Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Sam James <sam@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: net-nds/openldap/
Date: Wed, 01 Jun 2022 05:20:14
Message-Id: 1654060050.e90e15bb20c01e2a2baf7c955671066959439ead.sam@gentoo
1 commit: e90e15bb20c01e2a2baf7c955671066959439ead
2 Author: Sam James <sam <AT> gentoo <DOT> org>
3 AuthorDate: Wed Jun 1 05:07:30 2022 +0000
4 Commit: Sam James <sam <AT> gentoo <DOT> org>
5 CommitDate: Wed Jun 1 05:07:30 2022 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e90e15bb
7
8 net-nds/openldap: add 2.6.2
9
10 Signed-off-by: Sam James <sam <AT> gentoo.org>
11
12 net-nds/openldap/Manifest | 1 +
13 net-nds/openldap/openldap-2.6.2.ebuild | 798 +++++++++++++++++++++++++++++++++
14 2 files changed, 799 insertions(+)
15
16 diff --git a/net-nds/openldap/Manifest b/net-nds/openldap/Manifest
17 index c0b19b7c9812..dd98473ce9c1 100644
18 --- a/net-nds/openldap/Manifest
19 +++ b/net-nds/openldap/Manifest
20 @@ -3,4 +3,5 @@ DIST openldap-2.4.58.tgz 5885225 BLAKE2B effb618dba03497796a497cd7f53ec52e389133
21 DIST openldap-2.4.59.tgz 5886272 BLAKE2B a2a8bed1d2af97fd41d651668152fd4740871bc5a8abf4b50390839228af82ac103346b3500ae0f8dd31b708acabb30435b90cd48dfafe510e648df5150d96b8 SHA512 233459ab446da6e107a7fc4ecd5668d6b08c11a11359ee76449550393e8f586a29b59d7ae09a050a1fca4fcf388ea61438ef60831b3ae802d92c048365ae3968
22 DIST openldap-2.5.4.tgz 6415235 BLAKE2B 16e466d01dc7642786bb88a101854513f1239f1e817fd05145e89deb54bc1b911a5dc5f42b132747f14bdd2a3355e7c398b8b14937e7093361f4a96bfb7e9197 SHA512 00b57c9179acf3b1bde738e91604f3b09b5f5309106362bb947154d131868f233713eaa75c9af9771bfad731902d67406e8fb429851bad227fc48054cace16a8
23 DIST openldap-OPENLDAP_REL_ENG_2_6_1.tar.gz 6211863 BLAKE2B 81f4591db483a214351c2e02631fef2875e17e0890fc621182d2ed61d927c3c029a4f290ee6c0788952495d6f7a76ed15e62557b8d8f2e241d867e19fdf223b7 SHA512 ca61c1dccf3194d8d149ca0c45a4834d6fadf67a3676cf348f5f62ab92c94bc7501216d7da681c3a6f87f646a18d0f3d116c3d3a24d2e5cbebc6c695c986e517
24 +DIST openldap-OPENLDAP_REL_ENG_2_6_2.tar.gz 6216063 BLAKE2B 51c8d5ee712971c1aeeaedfc7bb89e65b2ccc2dc171bd0fb99e2b568d70ea5c66903194ab92a66de88fd9bc78511ffee0ab595b13a725933c7084943ac8c624a SHA512 0668165e194a7b1a483f88bf6b0f6eab2707c404f6c3164948cb11896c5e5411972a0677a927c0e509e98bfebb75b79e514bb6346b23d35687d9234f973d7520
25 DIST rfc2307bis.schema-20140524 12262 BLAKE2B 98031f49e9bde1e4821e637af3382364d8344ed7017649686a088070d96a632dffa6c661552352656b1b159c0fd962965580069a64c7f3d5bb6a3ed75f60fd99 SHA512 83b89a1deeefc8566b97e7e865b9b6d04541099cbdf719e24538a7d27d61b6209e87ab9003a9f140bd9afd018ec569e71721e3a24090e1902c8b6659d2ba103e
26
27 diff --git a/net-nds/openldap/openldap-2.6.2.ebuild b/net-nds/openldap/openldap-2.6.2.ebuild
28 new file mode 100644
