \
644 - "${CC}" -module \
645 - ${CFLAGS} \
646 - ${LDFLAGS} \
647 - -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
648 - -o pw-kerberos.la \
649 - kerberos.lo || die "linking pw-kerberos failed"
650 - popd &>/dev/null || die
651 - fi
652 -
653 - if use pbkdf2; then
654 - pushd "${S}/contrib/slapd-modules/passwd/pbkdf2" &>/dev/null || die "pushd contrib/slapd-modules/passwd/pbkdf2"
655 - einfo "Compiling contrib-module: pw-pbkdf2"
656 - "${lt}" --mode=compile --tag=CC \
657 - "${CC}" \
658 - -I"${BUILD_DIR}"/include \
659 - -I../../../../include \
660 - ${CFLAGS} \
661 - -o pbkdf2.lo \
662 - -c pw-pbkdf2.c || die "compiling pw-pbkdf2 failed"
663 - einfo "Linking contrib-module: pw-pbkdf2"
664 - "${lt}" --mode=link --tag=CC \
665 - "${CC}" -module \
666 - ${CFLAGS} \
667 - ${LDFLAGS} \
668 - -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
669 - -o pw-pbkdf2.la \
670 - pbkdf2.lo || die "linking pw-pbkdf2 failed"
671 - popd &>/dev/null || die
672 - fi
673 -
674 - if use sha2 ; then
675 - pushd "${S}/contrib/slapd-modules/passwd/sha2" &>/dev/null || die "pushd contrib/slapd-modules/passwd/sha2"
676 - einfo "Compiling contrib-module: pw-sha2"
677 - "${lt}" --mode=compile --tag=CC \
678 - "${CC}" \
679 - -I"${BUILD_DIR}"/include \
680 - -I../../../../include \
681 - ${CFLAGS} \
682 - -o sha2.lo \
683 - -c sha2.c || die "compiling pw-sha2 failed"
684 - "${lt}" --mode=compile --tag=CC \
685 - "${CC}" \
686 - -I"${BUILD_DIR}"/include \
687 - -I../../../../include \
688 - ${CFLAGS} \
689 - -o slapd-sha2.lo \
690 - -c slapd-sha2.c || die "compiling pw-sha2 failed"
691 - einfo "Linking contrib-module: pw-sha2"
692 - "${lt}" --mode=link --tag=CC \
693 - "${CC}" -module \
694 - ${CFLAGS} \
695 - ${LDFLAGS} \
696 - -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
697 - -o pw-sha2.la \
698 - sha2.lo slapd-sha2.lo || die "linking pw-sha2 failed"
699 - popd &>/dev/null || die
700 - fi
701 -
702 - # We could build pw-radius if GNURadius would install radlib.h
703 - pushd "${S}/contrib/slapd-modules/passwd" &>/dev/null || die "pushd contrib/slapd-modules/passwd"
704 - einfo "Compiling contrib-module: pw-netscape"
705 - "${lt}" --mode=compile --tag=CC \
706 - "${CC}" \
707 - -I"${BUILD_DIR}"/include \
708 - -I../../../include \
709 - ${CFLAGS} \
710 - -o netscape.lo \
711 - -c netscape.c || die "compiling pw-netscape failed"
712 - einfo "Linking contrib-module: pw-netscape"
713 - "${lt}" --mode=link --tag=CC \
714 - "${CC}" -module \
715 - ${CFLAGS} \
716 - ${LDFLAGS} \
717 - -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
718 - -o pw-netscape.la \
719 - netscape.lo || die "linking pw-netscape failed"
720 -
721 - #build_contrib_module "acl" "posixgroup.c" "posixGroup" # example code only
722 - #build_contrib_module "acl" "gssacl.c" "gss" # example code only, also needs kerberos
723 - build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
724 - build_contrib_module "allop" "allop.c" "overlay-allop"
725 - build_contrib_module "allowed" "allowed.c" "allowed"
726 - build_contrib_module "autogroup" "autogroup.c" "autogroup"
727 - build_contrib_module "cloak" "cloak.c" "cloak"
728 - # build_contrib_module "comp_match" "comp_match.c" "comp_match" # really complex, adds new external deps, questionable demand
729 - build_contrib_module "denyop" "denyop.c" "denyop-overlay"
730 - build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
731 - build_contrib_module "dupent" "dupent.c" "dupent"
732 - build_contrib_module "lastbind" "lastbind.c" "lastbind"
733 - # lastmod may not play well with other overlays
734 - build_contrib_module "lastmod" "lastmod.c" "lastmod"
735 - build_contrib_module "noopsrch" "noopsrch.c" "noopsrch"
736 - build_contrib_module "nops" "nops.c" "nops-overlay"
737 - #build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER
738 - build_contrib_module "trace" "trace.c" "trace"
739 - popd &>/dev/null || die
740 - # build slapi-plugins
741 - pushd "${S}/contrib/slapi-plugins/addrdnvalues" &>/dev/null || die "pushd contrib/slapi-plugins/addrdnvalues"
742 - einfo "Building contrib-module: addrdnvalues plugin"
743 - "${CC}" -shared \
744 - -I"${BUILD_DIR}"/include \
745 - -I../../../include \
746 - ${CFLAGS} \
747 - -fPIC \
748 - ${LDFLAGS} \
749 - -o libaddrdnvalues-plugin.so \
750 - addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
751 - popd &>/dev/null || die
752 - fi
753 -}
754 -
755 -multilib_src_test() {
756 - if multilib_is_native_abi; then
757 - cd tests || die
758 - emake tests
759 - fi
760 -}
761 -
762 -multilib_src_install() {
763 - local lt="${BUILD_DIR}/libtool"
764 - emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install
765 -
766 - if ! use minimal && multilib_is_native_abi; then
767 - # openldap modules go here
768 - # TODO: write some code to populate slapd.conf with moduleload statements
769 - keepdir /usr/$(get_libdir)/openldap/openldap/
770 -
771 - # initial data storage dir
772 - keepdir /var/lib/openldap-data
773 - use prefix || fowners ldap:ldap /var/lib/openldap-data
774 - fperms 0700 /var/lib/openldap-data
775 -
776 - echo "OLDPF='${PF}'" > "${ED%/}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
777 - echo "# do NOT delete this. it is used" >> "${ED%/}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
778 - echo "# to track versions for upgrading." >> "${ED%/}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
779 -
780 - # use our config
781 - rm "${ED%/}"/etc/openldap/slapd.conf
782 - insinto /etc/openldap
783 - newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf
784 - configfile="${ED%/}"/etc/openldap/slapd.conf
785 -
786 - # populate with built backends
787 - ebegin "populate config with built backends"
788 - for x in "${ED%/}"/usr/$(get_libdir)/openldap/openldap/back_*.so; do
789 - einfo "Adding $(basename ${x})"
790 - sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}" || die
791 - done
792 - sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
793 - use prefix || fowners root:ldap /etc/openldap/slapd.conf
794 - fperms 0640 /etc/openldap/slapd.conf
795 - cp "${configfile}" "${configfile}".default || die
796 - eend
797 -
798 - # install our own init scripts and systemd unit files
799 - einfo "Install init scripts"
800 - sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd-initd-2.4.40-r2 > "${T}"/slapd || die
801 - doinitd "${T}"/slapd
802 - newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd
803 -
804 - einfo "Install systemd service"
805 - sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd.service > "${T}"/slapd.service || die
806 - systemd_dounit "${T}"/slapd.service
807 - systemd_install_serviced "${FILESDIR}"/slapd.service.conf
808 - systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf
809 -
810 - # If built without SLP, we don't need to be before avahi
811 - if ! use slp ; then
812 - sed -i \
813 - -e '/before/{s/avahi-daemon//g}' \
814 - "${ED%/}"/etc/init.d/slapd \
815 - || die
816 - fi
817 -
818 - if use cxx ; then
819 - einfo "Install the ldapc++ library"
820 - cd "${BUILD_DIR}/contrib/ldapc++" || die
821 - emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
822 - cd "${S}"/contrib/ldapc++ || die
823 - newdoc README ldapc++-README
824 - fi
825 -
826 - if use smbkrb5passwd ; then
827 - einfo "Install the smbk5pwd module"
828 - cd "${S}/contrib/slapd-modules/smbk5pwd" || die
829 - emake DESTDIR="${D}" \
830 - LDAP_BUILD="${BUILD_DIR}" \
831 - libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
832 - newdoc README smbk5pwd-README
833 - fi
834 -
835 - if use overlays ; then
836 - einfo "Install the samba4 module"
837 - cd "${S}/contrib/slapd-modules/samba4" || die
838 - emake DESTDIR="${D}" \
839 - LDAP_BUILD="${BUILD_DIR}" \
840 - libexecdir="/usr/$(get_libdir)/openldap" install
841 - newdoc README samba4-README
842 - fi
843 -
844 - einfo "Installing contrib modules"
845 - cd "${S}/contrib/slapd-modules" || die
846 - for l in */*.la */*/*.la; do
847 - [[ -e ${l} ]] || continue
848 - "${lt}" --mode=install cp ${l} \
849 - "${ED%/}"/usr/$(get_libdir)/openldap/openldap || \
850 - die "installing ${l} failed"
851 - done
852 -
853 - dodoc "${FILESDIR}"/DB_CONFIG.fast.example
854 - docinto contrib
855 - doman */*.5
856 - #newdoc acl/README*
857 - newdoc addpartial/README addpartial-README
858 - newdoc allop/README allop-README
859 - newdoc allowed/README allowed-README
860 - newdoc autogroup/README autogroup-README
861 - newdoc dsaschema/README dsaschema-README
862 - newdoc passwd/README passwd-README
863 - cd "${S}/contrib/slapi-plugins" || die
864 - insinto /usr/$(get_libdir)/openldap/openldap
865 - doins */*.so
866 - docinto contrib
867 - newdoc addrdnvalues/README addrdnvalues-README
868 -
869 - insinto /etc/openldap/schema
870 - newins "${DISTDIR}"/${BIS_P} ${BIS_PN}
871 -
872 - docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample*
873 - docinto back-shell ; dodoc "${S}"/servers/slapd/back-shell/searchexample*
874 - docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm
875 -
876 - dosbin "${S}"/contrib/slapd-tools/statslog
877 - newdoc "${S}"/contrib/slapd-tools/README README.statslog
878 - fi
879 -
880 - if ! use static-libs ; then
881 - find "${ED}" \( -name '*.a' -o -name '*.la' \) -delete || die
882 - fi
883 -}
884 -
885 -multilib_src_install_all() {
886 - dodoc ANNOUNCEMENT CHANGES COPYRIGHT README
887 - docinto rfc ; dodoc doc/rfc/*.txt
888 -}
889 -
890 -pkg_preinst() {
891 - # keep old libs if any
892 - preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0)
893 - # bug 440470, only display the getting started help there was no openldap before,
894 - # or we are going to a non-minimal build
895 - ! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]'
896 - OPENLDAP_PRINT_MESSAGES=$((! $?))
897 -}
898 -
899 -pkg_postinst() {
900 - if ! use minimal ; then
901 - # You cannot build SSL certificates during src_install that will make
902 - # binary packages containing your SSL key, which is both a security risk
903 - # and a misconfiguration if multiple machines use the same key and cert.
904 - if use ssl; then
905 - install_cert /etc/openldap/ssl/ldap
906 - use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.*
907 - ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
908 - ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
909 - ewarn "add 'TLS_REQCERT allow' if you want to use them."
