Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Aaron Bauman <bman@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: net-nds/openldap/files/, net-nds/openldap/
Date: Sun, 29 Jan 2017 11:54:09
Message-Id: 1485690819.dc4c4517ab54955eae9a06893e1fc3939a59fb8f.bman@gentoo
1 commit: dc4c4517ab54955eae9a06893e1fc3939a59fb8f
2 Author: Aaron Bauman <bman <AT> gentoo <DOT> org>
3 AuthorDate: Sun Jan 29 11:53:39 2017 +0000
4 Commit: Aaron Bauman <bman <AT> gentoo <DOT> org>
5 CommitDate: Sun Jan 29 11:53:39 2017 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dc4c4517
7
8 Revert "net-nds/openldap: security and patch cleanup wrt bug #560424"
9
10 This reverts commit 24cf260188c1d266815d1e6329547b1d52de5a1b.
11
12 net-nds/openldap/Manifest | 5 +
13 net-nds/openldap/files/openldap-2.3.34-slapd-conf | 64 ++
14 .../openldap/files/openldap-2.4.15-ppolicy.patch | 12 +
15 .../openldap/files/openldap-2.4.33-gnutls.patch | 60 ++
16 .../files/openldap-2.4.40-mdb-unbundle.patch | 136 ++++
17 net-nds/openldap/files/openldap-2.4.40-slapd-conf | 64 ++
18 net-nds/openldap/files/slapd-initd-2.4.40 | 51 ++
19 net-nds/openldap/files/slapd-initd-2.4.40-r1 | 65 ++
20 net-nds/openldap/files/slapd-initd-2.4.40-r2 | 65 ++
21 net-nds/openldap/openldap-2.4.38-r2.ebuild | 761 +++++++++++++++++++
22 net-nds/openldap/openldap-2.4.39.ebuild | 760 +++++++++++++++++++
23 net-nds/openldap/openldap-2.4.40-r2.ebuild | 821 ++++++++++++++++++++
24 net-nds/openldap/openldap-2.4.40-r4.ebuild | 821 ++++++++++++++++++++
25 net-nds/openldap/openldap-2.4.40.ebuild | 822 ++++++++++++++++++++
26 net-nds/openldap/openldap-2.4.42-r1.ebuild | 828 ++++++++++++++++++++
27 net-nds/openldap/openldap-2.4.42.ebuild | 818 ++++++++++++++++++++
28 net-nds/openldap/openldap-2.4.43-r1.ebuild | 830 +++++++++++++++++++++
29 net-nds/openldap/openldap-2.4.43.ebuild | 825 ++++++++++++++++++++
30 18 files changed, 7808 insertions(+)
31
32 diff --git a/net-nds/openldap/Manifest b/net-nds/openldap/Manifest
33 index 0f5b7b5..d299ef0 100644
34 --- a/net-nds/openldap/Manifest
35 +++ b/net-nds/openldap/Manifest
36 @@ -1,3 +1,8 @@
37 DIST openldap-2.3.43.tgz 3803011 SHA256 d7d2dea05362c8ac7e11bb7bf1da4cdeb07225ba8dc16974bff9f51a9f3d37e1 SHA512 2b0ebb35adbeed34673e1a55cc7a89b348ddee7ad6ce7f915ca3745198cee992aba7281bf0d56197dcfd59665935d5d3764db0ba487975e4dbc2a2507d6ea7a6 WHIRLPOOL 7457112bbad83d75f7ad01230da97511a8d983a98f7e31357dbffd79a7ed7e53057af781002cae8c610d3ad7834dfeefbd7f223798d45aea8cd00b70f5ee0e39
38 +DIST openldap-2.4.38.tgz 5506085 SHA256 88209a3599ec5d9354fc09bbe29b99db1ffa1b612127c06bad0c5265d0b31fd1 SHA512 df7b6b2b84102ba996f84575396c7505ada851b5f09841fd821d34fd8d62580f85ecc655e2cd3965730b44d6919d64864f56b23791f38b411d142d345f250666 WHIRLPOOL bb6a19b353f9dcde07afe78052ce9d5db5a2aaa09236b69d22da0879e74c4de8587312bad66939702db30af779f7ee9720ad792b73d225f004a1a90d80a6fed1
39 +DIST openldap-2.4.39.tgz 5509060 SHA256 8267c87347103fef56b783b24877c0feda1063d3cb85d070e503d076584bf8a7 SHA512 7b5ef2a69f79f0901a06f8be4ab50afc3b3e98ab1ea74a421569443d32cb43d3cf773d3f028fb5fb39908c09ee172cb4770ecc5882754877a59d29bf8f8cc059 WHIRLPOOL 90ac4cff185855d569a8033a3e35a251d75e4a2805bcfa5ba5b3605ec88b2fc244b0e95aabd33c47c9846f29c95a17e1be43650442987f6abc043667e06f15cd
40 +DIST openldap-2.4.40.tgz 5641865 SHA256 d12611a5c25b6499293c2bb7b435dc2b174db73e83f5a8cb7e34f2ce5fa6dadb SHA512 c803c4a82878891d60414d64dcb54a7c3f08675106ba13f50cba06034a97b3eee1c238761dd5ddad97d8c3f6675d9bbbec176d0340eb4a3bcd808f940baabab5 WHIRLPOOL 82cb6033798ac69faf4a0d1f5d7716316f5fbfc67e0f3a013b5bae461a01e3029aa6fb7d510bc14eed4f40ef83632561a3fa39aebf2be2785e3d0e0038db048c
41 +DIST openldap-2.4.42.tgz 5645925 SHA256 eeb7b0e2c5852bfd2650e83909bb6152835c0b862fab10b63954dc1bcbba8e63 SHA512 52d6af7610c4fdc8f965ebea04d09c38f73773a02c2e484dc111100f3d472f8b2f766ca32d9c80f5815a57745095cc7c33ad62d9165eec5b9e252ae172e7782c WHIRLPOOL e151c63bfd10f5e96c60f216925315ed788d426ba2c15ee2793a4de4bb25d01717e7bb5144814a0e6a053a5d5a0aab75213a495aa47aa13f7c3e70716c01633e
42 +DIST openldap-2.4.43.tgz 5654057 SHA256 34d78e5598a2b0360d26a9050fcdbbe198c65493b013bb607839d5598b6978c8 SHA512 1306206bf22fcec2ccf4b91fd7eadf0207e7015f20d761a4055b0e0213fe1f4c275eec933d86220b03b558650439e74cdca07db05e8debb54d38be4e983b3631 WHIRLPOOL 0d4dc1c1f36f85c4711d0ec1d11107dac242f1d69b4f183e7762cc3ed3d7221c45bd44777e7441afe10156abc487da18f9bdf748244123dd62a241aefe7bca3f
43 DIST openldap-2.4.44.tgz 5658830 SHA256 d7de6bf3c67009c95525dde3a0212cc110d0a70b92af2af8e3ee800e81b88400 SHA512 132eb81798f59a364c9246d08697e1c7ebb6c2c3b983f786b14ec0233df09696cbad33a1f35f3076348b5efb77665a076ab854a24122c31e8b58310b7c7fd136 WHIRLPOOL 37399793d681a6489c369d663772970c62a4e1e370d4dc306bcb6fa3b9cb680139c9d940d9218aaac4618f50a63bc391b10f2aec0a134f84094ce4f7378c88ff
44 DIST rfc2307bis.schema-20140524 12262 SHA256 6cd8154ad86be1d6bb88a79c303dc10a49bce4ce7d21bb417a951d6496df30b1 SHA512 83b89a1deeefc8566b97e7e865b9b6d04541099cbdf719e24538a7d27d61b6209e87ab9003a9f140bd9afd018ec569e71721e3a24090e1902c8b6659d2ba103e WHIRLPOOL 40cef24529fb4bfc1661d03088eccdb17d9056d696b2bf0e698fa248d03f508ba776784bf8abbaffb5f4c2c59b59b29525b4be2babc978fed681e5e3c88073de
45
46 diff --git a/net-nds/openldap/files/openldap-2.3.34-slapd-conf b/net-nds/openldap/files/openldap-2.3.34-slapd-conf
47 new file mode 100644
48 index 00000000..ad767cf
49 --- /dev/null
50 +++ b/net-nds/openldap/files/openldap-2.3.34-slapd-conf
51 @@ -0,0 +1,64 @@
52 +#
53 +# See slapd.conf(5) for details on configuration options.
54 +# This file should NOT be world readable.
55 +#
56 +include /etc/openldap/schema/core.schema
57 +
58 +# Define global ACLs to disable default read access.
59 +
60 +# Do not enable referrals until AFTER you have a working directory
61 +# service AND an understanding of referrals.
62 +#referral ldap://root.openldap.org
63 +
64 +pidfile /var/run/openldap/slapd.pid
65 +argsfile /var/run/openldap/slapd.args
66 +
67 +# Load dynamic backend modules:
68 +###INSERTDYNAMICMODULESHERE###
69 +
70 +# Sample security restrictions
71 +# Require integrity protection (prevent hijacking)
72 +# Require 112-bit (3DES or better) encryption for updates
73 +# Require 63-bit encryption for simple bind
74 +# security ssf=1 update_ssf=112 simple_bind=64
75 +
76 +# Sample access control policy:
77 +# Root DSE: allow anyone to read it
78 +# Subschema (sub)entry DSE: allow anyone to read it
79 +# Other DSEs:
80 +# Allow self write access
81 +# Allow authenticated users read access
82 +# Allow anonymous users to authenticate
83 +# Directives needed to implement policy:
84 +# access to dn.base="" by * read
85 +# access to dn.base="cn=Subschema" by * read
86 +# access to *
87 +# by self write
88 +# by users read
89 +# by anonymous auth
90 +#
91 +# if no access controls are present, the default policy
92 +# allows anyone and everyone to read anything but restricts
93 +# updates to rootdn. (e.g., "access to * by * read")
94 +#
95 +# rootdn can always read and write EVERYTHING!