29 index 000000000000..ada8b4ae1615
30 --- /dev/null
31 +++ b/net-nds/openldap/openldap-2.6.2.ebuild
32 @@ -0,0 +1,798 @@
33 +# Copyright 1999-2022 Gentoo Authors
34 +# Distributed under the terms of the GNU General Public License v2
35 +
36 +EAPI=7
37 +
38 +inherit autotools flag-o-matic multilib multilib-minimal preserve-libs ssl-cert toolchain-funcs systemd tmpfiles
39 +
40 +MY_PV="$(ver_rs 1-2 _)"
41 +
42 +BIS_PN=rfc2307bis.schema
43 +BIS_PV=20140524
44 +BIS_P="${BIS_PN}-${BIS_PV}"
45 +
46 +DESCRIPTION="LDAP suite of application and development tools"
47 +HOMEPAGE="https://www.OpenLDAP.org/"
48 +
49 +SRC_URI="
50 + https://gitlab.com/openldap/${PN}/-/archive/OPENLDAP_REL_ENG_${MY_PV}/${PN}-OPENLDAP_REL_ENG_${MY_PV}.tar.gz
51 + mirror://gentoo/${BIS_P}"
52 +
53 +LICENSE="OPENLDAP GPL-2"
54 +# Subslot added for bug #835654
55 +SLOT="0/$(ver_cut 1-2)"
56 +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~x86-solaris"
57 +
58 +IUSE_DAEMON="argon2 +cleartext crypt experimental minimal samba tcpd"
59 +IUSE_OVERLAY="overlays perl autoca"
60 +IUSE_OPTIONAL="debug gnutls iodbc ipv6 odbc sasl ssl selinux static-libs +syslog test"
61 +IUSE_CONTRIB="kerberos kinit pbkdf2 sha2 smbkrb5passwd"
62 +IUSE_CONTRIB="${IUSE_CONTRIB} cxx"
63 +IUSE="systemd ${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
64 +RESTRICT="!test? ( test )"
65 +
66 +RESTRICT="!test? ( test )"
67 +REQUIRED_USE="cxx? ( sasl )
68 + pbkdf2? ( ssl )
69 + test? ( cleartext sasl )
70 + autoca? ( !gnutls )
71 + ?? ( test minimal )"
72 +
73 +S=${WORKDIR}/${PN}-OPENLDAP_REL_ENG_${MY_PV}
74 +
75 +# openssl is needed to generate lanman-passwords required by samba
76 +COMMON_DEPEND="
77 + kernel_linux? ( sys-apps/util-linux )
78 + ssl? (
79 + !gnutls? (
80 + >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}]
81 + )
82 + gnutls? (
83 + >=net-libs/gnutls-2.12.23-r6:=[${MULTILIB_USEDEP}]
84 + >=dev-libs/libgcrypt-1.5.3:0=[${MULTILIB_USEDEP}]
85 + )
86 + )
87 + sasl? ( dev-libs/cyrus-sasl:= )
88 + !minimal? (
89 + dev-libs/libltdl
90 + sys-fs/e2fsprogs
91 + >=dev-db/lmdb-0.9.18:=
92 + argon2? ( app-crypt/argon2:= )
93 + crypt? ( virtual/libcrypt:= )
94 + tcpd? ( sys-apps/tcp-wrappers )
95 + odbc? ( !iodbc? ( dev-db/unixODBC )
96 + iodbc? ( dev-db/libiodbc ) )
97 + perl? ( dev-lang/perl:=[-build(-)] )
98 + samba? (
99 + dev-libs/openssl:0=
100 + )
101 + smbkrb5passwd? (
102 + dev-libs/openssl:0=
103 + kerberos? ( app-crypt/heimdal )
104 + )
105 + kerberos? (
106 + virtual/krb5
107 + kinit? ( !app-crypt/heimdal )
108 + )
109 + )
110 +"
111 +DEPEND="${COMMON_DEPEND}
112 + sys-apps/groff
113 +"
114 +RDEPEND="${COMMON_DEPEND}
115 + selinux? ( sec-policy/selinux-ldap )
116 +"
117 +
118 +# The user/group are only used for running daemons which are
119 +# disabled in minimal builds, so elide the accounts too.