910 - fi
911 -
912 - if use prefix; then
913 - # Warn about prefix issues with slapd
914 - eerror "slapd might NOT be usable on Prefix systems as it requires root privileges"
915 - eerror "to start up, and requires that certain files directories be owned by"
916 - eerror "ldap:ldap. As Prefix does not support changing ownership of files and"
917 - eerror "directories, you will have to manually fix this yourself."
918 - fi
919 -
920 - # These lines force the permissions of various content to be correct
921 - use prefix || chown ldap:ldap "${EROOT}"var/run/openldap
922 - chmod 0755 "${EROOT}"var/run/openldap
923 - use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default}
924 - chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default}
925 - use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data
926 - fi
927 -
928 - if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then
929 - elog "Getting started using OpenLDAP? There is some documentation available:"
930 - elog "Gentoo Guide to OpenLDAP Authentication"
931 - elog "(https://wiki.gentoo.org/wiki/Centralized_authentication_using_OpenLDAP)"
932 - elog "---"
933 - elog "An example file for tuning BDB backends with openldap is"
934 - elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
935 - fi
936 -
937 - preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0)
938 -}
939
940 diff --git a/net-nds/openldap/openldap-2.4.49-r1.ebuild b/net-nds/openldap/openldap-2.4.49-r1.ebuild
941 deleted file mode 100644
942 index c82a49b7878..00000000000
943 --- a/net-nds/openldap/openldap-2.4.49-r1.ebuild
944 +++ /dev/null
945 @@ -1,901 +0,0 @@
946 -# Copyright 1999-2020 Gentoo Authors
947 -# Distributed under the terms of the GNU General Public License v2
948 -
949 -EAPI=7
950 -
951 -inherit autotools db-use flag-o-matic multilib-minimal ssl-cert toolchain-funcs user systemd
952 -
953 -BIS_PN=rfc2307bis.schema
954 -BIS_PV=20140524
955 -BIS_P="${BIS_PN}-${BIS_PV}"
956 -
957 -DESCRIPTION="LDAP suite of application and development tools"
958 -HOMEPAGE="http://www.OpenLDAP.org/"
959 -
960 -# mirrors are mostly not working, using canonical URI
961 -SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz
962 - mirror://gentoo/${BIS_P}"
963 -
964 -LICENSE="OPENLDAP GPL-2"
965 -SLOT="0"
966 -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~ppc-aix ~amd64-linux ~x86-linux ~x86-solaris"
967 -
968 -IUSE_DAEMON="crypt samba tcpd experimental minimal"
969 -IUSE_BACKEND="+berkdb"
970 -IUSE_OVERLAY="overlays perl"
971 -IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 libressl +syslog selinux static-libs test"
972 -IUSE_CONTRIB="smbkrb5passwd kerberos kinit pbkdf2 sha2"
973 -IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
974 -IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
975 -
976 -RESTRICT="!test? ( test )"
977 -REQUIRED_USE="cxx? ( sasl )
978 - pbkdf2? ( ssl )
979 - test? ( berkdb )
980 - ?? ( test minimal )"
981 -
982 -# always list newer first
983 -# Do not add any AGPL-3 BDB here!
984 -# See bug 525110, comment 15.
985 -# Advanced usage: OPENLDAP_BDB_SLOTS in the environment can be used to force a slot during build.
986 -BDB_SLOTS="${OPENLDAP_BDB_SLOTS:=5.3 5.1 4.8 4.7 4.6 4.5 4.4}"
987 -BDB_PKGS=''
988 -for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done
989 -
990 -# openssl is needed to generate lanman-passwords required by samba
991 -COMMON_DEPEND="
992 - ssl? (
993 - !gnutls? (
994 - !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] )
995 - libressl? ( dev-libs/libressl:0=[${MULTILIB_USEDEP}] )
996 - )
997 - gnutls? (
998 - >=net-libs/gnutls-2.12.23-r6:=[${MULTILIB_USEDEP}]
999 - >=dev-libs/libgcrypt-1.5.3:0=[${MULTILIB_USEDEP}]
1000 - )
1001 - )
1002 - sasl? ( dev-libs/cyrus-sasl:= )
1003 - !minimal? (
1004 - sys-devel/libtool
1005 - sys-libs/e2fsprogs-libs
1006 - >=dev-db/lmdb-0.9.18:=
1007 - tcpd? ( sys-apps/tcp-wrappers )
1008 - odbc? ( !iodbc? ( dev-db/unixODBC )
1009 - iodbc? ( dev-db/libiodbc ) )
1010 - perl? ( dev-lang/perl:=[-build(-)] )
1011 - samba? (
1012 - !libressl? ( dev-libs/openssl:0= )
1013 - libressl? ( dev-libs/libressl:0= )
1014 - )
1015 - berkdb? (
1016 - <sys-libs/db-6.0:=
1017 - || ( ${BDB_PKGS} )
1018 - )
1019 - smbkrb5passwd? (
1020 - !libressl? ( dev-libs/openssl:0= )
1021 - libressl? ( dev-libs/libressl:0= )
1022 - kerberos? ( app-crypt/heimdal )
1023 - )
1024 - kerberos? (
1025 - virtual/krb5
1026 - kinit? ( !app-crypt/heimdal )
1027 - )
1028 - cxx? ( dev-libs/cyrus-sasl:= )
1029 - )
1030 -"
1031 -DEPEND="${COMMON_DEPEND}
1032 - sys-apps/groff
1033 -"
1034 -RDEPEND="${COMMON_DEPEND}
1035 - selinux? ( sec-policy/selinux-ldap )
1036 -"
1037 -# for tracking versions
1038 -OPENLDAP_VERSIONTAG=".version-tag"
1039 -OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
1040 -
1041 -MULTILIB_WRAPPED_HEADERS=(
1042 - # USE=cxx
1043 - /usr/include/LDAPAsynConnection.h
1044 - /usr/include/LDAPAttrType.h
1045 - /usr/include/LDAPAttribute.h
1046 - /usr/include/LDAPAttributeList.h
1047 - /usr/include/LDAPConnection.h
1048 - /usr/include/LDAPConstraints.h
1049 - /usr/include/LDAPControl.h
1050 - /usr/include/LDAPControlSet.h
1051 - /usr/include/LDAPEntry.h
1052 - /usr/include/LDAPEntryList.h
1053 - /usr/include/LDAPException.h
1054 - /usr/include/LDAPExtResult.h
1055 - /usr/include/LDAPMessage.h
1056 - /usr/include/LDAPMessageQueue.h
1057 - /usr/include/LDAPModList.h
1058 - /usr/include/LDAPModification.h
1059 - /usr/include/LDAPObjClass.h
1060 - /usr/include/LDAPRebind.h
1061 - /usr/include/LDAPRebindAuth.h
1062 - /usr/include/LDAPReferenceList.h
1063 - /usr/include/LDAPResult.h
1064 - /usr/include/LDAPSaslBindResult.h
1065 - /usr/include/LDAPSchema.h
1066 - /usr/include/LDAPSearchReference.h
1067 - /usr/include/LDAPSearchResult.h
1068 - /usr/include/LDAPSearchResults.h
1069 - /usr/include/LDAPUrl.h
1070 - /usr/include/LDAPUrlList.h
1071 - /usr/include/LdifReader.h
1072 - /usr/include/LdifWriter.h
1073 - /usr/include/SaslInteraction.h
1074 - /usr/include/SaslInteractionHandler.h
1075 - /usr/include/StringList.h
1076 - /usr/include/TlsOptions.h
1077 -)
1078 -
1079 -PATCHES=(
1080 - "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
1081 -
1082 - "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch
1083 - "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
1084 -
1085 - # bug #116045 - still present in 2.4.28
1086 - "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
1087 - # bug #408077 - samba4
1088 - "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
1089 -
1090 - # bug #189817
1091 - "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
1092 -
1093 - # bug #233633
1094 - "${FILESDIR}"/${PN}-2.4.45-fix-lmpasswd-gnutls-symbols.patch
1095 -
1096 - # bug #281495
1097 - "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
1098 -
1099 - # bug #294350
1100 - "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
1101 -
1102 - # unbreak /bin/sh -> dash
1103 - "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
1104 -
1105 - # bug #420959
1106 - "${FILESDIR}"/${PN}-2.4.31-gcc47.patch
1107 -
1108 - # unbundle lmdb
1109 - "${FILESDIR}"/${PN}-2.4.42-mdb-unbundle.patch
1110 -
1111 - # bug #622464
1112 - "${FILESDIR}"/${PN}-2.4.47-libressl.patch
1113 -
1114 - # fix some compiler warnings
1115 - "${FILESDIR}"/${PN}-2.4.47-warnings.patch
1116 -)
1117 -
1118 -openldap_filecount() {
1119 - local dir="$1"
1120 - find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
1121 -}
1122 -
1123 -openldap_find_versiontags() {
1124 - # scan for all datadirs
1125 - local openldap_datadirs=()
1126 - if [[ -f "${EROOT}"/etc/openldap/slapd.conf ]]; then
1127 - openldap_datadirs=( $(awk '{if($1 == "directory") print $2 }' "${EROOT}"/etc/openldap/slapd.conf) )
1128 - fi
1129 - openldap_datadirs+=( ${OPENLDAP_DEFAULTDIR_VERSIONTAG} )
1130 -
1131 - einfo
1132 - einfo "Scanning datadir(s) from slapd.conf and"
1133 - einfo "the default installdir for Versiontags"
1134 - einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
1135 - einfo
1136 -
1137 - # scan datadirs if we have a version tag
1138 - openldap_found_tag=0
1139 - have_files=0
1140 - for each in ${openldap_datadirs[@]} ; do
1141 - CURRENT_TAGDIR="${ROOT}$(sed "s:\/::" <<< ${each})"
1142 - CURRENT_TAG="${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}"
1143 - if [[ -d "${CURRENT_TAGDIR}" ]] && [[ "${openldap_found_tag}" == 0 ]] ; then
1144 - einfo "- Checking ${each}..."
1145 - if [[ -r "${CURRENT_TAG}" ]] ; then
1146 - # yey, we have one :)
1147 - einfo " Found Versiontag in ${each}"
1148 - source "${CURRENT_TAG}"
1149 - if [[ "${OLDPF}" == "" ]] ; then
1150 - eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
1151 - eerror "Please delete it"
1152 - eerror
1153 - die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
1154 - fi
1155 -
1156 - OLD_MAJOR=$(ver_cut 2-3 ${OLDPF})
1157 -
1158 - [[ "$(openldap_filecount ${CURRENT_TAGDIR})" -gt 0 ]] && have_files=1
1159 -
1160 - # are we on the same branch?
1161 - if [[ "${OLD_MAJOR}" != "${PV:0:3}" ]] ; then
1162 - ewarn " Versiontag doesn't match current major release!"
1163 - if [[ "${have_files}" == "1" ]] ; then
1164 - eerror " Versiontag says other major and you (probably) have datafiles!"
1165 - echo
1166 - openldap_upgrade_howto
1167 - else
1168 - einfo " No real problem, seems there's no database."