96 +
97 +#######################################################################
98 +# BDB database definitions
99 +#######################################################################
100 +
101 +database hdb
102 +suffix "dc=my-domain,dc=com"
103 +# <kbyte> <min>
104 +checkpoint 32 30
105 +rootdn "cn=Manager,dc=my-domain,dc=com"
106 +# Cleartext passwords, especially for the rootdn, should
107 +# be avoid. See slappasswd(8) and slapd.conf(5) for details.
108 +# Use of strong authentication encouraged.
109 +rootpw secret
110 +# The database directory MUST exist prior to running slapd AND
111 +# should only be accessible by the slapd and slap tools.
112 +# Mode 700 recommended.
113 +directory /var/lib/openldap-data
114 +# Indices to maintain
115 +index objectClass eq
116
117 diff --git a/net-nds/openldap/files/openldap-2.4.15-ppolicy.patch b/net-nds/openldap/files/openldap-2.4.15-ppolicy.patch
118 new file mode 100644
119 index 00000000..3195ee5
120 --- /dev/null
121 +++ b/net-nds/openldap/files/openldap-2.4.15-ppolicy.patch
122 @@ -0,0 +1,12 @@
123 +--- openldap-2.4.15/clients/tools/common.c.orig 2009-02-05 15:05:03.000000000 -0800
124 ++++ openldap-2.4.15/clients/tools/common.c 2009-03-21 01:45:14.000000000 -0700
125 +@@ -1315,8 +1315,8 @@
126 + int nsctrls = 0;
127 +
128 + #ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST
129 ++ LDAPControl c;
130 + if ( ppolicy ) {
131 +- LDAPControl c;
132 + c.ldctl_oid = LDAP_CONTROL_PASSWORDPOLICYREQUEST;
133 + c.ldctl_value.bv_val = NULL;
134 + c.ldctl_value.bv_len = 0;
135
136 diff --git a/net-nds/openldap/files/openldap-2.4.33-gnutls.patch b/net-nds/openldap/files/openldap-2.4.33-gnutls.patch
137 new file mode 100644
138 index 00000000..2b07c85
139 --- /dev/null
140 +++ b/net-nds/openldap/files/openldap-2.4.33-gnutls.patch
141 @@ -0,0 +1,60 @@
142 +From 98de912932732f1441300eb64ca3070ff1469fcf Mon Sep 17 00:00:00 2001
143 +From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <petr.pisar@×××××.cz>
144 +Date: Sun, 30 Dec 2012 21:11:06 +0100
145 +Subject: [PATCH] GnuTLS 3.0 removed gnutls_certificate_get_x509_cas()
146 +
147 +---
148 + libraries/libldap/tls_g.c | 23 +++++++++++++++++++++++
149 + 1 file changed, 23 insertions(+)
150 +
151 +diff --git a/libraries/libldap/tls_g.c b/libraries/libldap/tls_g.c
152 +index 40616f5..374514d 100644
153 +--- a/libraries/libldap/tls_g.c
154 ++++ b/libraries/libldap/tls_g.c
155 +@@ -60,6 +60,12 @@
156 + #undef HAVE_GCRYPT_RAND
157 + #endif
158 +
159 ++#if LIBGNUTLS_VERSION_NUMBER >= 0x030000
160 ++#define HAVE_GNUTLS_CERTIFICATE_GET_ISSUER 1
161 ++#else
162 ++#undef HAVE_GNUTLS_CERTIFICATE_GET_ISSUER
163 ++#endif
164 ++
165 + #ifndef HAVE_CIPHERSUITES
166 + /* Versions prior to 2.2.0 didn't handle cipher suites, so we had to
167 + * kludge them ourselves.
168 +@@ -368,6 +374,22 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
169 + * then we have to build the cert chain.
170 + */
171 + if ( max == 1 && !gnutls_x509_crt_check_issuer( certs[0], certs[0] )) {
172 ++#ifdef HAVE_GNUTLS_CERTIFICATE_GET_ISSUER
173 ++ gnutls_x509_crt_t issuer;
174 ++ unsigned int i;
175 ++
176 ++ for ( i = 1; i<VERIFY_DEPTH; i++ ) {
177 ++ /* If no CA is known, we're done */
178 ++ if ( gnutls_certificate_get_issuer( ctx->cred, certs[i-1],
179 ++ &issuer, 0 ) )
180 ++ break;
181 ++ certs[i] = issuer;
182 ++ max++;
183 ++ /* If this CA is self-signed, we're done */
184 ++ if ( gnutls_x509_crt_check_issuer( certs[i], certs[i] ))
185 ++ break;
186 ++ }
187 ++#else
188 + gnutls_x509_crt_t *cas;
189 + unsigned int i, j, ncas;
190 +
191 +@@ -387,6 +409,7 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
192 + if ( j == ncas )
193 + break;
194 + }
195 ++#endif /* !defined HAVE_GNUTLS_CERTIFICATE_GET_ISSUER */
196 + }
197 + rc = gnutls_certificate_set_x509_key( ctx->cred, certs, max, key );
198 + if ( rc ) return -1;
199 +--
200 +1.8.0.2
201 +
202
203 diff --git a/net-nds/openldap/files/openldap-2.4.40-mdb-unbundle.patch b/net-nds/openldap/files/openldap-2.4.40-mdb-unbundle.patch
204 new file mode 100644
205 index 00000000..9265a01
206 --- /dev/null
207 +++ b/net-nds/openldap/files/openldap-2.4.40-mdb-unbundle.patch
208 @@ -0,0 +1,136 @@
209 +--- ./build/top.mk.orig 2014-10-24 14:34:59.260827298 +0200
210 ++++ ./build/top.mk 2014-10-24 14:35:25.281168893 +0200
211 +@@ -160,6 +160,7 @@
212 + LTHREAD_LIBS = @LTHREAD_LIBS@
213 +
214 + BDB_LIBS = @BDB_LIBS@
215 ++MDB_LIBS = @MDB_LIBS@
216 + SLAPD_NDB_LIBS = @SLAPD_NDB_LIBS@
217 +
218 + LDAP_LIBLBER_LA = $(LDAP_LIBDIR)/liblber/liblber.la
219 +--- ./build/openldap.m4.orig 2014-10-24 10:52:02.837221734 +0200
220 ++++ ./build/openldap.m4 2014-10-24 11:31:02.748087966 +0200
221 +@@ -563,6 +563,38 @@
222 + ], [ol_cv_bdb_compat=yes], [ol_cv_bdb_compat=no])])
223 + ])
224 +
225 ++dnl --------------------------------------------------------------------
226 ++dnl Check for version compatility with back-mdb
227 ++AC_DEFUN([OL_MDB_COMPAT],
228 ++[AC_CACHE_CHECK([if LMDB version supported by MDB backends], [ol_cv_mdb_compat],[
229 ++ AC_EGREP_CPP(__mdb_version_compat,[
230 ++#include <lmdb.h>
231 ++
232 ++/* require 0.9.14 or later */
233 ++#if MDB_VERSION_FULL >= 0x00000009000E
234 ++ __mdb_version_compat
235 ++#endif
236 ++ ], [ol_cv_mdb_compat=yes], [ol_cv_mdb_compat=no])])
237 ++])
238 ++
239 ++dnl
240 ++dnl --------------------------------------------------------------------
241 ++dnl Find any MDB
242 ++AC_DEFUN([OL_MDB],
243 ++[ol_cv_mdb=no
244 ++AC_CHECK_HEADERS(lmdb.h)
245 ++if test $ac_cv_header_lmdb_h = yes; then
246 ++ OL_MDB_COMPAT
247 ++
248 ++ if test $ol_cv_mdb_compat != yes ; then
249 ++ AC_MSG_ERROR([LMDB version incompatible with MDB backends])
250 ++ fi
251 ++
252 ++ ol_cv_lib_mdb=-llmdb
253 ++ ol_cv_mdb=yes
254 ++fi
255 ++])
256 ++
257 + dnl
258 + dnl ====================================================================
259 + dnl Check POSIX Thread version
260 +--- ./servers/slapd/back-mdb/Makefile.in.orig 2014-10-24 10:31:30.860931076 +0200
261 ++++ ./servers/slapd/back-mdb/Makefile.in 2014-10-24 14:33:33.803705424 +0200
262 +@@ -25,11 +25,10 @@
263 + extended.lo operational.lo \
264 + attr.lo index.lo key.lo filterindex.lo \
265 + dn2entry.lo dn2id.lo id2entry.lo idl.lo \
266 +- nextid.lo monitor.lo mdb.lo midl.lo
267 ++ nextid.lo monitor.lo
268 +
269 + LDAP_INCDIR= ../../../include
270 + LDAP_LIBDIR= ../../../libraries
271 +-MDB_SUBDIR = $(srcdir)/$(LDAP_LIBDIR)/liblmdb
272 +
273 + BUILD_OPT = "--enable-mdb"
274 + BUILD_MOD = @BUILD_MDB@
275 +@@ -44,7 +43,7 @@
276 +
277 + LIBBASE = back_mdb
278 +
279 +-XINCPATH = -I.. -I$(srcdir)/.. -I$(MDB_SUBDIR)
280 ++XINCPATH = -I.. -I$(srcdir)/..