120 +BDEPEND="!minimal? (
121 + acct-group/ldap
122 + acct-user/ldap
123 +)
124 +"
125 +
126 +# for tracking versions
127 +OPENLDAP_VERSIONTAG=".version-tag"
128 +OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
129 +
130 +MULTILIB_WRAPPED_HEADERS=(
131 + # USE=cxx
132 + /usr/include/LDAPAsynConnection.h
133 + /usr/include/LDAPAttrType.h
134 + /usr/include/LDAPAttribute.h
135 + /usr/include/LDAPAttributeList.h
136 + /usr/include/LDAPConnection.h
137 + /usr/include/LDAPConstraints.h
138 + /usr/include/LDAPControl.h
139 + /usr/include/LDAPControlSet.h
140 + /usr/include/LDAPEntry.h
141 + /usr/include/LDAPEntryList.h
142 + /usr/include/LDAPException.h
143 + /usr/include/LDAPExtResult.h
144 + /usr/include/LDAPMessage.h
145 + /usr/include/LDAPMessageQueue.h
146 + /usr/include/LDAPModList.h
147 + /usr/include/LDAPModification.h
148 + /usr/include/LDAPObjClass.h
149 + /usr/include/LDAPRebind.h
150 + /usr/include/LDAPRebindAuth.h
151 + /usr/include/LDAPReferenceList.h
152 + /usr/include/LDAPResult.h
153 + /usr/include/LDAPSaslBindResult.h
154 + /usr/include/LDAPSchema.h
155 + /usr/include/LDAPSearchReference.h
156 + /usr/include/LDAPSearchResult.h
157 + /usr/include/LDAPSearchResults.h
158 + /usr/include/LDAPUrl.h
159 + /usr/include/LDAPUrlList.h
160 + /usr/include/LdifReader.h
161 + /usr/include/LdifWriter.h
162 + /usr/include/SaslInteraction.h
163 + /usr/include/SaslInteractionHandler.h
164 + /usr/include/StringList.h
165 + /usr/include/TlsOptions.h
166 +)
167 +
168 +PATCHES=(
169 + "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
170 + "${FILESDIR}"/${PN}-2.6.1-system-mdb.patch
171 + "${FILESDIR}"/${PN}-2.6.1-cloak.patch
172 + "${FILESDIR}"/${PN}-2.6.1-flags.patch
173 + "${FILESDIR}"/${PN}-2.6.1-fix-missing-mapping.patch
174 + "${FILESDIR}"/${PN}-2.6.1-fix-bashism-configure.patch
175 + "${FILESDIR}"/${PN}-2.6.1-parallel-build.patch
176 +)
177 +
178 +openldap_filecount() {
179 + local dir="$1"
180 + find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
181 +}
182 +
183 +openldap_find_versiontags() {
184 + # scan for all datadirs
185 + local openldap_datadirs=()
186 + if [[ -f "${EROOT}"/etc/openldap/slapd.conf ]]; then
187 + openldap_datadirs=( $(awk '{if($1 == "directory") print $2 }' "${EROOT}"/etc/openldap/slapd.conf) )
188 + fi
189 + openldap_datadirs+=( ${OPENLDAP_DEFAULTDIR_VERSIONTAG} )
190 +
191 + einfo
192 + einfo "Scanning datadir(s) from slapd.conf and"
193 + einfo "the default installdir for Versiontags"
194 + einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
195 + einfo
196 +
197 + # scan datadirs if we have a version tag
198 + openldap_found_tag=0
199 + have_files=0
200 + for each in ${openldap_datadirs[@]} ; do
201 + CURRENT_TAGDIR="${ROOT}$(sed "s:\/::" <<< ${each})"
202 + CURRENT_TAG="${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}"
203 + if [[ -d "${CURRENT_TAGDIR}" ]] && [[ "${openldap_found_tag}" == 0 ]] ; then
204 + einfo "- Checking ${each}..."
205 + if [[ -r "${CURRENT_TAG}" ]] ; then
206 + # yey, we have one :)
207 + einfo " Found Versiontag in ${each}"
208 + source "${CURRENT_TAG}"
209 + if [[ "${OLDPF}" == "" ]] ; then
210 + eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
211 + eerror "Please delete it"
212 + eerror
213 + die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
214 + fi
215 +
216 + OLD_MAJOR=$(ver_cut 2-3 ${OLDPF})
217 +
218 + [[ "$(openldap_filecount ${CURRENT_TAGDIR})" -gt 0 ]] && have_files=1
219 +
220 + # are we on the same branch?
221 + if [[ "${OLD_MAJOR}" != "${PV:0:3}" ]] ; then
222 + ewarn " Versiontag doesn't match current major release!"
223 + if [[ "${have_files}" == "1" ]] ; then
224 + eerror " Versiontag says other major and you (probably) have datafiles!"
225 + echo
226 + openldap_upgrade_howto
227 + else
228 + einfo " No real problem, seems there's no database."
229 + fi
230 + else
231 + einfo " Versiontag is fine here :)"
232 + fi
233 + else
234 + einfo " Non-tagged dir ${each}"
235 + [[ "$(openldap_filecount ${each})" -gt 0 ]] && have_files=1
236 + if [[ "${have_files}" == "1" ]] ; then
237 + einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
238 + echo
239 +
240 + eerror
241 + eerror "Your OpenLDAP Installation has a non tagged datadir that"
242 + eerror "possibly contains a database at ${CURRENT_TAGDIR}"
243 + eerror
244 + eerror "Please export data if any entered and empty or remove"
245 + eerror "the directory, installation has been stopped so you"
246 + eerror "can take required action"
247 + eerror
248 + eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
249 + eerror
250 + openldap_upgrade_howto
251 + die "Please move the datadir ${CURRENT_TAGDIR} away"
252 + fi
253 + fi
254 + einfo
255 + fi
256 + done
257 + [[ "${have_files}" == "1" ]] && einfo "DB files present" || einfo "No DB files present"
258 +
259 + # Now we must check for the major version of sys-libs/db linked against.