1169 - fi
1170 - else
1171 - einfo " Versiontag is fine here :)"
1172 - fi
1173 - else
1174 - einfo " Non-tagged dir ${each}"
1175 - [[ "$(openldap_filecount ${each})" -gt 0 ]] && have_files=1
1176 - if [[ "${have_files}" == "1" ]] ; then
1177 - einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
1178 - echo
1179 -
1180 - eerror
1181 - eerror "Your OpenLDAP Installation has a non tagged datadir that"
1182 - eerror "possibly contains a database at ${CURRENT_TAGDIR}"
1183 - eerror
1184 - eerror "Please export data if any entered and empty or remove"
1185 - eerror "the directory, installation has been stopped so you"
1186 - eerror "can take required action"
1187 - eerror
1188 - eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
1189 - eerror
1190 - openldap_upgrade_howto
1191 - die "Please move the datadir ${CURRENT_TAGDIR} away"
1192 - fi
1193 - fi
1194 - einfo
1195 - fi
1196 - done
1197 - [[ "${have_files}" == "1" ]] && einfo "DB files present" || einfo "No DB files present"
1198 -
1199 - # Now we must check for the major version of sys-libs/db linked against.
1200 - SLAPD_PATH="${EROOT}/usr/$(get_libdir)/openldap/slapd"
1201 - if [[ "${have_files}" == "1" ]] && [[ -f "${SLAPD_PATH}" ]]; then
1202 - OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
1203 - | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
1204 - if use berkdb; then
1205 - # find which one would be used
1206 - for bdb_slot in ${BDB_SLOTS} ; do
1207 - NEWVER="$(db_findver "=sys-libs/db-${bdb_slot}*")"
1208 - [[ -n "${NEWVER}" ]] && break
1209 - done
1210 - fi
1211 - local fail=0
1212 - if [[ -z "${OLDVER}" ]] && [[ -z "${NEWVER}" ]]; then
1213 - :
1214 - # Nothing wrong here.
1215 - elif [[ -z "${OLDVER}" ]] && [[ -n "${NEWVER}" ]]; then
1216 - eerror " Your existing version of OpenLDAP was not built against"
1217 - eerror " any version of sys-libs/db, but the new one will build"
1218 - eerror " against ${NEWVER} and your database may be inaccessible."
1219 - echo
1220 - fail=1
1221 - elif [[ -n "${OLDVER}" ]] && [[ -z "${NEWVER}" ]]; then
1222 - eerror " Your existing version of OpenLDAP was built against"
1223 - eerror " sys-libs/db:${OLDVER}, but the new one will not be"
1224 - eerror " built against any version and your database may be"
1225 - eerror " inaccessible."
1226 - echo
1227 - fail=1
1228 - elif [[ "${OLDVER}" != "${NEWVER}" ]]; then
1229 - eerror " Your existing version of OpenLDAP was built against"
1230 - eerror " sys-libs/db:${OLDVER}, but the new one will build against"
1231 - eerror " ${NEWVER} and your database would be inaccessible."
1232 - echo
1233 - fail=1
1234 - fi
1235 - [[ "${fail}" == "1" ]] && openldap_upgrade_howto
1236 - fi
1237 -
1238 - echo
1239 - einfo
1240 - einfo "All datadirs are fine, proceeding with merge now..."
1241 - einfo
1242 -}
1243 -
1244 -openldap_upgrade_howto() {
1245 - local d l i
1246 - eerror
1247 - eerror "A (possible old) installation of OpenLDAP was detected,"
1248 - eerror "installation will not proceed for now."
1249 - eerror
1250 - eerror "As major version upgrades can corrupt your database,"
1251 - eerror "you need to dump your database and re-create it afterwards."
1252 - eerror
1253 - eerror "Additionally, rebuilding against different major versions of the"
1254 - eerror "sys-libs/db libraries will cause your database to be inaccessible."
1255 - eerror ""
1256 - d="$(date -u +%s)"
1257 - l="/root/ldapdump.${d}"
1258 - i="${l}.raw"
1259 - eerror " 1. /etc/init.d/slapd stop"
1260 - eerror " 2. slapcat -l ${i}"
1261 - eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
1262 - eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
1263 - eerror " 5. emerge --update \=net-nds/${PF}"
1264 - eerror " 6. etc-update, and ensure that you apply the changes"
1265 - eerror " 7. slapadd -l ${l}"
1266 - eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
1267 - eerror " 9. /etc/init.d/slapd start"
1268 - eerror "10. check that your data is intact."
1269 - eerror "11. set up the new replication system."
1270 - eerror
1271 - if [[ "${FORCE_UPGRADE}" != "1" ]]; then
1272 - die "You need to upgrade your database first"
1273 - else
1274 - eerror "You have the magical FORCE_UPGRADE=1 in place."
1275 - eerror "Don't say you weren't warned about data loss."
1276 - fi
1277 -}
1278 -
1279 -pkg_setup() {
1280 - if ! use sasl && use cxx ; then
1281 - die "To build the ldapc++ library you must emerge openldap with sasl support"
1282 - fi
1283 - # Bug #322787
1284 - if use minimal && ! has_version "net-nds/openldap" ; then
1285 - einfo "No datadir scan needed, openldap not installed"
1286 - elif use minimal && has_version 'net-nds/openldap[minimal]' ; then
1287 - einfo "Skipping scan for previous datadirs as requested by minimal useflag"
1288 - else
1289 - openldap_find_versiontags
1290 - fi
1291 -
1292 - # The user/group are only used for running daemons which are
1293 - # disabled in minimal builds, so elide the accounts too.
1294 - if ! use minimal ; then
1295 - enewgroup ldap 439
1296 - enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
1297 - fi
1298 -}
1299 -
1300 -src_prepare() {
1301 - # ensure correct SLAPI path by default
1302 - sed -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \
1303 - -i include/ldap_defaults.h || die
1304 -
1305 - default
1306 - rm -r libraries/liblmdb || die
1307 -
1308 - pushd build &>/dev/null || die "pushd build"
1309 - einfo "Making sure upstream build strip does not do stripping too early"
1310 - sed -i.orig \
1311 - -e '/^STRIP/s,-s,,g' \
1312 - top.mk || die "Failed to block stripping"
1313 - popd &>/dev/null || die
1314 -
1315 - # wrong assumption that /bin/sh is /bin/bash
1316 - sed \
1317 - -e 's|/bin/sh|/bin/bash|g' \
1318 - -i tests/scripts/* || die "sed failed"
1319 -
1320 - AT_NOEAUTOMAKE=yes eautoreconf
1321 -}
1322 -
1323 -build_contrib_module() {
1324 - # <dir> <sources> <outputname>
1325 - pushd "${S}/contrib/slapd-modules/$1" &>/dev/null || die "pushd contrib/slapd-modules/$1"
1326 - einfo "Compiling contrib-module: $3"
1327 - # Make sure it's uppercase
1328 - local define_name="$(LC_ALL=C tr '[:lower:]' '[:upper:]' <<< "SLAPD_OVER_${1}")"
1329 - "${lt}" --mode=compile --tag=CC \
1330 - "${CC}" \
1331 - -D${define_name}=SLAPD_MOD_DYNAMIC \
1332 - -I"${BUILD_DIR}"/include \
1333 - -I../../../include -I../../../servers/slapd ${CFLAGS} \
1334 - -o ${2%.c}.lo -c $2 || die "compiling $3 failed"
1335 - einfo "Linking contrib-module: $3"
1336 - "${lt}" --mode=link --tag=CC \
1337 - "${CC}" -module \
1338 - ${CFLAGS} \
1339 - ${LDFLAGS} \
1340 - -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
1341 - -o $3.la ${2%.c}.lo || die "linking $3 failed"
1342 - popd &>/dev/null || die
1343 -}
1344 -
1345 -src_configure() {
1346 - # Bug 408001
1347 - use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync
1348 -
1349 - # connectionless ldap per bug #342439
1350 - append-cppflags -DLDAP_CONNECTIONLESS
1351 -
1352 - multilib-minimal_src_configure
1353 -}
1354 -
1355 -multilib_src_configure() {
1356 - local myconf=()
1357 -
1358 - use debug && myconf+=( $(use_enable debug) )
1359 -
1360 - # ICU exists only in the configure, nowhere in the codebase, bug #510858
1361 - export ac_cv_header_unicode_utypes_h=no ol_cv_lib_icu=no
1362 -
1363 - if ! use minimal && multilib_is_native_abi; then
1364 - local CPPFLAGS=${CPPFLAGS}
1365 -
1366 - # re-enable serverside overlay chains per bug #296567
1367 - # see ldap docs chaper 12.3.1 for details
1368 - myconf+=( --enable-ldap )
1369 -
1370 - # backends
1371 - myconf+=( --enable-slapd )
1372 - if use berkdb ; then
1373 - einfo "Using Berkeley DB for local backend"
1374 - myconf+=( --enable-bdb --enable-hdb )
1375 - DBINCLUDE=$(db_includedir ${BDB_SLOTS})
1376 - einfo "Using ${DBINCLUDE} for sys-libs/db version"
1377 - # We need to include the slotted db.h dir for FreeBSD
1378 - append-cppflags -I${DBINCLUDE}
1379 - else
1380 - myconf+=( --disable-bdb --disable-hdb )
1381 - fi
1382 - for backend in dnssrv ldap mdb meta monitor null passwd relay shell sock; do
1383 - myconf+=( --enable-${backend}=mod )
1384 - done
1385 -
1386 - myconf+=( $(use_enable perl perl mod) )
1387 -
1388 - myconf+=( $(use_enable odbc sql mod) )
1389 - if use odbc ; then
1390 - local odbc_lib="unixodbc"
1391 - if use iodbc ; then
1392 - odbc_lib="iodbc"
1393 - append-cppflags -I"${EPREFIX}"/usr/include/iodbc
1394 - fi
1395 - myconf+=( --with-odbc=${odbc_lib} )
1396 - fi
1397 -
1398 - # slapd options
1399 - myconf+=(
1400 - $(use_enable crypt)
1401 - --disable-slp
1402 - $(use_enable samba lmpasswd)
1403 - $(use_enable syslog)
1404 - )
1405 - if use experimental ; then
1406 - myconf+=(
1407 - --enable-dynacl
1408 - --enable-aci=mod
1409 - )
1410 - fi
1411 - for option in aci cleartext modules rewrite rlookups slapi; do
1412 - myconf+=( --enable-${option} )
1413 - done
1414 -
1415 - # slapd overlay options
1416 - # Compile-in the syncprov, the others as module
1417 - myconf+=( --enable-syncprov=yes )
1418 - use overlays && myconf+=( --enable-overlays=mod )
1419 -
1420 - else
1421 - myconf+=(
1422 - --disable-backends
1423 - --disable-slapd
1424 - --disable-bdb
1425 - --disable-hdb
1426 - --disable-mdb
1427 - --disable-overlays
1428 - --disable-syslog
1429 - )
1430 - fi
1431 -
1432 - # basic functionality stuff
1433 - myconf+=(
1434 - $(use_enable ipv6)
1435 - $(multilib_native_use_with sasl cyrus-sasl)
1436 - $(multilib_native_use_enable sasl spasswd)
1437 - $(use_enable tcpd wrappers)
1438 - )
1439 -
1440 - # Some cross-compiling tests don't pan out well.
1441 - tc-is-cross-compiler && myconf+=(
1442 - --with-yielding-select=yes
1443 - )
1444 -
1445 - local ssl_lib="no"
1446 - if use ssl || ( ! use minimal && use samba ) ; then
1447 - ssl_lib="openssl"
1448 - use gnutls && ssl_lib="gnutls"
1449 - fi
1450 -
1451 - myconf+=( --with-tls=${ssl_lib} )
1452 -
1453 - for basicflag in dynamic local proctitle shared; do
1454 - myconf+=( --enable-${basicflag} )
1455 - done
1456 -
1457 - tc-export AR CC CXX
1458 - CONFIG_SHELL="/bin/bash" \
1459 - ECONF_SOURCE="${S}" \
1460 - STRIP=/bin/true \
1461 - econf \
1462 - --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
1463 - $(use_enable static-libs static) \
1464 - "${myconf[@]}"
1465 - emake depend
1466 -}
1467 -
1468 -src_configure_cxx() {
1469 - # This needs the libraries built by the first build run.