281 + XDEFS = $(MODULES_CPPFLAGS)
282 +
283 + all-local-lib: ../.backend
284 +@@ -52,11 +51,5 @@
285 + ../.backend: lib$(LIBBASE).a
286 + @touch $@
287 +
288 +-mdb.lo: $(MDB_SUBDIR)/mdb.c
289 +- $(LTCOMPILE_MOD) $(MDB_SUBDIR)/mdb.c
290 +-
291 +-midl.lo: $(MDB_SUBDIR)/midl.c
292 +- $(LTCOMPILE_MOD) $(MDB_SUBDIR)/midl.c
293 +-
294 + veryclean-local-lib: FORCE
295 + $(RM) $(XXHEADERS) $(XXSRCS) .links
296 +--- ./configure.in.orig 2014-10-24 10:46:53.289139847 +0200
297 ++++ ./configure.in 2014-10-24 10:51:34.372846374 +0200
298 +@@ -519,6 +519,7 @@
299 + dnl Initialize vars
300 + LDAP_LIBS=
301 + BDB_LIBS=
302 ++MDB_LIBS=
303 + SLAPD_NDB_LIBS=
304 + SLAPD_NDB_INCS=
305 + LTHREAD_LIBS=
306 +@@ -1905,6 +1906,30 @@
307 + fi
308 +
309 + dnl ----------------------------------------------------------------
310 ++ol_link_mdb=no
311 ++
312 ++if test $ol_enable_mdb != no; then
313 ++ OL_MDB
314 ++
315 ++ if test $ol_cv_mdb = no ; then
316 ++ AC_MSG_ERROR(MDB: LMDB not available)
317 ++ fi
318 ++
319 ++ AC_DEFINE(HAVE_MDB,1,
320 ++ [define this if LMDB is available])
321 ++
322 ++ dnl $ol_cv_lib_mdb should be yes or -llmdb
323 ++ dnl (it could be no, but that would be an error
324 ++ if test $ol_cv_lib_mdb != yes ; then
325 ++ MDB_LIBS="$MDB_LIBS $ol_cv_lib_mdb"
326 ++ fi
327 ++
328 ++ SLAPD_LIBS="$SLAPD_LIBS \$(MDB_LIBS)"
329 ++
330 ++ ol_link_mdb=yes
331 ++fi
332 ++
333 ++dnl ----------------------------------------------------------------
334 +
335 + if test $ol_enable_dynamic = yes && test $enable_shared = yes ; then
336 + BUILD_LIBS_DYNAMIC=shared
337 +@@ -3133,6 +3158,7 @@
338 + AC_SUBST(LDAP_LIBS)
339 + AC_SUBST(SLAPD_LIBS)
340 + AC_SUBST(BDB_LIBS)
341 ++AC_SUBST(MDB_LIBS)
342 + AC_SUBST(SLAPD_NDB_LIBS)
343 + AC_SUBST(SLAPD_NDB_INCS)
344 + AC_SUBST(LTHREAD_LIBS)
345
346 diff --git a/net-nds/openldap/files/openldap-2.4.40-slapd-conf b/net-nds/openldap/files/openldap-2.4.40-slapd-conf
347 new file mode 100644
348 index 00000000..8ecc732
349 --- /dev/null
350 +++ b/net-nds/openldap/files/openldap-2.4.40-slapd-conf
351 @@ -0,0 +1,64 @@
352 +#
353 +# See slapd.conf(5) for details on configuration options.
354 +# This file should NOT be world readable.
355 +#
356 +include /etc/openldap/schema/core.schema
357 +
358 +# Define global ACLs to disable default read access.
359 +
360 +# Do not enable referrals until AFTER you have a working directory
361 +# service AND an understanding of referrals.
362 +#referral ldap://root.openldap.org
363 +
364 +pidfile /run/openldap/slapd.pid
365 +argsfile /run/openldap/slapd.args
366 +
367 +# Load dynamic backend modules:
368 +###INSERTDYNAMICMODULESHERE###
369 +
370 +# Sample security restrictions
371 +# Require integrity protection (prevent hijacking)
372 +# Require 112-bit (3DES or better) encryption for updates
373 +# Require 63-bit encryption for simple bind
374 +# security ssf=1 update_ssf=112 simple_bind=64
375 +
376 +# Sample access control policy:
377 +# Root DSE: allow anyone to read it
378 +# Subschema (sub)entry DSE: allow anyone to read it
379 +# Other DSEs:
380 +# Allow self write access
381 +# Allow authenticated users read access
382 +# Allow anonymous users to authenticate
383 +# Directives needed to implement policy:
384 +# access to dn.base="" by * read
385 +# access to dn.base="cn=Subschema" by * read
386 +# access to *
387 +# by self write
388 +# by users read
389 +# by anonymous auth
390 +#
391 +# if no access controls are present, the default policy
392 +# allows anyone and everyone to read anything but restricts
393 +# updates to rootdn. (e.g., "access to * by * read")
394 +#
395 +# rootdn can always read and write EVERYTHING!
396 +
397 +#######################################################################
398 +# BDB database definitions
399 +#######################################################################
400 +
401 +database hdb
402 +suffix "dc=my-domain,dc=com"
403 +# <kbyte> <min>
404 +checkpoint 32 30
405 +rootdn "cn=Manager,dc=my-domain,dc=com"
406 +# Cleartext passwords, especially for the rootdn, should
407 +# be avoid. See slappasswd(8) and slapd.conf(5) for details.
408 +# Use of strong authentication encouraged.
409 +rootpw secret
410 +# The database directory MUST exist prior to running slapd AND
411 +# should only be accessible by the slapd and slap tools.
412 +# Mode 700 recommended.
413 +directory /var/lib/openldap-data
414 +# Indices to maintain
415 +index objectClass eq
416
417 diff --git a/net-nds/openldap/files/slapd-initd-2.4.40 b/net-nds/openldap/files/slapd-initd-2.4.40
418 new file mode 100644
419 index 00000000..473e9fd
420 --- /dev/null
421 +++ b/net-nds/openldap/files/slapd-initd-2.4.40
422 @@ -0,0 +1,51 @@
423 +#!/sbin/openrc-run
424 +# Copyright 1999-2014 Gentoo Foundation
425 +# Distributed under the terms of the GNU General Public License v2
426 +# $Id$
427 +
428 +extra_commands="checkconfig"
429 +
430 +[ -z "$INSTANCE" ] && INSTANCE="openldap${SVCNAME#slapd}"
431 +PIDDIR=/run/openldap
432 +PIDFILE=$PIDDIR/$SVCNAME.pid
433 +
434 +depend() {
435 + need net
436 + before dbus hald avahi-daemon
437 + provide ldap
438 +}
439 +
440 +start() {
441 + checkpath -q -d ${PIDDIR} -o ldap:ldap
442 + if ! checkconfig -Q ; then
443 + eerror "There is a problem with your slapd.conf!"
444 + return 1
445 + fi
446 + ebegin "Starting ldap-server"
447 + [ -n "$KRB5_KTNAME" ] && export KRB5_KTNAME
448 + eval start-stop-daemon --start --pidfile ${PIDFILE} --exec /usr/lib/openldap/slapd -- -u ldap -g ldap "${OPTS}"
449 + eend $?
450 +}
451 +
452 +stop() {
453 + ebegin "Stopping ldap-server"
454 + start-stop-daemon --stop --signal 2 --quiet --pidfile ${PIDFILE}
455 + eend $?
456 +}
457 +
458 +checkconfig() {
459 + # checks requested by bug #502948
460 + for d in `awk '/^directory/{print $2}'`; do
461 + if [ ! -d $d ]; then
462 + eerror "Directory $d in config does not exist!"
463 + return 1
464 + fi
465 + /usr/bin/find $d ! -name DB_CONFIG ! -user ldap -o ! -group ldap |grep -sq .
466 + if [ $? -ne 0 ]; then
467 + ewarn "You have files in $d not owned by the ldap user, you must ensure they are accessible to the slapd instance!"
468 + fi
469 + [ ! -e $d/DB_CONFIG ] && ewarn "$d/DB_CONFIG does not exist, slapd performance may be sub-optimal"
470 + done
471 + # now test the config fully
472 + /usr/sbin/slaptest -u "$@" ${OPTS_CONF}
473 +}
474
475 diff --git a/net-nds/openldap/files/slapd-initd-2.4.40-r1 b/net-nds/openldap/files/slapd-initd-2.4.40-r1
476 new file mode 100644
477 index 00000000..3547e07
478 --- /dev/null
479 +++ b/net-nds/openldap/files/slapd-initd-2.4.40-r1
480 @@ -0,0 +1,65 @@
481 +#!/sbin/openrc-run
482 +# Copyright 1999-2014 Gentoo Foundation
483 +# Distributed under the terms of the GNU General Public License v2
484 +# $Id$
485 +
486 +extra_commands="checkconfig"
487 +
488 +[ -z "$INSTANCE" ] && INSTANCE="openldap${SVCNAME#slapd}"
489 +PIDDIR=/run/openldap
490 +PIDFILE=$PIDDIR/$SVCNAME.pid
491 +
492 +depend() {
493 + need net
494 + before dbus hald avahi-daemon
495 + provide ldap
496 +}
497 +
498 +start() {
499 + checkpath -q -d ${PIDDIR} -o ldap:ldap
500 + if ! checkconfig -Q ; then
501 + eerror "There is a problem with your slapd.conf!"
502 + return 1
503 + fi
504 + ebegin "Starting ldap-server"
505 + [ -n "$KRB5_KTNAME" ] && export KRB5_KTNAME
506 + eval start-stop-daemon --start --pidfile ${PIDFILE} --exec /usr/lib/openldap/slapd -- -u ldap -g ldap "${OPTS}"
507 + eend $?
508 +}
509 +
510 +stop() {
511 + ebegin "Stopping ldap-server"
512 + start-stop-daemon --stop --signal 2 --quiet --pidfile ${PIDFILE}
513 + eend $?
514 +}
515 +
516 +checkconfig() {
517 + # checks requested by bug #502948
518 + # Step 1: extract the last valid config file or config dir
519 + set -- $OPTS
520 + while [ -n "$*" ]; do
521 + opt=$1 ; shift
522 + if [ "$opt" = "-f" -o "$opt" = "-F" ] ; then
523 + CONF=$1
524 + shift
525 + fi
526 + done
527 + set --
528 + # Fallback
529 + CONF=${CONF-/etc/openldap/slapd.conf}
530 + [ -d $CONF ] && CONF=${CONF}/*
531 + DBDIRS=`eval awk '"/^(directory|olcDbDirectory:)/{print \$2}"' $CONF`
532 + for d in $DBDIRS; do
533 + if [ ! -d $d ]; then
534 + eerror "Directory $d in config does not exist!"
535 + return 1
536 + fi
537 + /usr/bin/find $d ! -name DB_CONFIG ! -user ldap -o ! -group ldap |grep -sq .
538 + if [ $? -ne 0 ]; then
539 + ewarn "You have files in $d not owned by the ldap user, you must ensure they are accessible to the slapd instance!"