260 + # TODO: remove this as we dropped bdb support (gone upstream) in 2.6.1?
261 + SLAPD_PATH="${EROOT}/usr/$(get_libdir)/openldap/slapd"
262 + if [[ "${have_files}" == "1" ]] && [[ -f "${SLAPD_PATH}" ]]; then
263 + OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
264 + | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
265 + local fail=0
266 + if [[ -z "${OLDVER}" ]] && [[ -z "${NEWVER}" ]]; then
267 + :
268 + # Nothing wrong here.
269 + elif [[ -z "${OLDVER}" ]] && [[ -n "${NEWVER}" ]]; then
270 + eerror " Your existing version of OpenLDAP was not built against"
271 + eerror " any version of sys-libs/db, but the new one will build"
272 + eerror " against ${NEWVER} and your database may be inaccessible."
273 + echo
274 + fail=1
275 + elif [[ -n "${OLDVER}" ]] && [[ -z "${NEWVER}" ]]; then
276 + eerror " Your existing version of OpenLDAP was built against"
277 + eerror " sys-libs/db:${OLDVER}, but the new one will not be"
278 + eerror " built against any version and your database may be"
279 + eerror " inaccessible."
280 + echo
281 + fail=1
282 + elif [[ "${OLDVER}" != "${NEWVER}" ]]; then
283 + eerror " Your existing version of OpenLDAP was built against"
284 + eerror " sys-libs/db:${OLDVER}, but the new one will build against"
285 + eerror " ${NEWVER} and your database would be inaccessible."
286 + echo
287 + fail=1
288 + fi
289 + [[ "${fail}" == "1" ]] && openldap_upgrade_howto
290 + fi
291 +
292 + echo
293 + einfo
294 + einfo "All datadirs are fine, proceeding with merge now..."
295 + einfo
296 +}
297 +
298 +openldap_upgrade_howto() {
299 + local d l i
300 + eerror
301 + eerror "A (possible old) installation of OpenLDAP was detected,"
302 + eerror "installation will not proceed for now."
303 + eerror
304 + eerror "As major version upgrades can corrupt your database,"
305 + eerror "you need to dump your database and re-create it afterwards."
306 + eerror
307 + eerror "Additionally, rebuilding against different major versions of the"
308 + eerror "sys-libs/db libraries will cause your database to be inaccessible."
309 + eerror ""
310 + d="$(date -u +%s)"
311 + l="/root/ldapdump.${d}"
312 + i="${l}.raw"
313 + eerror " 1. /etc/init.d/slapd stop"
314 + eerror " 2. slapcat -l ${i}"
315 + eerror " 3. grep -E -v '^(entry|context)CSN:' <${i} >${l}"
316 + eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
317 + eerror " 5. emerge --update \=net-nds/${PF}"
318 + eerror " 6. etc-update, and ensure that you apply the changes"
319 + eerror " 7. slapadd -l ${l}"
320 + eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
321 + eerror " 9. /etc/init.d/slapd start"
322 + eerror "10. check that your data is intact."
323 + eerror "11. set up the new replication system."
324 + eerror
325 + if [[ "${FORCE_UPGRADE}" != "1" ]]; then
326 + die "You need to upgrade your database first"
327 + else
328 + eerror "You have the magical FORCE_UPGRADE=1 in place."
329 + eerror "Don't say you weren't warned about data loss."