1470 - # So we have to run it AFTER the main build, not just after the main
1471 - # configure.
1472 - local myconf_ldapcpp=(
1473 - --with-ldap-includes="${S}"/include
1474 - )
1475 -
1476 - mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die
1477 - pushd "${BUILD_DIR}/contrib/ldapc++" &>/dev/null || die "pushd contrib/ldapc++"
1478 -
1479 - local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS}
1480 - append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
1481 - -L"${BUILD_DIR}"/libraries/libldap/.libs
1482 - append-cppflags -I"${BUILD_DIR}"/include
1483 - ECONF_SOURCE=${S}/contrib/ldapc++ \
1484 - econf "${myconf_ldapcpp[@]}" \
1485 - CC="${CC}" \
1486 - CXX="${CXX}"
1487 - popd &>/dev/null || die
1488 -}
1489 -
1490 -multilib_src_compile() {
1491 - tc-export AR CC CXX
1492 - emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash
1493 - local lt="${BUILD_DIR}/libtool"
1494 - export echo="echo"
1495 -
1496 - if ! use minimal && multilib_is_native_abi ; then
1497 - if use cxx ; then
1498 - einfo "Building contrib library: ldapc++"
1499 - src_configure_cxx
1500 - pushd "${BUILD_DIR}/contrib/ldapc++" &>/dev/null || die "pushd contrib/ldapc++"
1501 - emake CC="${CC}" CXX="${CXX}"
1502 - popd &>/dev/null || die
1503 - fi
1504 -
1505 - if use smbkrb5passwd ; then
1506 - einfo "Building contrib-module: smbk5pwd"
1507 - pushd "${S}/contrib/slapd-modules/smbk5pwd" &>/dev/null || die "pushd contrib/slapd-modules/smbk5pwd"
1508 -
1509 - MY_DEFS="-DDO_SHADOW"
1510 - if use samba ; then
1511 - MY_DEFS="${MY_DEFS} -DDO_SAMBA"
1512 - MY_KRB5_INC=""
1513 - fi
1514 - if use kerberos ; then
1515 - MY_DEFS="${MY_DEFS} -DDO_KRB5"
1516 - MY_KRB5_INC="$(krb5-config --cflags)"
1517 - fi
1518 -
1519 - emake \
1520 - DEFS="${MY_DEFS}" \
1521 - KRB5_INC="${MY_KRB5_INC}" \
1522 - LDAP_BUILD="${BUILD_DIR}" \
1523 - CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
1524 - popd &>/dev/null || die
1525 - fi
1526 -
1527 - if use overlays ; then
1528 - einfo "Building contrib-module: samba4"
1529 - pushd "${S}/contrib/slapd-modules/samba4" &>/dev/null || die "pushd contrib/slapd-modules/samba4"
1530 -
1531 - emake \
1532 - LDAP_BUILD="${BUILD_DIR}" \
1533 - CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap"
1534 - popd &>/dev/null || die
1535 - fi
1536 -
1537 - if use kerberos ; then
1538 - if use kinit ; then
1539 - build_contrib_module "kinit" "kinit.c" "kinit"
1540 - fi
1541 - pushd "${S}/contrib/slapd-modules/passwd" &>/dev/null || die "pushd contrib/slapd-modules/passwd"
1542 - einfo "Compiling contrib-module: pw-kerberos"
1543 - "${lt}" --mode=compile --tag=CC \
1544 - "${CC}" \
1545 - -I"${BUILD_DIR}"/include \
1546 - -I../../../include \
1547 - ${CFLAGS} \
1548 - $(krb5-config --cflags) \
1549 - -DHAVE_KRB5 \
1550 - -o kerberos.lo \
1551 - -c kerberos.c || die "compiling pw-kerberos failed"
1552 - einfo "Linking contrib-module: pw-kerberos"
1553 - "${lt}" --mode=link --tag=CC \
1554 - "${CC}" -module \
1555 - ${CFLAGS} \
1556 - ${LDFLAGS} \
1557 - -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
1558 - -o pw-kerberos.la \
1559 - kerberos.lo || die "linking pw-kerberos failed"
1560 - popd &>/dev/null || die
1561 - fi
1562 -
1563 - if use pbkdf2; then
1564 - pushd "${S}/contrib/slapd-modules/passwd/pbkdf2" &>/dev/null || die "pushd contrib/slapd-modules/passwd/pbkdf2"
1565 - einfo "Compiling contrib-module: pw-pbkdf2"
1566 - "${lt}" --mode=compile --tag=CC \
1567 - "${CC}" \
1568 - -I"${BUILD_DIR}"/include \
1569 - -I../../../../include \
1570 - ${CFLAGS} \
1571 - -o pbkdf2.lo \
1572 - -c pw-pbkdf2.c || die "compiling pw-pbkdf2 failed"
1573 - einfo "Linking contrib-module: pw-pbkdf2"
1574 - "${lt}" --mode=link --tag=CC \
1575 - "${CC}" -module \
1576 - ${CFLAGS} \
1577 - ${LDFLAGS} \
1578 - -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
1579 - -o pw-pbkdf2.la \
1580 - pbkdf2.lo || die "linking pw-pbkdf2 failed"
1581 - popd &>/dev/null || die
1582 - fi
1583 -
1584 - if use sha2 ; then
1585 - pushd "${S}/contrib/slapd-modules/passwd/sha2" &>/dev/null || die "pushd contrib/slapd-modules/passwd/sha2"
1586 - einfo "Compiling contrib-module: pw-sha2"
1587 - "${lt}" --mode=compile --tag=CC \
1588 - "${CC}" \
1589 - -I"${BUILD_DIR}"/include \
1590 - -I../../../../include \
1591 - ${CFLAGS} \
1592 - -o sha2.lo \
1593 - -c sha2.c || die "compiling pw-sha2 failed"
1594 - "${lt}" --mode=compile --tag=CC \
1595 - "${CC}" \
1596 - -I"${BUILD_DIR}"/include \
1597 - -I../../../../include \
1598 - ${CFLAGS} \
1599 - -o slapd-sha2.lo \
1600 - -c slapd-sha2.c || die "compiling pw-sha2 failed"
1601 - einfo "Linking contrib-module: pw-sha2"
1602 - "${lt}" --mode=link --tag=CC \
1603 - "${CC}" -module \
1604 - ${CFLAGS} \
1605 - ${LDFLAGS} \
1606 - -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
1607 - -o pw-sha2.la \
1608 - sha2.lo slapd-sha2.lo || die "linking pw-sha2 failed"
1609 - popd &>/dev/null || die
1610 - fi
1611 -
1612 - # We could build pw-radius if GNURadius would install radlib.h
1613 - pushd "${S}/contrib/slapd-modules/passwd" &>/dev/null || die "pushd contrib/slapd-modules/passwd"
1614 - einfo "Compiling contrib-module: pw-netscape"
1615 - "${lt}" --mode=compile --tag=CC \
1616 - "${CC}" \
1617 - -I"${BUILD_DIR}"/include \
1618 - -I../../../include \
1619 - ${CFLAGS} \
1620 - -o netscape.lo \
1621 - -c netscape.c || die "compiling pw-netscape failed"
1622 - einfo "Linking contrib-module: pw-netscape"
1623 - "${lt}" --mode=link --tag=CC \
1624 - "${CC}" -module \
1625 - ${CFLAGS} \
1626 - ${LDFLAGS} \
1627 - -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
1628 - -o pw-netscape.la \
1629 - netscape.lo || die "linking pw-netscape failed"
1630 -
1631 - #build_contrib_module "acl" "posixgroup.c" "posixGroup" # example code only
1632 - #build_contrib_module "acl" "gssacl.c" "gss" # example code only, also needs kerberos
1633 - build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
1634 - build_contrib_module "allop" "allop.c" "overlay-allop"
1635 - build_contrib_module "allowed" "allowed.c" "allowed"
1636 - build_contrib_module "autogroup" "autogroup.c" "autogroup"
1637 - build_contrib_module "cloak" "cloak.c" "cloak"
1638 - # build_contrib_module "comp_match" "comp_match.c" "comp_match" # really complex, adds new external deps, questionable demand
1639 - build_contrib_module "denyop" "denyop.c" "denyop-overlay"
1640 - build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
1641 - build_contrib_module "dupent" "dupent.c" "dupent"
1642 - build_contrib_module "lastbind" "lastbind.c" "lastbind"
1643 - # lastmod may not play well with other overlays
1644 - build_contrib_module "lastmod" "lastmod.c" "lastmod"
1645 - build_contrib_module "noopsrch" "noopsrch.c" "noopsrch"
1646 - build_contrib_module "nops" "nops.c" "nops-overlay"
1647 - #build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER
1648 - build_contrib_module "trace" "trace.c" "trace"
1649 - popd &>/dev/null || die
1650 - # build slapi-plugins
1651 - pushd "${S}/contrib/slapi-plugins/addrdnvalues" &>/dev/null || die "pushd contrib/slapi-plugins/addrdnvalues"
1652 - einfo "Building contrib-module: addrdnvalues plugin"
1653 - "${CC}" -shared \
1654 - -I"${BUILD_DIR}"/include \
1655 - -I../../../include \
1656 - ${CFLAGS} \
1657 - -fPIC \
1658 - ${LDFLAGS} \
1659 - -o libaddrdnvalues-plugin.so \
1660 - addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
1661 - popd &>/dev/null || die
1662 - fi
1663 -}
1664 -
1665 -multilib_src_test() {
1666 - if multilib_is_native_abi; then
1667 - cd tests || die
1668 - emake tests
1669 - fi
1670 -}
1671 -
1672 -multilib_src_install() {
1673 - local lt="${BUILD_DIR}/libtool"
1674 - emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install
1675 -
1676 - if ! use minimal && multilib_is_native_abi; then
1677 - # openldap modules go here
1678 - # TODO: write some code to populate slapd.conf with moduleload statements
1679 - keepdir /usr/$(get_libdir)/openldap/openldap/
1680 -
1681 - # initial data storage dir
1682 - keepdir /var/lib/openldap-data
1683 - use prefix || fowners ldap:ldap /var/lib/openldap-data
1684 - fperms 0700 /var/lib/openldap-data
1685 -
1686 - echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
1687 - echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
1688 - echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