540 + fi
541 + [ ! -e $d/DB_CONFIG ] && ewarn "$d/DB_CONFIG does not exist, slapd performance may be sub-optimal"
542 + done
543 + # now test the config fully
544 + /usr/sbin/slaptest -u "$@" ${OPTS_CONF}
545 +}
546
547 diff --git a/net-nds/openldap/files/slapd-initd-2.4.40-r2 b/net-nds/openldap/files/slapd-initd-2.4.40-r2
548 new file mode 100644
549 index 00000000..9ce071a
550 --- /dev/null
551 +++ b/net-nds/openldap/files/slapd-initd-2.4.40-r2
552 @@ -0,0 +1,65 @@
553 +#!/sbin/openrc-run
554 +# Copyright 1999-2015 Gentoo Foundation
555 +# Distributed under the terms of the GNU General Public License v2
556 +# $Id$
557 +
558 +extra_commands="checkconfig"
559 +
560 +[ -z "$INSTANCE" ] && INSTANCE="openldap${SVCNAME#slapd}"
561 +PIDDIR=/run/openldap
562 +PIDFILE=$PIDDIR/$SVCNAME.pid
563 +
564 +depend() {
565 + need net
566 + before dbus hald avahi-daemon
567 + provide ldap
568 +}
569 +
570 +start() {
571 + checkpath -q -d ${PIDDIR} -o ldap:ldap
572 + if ! checkconfig -Q ; then
573 + eerror "There is a problem with your slapd.conf!"
574 + return 1
575 + fi
576 + ebegin "Starting ldap-server"
577 + [ -n "$KRB5_KTNAME" ] && export KRB5_KTNAME
578 + eval start-stop-daemon --start --pidfile ${PIDFILE} --exec /usr/lib/openldap/slapd -- -u ldap -g ldap "${OPTS}"
579 + eend $?
580 +}
581 +
582 +stop() {
583 + ebegin "Stopping ldap-server"
584 + start-stop-daemon --stop --signal 2 --quiet --pidfile ${PIDFILE}
585 + eend $?
586 +}
587 +
588 +checkconfig() {
589 + # checks requested by bug #502948
590 + # Step 1: extract the last valid config file or config dir
591 + set -- $OPTS
592 + while [ -n "$*" ]; do
593 + opt=$1 ; shift
594 + if [ "$opt" = "-f" -o "$opt" = "-F" ] ; then
595 + CONF=$1
596 + shift
597 + fi
598 + done
599 + set --
600 + # Fallback
601 + CONF=${CONF-/etc/openldap/slapd.conf}
602 + [ -d $CONF ] && CONF=${CONF}/*
603 + DBDIRS=`eval awk '"/^(directory|olcDbDirectory:)/{print \\$2}"' $CONF`
604 + for d in $DBDIRS; do
605 + if [ ! -d $d ]; then
606 + eerror "Directory $d in config does not exist!"
607 + return 1
608 + fi
609 + /usr/bin/find $d ! -name DB_CONFIG ! -user ldap -o ! -group ldap |grep -sq .
610 + if [ $? -ne 0 ]; then
611 + ewarn "You have files in $d not owned by the ldap user, you must ensure they are accessible to the slapd instance!"
612 + fi
613 + [ ! -e $d/DB_CONFIG ] && ewarn "$d/DB_CONFIG does not exist, slapd performance may be sub-optimal"
614 + done
615 + # now test the config fully
616 + /usr/sbin/slaptest -u "$@" ${OPTS_CONF}
617 +}
618
619 diff --git a/net-nds/openldap/openldap-2.4.38-r2.ebuild b/net-nds/openldap/openldap-2.4.38-r2.ebuild
620 new file mode 100644
621 index 00000000..1706a4a
622 --- /dev/null
623 +++ b/net-nds/openldap/openldap-2.4.38-r2.ebuild
624 @@ -0,0 +1,761 @@
625 +# Copyright 1999-2016 Gentoo Foundation
626 +# Distributed under the terms of the GNU General Public License v2
627 +# $Id$
628 +
629 +EAPI="5"
630 +
631 +inherit db-use eutils flag-o-matic multilib multilib-minimal ssl-cert versionator toolchain-funcs autotools user systemd
632 +
633 +BIS_PN=rfc2307bis.schema
634 +BIS_PV=20140524
635 +BIS_P="${BIS_PN}-${BIS_PV}"
636 +
637 +DESCRIPTION="LDAP suite of application and development tools"
638 +HOMEPAGE="http://www.OpenLDAP.org/"
639 +
640 +# mirrors are mostly not working, using canonical URI
641 +SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz
642 + mirror://gentoo/${BIS_P}"
643 +
644 +LICENSE="OPENLDAP GPL-2"
645 +SLOT="0"
646 +KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~x86-linux ~x86-solaris"
647 +
648 +IUSE_DAEMON="crypt icu samba slp tcpd experimental minimal"
649 +IUSE_BACKEND="+berkdb"
650 +IUSE_OVERLAY="overlays perl"
651 +IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 +syslog selinux"
652 +IUSE_CONTRIB="smbkrb5passwd kerberos"
653 +IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
654 +IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
655 +
656 +REQUIRED_USE="cxx? ( sasl )"
657 +
658 +# openssl is needed to generate lanman-passwords required by samba
659 +CDEPEND="icu? ( dev-libs/icu:= )
660 + ssl? ( !gnutls? ( >=dev-libs/openssl-1.0.1h-r2[${MULTILIB_USEDEP}] )
661 + gnutls? ( >=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}] >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] ) )
662 + sasl? ( dev-libs/cyrus-sasl:= )
663 + !minimal? (
664 + sys-devel/libtool
665 + tcpd? ( sys-apps/tcp-wrappers )
666 + odbc? ( !iodbc? ( dev-db/unixODBC )
667 + iodbc? ( dev-db/libiodbc ) )
668 + slp? ( net-libs/openslp )
669 + perl? ( dev-lang/perl:=[-build(-)] )
670 + samba? ( dev-libs/openssl )
671 + berkdb? ( sys-libs/db )
672 + smbkrb5passwd? (
673 + dev-libs/openssl
674 + app-crypt/heimdal )
675 + kerberos? ( virtual/krb5 )
676 + cxx? ( dev-libs/cyrus-sasl:= )
677 + )
678 + abi_x86_32? (
679 + !<=app-emulation/emul-linux-x86-baselibs-20140508-r3
680 + !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
681 + )"
682 +DEPEND="${CDEPEND}
683 + sys-apps/groff"
684 +RDEPEND="${CDEPEND}
685 + selinux? ( sec-policy/selinux-ldap )
686 +"
687 +
688 +# for tracking versions
689 +OPENLDAP_VERSIONTAG=".version-tag"
690 +OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
691 +
692 +MULTILIB_WRAPPED_HEADERS=(
693 + # USE=cxx
694 + /usr/include/LDAPAsynConnection.h
695 + /usr/include/LDAPAttrType.h
696 + /usr/include/LDAPAttribute.h
697 + /usr/include/LDAPAttributeList.h
698 + /usr/include/LDAPConnection.h
699 + /usr/include/LDAPConstraints.h
700 + /usr/include/LDAPControl.h
701 + /usr/include/LDAPControlSet.h
702 + /usr/include/LDAPEntry.h
703 + /usr/include/LDAPEntryList.h
704 + /usr/include/LDAPException.h
705 + /usr/include/LDAPExtResult.h
706 + /usr/include/LDAPMessage.h
707 + /usr/include/LDAPMessageQueue.h
708 + /usr/include/LDAPModList.h
709 + /usr/include/LDAPModification.h
710 + /usr/include/LDAPObjClass.h
711 + /usr/include/LDAPRebind.h
712 + /usr/include/LDAPRebindAuth.h
713 + /usr/include/LDAPReferenceList.h
714 + /usr/include/LDAPResult.h
715 + /usr/include/LDAPSaslBindResult.h
716 + /usr/include/LDAPSchema.h
717 + /usr/include/LDAPSearchReference.h
718 + /usr/include/LDAPSearchResult.h
719 + /usr/include/LDAPSearchResults.h
720 + /usr/include/LDAPUrl.h
721 + /usr/include/LDAPUrlList.h
722 + /usr/include/LdifReader.h
723 + /usr/include/LdifWriter.h
724 + /usr/include/SaslInteraction.h
725 + /usr/include/SaslInteractionHandler.h
726 + /usr/include/StringList.h
727 + /usr/include/TlsOptions.h
728 +)
729 +
730 +openldap_filecount() {
731 + local dir="$1"
732 + find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
733 +}
734 +
735 +openldap_find_versiontags() {
736 + # scan for all datadirs
737 + openldap_datadirs=""
738 + if [ -f "${EROOT}"/etc/openldap/slapd.conf ]; then
739 + openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${EROOT}/etc/openldap/slapd.conf)"
740 + fi
741 + openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
742 +
743 + einfo
744 + einfo "Scanning datadir(s) from slapd.conf and"
745 + einfo "the default installdir for Versiontags"
746 + einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
747 + einfo
748 +
749 + # scan datadirs if we have a version tag
750 + openldap_found_tag=0
751 + have_files=0
752 + for each in ${openldap_datadirs}; do
753 + CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
754 + CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
755 + if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
756 + einfo "- Checking ${each}..."
757 + if [ -r ${CURRENT_TAG} ] ; then
758 + # yey, we have one :)
759 + einfo " Found Versiontag in ${each}"
760 + source ${CURRENT_TAG}
761 + if [ "${OLDPF}" == "" ] ; then
762 + eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
763 + eerror "Please delete it"
764 + eerror
765 + die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
766 + fi
767 +
768 + OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
769 +
770 + [ $(openldap_filecount ${CURRENT_TAGDIR}) -gt 0 ] && have_files=1
771 +
772 + # are we on the same branch?
773 + if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
774 + ewarn " Versiontag doesn't match current major release!"
775 + if [[ "${have_files}" == "1" ]] ; then
776 + eerror " Versiontag says other major and you (probably) have datafiles!"
777 + echo
778 + openldap_upgrade_howto
779 + else
780 + einfo " No real problem, seems there's no database."