330 + fi
331 +}
332 +
333 +pkg_setup() {
334 + if ! use sasl && use cxx ; then
335 + die "To build the ldapc++ library you must emerge openldap with sasl support"
336 + fi
337 + # Bug #322787
338 + if use minimal && ! has_version "net-nds/openldap" ; then
339 + einfo "No datadir scan needed, openldap not installed"
340 + elif use minimal && has_version 'net-nds/openldap[minimal]' ; then
341 + einfo "Skipping scan for previous datadirs as requested by minimal useflag"
342 + else
343 + openldap_find_versiontags
344 + fi
345 +}
346 +
347 +src_prepare() {
348 + rm -r libraries/liblmdb || die 'could not removed bundled lmdb directory'
349 +
350 + for filename in doc/drafts/draft-ietf-ldapext-acl-model-xx.txt; do
351 + iconv -f iso-8859-1 -t utf-8 "$filename" > "$filename.utf8"
352 + mv "$filename.utf8" "$filename"
353 + done
354 +
355 + default
356 +
357 + sed -i \
358 + -e "s:\$(localstatedir)/run:${EPREFIX}/run:" \
359 + servers/slapd/Makefile.in || die 'adjusting slapd Makefile.in failed'
360 +
361 + pushd build &>/dev/null || die "pushd build"
362 + einfo "Making sure upstream build strip does not do stripping too early"
363 + sed -i.orig \
364 + -e '/^STRIP/s,-s,,g' \
365 + top.mk || die "Failed to remove to early stripping"
366 + popd &>/dev/null || die
367 +
368 + eautoreconf
369 + multilib_copy_sources
370 +}
371 +
372 +build_contrib_module() {
373 + # <dir> [<target>]
374 + pushd "${S}/contrib/slapd-modules/$1" &>/dev/null || die "pushd contrib/slapd-modules/$1"
375 + einfo "Compiling contrib-module: $1"
376 + local target="${2:-all}"
377 + emake \
378 + LDAP_BUILD="${BUILD_DIR}" prefix="${EPREFIX}/usr" \
379 + CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" \
380 + "$target"
381 + popd &>/dev/null || die
382 +}
383 +
384 +multilib_src_configure() {
385 + # Optional Features
386 + myconf+=(
387 + --enable-option-checking
388 + $(use_enable debug)
389 + --enable-dynamic
390 + $(use_enable syslog)
391 + $(use_enable ipv6)
392 + --enable-local
393 + )
394 +
395 + # Optional Packages
396 + myconf+=(
397 + --without-fetch
398 + )
399 +
400 + if ! use minimal && multilib_is_native_abi; then
401 + # SLAPD (Standalone LDAP Daemon) Options
402 + # overlay chaining requires '--enable-ldap' #296567
403 + # see https://www.openldap.org/doc/admin26/overlays.html#Chaining
404 + myconf+=(
405 + --enable-ldap=yes
406 + --enable-slapd
407 + $(use_enable cleartext)
408 + $(use_enable crypt)
409 + $(multilib_native_use_enable sasl spasswd)
410 + --disable-slp
411 + $(use_enable tcpd wrappers)
412 + )
413 + if use experimental ; then
414 + # connectionless ldap per bug #342439
415 + # connectionless is a unsupported feature according to Howard Chu
416 + # see https://bugs.openldap.org/show_bug.cgi?id=9739
417 + append-cppflags -DLDAP_CONNECTIONLESS
418 +
419 + myconf+=(
420 + --enable-dynacl
421 + # ACI build as dynamic module not supported (yet)
422 + --enable-aci=yes
423 + )
424 + fi
425 +
426 + for option in modules rlookups slapi; do
427 + myconf+=( --enable-${option} )
428 + done
429 +
430 + # static SLAPD backends
431 + for backend in mdb; do
432 + myconf+=( --enable-${backend}=yes )
433 + done
434 +
435 + # module SLAPD backends
436 + for backend in asyncmeta dnssrv meta null passwd relay sock; do
437 + # missing modules: wiredtiger (not available in portage)
438 + myconf+=( --enable-${backend}=mod )
439 + done
440 +
441 + use perl && myconf+=( --enable-perl=mod )
442 +
443 + if use odbc ; then
444 + myconf+=( --enable-sql=mod )
445 + if use iodbc ; then
446 + myconf+=( --with-odbc="iodbc" )
447 + append-cflags -I"${EPREFIX}"/usr/include/iodbc
448 + else
449 + myconf+=( --with-odbc="unixodbc" )
450 + fi
451 + fi
452 +
453 + use overlays && myconf+=( --enable-overlays=mod )
454 + use autoca && myconf+=( --enable-autoca=mod ) || myconf+=( --enable-autoca=no )
455 + # compile-in the syncprov
456 + myconf+=( --enable-syncprov=yes )
457 +
458 + # SLAPD Password Module Options
459 + myconf+=(
460 + $(use_enable argon2)
461 + )
462 +
463 + # Optional Packages
464 + myconf+=(
465 + $(use_with systemd)
466 + $(multilib_native_use_with sasl cyrus-sasl)
467 + )
468 + else
469 + myconf+=(
470 + --disable-backends
471 + --disable-slapd
472 + --disable-mdb
473 + --disable-overlays
474 + --disable-autoca
475 + --disable-syslog
476 + --without-systemd
477 + )
478 + fi
479 +
480 + # Library Generation & Linking Options
481 + myconf+=(
482 + $(use_enable static-libs static)
483 + --enable-shared
484 + --enable-versioning
485 + --with-pic
486 + )
487 +
488 + # some cross-compiling tests don't pan out well.