1689 -
1690 - # use our config
1691 - rm "${ED}"/etc/openldap/slapd.conf
1692 - insinto /etc/openldap
1693 - newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf
1694 - configfile="${ED}"/etc/openldap/slapd.conf
1695 -
1696 - # populate with built backends
1697 - ebegin "populate config with built backends"
1698 - for x in "${ED}"/usr/$(get_libdir)/openldap/openldap/back_*.so; do
1699 - einfo "Adding $(basename ${x})"
1700 - sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}" || die
1701 - done
1702 - sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
1703 - use prefix || fowners root:ldap /etc/openldap/slapd.conf
1704 - fperms 0640 /etc/openldap/slapd.conf
1705 - cp "${configfile}" "${configfile}".default || die
1706 - eend
1707 -
1708 - # install our own init scripts and systemd unit files
1709 - einfo "Install init scripts"
1710 - sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd-initd-2.4.40-r2 > "${T}"/slapd || die
1711 - doinitd "${T}"/slapd
1712 - newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd
1713 -
1714 - einfo "Install systemd service"
1715 - sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd.service > "${T}"/slapd.service || die
1716 - systemd_dounit "${T}"/slapd.service
1717 - systemd_install_serviced "${FILESDIR}"/slapd.service.conf
1718 - systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf
1719 -
1720 - # If built without SLP, we don't need to be before avahi
1721 - sed -i \
1722 - -e '/before/{s/avahi-daemon//g}' \
1723 - "${ED}"/etc/init.d/slapd \
1724 - || die
1725 -
1726 - if use cxx ; then
1727 - einfo "Install the ldapc++ library"
1728 - cd "${BUILD_DIR}/contrib/ldapc++" || die
1729 - emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
1730 - cd "${S}"/contrib/ldapc++ || die
1731 - newdoc README ldapc++-README
1732 - fi
1733 -
1734 - if use smbkrb5passwd ; then
1735 - einfo "Install the smbk5pwd module"
1736 - cd "${S}/contrib/slapd-modules/smbk5pwd" || die
1737 - emake DESTDIR="${D}" \
1738 - LDAP_BUILD="${BUILD_DIR}" \
1739 - libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
1740 - newdoc README smbk5pwd-README
1741 - fi
1742 -
1743 - if use overlays ; then
1744 - einfo "Install the samba4 module"
1745 - cd "${S}/contrib/slapd-modules/samba4" || die
1746 - emake DESTDIR="${D}" \
1747 - LDAP_BUILD="${BUILD_DIR}" \
1748 - libexecdir="/usr/$(get_libdir)/openldap" install
1749 - newdoc README samba4-README
1750 - fi
1751 -
1752 - einfo "Installing contrib modules"
1753 - cd "${S}/contrib/slapd-modules" || die
1754 - for l in */*.la */*/*.la; do
1755 - [[ -e ${l} ]] || continue
1756 - "${lt}" --mode=install cp ${l} \
1757 - "${ED}"/usr/$(get_libdir)/openldap/openldap || \
1758 - die "installing ${l} failed"
1759 - done
1760 -
1761 - dodoc "${FILESDIR}"/DB_CONFIG.fast.example
1762 - docinto contrib
1763 - doman */*.5
1764 - #newdoc acl/README*
1765 - newdoc addpartial/README addpartial-README
1766 - newdoc allop/README allop-README
1767 - newdoc allowed/README allowed-README
1768 - newdoc autogroup/README autogroup-README
1769 - newdoc dsaschema/README dsaschema-README
1770 - newdoc passwd/README passwd-README
1771 - cd "${S}/contrib/slapi-plugins" || die
1772 - insinto /usr/$(get_libdir)/openldap/openldap
1773 - doins */*.so
1774 - docinto contrib
1775 - newdoc addrdnvalues/README addrdnvalues-README
1776 -
1777 - insinto /etc/openldap/schema
1778 - newins "${DISTDIR}"/${BIS_P} ${BIS_PN}
1779 -
1780 - docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample*
1781 - docinto back-shell ; dodoc "${S}"/servers/slapd/back-shell/searchexample*
1782 - docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm
1783 -
1784 - dosbin "${S}"/contrib/slapd-tools/statslog
1785 - newdoc "${S}"/contrib/slapd-tools/README README.statslog
1786 - fi
1787 -
1788 - if ! use static-libs ; then
1789 - find "${ED}" \( -name '*.a' -o -name '*.la' \) -delete || die
1790 - fi
1791 -}
1792 -
1793 -multilib_src_install_all() {
1794 - dodoc ANNOUNCEMENT CHANGES COPYRIGHT README
1795 - docinto rfc ; dodoc doc/rfc/*.txt
1796 -}
1797 -
1798 -pkg_preinst() {
1799 - # keep old libs if any
1800 - preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0)
1801 - # bug 440470, only display the getting started help there was no openldap before,
1802 - # or we are going to a non-minimal build
1803 - ! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]'
1804 - OPENLDAP_PRINT_MESSAGES=$((! $?))
1805 -}
1806 -
1807 -pkg_postinst() {
1808 - if ! use minimal ; then
1809 - # You cannot build SSL certificates during src_install that will make
1810 - # binary packages containing your SSL key, which is both a security risk
1811 - # and a misconfiguration if multiple machines use the same key and cert.
1812 - if use ssl; then
1813 - install_cert /etc/openldap/ssl/ldap
1814 - use prefix || chown ldap:ldap "${EROOT}"/etc/openldap/ssl/ldap.*
1815 - ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
1816 - ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
1817 - ewarn "add 'TLS_REQCERT allow' if you want to use them."
1818 - fi
1819 -
1820 - if use prefix; then
1821 - # Warn about prefix issues with slapd
1822 - eerror "slapd might NOT be usable on Prefix systems as it requires root privileges"
1823 - eerror "to start up, and requires that certain files directories be owned by"
1824 - eerror "ldap:ldap. As Prefix does not support changing ownership of files and"
1825 - eerror "directories, you will have to manually fix this yourself."
1826 - fi
1827 -
1828 - # These lines force the permissions of various content to be correct
1829 - use prefix || chown ldap:ldap "${EROOT}"/var/run/openldap
1830 - chmod 0755 "${EROOT}"/var/run/openldap || die
1831 - use prefix || chown root:ldap "${EROOT}"/etc/openldap/slapd.conf{,.default}
1832 - chmod 0640 "${EROOT}"/etc/openldap/slapd.conf{,.default} || die
1833 - use prefix || chown ldap:ldap "${EROOT}"/var/lib/openldap-data
1834 - fi
1835 -
1836 - if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then
1837 - elog "Getting started using OpenLDAP? There is some documentation available:"
1838 - elog "Gentoo Guide to OpenLDAP Authentication"
1839 - elog "(https://wiki.gentoo.org/wiki/Centralized_authentication_using_OpenLDAP)"
1840 - elog "---"
1841 - elog "An example file for tuning BDB backends with openldap is"
1842 - elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
1843 - fi
1844 -
1845 - preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0)
1846 -}
1847
1848 diff --git a/net-nds/openldap/openldap-2.4.49-r2.ebuild b/net-nds/openldap/openldap-2.4.49-r2.ebuild
1849 deleted file mode 100644
1850 index 21df99a4271..00000000000
1851 --- a/net-nds/openldap/openldap-2.4.49-r2.ebuild
1852 +++ /dev/null
1853 @@ -1,903 +0,0 @@
1854 -# Copyright 1999-2020 Gentoo Authors
1855 -# Distributed under the terms of the GNU General Public License v2
1856 -
1857 -EAPI=7
1858 -
1859 -inherit autotools db-use flag-o-matic multilib-minimal ssl-cert toolchain-funcs user systemd
1860 -
1861 -BIS_PN=rfc2307bis.schema
1862 -BIS_PV=20140524
1863 -BIS_P="${BIS_PN}-${BIS_PV}"
1864 -
1865 -DESCRIPTION="LDAP suite of application and development tools"
1866 -HOMEPAGE="http://www.OpenLDAP.org/"
1867 -
1868 -# mirrors are mostly not working, using canonical URI
1869 -SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz
1870 - mirror://gentoo/${BIS_P}"
1871 -
1872 -LICENSE="OPENLDAP GPL-2"
1873 -SLOT="0"
1874 -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~ppc-aix ~amd64-linux ~x86-linux ~x86-solaris"
1875 -
1876 -IUSE_DAEMON="crypt samba tcpd experimental minimal"
1877 -IUSE_BACKEND="+berkdb"
1878 -IUSE_OVERLAY="overlays perl"
1879 -IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 libressl +syslog selinux static-libs test"
1880 -IUSE_CONTRIB="smbkrb5passwd kerberos kinit pbkdf2 sha2"
1881 -IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
1882 -IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
1883 -
1884 -RESTRICT="!test? ( test )"
1885 -REQUIRED_USE="cxx? ( sasl )
1886 - pbkdf2? ( ssl )
1887 - test? ( berkdb )
1888 - ?? ( test minimal )"
1889 -
1890 -# always list newer first
1891 -# Do not add any AGPL-3 BDB here!
1892 -# See bug 525110, comment 15.
1893 -# Advanced usage: OPENLDAP_BDB_SLOTS in the environment can be used to force a slot during build.