781 + fi
782 + else
783 + einfo " Versiontag is fine here :)"
784 + fi
785 + else
786 + einfo " Non-tagged dir ${each}"
787 + [ $(openldap_filecount ${each}) -gt 0 ] && have_files=1
788 + if [[ "${have_files}" == "1" ]] ; then
789 + einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
790 + echo
791 +
792 + eerror
793 + eerror "Your OpenLDAP Installation has a non tagged datadir that"
794 + eerror "possibly contains a database at ${CURRENT_TAGDIR}"
795 + eerror
796 + eerror "Please export data if any entered and empty or remove"
797 + eerror "the directory, installation has been stopped so you"
798 + eerror "can take required action"
799 + eerror
800 + eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
801 + eerror
802 + openldap_upgrade_howto
803 + die "Please move the datadir ${CURRENT_TAGDIR} away"
804 + fi
805 + fi
806 + einfo
807 + fi
808 + done
809 + [ "${have_files}" == "1" ] && einfo "DB files present" || einfo "No DB files present"
810 +
811 + # Now we must check for the major version of sys-libs/db linked against.
812 + SLAPD_PATH=${EROOT}/usr/$(get_libdir)/openldap/slapd
813 + if [ "${have_files}" == "1" -a -f "${SLAPD_PATH}" ]; then
814 + OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
815 + | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
816 + NEWVER="$(use berkdb && db_findver sys-libs/db)"
817 + local fail=0
818 + if [ -z "${OLDVER}" -a -z "${NEWVER}" ]; then
819 + :
820 + # Nothing wrong here.
821 + elif [ -z "${OLDVER}" -a -n "${NEWVER}" ]; then
822 + eerror " Your existing version of OpenLDAP was not built against"
823 + eerror " any version of sys-libs/db, but the new one will build"
824 + eerror " against ${NEWVER} and your database may be inaccessible."
825 + echo
826 + fail=1
827 + elif [ -n "${OLDVER}" -a -z "${NEWVER}" ]; then
828 + eerror " Your existing version of OpenLDAP was built against"
829 + eerror " sys-libs/db:${OLDVER}, but the new one will not be"
830 + eerror " built against any version and your database may be"
831 + eerror " inaccessible."
832 + echo
833 + fail=1
834 + elif [ "${OLDVER}" != "${NEWVER}" ]; then
835 + eerror " Your existing version of OpenLDAP was built against"
836 + eerror " sys-libs/db:${OLDVER}, but the new one will build against"
837 + eerror " ${NEWVER} and your database would be inaccessible."
838 + echo
839 + fail=1
840 + fi
841 + [ "${fail}" == "1" ] && openldap_upgrade_howto
842 + fi
843 +
844 + echo
845 + einfo
846 + einfo "All datadirs are fine, proceeding with merge now..."
847 + einfo
848 +}
849 +
850 +openldap_upgrade_howto() {
851 + eerror
852 + eerror "A (possible old) installation of OpenLDAP was detected,"
853 + eerror "installation will not proceed for now."
854 + eerror
855 + eerror "As major version upgrades can corrupt your database,"
856 + eerror "you need to dump your database and re-create it afterwards."
857 + eerror
858 + eerror "Additionally, rebuilding against different major versions of the"
859 + eerror "sys-libs/db libraries will cause your database to be inaccessible."
860 + eerror ""
861 + d="$(date -u +%s)"
862 + l="/root/ldapdump.${d}"
863 + i="${l}.raw"
864 + eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
865 + eerror " 2. slapcat -l ${i}"
866 + eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
867 + eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
868 + eerror " 5. emerge --update \=net-nds/${PF}"
869 + eerror " 6. etc-update, and ensure that you apply the changes"
870 + eerror " 7. slapadd -l ${l}"
871 + eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
872 + eerror " 9. /etc/init.d/slapd start"
873 + eerror "10. check that your data is intact."
874 + eerror "11. set up the new replication system."
875 + eerror
876 + if [ "${FORCE_UPGRADE}" != "1" ]; then
877 + die "You need to upgrade your database first"
878 + else
879 + eerror "You have the magical FORCE_UPGRADE=1 in place."
880 + eerror "Don't say you weren't warned about data loss."
881 + fi
882 +}
883 +
884 +pkg_setup() {
885 + if ! use sasl && use cxx ; then
886 + die "To build the ldapc++ library you must emerge openldap with sasl support"
887 + fi
888 + # Bug #322787
889 + if use minimal && ! has_version "net-nds/openldap" ; then
890 + einfo "No datadir scan needed, openldap not installed"
891 + elif use minimal && has_version "net-nds/openldap" && built_with_use net-nds/openldap minimal ; then
892 + einfo "Skipping scan for previous datadirs as requested by minimal useflag"
893 + else
894 + openldap_find_versiontags
895 + fi
896 +
897 + # The user/group are only used for running daemons which are
898 + # disabled in minimal builds, so elide the accounts too.
899 + if ! use minimal ; then
900 + enewgroup ldap 439
901 + enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
902 + fi
903 +}
904 +
905 +src_prepare() {
906 + # ensure correct SLAPI path by default
907 + sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \
908 + "${S}"/include/ldap_defaults.h
909 +
910 + epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
911 +
912 + epatch \
913 + "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \
914 + "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
915 +
916 + # bug #116045 - still present in 2.4.28
917 + epatch "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
918 + # bug #408077 - samba4
919 + epatch "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
920 +
921 + # bug #189817
922 + epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
923 +
924 + # bug #233633
925 + epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch
926 +
927 + # bug #281495
928 + epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
929 +
930 + # bug #294350
931 + epatch "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
932 +
933 + # unbreak /bin/sh -> dash
934 + epatch "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
935 +
936 + # bug #420959
937 + epatch "${FILESDIR}"/${PN}-2.4.31-gcc47.patch
938 +
939 + # bug #421463
940 + epatch "${FILESDIR}"/${PN}-2.4.33-gnutls.patch
941 +
942 + cd "${S}"/build || die
943 + einfo "Making sure upstream build strip does not do stripping too early"
944 + sed -i.orig \
945 + -e '/^STRIP/s,-s,,g' \
946 + top.mk || die "Failed to block stripping"
947 +
948 + # wrong assumption that /bin/sh is /bin/bash
949 + sed -i \
950 + -e 's|/bin/sh|/bin/bash|g' \
951 + "${S}"/tests/scripts/* || die "sed failed"
952 +
953 + cd "${S}" || die
954 + AT_NOEAUTOMAKE=yes eautoreconf
955 +}
956 +
957 +build_contrib_module() {
958 + # <dir> <sources> <outputname>
959 + cd "${S}/contrib/slapd-modules/$1" || die
960 + einfo "Compiling contrib-module: $3"
961 + # Make sure it's uppercase
962 + local define_name="$(echo "SLAPD_OVER_${1}" | LC_ALL=C tr '[:lower:]' '[:upper:]')"
963 + "${lt}" --mode=compile --tag=CC \
964 + "${CC}" \
965 + -D${define_name}=SLAPD_MOD_DYNAMIC \
966 + -I"${BUILD_DIR}"/include \
967 + -I../../../include -I../../../servers/slapd ${CFLAGS} \
968 + -o ${2%.c}.lo -c $2 || die "compiling $3 failed"
969 + einfo "Linking contrib-module: $3"
970 + "${lt}" --mode=link --tag=CC \
971 + "${CC}" -module \
972 + ${CFLAGS} \
973 + ${LDFLAGS} \
974 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
975 + -o $3.la ${2%.c}.lo || die "linking $3 failed"
976 +}
977 +
978 +src_configure() {
979 + #Fix for glibc-2.8 and ucred. Bug 228457.
980 + append-flags -D_GNU_SOURCE
981 +
982 + # Bug 408001
983 + use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync
984 +
985 + # connectionless ldap per bug #342439
986 + append-cppflags -DLDAP_CONNECTIONLESS
987 +
988 + multilib-minimal_src_configure
989 +}
990 +
991 +multilib_src_configure() {
992 + local myconf=()
993 +
994 + use debug && myconf+=( $(use_enable debug) )
995 +
996 + # ICU usage is not configurable
997 + export ac_cv_header_unicode_utypes_h="$(multilib_is_native_abi && use icu && echo yes || echo no)"
998 +
999 + if ! use minimal && multilib_is_native_abi; then
1000 + local CPPFLAGS=${CPPFLAGS}
1001 +
1002 + # re-enable serverside overlay chains per bug #296567
1003 + # see ldap docs chaper 12.3.1 for details
1004 + myconf+=( --enable-ldap )
1005 +
1006 + # backends
1007 + myconf+=( --enable-slapd )
1008 + if use berkdb ; then
1009 + einfo "Using Berkeley DB for local backend"
1010 + myconf+=( --enable-bdb --enable-hdb )
1011 + # We need to include the slotted db.h dir for FreeBSD
1012 + append-cppflags -I$(db_includedir)
1013 + else
1014 + ewarn
1015 + ewarn "Note: if you disable berkdb, you can only use remote-backends!"
1016 + ewarn
1017 + myconf+=( --disable-bdb --disable-hdb )
1018 + fi
1019 + for backend in dnssrv ldap meta monitor null passwd relay shell sock; do
1020 + myconf+=( --enable-${backend}=mod )
1021 + done
1022 +
1023 + myconf+=( $(use_enable perl perl mod) )
1024 +
1025 + myconf+=( $(use_enable odbc sql mod) )
1026 + if use odbc ; then
1027 + local odbc_lib="unixodbc"
1028 + if use iodbc ; then
1029 + odbc_lib="iodbc"
1030 + append-cppflags -I"${EPREFIX}"/usr/include/iodbc
1031 + fi
1032 + myconf+=( --with-odbc=${odbc_lib} )
1033 + fi
1034 +
1035 + # slapd options
1036 + myconf+=(
1037 + $(use_enable crypt)
1038 + $(use_enable slp)
1039 + $(use_enable samba lmpasswd)
1040 + $(use_enable syslog)
1041 + )
1042 + if use experimental ; then
1043 + myconf+=(
1044 + --enable-dynacl
1045 + --enable-aci=mod
1046 + )
1047 + fi
1048 + for option in aci cleartext modules rewrite rlookups slapi; do
1049 + myconf+=( --enable-${option} )
1050 + done
1051 +
1052 + # slapd overlay options
1053 + # Compile-in the syncprov, the others as module
1054 + myconf+=( --enable-syncprov=yes )
1055 + use overlays && myconf+=( --enable-overlays=mod )
1056 +
1057 + else
1058 + myconf+=(
1059 + --disable-slapd
1060 + --disable-bdb
1061 + --disable-hdb
1062 + --disable-overlays
1063 + --disable-syslog
1064 + )
1065 + fi
1066 +
1067 + # basic functionality stuff
1068 + myconf+=(
1069 + $(use_enable ipv6)
1070 + $(multilib_native_use_with sasl cyrus-sasl)
1071 + $(multilib_native_use_enable sasl spasswd)
1072 + $(use_enable tcpd wrappers)
1073 + )
1074 +
1075 + # Some cross-compiling tests don't pan out well.