489 + tc-is-cross-compiler && myconf+=(
490 + --with-yielding-select=yes
491 + )
492 +
493 + local ssl_lib="no"
494 + if use ssl || ( ! use minimal && use samba ) ; then
495 + if use gnutls ; then
496 + myconf+=( --with-tls="gnutls" )
497 + else
498 + # disable MD2 hash function
499 + append-cflags -DOPENSSL_NO_MD2
500 + myconf+=( --with-tls="openssl" )
501 + fi
502 + else
503 + myconf+=( --with-tls="no" )
504 + fi
505 +
506 + tc-export AR CC CXX
507 +
508 + ECONF_SOURCE="${S}" econf \
509 + --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
510 + --localstatedir="${EPREFIX}"/var \
511 + --runstatedir="${EPREFIX}"/run \
512 + --sharedstatedir="${EPREFIX}"/var/lib \
513 + "${myconf[@]}"
514 +
515 + # argument '--runstatedir' seems to have no effect therefore this workaround
516 + sed -i \
517 + -e 's:^runstatedir=.*:runstatedir=${EPREFIX}/run:' \
518 + configure contrib/ldapc++/configure contrib/ldaptcl/configure || die 'could not set runstatedir'
519 +
520 + sed -i \
521 + -e "s:/var/run/sasl2/mux:${EPREFIX}/run/sasl2/mux:" \
522 + doc/guide/admin/security.sdf || die 'could not fix run path in doc'
523 +
524 + emake depend
525 +}
526 +
527 +src_configure_cxx() {
528 + # This needs the libraries built by the first build run.
529 + # we have to run it AFTER the main build, not just after the main configure
530 + local myconf_ldapcpp=(
531 + --with-libldap="${E}/lib"
532 + --with-ldap-includes="${S}/include"
533 + )
534 +
535 + mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die "could not create ${BUILD_DIR}/contrib/ldapc++ directory"
536 + pushd "${BUILD_DIR}/contrib/ldapc++" &>/dev/null || die "pushd contrib/ldapc++"
537 + local LDFLAGS=${LDFLAGS}
538 + local CPPFLAGS=${CPPFLAGS}
539 + append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
540 + -L"${BUILD_DIR}"/libraries/libldap/.libs
541 + append-cppflags -I"${BUILD_DIR}"/include
542 + ECONF_SOURCE=${S}/contrib/ldapc++ \
543 + econf "${myconf_ldapcpp[@]}"
544 + popd &>/dev/null || die "popd contrib/ldapc++"
545 +}
546 +
547 +multilib_src_compile() {
548 + tc-export AR CC CXX
549 + emake CC="$(tc-getCC)" SHELL="${EPREFIX}"/bin/sh
550 +
551 + if ! use minimal && multilib_is_native_abi ; then
552 + if use cxx ; then
553 + einfo "Building contrib library: ldapc++"
554 + src_configure_cxx
555 + pushd "${BUILD_DIR}/contrib/ldapc++" &>/dev/null || die "pushd contrib/ldapc++"
556 + emake
557 + popd &>/dev/null || die
558 + fi
559 +
560 + if use smbkrb5passwd ; then
561 + einfo "Building contrib-module: smbk5pwd"
562 + pushd "${S}/contrib/slapd-modules/smbk5pwd" &>/dev/null || die "pushd contrib/slapd-modules/smbk5pwd"
563 +
564 + MY_DEFS="-DDO_SHADOW"
565 + if use samba ; then
566 + MY_DEFS="${MY_DEFS} -DDO_SAMBA"
567 + MY_KRB5_INC=""
568 + fi
569 + if use kerberos ; then
570 + MY_DEFS="${MY_DEFS} -DDO_KRB5"
571 + MY_KRB5_INC="$(krb5-config --cflags)"
572 + fi
573 +
574 + emake \
575 + DEFS="${MY_DEFS}" \
576 + KRB5_INC="${MY_KRB5_INC}" \
577 + LDAP_BUILD="${BUILD_DIR}" \
578 + libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
579 + popd &>/dev/null || die
580 + fi
581 +
582 + if use overlays ; then
583 + einfo "Building contrib-module: samba4"
584 + pushd "${S}/contrib/slapd-modules/samba4" &>/dev/null || die "pushd contrib/slapd-modules/samba4"
585 +
586 + emake \
587 + LDAP_BUILD="${BUILD_DIR}" \
588 + CC="$(tc-getCC)" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
589 + popd &>/dev/null || die
590 + fi
591 +
592 + if use kerberos ; then
593 + if use kinit ; then
594 + build_contrib_module "kinit" "kinit.c" "kinit"
595 + fi
596 + build_contrib_module "passwd" "pw-kerberos.la"
597 + fi
598 +
599 + if use pbkdf2; then
600 + build_contrib_module "passwd/pbkdf2"
601 + fi
602 +
603 + if use sha2 ; then
604 + build_contrib_module "passwd/sha2"
605 + fi
606 +
607 + # We could build pw-radius if GNURadius would install radlib.h
608 + build_contrib_module "passwd" "pw-netscape.la"
609 +
610 + #build_contrib_module "acl" "posixgroup.la" # example code only
611 + #build_contrib_module "acl" "gssacl.la" # example code only, also needs kerberos
612 + build_contrib_module "addpartial"
613 + build_contrib_module "allop"
614 + build_contrib_module "allowed"
615 + build_contrib_module "autogroup"
616 + build_contrib_module "cloak"