1894 -BDB_SLOTS="${OPENLDAP_BDB_SLOTS:=5.3 5.1 4.8 4.7 4.6 4.5 4.4}"
1895 -BDB_PKGS=''
1896 -for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done
1897 -
1898 -# openssl is needed to generate lanman-passwords required by samba
1899 -COMMON_DEPEND="
1900 - ssl? (
1901 - !gnutls? (
1902 - !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] )
1903 - libressl? ( dev-libs/libressl:0=[${MULTILIB_USEDEP}] )
1904 - )
1905 - gnutls? (
1906 - >=net-libs/gnutls-2.12.23-r6:=[${MULTILIB_USEDEP}]
1907 - >=dev-libs/libgcrypt-1.5.3:0=[${MULTILIB_USEDEP}]
1908 - )
1909 - )
1910 - sasl? ( dev-libs/cyrus-sasl:= )
1911 - !minimal? (
1912 - sys-devel/libtool
1913 - sys-libs/e2fsprogs-libs
1914 - >=dev-db/lmdb-0.9.18:=
1915 - tcpd? ( sys-apps/tcp-wrappers )
1916 - odbc? ( !iodbc? ( dev-db/unixODBC )
1917 - iodbc? ( dev-db/libiodbc ) )
1918 - perl? ( dev-lang/perl:=[-build(-)] )
1919 - samba? (
1920 - !libressl? ( dev-libs/openssl:0= )
1921 - libressl? ( dev-libs/libressl:0= )
1922 - )
1923 - berkdb? (
1924 - <sys-libs/db-6.0:=
1925 - || ( ${BDB_PKGS} )
1926 - )
1927 - smbkrb5passwd? (
1928 - !libressl? ( dev-libs/openssl:0= )
1929 - libressl? ( dev-libs/libressl:0= )
1930 - kerberos? ( app-crypt/heimdal )
1931 - )
1932 - kerberos? (
1933 - virtual/krb5
1934 - kinit? ( !app-crypt/heimdal )
1935 - )
1936 - cxx? ( dev-libs/cyrus-sasl:= )
1937 - )
1938 -"
1939 -DEPEND="${COMMON_DEPEND}
1940 - sys-apps/groff
1941 -"
1942 -RDEPEND="${COMMON_DEPEND}
1943 - selinux? ( sec-policy/selinux-ldap )
1944 -"
1945 -# for tracking versions
1946 -OPENLDAP_VERSIONTAG=".version-tag"
1947 -OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
1948 -
1949 -MULTILIB_WRAPPED_HEADERS=(
1950 - # USE=cxx
1951 - /usr/include/LDAPAsynConnection.h
1952 - /usr/include/LDAPAttrType.h
1953 - /usr/include/LDAPAttribute.h
1954 - /usr/include/LDAPAttributeList.h
1955 - /usr/include/LDAPConnection.h
1956 - /usr/include/LDAPConstraints.h
1957 - /usr/include/LDAPControl.h
1958 - /usr/include/LDAPControlSet.h
1959 - /usr/include/LDAPEntry.h
1960 - /usr/include/LDAPEntryList.h
1961 - /usr/include/LDAPException.h
1962 - /usr/include/LDAPExtResult.h
1963 - /usr/include/LDAPMessage.h
1964 - /usr/include/LDAPMessageQueue.h
1965 - /usr/include/LDAPModList.h
1966 - /usr/include/LDAPModification.h
1967 - /usr/include/LDAPObjClass.h
1968 - /usr/include/LDAPRebind.h
1969 - /usr/include/LDAPRebindAuth.h
1970 - /usr/include/LDAPReferenceList.h
1971 - /usr/include/LDAPResult.h
1972 - /usr/include/LDAPSaslBindResult.h
1973 - /usr/include/LDAPSchema.h
1974 - /usr/include/LDAPSearchReference.h
1975 - /usr/include/LDAPSearchResult.h
1976 - /usr/include/LDAPSearchResults.h
1977 - /usr/include/LDAPUrl.h
1978 - /usr/include/LDAPUrlList.h
1979 - /usr/include/LdifReader.h
1980 - /usr/include/LdifWriter.h
1981 - /usr/include/SaslInteraction.h
1982 - /usr/include/SaslInteractionHandler.h
1983 - /usr/include/StringList.h
1984 - /usr/include/TlsOptions.h
1985 -)
1986 -
1987 -PATCHES=(
1988 - "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
1989 -
1990 - "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch
1991 - "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
1992 -
1993 - # bug #116045 - still present in 2.4.28
1994 - "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
1995 - # bug #408077 - samba4
1996 - "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
1997 -
1998 - # bug #189817
1999 - "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
2000 -
2001 - # bug #233633
2002 - "${FILESDIR}"/${PN}-2.4.45-fix-lmpasswd-gnutls-symbols.patch
2003 -
2004 - # bug #281495
2005 - "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
2006 -
2007 - # bug #294350
2008 - "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
2009 -
2010 - # unbreak /bin/sh -> dash
2011 - "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
2012 -
2013 - # bug #420959
2014 - "${FILESDIR}"/${PN}-2.4.31-gcc47.patch
2015 -
2016 - # unbundle lmdb
2017 - "${FILESDIR}"/${PN}-2.4.42-mdb-unbundle.patch
2018 -
2019 - # bug #622464
2020 - "${FILESDIR}"/${PN}-2.4.47-libressl.patch
2021 -
2022 - # fix some compiler warnings
2023 - "${FILESDIR}"/${PN}-2.4.47-warnings.patch
2024 -)
2025 -
2026 -openldap_filecount() {
2027 - local dir="$1"
2028 - find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
2029 -}
2030 -
2031 -openldap_find_versiontags() {
2032 - # scan for all datadirs
2033 - local openldap_datadirs=()
2034 - if [[ -f "${EROOT}"/etc/openldap/slapd.conf ]]; then
2035 - openldap_datadirs=( $(awk '{if($1 == "directory") print $2 }' "${EROOT}"/etc/openldap/slapd.conf) )
2036 - fi
2037 - openldap_datadirs+=( ${OPENLDAP_DEFAULTDIR_VERSIONTAG} )
2038 -
2039 - einfo
2040 - einfo "Scanning datadir(s) from slapd.conf and"
2041 - einfo "the default installdir for Versiontags"
2042 - einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
2043 - einfo
2044 -
2045 - # scan datadirs if we have a version tag
2046 - openldap_found_tag=0
2047 - have_files=0
2048 - for each in ${openldap_datadirs[@]} ; do
2049 - CURRENT_TAGDIR="${ROOT}$(sed "s:\/::" <<< ${each})"
2050 - CURRENT_TAG="${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}"
2051 - if [[ -d "${CURRENT_TAGDIR}" ]] && [[ "${openldap_found_tag}" == 0 ]] ; then
2052 - einfo "- Checking ${each}..."
2053 - if [[ -r "${CURRENT_TAG}" ]] ; then
2054 - # yey, we have one :)
2055 - einfo " Found Versiontag in ${each}"
2056 - source "${CURRENT_TAG}"
2057 - if [[ "${OLDPF}" == "" ]] ; then
2058 - eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
2059 - eerror "Please delete it"
2060 - eerror
2061 - die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
2062 - fi
2063 -
2064 - OLD_MAJOR=$(ver_cut 2-3 ${OLDPF})
2065 -
2066 - [[ "$(openldap_filecount ${CURRENT_TAGDIR})" -gt 0 ]] && have_files=1
2067 -
2068 - # are we on the same branch?
2069 - if [[ "${OLD_MAJOR}" != "${PV:0:3}" ]] ; then
2070 - ewarn " Versiontag doesn't match current major release!"
2071 - if [[ "${have_files}" == "1" ]] ; then
2072 - eerror " Versiontag says other major and you (probably) have datafiles!"
2073 - echo
2074 - openldap_upgrade_howto
2075 - else
2076 - einfo " No real problem, seems there's no database."
2077 - fi
2078 - else
2079 - einfo " Versiontag is fine here :)"
2080 - fi
2081 - else
2082 - einfo " Non-tagged dir ${each}"
2083 - [[ "$(openldap_filecount ${each})" -gt 0 ]] && have_files=1
2084 - if [[ "${have_files}" == "1" ]] ; then
2085 - einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
2086 - echo
2087 -
2088 - eerror
2089 - eerror "Your OpenLDAP Installation has a non tagged datadir that"
2090 - eerror "possibly contains a database at ${CURRENT_TAGDIR}"
2091 - eerror
2092 - eerror "Please export data if any entered and empty or remove"
2093 - eerror "the directory, installation has been stopped so you"
2094 - eerror "can take required action"
2095 - eerror
2096 - eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
2097 - eerror
2098 - openldap_upgrade_howto
2099 - die "Please move the datadir ${CURRENT_TAGDIR} away"
2100 - fi
2101 - fi
2102 - einfo
2103 - fi
2104 - done
2105 - [[ "${have_files}" == "1" ]] && einfo "DB files present" || einfo "No DB files present"
2106 -
2107 - # Now we must check for the major version of sys-libs/db linked against.
2108 - SLAPD_PATH="${EROOT}/usr/$(get_libdir)/openldap/slapd"
2109 - if [[ "${have_files}" == "1" ]] && [[ -f "${SLAPD_PATH}" ]]; then
2110 - OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
2111 - | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
2112 - if use berkdb; then
2113 - # find which one would be used
2114 - for bdb_slot in ${BDB_SLOTS} ; do
2115 - NEWVER="$(db_findver "=sys-libs/db-${bdb_slot}*")"
2116 - [[ -n "${NEWVER}" ]] && break
2117 - done
2118 - fi
2119 - local fail=0
2120 - if [[ -z "${OLDVER}" ]] && [[ -z "${NEWVER}" ]]; then
2121 - :
2122 - # Nothing wrong here.
2123 - elif [[ -z "${OLDVER}" ]] && [[ -n "${NEWVER}" ]]; then
2124 - eerror " Your existing version of OpenLDAP was not built against"
2125 - eerror " any version of sys-libs/db, but the new one will build"
2126 - eerror " against ${NEWVER} and your database may be inaccessible."
2127 - echo
2128 - fail=1
2129 - elif [[ -n "${OLDVER}" ]] && [[ -z "${NEWVER}" ]]; then
2130 - eerror " Your existing version of OpenLDAP was built against"
2131 - eerror " sys-libs/db:${OLDVER}, but the new one will not be"
2132 - eerror " built against any version and your database may be"
2133 - eerror " inaccessible."
2134 - echo
2135 - fail=1
2136 - elif [[ "${OLDVER}" != "${NEWVER}" ]]; then
2137 - eerror " Your existing version of OpenLDAP was built against"
2138 - eerror " sys-libs/db:${OLDVER}, but the new one will build against"
2139 - eerror " ${NEWVER} and your database would be inaccessible."
2140 - echo
2141 - fail=1
2142 - fi
2143 - [[ "${fail}" == "1" ]] && openldap_upgrade_howto
2144 - fi
2145 -
2146 - echo
2147 - einfo
2148 - einfo "All datadirs are fine, proceeding with merge now..."
2149 - einfo
2150 -}
2151 -
2152 -openldap_upgrade_howto() {
2153 - local d l i
2154 - eerror
2155 - eerror "A (possible old) installation of OpenLDAP was detected,"
2156 - eerror "installation will not proceed for now."
2157 - eerror
2158 - eerror "As major version upgrades can corrupt your database,"
2159 - eerror "you need to dump your database and re-create it afterwards."
2160 - eerror
2161 - eerror "Additionally, rebuilding against different major versions of the"
2162 - eerror "sys-libs/db libraries will cause your database to be inaccessible."
2163 - eerror ""
2164 - d="$(date -u +%s)"
2165 - l="/root/ldapdump.${d}"
2166 - i="${l}.raw"
2167 - eerror " 1. /etc/init.d/slapd stop"
2168 - eerror " 2. slapcat -l ${i}"
2169 - eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
2170 - eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
2171 - eerror " 5. emerge --update \=net-nds/${PF}"
2172 - eerror " 6. etc-update, and ensure that you apply the changes"
2173 - eerror " 7. slapadd -l ${l}"
2174 - eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
2175 - eerror " 9. /etc/init.d/slapd start"
2176 - eerror "10. check that your data is intact."
2177 - eerror "11. set up the new replication system."
2178 - eerror
2179 - if [[ "${FORCE_UPGRADE}" != "1" ]]; then
2180 - die "You need to upgrade your database first"
2181 - else
2182 - eerror "You have the magical FORCE_UPGRADE=1 in place."
2183 - eerror "Don't say you weren't warned about data loss."
2184 - fi
2185 -}
2186 -
2187 -pkg_setup() {
2188 - if ! use sasl && use cxx ; then
2189 - die "To build the ldapc++ library you must emerge openldap with sasl support"
2190 - fi
2191 - # Bug #322787
2192 - if use minimal && ! has_version "net-nds/openldap" ; then
2193 - einfo "No datadir scan needed, openldap not installed"
2194 - elif use minimal && has_version 'net-nds/openldap[minimal]' ; then
2195 - einfo "Skipping scan for previous datadirs as requested by minimal useflag"
2196 - else
2197 - openldap_find_versiontags
2198 - fi
2199 -
2200 - # The user/group are only used for running daemons which are
2201 - # disabled in minimal builds, so elide the accounts too.