1076 + tc-is-cross-compiler && myconf+=(
1077 + --with-yielding-select=yes
1078 + )
1079 +
1080 + local ssl_lib="no"
1081 + if use ssl || ( ! use minimal && use samba ) ; then
1082 + ssl_lib="openssl"
1083 + use gnutls && ssl_lib="gnutls"
1084 + fi
1085 +
1086 + myconf+=( --with-tls=${ssl_lib} )
1087 +
1088 + for basicflag in dynamic local proctitle shared static; do
1089 + myconf+=( --enable-${basicflag} )
1090 + done
1091 +
1092 + tc-export AR CC CXX
1093 + ECONF_SOURCE=${S} \
1094 + STRIP=/bin/true \
1095 + econf \
1096 + --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
1097 + "${myconf[@]}"
1098 + emake depend
1099 +}
1100 +
1101 +src_configure_cxx() {
1102 + # This needs the libraries built by the first build run.
1103 + # So we have to run it AFTER the main build, not just after the main
1104 + # configure.
1105 + local myconf_ldapcpp=(
1106 + --with-ldap-includes="${S}"/include
1107 + )
1108 +
1109 + mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die
1110 + cd "${BUILD_DIR}/contrib/ldapc++" || die
1111 +
1112 + local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS}
1113 + append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
1114 + -L"${BUILD_DIR}"/libraries/libldap/.libs
1115 + append-cppflags -I"${BUILD_DIR}"/include
1116 + ECONF_SOURCE=${S}/contrib/ldapc++ \
1117 + econf "${myconf_ldapcpp[@]}" \
1118 + CC="${CC}" \
1119 + CXX="${CXX}"
1120 +}
1121 +
1122 +multilib_src_compile() {
1123 + tc-export AR CC CXX
1124 + emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash
1125 + local lt="${BUILD_DIR}/libtool"
1126 + export echo="echo"
1127 +
1128 + if ! use minimal && multilib_is_native_abi ; then
1129 + if use cxx ; then
1130 + einfo "Building contrib library: ldapc++"
1131 + src_configure_cxx
1132 + cd "${BUILD_DIR}/contrib/ldapc++" || die
1133 + emake \
1134 + CC="${CC}" CXX="${CXX}"
1135 + fi
1136 +
1137 + if use smbkrb5passwd ; then
1138 + einfo "Building contrib-module: smbk5pwd"
1139 + cd "${S}/contrib/slapd-modules/smbk5pwd" || die
1140 +
1141 + emake \
1142 + DEFS="-DDO_SAMBA -DDO_KRB5 -DDO_SHADOW" \
1143 + KRB5_INC="$(krb5-config --cflags)" \
1144 + LDAP_BUILD="${BUILD_DIR}" \
1145 + CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
1146 + fi
1147 +
1148 + if use overlays ; then
1149 + einfo "Building contrib-module: samba4"
1150 + cd "${S}/contrib/slapd-modules/samba4" || die
1151 +
1152 + emake \
1153 + LDAP_BUILD="${BUILD_DIR}" \
1154 + CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap"
1155 + fi
1156 +
1157 + if use kerberos ; then
1158 + cd "${S}/contrib/slapd-modules/passwd" || die
1159 + einfo "Compiling contrib-module: pw-kerberos"
1160 + "${lt}" --mode=compile --tag=CC \
1161 + "${CC}" \
1162 + -I"${BUILD_DIR}"/include \
1163 + -I../../../include \
1164 + ${CFLAGS} \
1165 + $(krb5-config --cflags) \
1166 + -DHAVE_KRB5 \
1167 + -o kerberos.lo \
1168 + -c kerberos.c || die "compiling pw-kerberos failed"
1169 + einfo "Linking contrib-module: pw-kerberos"
1170 + "${lt}" --mode=link --tag=CC \
1171 + "${CC}" -module \
1172 + ${CFLAGS} \
1173 + ${LDFLAGS} \
1174 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
1175 + -o pw-kerberos.la \
1176 + kerberos.lo || die "linking pw-kerberos failed"
1177 + fi
1178 + # We could build pw-radius if GNURadius would install radlib.h
1179 + cd "${S}/contrib/slapd-modules/passwd" || die
1180 + einfo "Compiling contrib-module: pw-netscape"
1181 + "${lt}" --mode=compile --tag=CC \
1182 + "${CC}" \
1183 + -I"${BUILD_DIR}"/include \
1184 + -I../../../include \
1185 + ${CFLAGS} \
1186 + -o netscape.lo \
1187 + -c netscape.c || die "compiling pw-netscape failed"
1188 + einfo "Linking contrib-module: pw-netscape"
1189 + "${lt}" --mode=link --tag=CC \
1190 + "${CC}" -module \
1191 + ${CFLAGS} \
1192 + ${LDFLAGS} \
1193 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
1194 + -o pw-netscape.la \
1195 + netscape.lo || die "linking pw-netscape failed"
1196 +
1197 + build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
1198 + build_contrib_module "allop" "allop.c" "overlay-allop"
1199 + build_contrib_module "allowed" "allowed.c" "allowed"
1200 + build_contrib_module "autogroup" "autogroup.c" "autogroup"
1201 + build_contrib_module "denyop" "denyop.c" "denyop-overlay"
1202 + build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
1203 + # lastmod may not play well with other overlays
1204 + build_contrib_module "lastmod" "lastmod.c" "lastmod"
1205 + build_contrib_module "nops" "nops.c" "nops-overlay"
1206 + build_contrib_module "trace" "trace.c" "trace"
1207 + # build slapi-plugins
1208 + cd "${S}/contrib/slapi-plugins/addrdnvalues" || die
1209 + einfo "Building contrib-module: addrdnvalues plugin"
1210 + "${CC}" -shared \
1211 + -I"${BUILD_DIR}"/include \
1212 + -I../../../include \
1213 + ${CFLAGS} \
1214 + -fPIC \
1215 + ${LDFLAGS} \
1216 + -o libaddrdnvalues-plugin.so \
1217 + addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
1218 +
1219 + fi
1220 +}
1221 +
1222 +multilib_src_test() {
1223 + if multilib_is_native_abi; then
1224 + cd tests || die
1225 + make tests || die "make tests failed"
1226 + fi
1227 +}
1228 +
1229 +multilib_src_install() {
1230 + local lt="${BUILD_DIR}/libtool"
1231 + emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install
1232 +
1233 + if ! use minimal && multilib_is_native_abi; then
1234 + # openldap modules go here
1235 + # TODO: write some code to populate slapd.conf with moduleload statements
1236 + keepdir /usr/$(get_libdir)/openldap/openldap/
1237 +
1238 + # initial data storage dir
1239 + keepdir /var/lib/openldap-data
1240 + use prefix || fowners ldap:ldap /var/lib/openldap-data
1241 + fperms 0700 /var/lib/openldap-data
1242 +
1243 + echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
1244 + echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
1245 + echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
1246 +
1247 + # use our config
1248 + rm "${ED}"etc/openldap/slapd.conf
1249 + insinto /etc/openldap
1250 + newins "${FILESDIR}"/${PN}-2.3.34-slapd-conf slapd.conf
1251 + configfile="${ED}"etc/openldap/slapd.conf
1252 +
1253 + # populate with built backends
1254 + ebegin "populate config with built backends"
1255 + for x in "${ED}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
1256 + elog "Adding $(basename ${x})"
1257 + sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
1258 + done
1259 + sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
1260 + use prefix || fowners root:ldap /etc/openldap/slapd.conf
1261 + fperms 0640 /etc/openldap/slapd.conf
1262 + cp "${configfile}" "${configfile}".default
1263 + eend
1264 +
1265 + # install our own init scripts and systemd unit files
1266 + newinitd "${FILESDIR}"/slapd-initd-2.4.28-r1 slapd
1267 + newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd
1268 + systemd_dounit "${FILESDIR}"/slapd.service
1269 + systemd_install_serviced "${FILESDIR}"/slapd.service.conf
1270 + systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf
1271 +
1272 + if [[ $(get_libdir) != lib ]]; then
1273 + sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i \
1274 + "${ED}"/etc/init.d/slapd \
1275 + "${ED}"/usr/lib/systemd/system/slapd.service || die
1276 + fi
1277 + # If built without SLP, we don't need to be before avahi
1278 + use slp \
1279 + || sed -i \
1280 + -e '/before/{s/avahi-daemon//g}' \
1281 + "${ED}"etc/init.d/slapd
1282 +
1283 + if use cxx ; then
1284 + einfo "Install the ldapc++ library"
1285 + cd "${BUILD_DIR}/contrib/ldapc++" || die
1286 + emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
1287 + cd "${S}"/contrib/ldapc++ || die
1288 + newdoc README ldapc++-README
1289 + fi
1290 +
1291 + if use smbkrb5passwd ; then
1292 + einfo "Install the smbk5pwd module"
1293 + cd "${S}/contrib/slapd-modules/smbk5pwd" || die
1294 + emake DESTDIR="${D}" \
1295 + LDAP_BUILD="${BUILD_DIR}" \
1296 + libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
1297 + newdoc README smbk5pwd-README
1298 + fi
1299 +
1300 + if use overlays ; then
1301 + einfo "Install the samba4 module"
1302 + cd "${S}/contrib/slapd-modules/samba4" || die
1303 + emake DESTDIR="${D}" \
1304 + LDAP_BUILD="${BUILD_DIR}" \
1305 + libexecdir="/usr/$(get_libdir)/openldap" install
1306 + newdoc README samba4-README
1307 + fi
1308 +
1309 + einfo "Installing contrib modules"
1310 + cd "${S}/contrib/slapd-modules" || die
1311 + for l in */*.la; do
1312 + "${lt}" --mode=install cp ${l} \
1313 + "${ED}"usr/$(get_libdir)/openldap/openldap || \
1314 + die "installing ${l} failed"
1315 + done
1316 +
1317 + docinto contrib
1318 + newdoc addpartial/README addpartial-README
1319 + newdoc allop/README allop-README
1320 + doman allop/slapo-allop.5
1321 + newdoc autogroup/README autogroup-README
1322 + newdoc denyop/denyop.c denyop-denyop.c
1323 + newdoc dsaschema/README dsaschema-README
1324 + doman lastmod/slapo-lastmod.5
1325 + doman nops/slapo-nops.5
1326 + newdoc passwd/README passwd-README
1327 + cd "${S}/contrib/slapi-plugins" || die
1328 + insinto /usr/$(get_libdir)/openldap/openldap
1329 + doins */*.so
1330 + docinto contrib
1331 + newdoc addrdnvalues/README addrdnvalues-README
1332 +
1333 + insinto /etc/openldap/schema
1334 + newins "${DISTDIR}"/${BIS_P} ${BIS_PN}
1335 + fi
1336 +}
1337 +
1338 +multilib_src_install_all() {
1339 + dodoc ANNOUNCEMENT CHANGES COPYRIGHT README "${FILESDIR}"/DB_CONFIG.fast.example
1340 + docinto rfc ; dodoc doc/rfc/*.txt
1341 +}
1342 +
1343 +pkg_preinst() {
1344 + # keep old libs if any
1345 + preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0)
1346 +}
1347 +
1348 +pkg_postinst() {
1349 + if ! use minimal ; then
1350 + # You cannot build SSL certificates during src_install that will make
1351 + # binary packages containing your SSL key, which is both a security risk
1352 + # and a misconfiguration if multiple machines use the same key and cert.