617 + # build_contrib_module "comp_match" # really complex, adds new external deps, questionable demand
618 + build_contrib_module "denyop"
619 + build_contrib_module "dsaschema"
620 + build_contrib_module "dupent"
621 + build_contrib_module "lastbind"
622 + # lastmod may not play well with other overlays
623 + build_contrib_module "lastmod"
624 + build_contrib_module "noopsrch"
625 + #build_contrib_module "nops" https://bugs.gentoo.org/641576
626 + #build_contrib_module "nssov" RESO:LATER
627 + build_contrib_module "trace"
628 + # build slapi-plugins
629 + pushd "${S}/contrib/slapi-plugins/addrdnvalues" &>/dev/null || die "pushd contrib/slapi-plugins/addrdnvalues"
630 + einfo "Building contrib-module: addrdnvalues plugin"
631 + $(tc-getCC) -shared \
632 + -I"${BUILD_DIR}"/include \
633 + -I../../../include \
634 + ${CFLAGS} \
635 + -fPIC \
636 + ${LDFLAGS} \
637 + -o libaddrdnvalues-plugin.so \
638 + addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
639 + popd &>/dev/null || die
640 + fi
641 +}
642 +
643 +multilib_src_test() {
644 + if multilib_is_native_abi; then
645 + cd "tests"
646 + pwd
647 + # emake test => runs only lloadd & mdb, in serial; skips ldif,sql,wt,regression
648 + # emake partests => runs ALL of the tests in parallel
649 + # wt/WiredTiger is not supported in Gentoo
650 + TESTS=( plloadd pmdb )
651 + #TESTS+=( pldif ) # not done by default, so also exclude here
652 + #use odbc && TESTS+=( psql ) # not done by default, so also exclude here
653 + emake "${TESTS[@]}"
654 + fi
655 +}
656 +
657 +multilib_src_install() {
658 + emake CC="$(tc-getCC)" \
659 + DESTDIR="${D}" SHELL="${EPREFIX}"/bin/sh install
660 +
661 + if ! use minimal && multilib_is_native_abi; then
662 + # openldap modules go here
663 + # TODO: write some code to populate slapd.conf with moduleload statements
664 + keepdir /usr/$(get_libdir)/openldap/openldap/
665 +
666 + # initial data storage dir
667 + keepdir /var/lib/openldap-data
668 + use prefix || fowners ldap:ldap /var/lib/openldap-data
669 + fperms 0700 /var/lib/openldap-data
670 +
671 + echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
672 + echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
673 + echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
674 +
675 + # use our config
676 + rm "${ED}"/etc/openldap/slapd.conf
677 + insinto /etc/openldap
678 + newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf
679 + configfile="${ED}"/etc/openldap/slapd.conf
680 +
681 + # populate with built backends
682 + einfo "populate config with built backends"
683 + for x in "${ED}"/usr/$(get_libdir)/openldap/openldap/back_*.so; do
684 + einfo "Adding $(basename ${x})"
685 + sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}" || die
686 + done
687 + sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
688 + use prefix || fowners root:ldap /etc/openldap/slapd.conf
689 + fperms 0640 /etc/openldap/slapd.conf
690 + cp "${configfile}" "${configfile}".default || die
691 +
692 + # install our own init scripts and systemd unit files
693 + einfo "Install init scripts"
694 + sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd-initd-2.4.40-r2 > "${T}"/slapd || die
695 + doinitd "${T}"/slapd
696 + newconfd "${FILESDIR}"/slapd-confd-2.6.1 slapd
697 +
698 + einfo "Install systemd service"
699 + sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd-2.6.1.service > "${T}"/slapd.service || die
700 + systemd_dounit "${T}"/slapd.service
701 + systemd_install_serviced "${FILESDIR}"/slapd.service.conf
702 + newtmpfiles "${FILESDIR}"/slapd.tmpfilesd slapd.conf
703 +
704 + # if built without SLP, we don't need to be before avahi
705 + sed -i \
706 + -e '/before/{s/avahi-daemon//g}' \
707 + "${ED}"/etc/init.d/slapd \
708 + || die
709 +
710 + if use cxx ; then
711 + einfo "Install the ldapc++ library"
712 + cd "${BUILD_DIR}/contrib/ldapc++" || die
713 + emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
714 + cd "${S}"/contrib/ldapc++ || die
715 + newdoc README ldapc++-README
716 + fi
717 +
718 + if use smbkrb5passwd ; then
719 + einfo "Install the smbk5pwd module"
720 + cd "${S}/contrib/slapd-modules/smbk5pwd" || die
721 + emake DESTDIR="${D}" \
722 + LDAP_BUILD="${BUILD_DIR}" \
723 + libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