2202 - if ! use minimal ; then
2203 - enewgroup ldap 439
2204 - enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
2205 - fi
2206 -}
2207 -
2208 -src_prepare() {
2209 - # ensure correct SLAPI path by default
2210 - sed -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \
2211 - -i include/ldap_defaults.h || die
2212 -
2213 - default
2214 - rm -r libraries/liblmdb || die
2215 -
2216 - pushd build &>/dev/null || die "pushd build"
2217 - einfo "Making sure upstream build strip does not do stripping too early"
2218 - sed -i.orig \
2219 - -e '/^STRIP/s,-s,,g' \
2220 - top.mk || die "Failed to block stripping"
2221 - popd &>/dev/null || die
2222 -
2223 - # wrong assumption that /bin/sh is /bin/bash
2224 - sed \
2225 - -e 's|/bin/sh|/bin/bash|g' \
2226 - -i tests/scripts/* || die "sed failed"
2227 -
2228 - AT_NOEAUTOMAKE=yes eautoreconf
2229 -}
2230 -
2231 -build_contrib_module() {
2232 - # <dir> <sources> <outputname>
2233 - pushd "${S}/contrib/slapd-modules/$1" &>/dev/null || die "pushd contrib/slapd-modules/$1"
2234 - einfo "Compiling contrib-module: $3"
2235 - # Make sure it's uppercase
2236 - local define_name="$(LC_ALL=C tr '[:lower:]' '[:upper:]' <<< "SLAPD_OVER_${1}")"
2237 - "${lt}" --mode=compile --tag=CC \
2238 - "${CC}" \
2239 - -D${define_name}=SLAPD_MOD_DYNAMIC \
2240 - -I"${BUILD_DIR}"/include \
2241 - -I../../../include -I../../../servers/slapd ${CFLAGS} \
2242 - -o ${2%.c}.lo -c $2 || die "compiling $3 failed"
2243 - einfo "Linking contrib-module: $3"
2244 - "${lt}" --mode=link --tag=CC \
2245 - "${CC}" -module \
2246 - ${CFLAGS} \
2247 - ${LDFLAGS} \
2248 - -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
2249 - -o $3.la ${2%.c}.lo || die "linking $3 failed"
2250 - popd &>/dev/null || die
2251 -}
2252 -
2253 -src_configure() {
2254 - # Bug 408001
2255 - use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync
2256 -
2257 - # connectionless ldap per bug #342439
2258 - append-cppflags -DLDAP_CONNECTIONLESS
2259 -
2260 - multilib-minimal_src_configure
2261 -}
2262 -
2263 -multilib_src_configure() {
2264 - local myconf=()
2265 -
2266 - use debug && myconf+=( $(use_enable debug) )
2267 -
2268 - # ICU exists only in the configure, nowhere in the codebase, bug #510858
2269 - export ac_cv_header_unicode_utypes_h=no ol_cv_lib_icu=no
2270 -
2271 - if ! use minimal && multilib_is_native_abi; then
2272 - local CPPFLAGS=${CPPFLAGS}
2273 -
2274 - # re-enable serverside overlay chains per bug #296567
2275 - # see ldap docs chaper 12.3.1 for details
2276 - myconf+=( --enable-ldap )
2277 -
2278 - # backends
2279 - myconf+=( --enable-slapd )
2280 - if use berkdb ; then
2281 - einfo "Using Berkeley DB for local backend"
2282 - myconf+=( --enable-bdb --enable-hdb )
2283 - DBINCLUDE=$(db_includedir ${BDB_SLOTS})
2284 - einfo "Using ${DBINCLUDE} for sys-libs/db version"
2285 - # We need to include the slotted db.h dir for FreeBSD
2286 - append-cppflags -I${DBINCLUDE}
2287 - else
2288 - myconf+=( --disable-bdb --disable-hdb )
2289 - fi
2290 - for backend in dnssrv ldap mdb meta monitor null passwd relay shell sock; do
2291 - myconf+=( --enable-${backend}=mod )
2292 - done
2293 -
2294 - myconf+=( $(use_enable perl perl mod) )
2295 -
2296 - myconf+=( $(use_enable odbc sql mod) )
2297 - if use odbc ; then
2298 - local odbc_lib="unixodbc"
2299 - if use iodbc ; then
2300 - odbc_lib="iodbc"
2301 - append-cppflags -I"${EPREFIX}"/usr/include/iodbc
2302 - fi
2303 - myconf+=( --with-odbc=${odbc_lib} )
2304 - fi
2305 -
2306 - # slapd options
2307 - myconf+=(
2308 - $(use_enable crypt)
2309 - --disable-slp
2310 - $(use_enable samba lmpasswd)
2311 - $(use_enable syslog)
2312 - )
2313 - if use experimental ; then
2314 - myconf+=(
2315 - --enable-dynacl
2316 - --enable-aci=mod
2317 - )
2318 - fi
2319 - for option in aci cleartext modules rewrite rlookups slapi; do
2320 - myconf+=( --enable-${option} )
2321 - done
2322 -
2323 - # slapd overlay options
2324 - # Compile-in the syncprov, the others as module
2325 - myconf+=( --enable-syncprov=yes )
2326 - use overlays && myconf+=( --enable-overlays=mod )
2327 -
2328 - else
2329 - myconf+=(
2330 - --disable-backends
2331 - --disable-slapd
2332 - --disable-bdb
2333 - --disable-hdb
2334 - --disable-mdb
2335 - --disable-overlays
2336 - --disable-syslog
2337 - )
2338 - fi
2339 -
2340 - # basic functionality stuff
2341 - myconf+=(
2342 - $(use_enable ipv6)
2343 - $(multilib_native_use_with sasl cyrus-sasl)
2344 - $(multilib_native_use_enable sasl spasswd)
2345 - $(use_enable tcpd wrappers)
2346 - )
2347 -
2348 - # Some cross-compiling tests don't pan out well.
2349 - tc-is-cross-compiler && myconf+=(
2350 - --with-yielding-select=yes
2351 - )
2352 -
2353 - local ssl_lib="no"
2354 - if use ssl || ( ! use minimal && use samba ) ; then
2355 - ssl_lib="openssl"
2356 - use gnutls && ssl_lib="gnutls"
2357 - fi
2358 -
2359 - myconf+=( --with-tls=${ssl_lib} )
2360 -
2361 - for basicflag in dynamic local proctitle shared; do
2362 - myconf+=( --enable-${basicflag} )
2363 - done
2364 -
2365 - tc-export AR CC CXX
2366 - CONFIG_SHELL="/bin/bash" \
2367 - ECONF_SOURCE="${S}" \
2368 - STRIP=/bin/true \
2369 - econf \
2370 - --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
2371 - $(use_enable static-libs static) \
2372 - "${myconf[@]}"
2373 - emake depend
2374 -}
2375 -
2376 -src_configure_cxx() {
2377 - # This needs the libraries built by the first build run.
2378 - # So we have to run it AFTER the main build, not just after the main
2379 - # configure.
2380 - local myconf_ldapcpp=(
2381 - --with-ldap-includes="${S}"/include
2382 - )
2383 -
2384 - mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die
2385 - pushd "${BUILD_DIR}/contrib/ldapc++" &>/dev/null || die "pushd contrib/ldapc++"
2386 -
2387 - local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS}
2388 - append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
2389 - -L"${BUILD_DIR}"/libraries/libldap/.libs
2390 - append-cppflags -I"${BUILD_DIR}"/include
2391 - ECONF_SOURCE=${S}/contrib/ldapc++ \
2392 - econf "${myconf_ldapcpp[@]}" \
2393 - CC="${CC}" \
2394 - CXX="${CXX}"
2395 - popd &>/dev/null || die
2396 -}
2397 -
2398 -multilib_src_compile() {
2399 - tc-export AR CC CXX
2400 - emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash
2401 - local lt="${BUILD_DIR}/libtool"
2402 - export echo="echo"
2403 -
2404 - if ! use minimal && multilib_is_native_abi ; then
2405 - if use cxx ; then
2406 - einfo "Building contrib library: ldapc++"
2407 - src_configure_cxx
2408 - pushd "${BUILD_DIR}/contrib/ldapc++" &>/dev/null || die "pushd contrib/ldapc++"
2409 - emake CC="${CC}" CXX="${CXX}"
2410 - popd &>/dev/null || die
2411 - fi
2412 -
2413 - if use smbkrb5passwd ; then
2414 - einfo "Building contrib-module: smbk5pwd"
2415 - pushd "${S}/contrib/slapd-modules/smbk5pwd" &>/dev/null || die "pushd contrib/slapd-modules/smbk5pwd"
2416 -
2417 - MY_DEFS="-DDO_SHADOW"
2418 - if use samba ; then
2419 - MY_DEFS="${MY_DEFS} -DDO_SAMBA"
2420 - MY_KRB5_INC=""
2421 - fi
2422 - if use kerberos ; then
2423 - MY_DEFS="${MY_DEFS} -DDO_KRB5"
2424 - MY_KRB5_INC="$(krb5-config --cflags)"
2425 - fi
2426 -
2427 - emake \
2428 - DEFS="${MY_DEFS}" \
2429 - KRB5_INC="${MY_KRB5_INC}" \
2430 - LDAP_BUILD="${BUILD_DIR}" \
2431 - CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
2432 - popd &>/dev/null || die
2433 - fi
2434 -
2435 - if use overlays ; then
2436 - einfo "Building contrib-module: samba4"
2437 - pushd "${S}/contrib/slapd-modules/samba4" &>/dev/null || die "pushd contrib/slapd-modules/samba4"
2438 -
2439 - emake \
2440 - LDAP_BUILD="${BUILD_DIR}" \
2441 - CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap"
2442 - popd &>/dev/null || die
2443 - fi
2444 -
2445 - if use kerberos ; then
2446 - if use kinit ; then
2447 - build_contrib_module "kinit" "kinit.c" "kinit"
2448 - fi
2449 - pushd "${S}/contrib/slapd-modules/passwd" &>/dev/null || die "pushd contrib/slapd-modules/passwd"
2450 - einfo "Compiling contrib-module: pw-kerberos"
2451 - "${lt}" --mode=compile --tag=CC \
2452 - "${CC}" \
2453 - -I"${BUILD_DIR}"/include \
2454 - -I../../../include \
2455 - ${CFLAGS} \
2456 - $(krb5-config --cflags) \
2457 - -DHAVE_KRB5 \
2458 - -o kerberos.lo \
2459 - -c kerberos.c || die "compiling pw-kerberos failed"
2460 - einfo "Linking contrib-module: pw-kerberos"
2461 - "${lt}" --mode=link --tag=CC \
2462 - "${CC}" -module \
2463 - ${CFLAGS} \
2464 - ${LDFLAGS} \
2465 - -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
2466 - -o pw-kerberos.la \
2467 - kerberos.lo || die "linking pw-kerberos failed"
2468 - popd &>/dev/null || die
2469 - fi
2470 -
2471 - if use pbkdf2; then
2472 - pushd "${S}/contrib/slapd-modules/passwd/pbkdf2" &>/dev/null || die "pushd contrib/slapd-modules/passwd/pbkdf2"
2473 - einfo "Compiling contrib-module: pw-pbkdf2"
2474 - "${lt}" --mode=compile --tag=CC \
2475 - "${CC}" \
2476 - -I"${BUILD_DIR}"/include \
2477 - -I../../../../include \
2478 - ${CFLAGS} \
2479 - -o pbkdf2.lo \
2480 - -c pw-pbkdf2.c || die "compiling pw-pbkdf2 failed"
2481 - einfo "Linking contrib-module: pw-pbkdf2"
2482 - "${lt}" --mode=link --tag=CC \
2483 - "${CC}" -module \
2484 - ${CFLAGS} \
2485 - ${LDFLAGS} \
2486 - -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
2487 - -o pw-pbkdf2.la \
2488 - pbkdf2.lo || die "linking pw-pbkdf2 failed"
2489 - popd &>/dev/null || die
2490 - fi
2491 -
2492 - if use sha2 ; then
2493 - pushd "${S}/contrib/slapd-modules/passwd/sha2" &>/dev/null || die "pushd contrib/slapd-modules/passwd/sha2"
2494 - einfo "Compiling contrib-module: pw-sha2"
2495 - "${lt}" --mode=compile --tag=CC \
2496 - "${CC}" \
2497 - -I"${BUILD_DIR}"/include \
2498 - -I../../../../include \
2499 - ${CFLAGS} \
2500 - -o sha2.lo \
2501 - -c sha2.c || die "compiling pw-sha2 failed"
2502 - "${lt}" --mode=compile --tag=CC \
2503 - "${CC}" \
2504 - -I"${BUILD_DIR}"/include \
2505 - -I../../../../include \
2506 - ${CFLAGS} \
2507 - -o slapd-sha2.lo \
2508 - -c slapd-sha2.c || die "compiling pw-sha2 failed"
2509 - einfo "Linking contrib-module: pw-sha2"
2510 - "${lt}" --mode=link --tag=CC \
2511 - "${CC}" -module \
2512 - ${CFLAGS} \
2513 - ${LDFLAGS} \
2514 - -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