1353 + if use ssl; then
1354 + install_cert /etc/openldap/ssl/ldap
1355 + use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.*
1356 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
1357 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
1358 + ewarn "add 'TLS_REQCERT never' if you want to use them."
1359 + fi
1360 +
1361 + if use prefix; then
1362 + # Warn about prefix issues with slapd
1363 + eerror "slapd might NOT be usable on Prefix systems as it requires root privileges"
1364 + eerror "to start up, and requires that certain files directories be owned by"
1365 + eerror "ldap:ldap. As Prefix does not support changing ownership of files and"
1366 + eerror "directories, you will have to manually fix this yourself."
1367 + fi
1368 +
1369 + # These lines force the permissions of various content to be correct
1370 + use prefix || chown ldap:ldap "${EROOT}"var/run/openldap
1371 + chmod 0755 "${EROOT}"var/run/openldap
1372 + use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default}
1373 + chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default}
1374 + use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data
1375 + fi
1376 +
1377 + elog "Getting started using OpenLDAP? There is some documentation available:"
1378 + elog "Gentoo Guide to OpenLDAP Authentication"
1379 + elog "(https://www.gentoo.org/doc/en/ldap-howto.xml)"
1380 + elog "---"
1381 + elog "An example file for tuning BDB backends with openldap is"
1382 + elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
1383 +
1384 + preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0)
1385 +}
1386
1387 diff --git a/net-nds/openldap/openldap-2.4.39.ebuild b/net-nds/openldap/openldap-2.4.39.ebuild
1388 new file mode 100644
1389 index 00000000..8386830
1390 --- /dev/null
1391 +++ b/net-nds/openldap/openldap-2.4.39.ebuild
1392 @@ -0,0 +1,760 @@
1393 +# Copyright 1999-2016 Gentoo Foundation
1394 +# Distributed under the terms of the GNU General Public License v2
1395 +# $Id$
1396 +
1397 +EAPI="5"
1398 +
1399 +inherit db-use eutils flag-o-matic multilib multilib-minimal ssl-cert versionator toolchain-funcs autotools user systemd
1400 +
1401 +BIS_PN=rfc2307bis.schema
1402 +BIS_PV=20140524
1403 +BIS_P="${BIS_PN}-${BIS_PV}"
1404 +
1405 +DESCRIPTION="LDAP suite of application and development tools"
1406 +HOMEPAGE="http://www.OpenLDAP.org/"
1407 +
1408 +# mirrors are mostly not working, using canonical URI
1409 +SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz
1410 + mirror://gentoo/${BIS_P}"
1411 +
1412 +LICENSE="OPENLDAP GPL-2"
1413 +SLOT="0"
1414 +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~x86-linux ~x86-solaris"
1415 +
1416 +IUSE_DAEMON="crypt icu samba slp tcpd experimental minimal"
1417 +IUSE_BACKEND="+berkdb"
1418 +IUSE_OVERLAY="overlays perl"
1419 +IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 +syslog selinux"
1420 +IUSE_CONTRIB="smbkrb5passwd kerberos"
1421 +IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
1422 +IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
1423 +
1424 +REQUIRED_USE="cxx? ( sasl )"
1425 +
1426 +# openssl is needed to generate lanman-passwords required by samba
1427 +CDEPEND="icu? ( dev-libs/icu:= )
1428 + ssl? ( !gnutls? ( >=dev-libs/openssl-1.0.1h-r2[${MULTILIB_USEDEP}] )
1429 + gnutls? ( >=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}] >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] ) )
1430 + sasl? ( dev-libs/cyrus-sasl:= )
1431 + !minimal? (
1432 + sys-devel/libtool
1433 + tcpd? ( sys-apps/tcp-wrappers )
1434 + odbc? ( !iodbc? ( dev-db/unixODBC )
1435 + iodbc? ( dev-db/libiodbc ) )
1436 + slp? ( net-libs/openslp )
1437 + perl? ( dev-lang/perl:=[-build(-)] )
1438 + samba? ( dev-libs/openssl )
1439 + berkdb? ( sys-libs/db )
1440 + smbkrb5passwd? (
1441 + dev-libs/openssl
1442 + app-crypt/heimdal )
1443 + kerberos? ( virtual/krb5 )
1444 + cxx? ( dev-libs/cyrus-sasl:= )
1445 + )
1446 + abi_x86_32? (
1447 + !<=app-emulation/emul-linux-x86-baselibs-20140508-r3
1448 + !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
1449 + )"
1450 +DEPEND="${CDEPEND}
1451 + sys-apps/groff"
1452 +RDEPEND="${CDEPEND}
1453 + selinux? ( sec-policy/selinux-ldap )
1454 +"
1455 +# for tracking versions
1456 +OPENLDAP_VERSIONTAG=".version-tag"
1457 +OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
1458 +
1459 +MULTILIB_WRAPPED_HEADERS=(
1460 + # USE=cxx
1461 + /usr/include/LDAPAsynConnection.h
1462 + /usr/include/LDAPAttrType.h
1463 + /usr/include/LDAPAttribute.h
1464 + /usr/include/LDAPAttributeList.h
1465 + /usr/include/LDAPConnection.h
1466 + /usr/include/LDAPConstraints.h
1467 + /usr/include/LDAPControl.h
1468 + /usr/include/LDAPControlSet.h
1469 + /usr/include/LDAPEntry.h
1470 + /usr/include/LDAPEntryList.h
1471 + /usr/include/LDAPException.h
1472 + /usr/include/LDAPExtResult.h
1473 + /usr/include/LDAPMessage.h
1474 + /usr/include/LDAPMessageQueue.h
1475 + /usr/include/LDAPModList.h
1476 + /usr/include/LDAPModification.h
1477 + /usr/include/LDAPObjClass.h
1478 + /usr/include/LDAPRebind.h
1479 + /usr/include/LDAPRebindAuth.h
1480 + /usr/include/LDAPReferenceList.h
1481 + /usr/include/LDAPResult.h
1482 + /usr/include/LDAPSaslBindResult.h
1483 + /usr/include/LDAPSchema.h
1484 + /usr/include/LDAPSearchReference.h
1485 + /usr/include/LDAPSearchResult.h
1486 + /usr/include/LDAPSearchResults.h
1487 + /usr/include/LDAPUrl.h
1488 + /usr/include/LDAPUrlList.h
1489 + /usr/include/LdifReader.h
1490 + /usr/include/LdifWriter.h
1491 + /usr/include/SaslInteraction.h
1492 + /usr/include/SaslInteractionHandler.h
1493 + /usr/include/StringList.h
1494 + /usr/include/TlsOptions.h
1495 +)
1496 +
1497 +openldap_filecount() {
1498 + local dir="$1"
1499 + find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
1500 +}
1501 +
1502 +openldap_find_versiontags() {
1503 + # scan for all datadirs
1504 + openldap_datadirs=""
1505 + if [ -f "${EROOT}"/etc/openldap/slapd.conf ]; then
1506 + openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${EROOT}/etc/openldap/slapd.conf)"
1507 + fi
1508 + openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
1509 +
1510 + einfo
1511 + einfo "Scanning datadir(s) from slapd.conf and"
1512 + einfo "the default installdir for Versiontags"
1513 + einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
1514 + einfo
1515 +
1516 + # scan datadirs if we have a version tag
1517 + openldap_found_tag=0
1518 + have_files=0
1519 + for each in ${openldap_datadirs}; do
1520 + CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
1521 + CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
1522 + if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
1523 + einfo "- Checking ${each}..."
1524 + if [ -r ${CURRENT_TAG} ] ; then
1525 + # yey, we have one :)
1526 + einfo " Found Versiontag in ${each}"
1527 + source ${CURRENT_TAG}
1528 + if [ "${OLDPF}" == "" ] ; then
1529 + eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
1530 + eerror "Please delete it"
1531 + eerror
1532 + die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
1533 + fi
1534 +
1535 + OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
1536 +
1537 + [ $(openldap_filecount ${CURRENT_TAGDIR}) -gt 0 ] && have_files=1
1538 +
1539 + # are we on the same branch?
1540 + if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
1541 + ewarn " Versiontag doesn't match current major release!"
1542 + if [[ "${have_files}" == "1" ]] ; then
1543 + eerror " Versiontag says other major and you (probably) have datafiles!"