724 + newdoc README smbk5pwd-README
725 + fi
726 +
727 + if use overlays ; then
728 + einfo "Install the samba4 module"
729 + cd "${S}/contrib/slapd-modules/samba4" || die
730 + emake DESTDIR="${D}" \
731 + LDAP_BUILD="${BUILD_DIR}" \
732 + libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
733 + newdoc README samba4-README
734 + fi
735 +
736 + einfo "Installing contrib modules"
737 + cd "${S}/contrib/slapd-modules" || die
738 + for l in */*.la */*/*.la; do
739 + [[ -e ${l} ]] || continue
740 + libtool --mode=install cp ${l} \
741 + "${ED}"/usr/$(get_libdir)/openldap/openldap || \
742 + die "installing ${l} failed"
743 + done
744 +
745 + dodoc "${FILESDIR}"/DB_CONFIG.fast.example
746 + docinto contrib
747 + doman */*.5
748 + #newdoc acl/README*
749 + newdoc addpartial/README addpartial-README
750 + newdoc allop/README allop-README
751 + newdoc allowed/README allowed-README
752 + newdoc autogroup/README autogroup-README
753 + newdoc dsaschema/README dsaschema-README
754 + newdoc passwd/README passwd-README
755 + cd "${S}/contrib/slapi-plugins" || die
756 + insinto /usr/$(get_libdir)/openldap/openldap
757 + doins */*.so
758 + docinto contrib
759 + newdoc addrdnvalues/README addrdnvalues-README
760 +
761 + insinto /etc/openldap/schema
762 + newins "${DISTDIR}"/${BIS_P} ${BIS_PN}
763 +
764 + docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample*
765 + docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm
766 +
767 + dosbin "${S}"/contrib/slapd-tools/statslog
768 + newdoc "${S}"/contrib/slapd-tools/README README.statslog
769 + fi
770 +
771 + if ! use static-libs ; then
772 + find "${ED}" \( -name '*.a' -o -name '*.la' \) -delete || die
773 + fi
774 +}
775 +
776 +multilib_src_install_all() {
777 + dodoc ANNOUNCEMENT CHANGES COPYRIGHT README
778 + docinto rfc ; dodoc doc/rfc/*.txt
779 +}
780 +
781 +pkg_preinst() {
782 + # keep old libs if any
783 + preserve_old_lib /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.4$(get_libname 0)
784 + # bug 440470, only display the getting started help there was no openldap before,
785 + # or we are going to a non-minimal build
786 + ! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]'
787 + OPENLDAP_PRINT_MESSAGES=$((! $?))
788 +}
789 +
790 +pkg_postinst() {
791 + if ! use minimal ; then
792 + tmpfiles_process slapd.conf
793 +
794 + # You cannot build SSL certificates during src_install that will make
795 + # binary packages containing your SSL key, which is both a security risk
796 + # and a misconfiguration if multiple machines use the same key and cert.
797 + if use ssl; then
798 + install_cert /etc/openldap/ssl/ldap
799 + use prefix || chown ldap:ldap "${EROOT}"/etc/openldap/ssl/ldap.*
800 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
801 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
802 + ewarn "add 'TLS_REQCERT allow' if you want to use them."
803 + fi
804 +
805 + if use prefix; then
806 + # Warn about prefix issues with slapd
807 + eerror "slapd might NOT be usable on Prefix systems as it requires root privileges"
808 + eerror "to start up, and requires that certain files directories be owned by"
809 + eerror "ldap:ldap. As Prefix does not support changing ownership of files and"
810 + eerror "directories, you will have to manually fix this yourself."
811 + fi
812 +
813 + # These lines force the permissions of various content to be correct
814 + if [[ -d "${EROOT}"/var/run/openldap ]]; then
815 + use prefix || { chown ldap:ldap "${EROOT}"/var/run/openldap || die; }
816 + chmod 0755 "${EROOT}"/var/run/openldap || die
817 + fi
818 + use prefix || chown root:ldap "${EROOT}"/etc/openldap/slapd.conf{,.default}
819 + chmod 0640 "${EROOT}"/etc/openldap/slapd.conf{,.default} || die
820 + use prefix || chown ldap:ldap "${EROOT}"/var/lib/openldap-data
821 + fi
822 +
823 + if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then
824 + elog "Getting started using OpenLDAP? There is some documentation available:"
825 + elog "Gentoo Guide to OpenLDAP Authentication"
826 + elog "(https://wiki.gentoo.org/wiki/Centralized_authentication_using_OpenLDAP)"
827 + fi
828 +
829 + preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.4$(get_libname 0)
830 +}
Report Message
Find on MARC Find on Google Groups