2515 - -o pw-sha2.la \
2516 - sha2.lo slapd-sha2.lo || die "linking pw-sha2 failed"
2517 - popd &>/dev/null || die
2518 - fi
2519 -
2520 - # We could build pw-radius if GNURadius would install radlib.h
2521 - pushd "${S}/contrib/slapd-modules/passwd" &>/dev/null || die "pushd contrib/slapd-modules/passwd"
2522 - einfo "Compiling contrib-module: pw-netscape"
2523 - "${lt}" --mode=compile --tag=CC \
2524 - "${CC}" \
2525 - -I"${BUILD_DIR}"/include \
2526 - -I../../../include \
2527 - ${CFLAGS} \
2528 - -o netscape.lo \
2529 - -c netscape.c || die "compiling pw-netscape failed"
2530 - einfo "Linking contrib-module: pw-netscape"
2531 - "${lt}" --mode=link --tag=CC \
2532 - "${CC}" -module \
2533 - ${CFLAGS} \
2534 - ${LDFLAGS} \
2535 - -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
2536 - -o pw-netscape.la \
2537 - netscape.lo || die "linking pw-netscape failed"
2538 -
2539 - #build_contrib_module "acl" "posixgroup.c" "posixGroup" # example code only
2540 - #build_contrib_module "acl" "gssacl.c" "gss" # example code only, also needs kerberos
2541 - build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
2542 - build_contrib_module "allop" "allop.c" "overlay-allop"
2543 - build_contrib_module "allowed" "allowed.c" "allowed"
2544 - build_contrib_module "autogroup" "autogroup.c" "autogroup"
2545 - build_contrib_module "cloak" "cloak.c" "cloak"
2546 - # build_contrib_module "comp_match" "comp_match.c" "comp_match" # really complex, adds new external deps, questionable demand
2547 - build_contrib_module "denyop" "denyop.c" "denyop-overlay"
2548 - build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
2549 - build_contrib_module "dupent" "dupent.c" "dupent"
2550 - build_contrib_module "lastbind" "lastbind.c" "lastbind"
2551 - # lastmod may not play well with other overlays
2552 - build_contrib_module "lastmod" "lastmod.c" "lastmod"
2553 - build_contrib_module "noopsrch" "noopsrch.c" "noopsrch"
2554 - #build_contrib_module "nops" "nops.c" "nops-overlay" https://bugs.gentoo.org/641576
2555 - #build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER
2556 - build_contrib_module "trace" "trace.c" "trace"
2557 - popd &>/dev/null || die
2558 - # build slapi-plugins
2559 - pushd "${S}/contrib/slapi-plugins/addrdnvalues" &>/dev/null || die "pushd contrib/slapi-plugins/addrdnvalues"
2560 - einfo "Building contrib-module: addrdnvalues plugin"
2561 - "${CC}" -shared \
2562 - -I"${BUILD_DIR}"/include \
2563 - -I../../../include \
2564 - ${CFLAGS} \
2565 - -fPIC \
2566 - ${LDFLAGS} \
2567 - -o libaddrdnvalues-plugin.so \
2568 - addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
2569 - popd &>/dev/null || die
2570 - fi
2571 -}
2572 -
2573 -multilib_src_test() {
2574 - if multilib_is_native_abi; then
2575 - cd tests || die
2576 - emake tests
2577 - fi
2578 -}
2579 -
2580 -multilib_src_install() {
2581 - local lt="${BUILD_DIR}/libtool"
2582 - emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install
2583 -
2584 - if ! use minimal && multilib_is_native_abi; then
2585 - # openldap modules go here
2586 - # TODO: write some code to populate slapd.conf with moduleload statements
2587 - keepdir /usr/$(get_libdir)/openldap/openldap/
2588 -
2589 - # initial data storage dir
2590 - keepdir /var/lib/openldap-data
2591 - use prefix || fowners ldap:ldap /var/lib/openldap-data
2592 - fperms 0700 /var/lib/openldap-data
2593 -
2594 - echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
2595 - echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
2596 - echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
2597 -
2598 - # use our config
2599 - rm "${ED}"/etc/openldap/slapd.conf
2600 - insinto /etc/openldap
2601 - newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf
2602 - configfile="${ED}"/etc/openldap/slapd.conf
2603 -
2604 - # populate with built backends
2605 - ebegin "populate config with built backends"
2606 - for x in "${ED}"/usr/$(get_libdir)/openldap/openldap/back_*.so; do
2607 - einfo "Adding $(basename ${x})"
2608 - sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}" || die
2609 - done
2610 - sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
2611 - use prefix || fowners root:ldap /etc/openldap/slapd.conf
2612 - fperms 0640 /etc/openldap/slapd.conf
2613 - cp "${configfile}" "${configfile}".default || die
2614 - eend
2615 -
2616 - # install our own init scripts and systemd unit files
2617 - einfo "Install init scripts"
2618 - sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd-initd-2.4.40-r2 > "${T}"/slapd || die
2619 - doinitd "${T}"/slapd
2620 - newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd
2621 -
2622 - einfo "Install systemd service"
2623 - sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd.service > "${T}"/slapd.service || die
2624 - systemd_dounit "${T}"/slapd.service
2625 - systemd_install_serviced "${FILESDIR}"/slapd.service.conf
2626 - systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf
2627 -
2628 - # If built without SLP, we don't need to be before avahi
2629 - sed -i \
2630 - -e '/before/{s/avahi-daemon//g}' \
2631 - "${ED}"/etc/init.d/slapd \
2632 - || die
2633 -
2634 - if use cxx ; then
2635 - einfo "Install the ldapc++ library"
2636 - cd "${BUILD_DIR}/contrib/ldapc++" || die
2637 - emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
2638 - cd "${S}"/contrib/ldapc++ || die
2639 - newdoc README ldapc++-README
2640 - fi
2641 -
2642 - if use smbkrb5passwd ; then
2643 - einfo "Install the smbk5pwd module"
2644 - cd "${S}/contrib/slapd-modules/smbk5pwd" || die
2645 - emake DESTDIR="${D}" \
2646 - LDAP_BUILD="${BUILD_DIR}" \
2647 - libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
2648 - newdoc README smbk5pwd-README
2649 - fi
2650 -
2651 - if use overlays ; then
2652 - einfo "Install the samba4 module"
2653 - cd "${S}/contrib/slapd-modules/samba4" || die
2654 - emake DESTDIR="${D}" \
2655 - LDAP_BUILD="${BUILD_DIR}" \
2656 - libexecdir="/usr/$(get_libdir)/openldap" install
2657 - newdoc README samba4-README
2658 - fi
2659 -
2660 - einfo "Installing contrib modules"
2661 - cd "${S}/contrib/slapd-modules" || die
2662 - for l in */*.la */*/*.la; do
2663 - [[ -e ${l} ]] || continue
2664 - "${lt}" --mode=install cp ${l} \
2665 - "${ED}"/usr/$(get_libdir)/openldap/openldap || \
2666 - die "installing ${l} failed"
2667 - done
2668 -
2669 - dodoc "${FILESDIR}"/DB_CONFIG.fast.example
2670 - docinto contrib
2671 - doman */*.5
2672 - #newdoc acl/README*
2673 - newdoc addpartial/README addpartial-README
2674 - newdoc allop/README allop-README
2675 - newdoc allowed/README allowed-README
2676 - newdoc autogroup/README autogroup-README
2677 - newdoc dsaschema/README dsaschema-README
2678 - newdoc passwd/README passwd-README
2679 - cd "${S}/contrib/slapi-plugins" || die
2680 - insinto /usr/$(get_libdir)/openldap/openldap
2681 - doins */*.so
2682 - docinto contrib
2683 - newdoc addrdnvalues/README addrdnvalues-README
2684 -
2685 - insinto /etc/openldap/schema
2686 - newins "${DISTDIR}"/${BIS_P} ${BIS_PN}
2687 -
2688 - docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample*
2689 - docinto back-shell ; dodoc "${S}"/servers/slapd/back-shell/searchexample*
2690 - docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm
2691 -
2692 - dosbin "${S}"/contrib/slapd-tools/statslog
2693 - newdoc "${S}"/contrib/slapd-tools/README README.statslog
2694 - fi
2695 -
2696 - if ! use static-libs ; then
2697 - find "${ED}" \( -name '*.a' -o -name '*.la' \) -delete || die
2698 - fi
2699 -}
2700 -
2701 -multilib_src_install_all() {
2702 - dodoc ANNOUNCEMENT CHANGES COPYRIGHT README
2703 - docinto rfc ; dodoc doc/rfc/*.txt
2704 -}
2705 -
2706 -pkg_preinst() {
2707 - # keep old libs if any
2708 - preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0)
2709 - # bug 440470, only display the getting started help there was no openldap before,
2710 - # or we are going to a non-minimal build
2711 - ! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]'
2712 - OPENLDAP_PRINT_MESSAGES=$((! $?))
2713 -}
2714 -
2715 -pkg_postinst() {
2716 - if ! use minimal ; then
2717 - # You cannot build SSL certificates during src_install that will make
2718 - # binary packages containing your SSL key, which is both a security risk
2719 - # and a misconfiguration if multiple machines use the same key and cert.
2720 - if use ssl; then
2721 - install_cert /etc/openldap/ssl/ldap
2722 - use prefix || chown ldap:ldap "${EROOT}"/etc/openldap/ssl/ldap.*
2723 - ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
2724 - ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
2725 - ewarn "add 'TLS_REQCERT allow' if you want to use them."
2726 - fi
2727 -
2728 - if use prefix; then
2729 - # Warn about prefix issues with slapd
2730 - eerror "slapd might NOT be usable on Prefix systems as it requires root privileges"
2731 - eerror "to start up, and requires that certain files directories be owned by"
2732 - eerror "ldap:ldap. As Prefix does not support changing ownership of files and"
2733 - eerror "directories, you will have to manually fix this yourself."
2734 - fi
2735 -
2736 - # These lines force the permissions of various content to be correct
2737 - if [[ -d "${EROOT}"/var/run/openldap ]]; then
2738 - use prefix || { chown ldap:ldap "${EROOT}"/var/run/openldap || die; }
2739 - chmod 0755 "${EROOT}"/var/run/openldap || die
2740 - fi
2741 - use prefix || chown root:ldap "${EROOT}"/etc/openldap/slapd.conf{,.default}
2742 - chmod 0640 "${EROOT}"/etc/openldap/slapd.conf{,.default} || die
2743 - use prefix || chown ldap:ldap "${EROOT}"/var/lib/openldap-data
2744 - fi
2745 -
2746 - if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then
2747 - elog "Getting started using OpenLDAP? There is some documentation available:"
2748 - elog "Gentoo Guide to OpenLDAP Authentication"
2749 - elog "(https://wiki.gentoo.org/wiki/Centralized_authentication_using_OpenLDAP)"
2750 - elog "---"
2751 - elog "An example file for tuning BDB backends with openldap is"
2752 - elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
2753 - fi
2754 -
2755 - preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0)
2756 -}
Report Message
Find on MARC Find on Google Groups