1544 + echo
1545 + openldap_upgrade_howto
1546 + else
1547 + einfo " No real problem, seems there's no database."
1548 + fi
1549 + else
1550 + einfo " Versiontag is fine here :)"
1551 + fi
1552 + else
1553 + einfo " Non-tagged dir ${each}"
1554 + [ $(openldap_filecount ${each}) -gt 0 ] && have_files=1
1555 + if [[ "${have_files}" == "1" ]] ; then
1556 + einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
1557 + echo
1558 +
1559 + eerror
1560 + eerror "Your OpenLDAP Installation has a non tagged datadir that"
1561 + eerror "possibly contains a database at ${CURRENT_TAGDIR}"
1562 + eerror
1563 + eerror "Please export data if any entered and empty or remove"
1564 + eerror "the directory, installation has been stopped so you"
1565 + eerror "can take required action"
1566 + eerror
1567 + eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
1568 + eerror
1569 + openldap_upgrade_howto
1570 + die "Please move the datadir ${CURRENT_TAGDIR} away"
1571 + fi
1572 + fi
1573 + einfo
1574 + fi
1575 + done
1576 + [ "${have_files}" == "1" ] && einfo "DB files present" || einfo "No DB files present"
1577 +
1578 + # Now we must check for the major version of sys-libs/db linked against.
1579 + SLAPD_PATH=${EROOT}/usr/$(get_libdir)/openldap/slapd
1580 + if [ "${have_files}" == "1" -a -f "${SLAPD_PATH}" ]; then
1581 + OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
1582 + | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
1583 + NEWVER="$(use berkdb && db_findver sys-libs/db)"
1584 + local fail=0
1585 + if [ -z "${OLDVER}" -a -z "${NEWVER}" ]; then
1586 + :
1587 + # Nothing wrong here.
1588 + elif [ -z "${OLDVER}" -a -n "${NEWVER}" ]; then
1589 + eerror " Your existing version of OpenLDAP was not built against"
1590 + eerror " any version of sys-libs/db, but the new one will build"
1591 + eerror " against ${NEWVER} and your database may be inaccessible."
1592 + echo
1593 + fail=1
1594 + elif [ -n "${OLDVER}" -a -z "${NEWVER}" ]; then
1595 + eerror " Your existing version of OpenLDAP was built against"
1596 + eerror " sys-libs/db:${OLDVER}, but the new one will not be"
1597 + eerror " built against any version and your database may be"
1598 + eerror " inaccessible."
1599 + echo
1600 + fail=1
1601 + elif [ "${OLDVER}" != "${NEWVER}" ]; then
1602 + eerror " Your existing version of OpenLDAP was built against"
1603 + eerror " sys-libs/db:${OLDVER}, but the new one will build against"
1604 + eerror " ${NEWVER} and your database would be inaccessible."
1605 + echo
1606 + fail=1
1607 + fi
1608 + [ "${fail}" == "1" ] && openldap_upgrade_howto
1609 + fi
1610 +
1611 + echo
1612 + einfo
1613 + einfo "All datadirs are fine, proceeding with merge now..."
1614 + einfo
1615 +}
1616 +
1617 +openldap_upgrade_howto() {
1618 + eerror
1619 + eerror "A (possible old) installation of OpenLDAP was detected,"
1620 + eerror "installation will not proceed for now."
1621 + eerror
1622 + eerror "As major version upgrades can corrupt your database,"
1623 + eerror "you need to dump your database and re-create it afterwards."
1624 + eerror
1625 + eerror "Additionally, rebuilding against different major versions of the"
1626 + eerror "sys-libs/db libraries will cause your database to be inaccessible."
1627 + eerror ""
1628 + d="$(date -u +%s)"
1629 + l="/root/ldapdump.${d}"
1630 + i="${l}.raw"
1631 + eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
1632 + eerror " 2. slapcat -l ${i}"
1633 + eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
1634 + eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
1635 + eerror " 5. emerge --update \=net-nds/${PF}"
1636 + eerror " 6. etc-update, and ensure that you apply the changes"
1637 + eerror " 7. slapadd -l ${l}"
1638 + eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
1639 + eerror " 9. /etc/init.d/slapd start"
1640 + eerror "10. check that your data is intact."
1641 + eerror "11. set up the new replication system."
1642 + eerror
1643 + if [ "${FORCE_UPGRADE}" != "1" ]; then
1644 + die "You need to upgrade your database first"
1645 + else
1646 + eerror "You have the magical FORCE_UPGRADE=1 in place."
1647 + eerror "Don't say you weren't warned about data loss."
1648 + fi
1649 +}
1650 +
1651 +pkg_setup() {
1652 + if ! use sasl && use cxx ; then
1653 + die "To build the ldapc++ library you must emerge openldap with sasl support"
1654 + fi
1655 + # Bug #322787
1656 + if use minimal && ! has_version "net-nds/openldap" ; then
1657 + einfo "No datadir scan needed, openldap not installed"
1658 + elif use minimal && has_version "net-nds/openldap" && built_with_use net-nds/openldap minimal ; then
1659 + einfo "Skipping scan for previous datadirs as requested by minimal useflag"
1660 + else
1661 + openldap_find_versiontags
1662 + fi
1663 +
1664 + # The user/group are only used for running daemons which are
1665 + # disabled in minimal builds, so elide the accounts too.
1666 + if ! use minimal ; then
1667 + enewgroup ldap 439
1668 + enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
1669 + fi
1670 +}
1671 +
1672 +src_prepare() {
1673 + # ensure correct SLAPI path by default
1674 + sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \
1675 + "${S}"/include/ldap_defaults.h
1676 +
1677 + epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
1678 +
1679 + epatch \
1680 + "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \
1681 + "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
1682 +
1683 + # bug #116045 - still present in 2.4.28
1684 + epatch "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
1685 + # bug #408077 - samba4
1686 + epatch "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
1687 +
1688 + # bug #189817
1689 + epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
1690 +
1691 + # bug #233633
1692 + epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch
1693 +
1694 + # bug #281495
1695 + epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
1696 +
1697 + # bug #294350
1698 + epatch "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
1699 +
1700 + # unbreak /bin/sh -> dash
1701 + epatch "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
1702 +
1703 + # bug #420959
1704 + epatch "${FILESDIR}"/${PN}-2.4.31-gcc47.patch
1705 +
1706 + # bug #421463
1707 + epatch "${FILESDIR}"/${PN}-2.4.33-gnutls.patch
1708 +
1709 + cd "${S}"/build || die
1710 + einfo "Making sure upstream build strip does not do stripping too early"
1711 + sed -i.orig \
1712 + -e '/^STRIP/s,-s,,g' \
1713 + top.mk || die "Failed to block stripping"
1714 +
1715 + # wrong assumption that /bin/sh is /bin/bash
1716 + sed -i \
1717 + -e 's|/bin/sh|/bin/bash|g' \
1718 + "${S}"/tests/scripts/* || die "sed failed"
1719 +
1720 + cd "${S}" || die
1721 + AT_NOEAUTOMAKE=yes eautoreconf
1722 +}
1723 +
1724 +build_contrib_module() {
1725 + # <dir> <sources> <outputname>
1726 + cd "${S}/contrib/slapd-modules/$1" || die
1727 + einfo "Compiling contrib-module: $3"
1728 + # Make sure it's uppercase
1729 + local define_name="$(echo "SLAPD_OVER_${1}" | LC_ALL=C tr '[:lower:]' '[:upper:]')"
1730 + "${lt}" --mode=compile --tag=CC \
1731 + "${CC}" \
1732 + -D${define_name}=SLAPD_MOD_DYNAMIC \
1733 + -I"${BUILD_DIR}"/include \
1734 + -I../../../include -I../../../servers/slapd ${CFLAGS} \
1735 + -o ${2%.c}.lo -c $2 || die "compiling $3 failed"
1736 + einfo "Linking contrib-module: $3"
1737 + "${lt}" --mode=link --tag=CC \
1738 + "${CC}" -module \
1739 + ${CFLAGS} \
1740 + ${LDFLAGS} \
1741 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
1742 + -o $3.la ${2%.c}.lo || die "linking $3 failed"
1743 +}
1744 +
1745 +src_configure() {
1746 + #Fix for glibc-2.8 and ucred. Bug 228457.
1747 + append-flags -D_GNU_SOURCE
1748 +
1749 + # Bug 408001
1750 + use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync
1751 +
1752 + # connectionless ldap per bug #342439
1753 + append-cppflags -DLDAP_CONNECTIONLESS
1754 +
1755 + multilib-minimal_src_configure
1756 +}
1757 +
1758 +multilib_src_configure() {
1759 + local myconf=()
1760 +
1761 + use debug && myconf+=( $(use_enable debug) )
1762 +
1763 + # ICU usage is not configurable
1764 + export ac_cv_header_unicode_utypes_h="$(multilib_is_native_abi && use icu && echo yes || echo no)"
1765 +
1766 + if ! use minimal && multilib_is_native_abi; then
1767 + local CPPFLAGS=${CPPFLAGS}
1768 +
1769 + # re-enable serverside overlay chains per bug #296567
1770 + # see ldap docs chaper 12.3.1 for details
1771 + myconf+=( --enable-ldap )
1772 +
1773 + # backends
1774 + myconf+=( --enable-slapd )
1775 + if use berkdb ; then
1776 + einfo "Using Berkeley DB for local backend"
1777 + myconf+=( --enable-bdb --enable-hdb )
1778 + # We need to include the slotted db.h dir for FreeBSD
1779 + append-cppflags -I$(db_includedir)
1780 + else
1781 + ewarn
1782 + ewarn "Note: if you disable berkdb, you can only use remote-backends!"
1783 + ewarn
1784 + myconf+=( --disable-bdb --disable-hdb )
1785 + fi
1786 + for backend in dnssrv ldap meta monitor null passwd relay shell sock; do
1787 + myconf+=( --enable-${backend}=mod )
1788 + done
1789 +
1790 + myconf+=( $(use_enable perl perl mod) )
1791 +
1792 + myconf+=( $(use_enable odbc sql mod) )
1793 + if use odbc ; then
1794 + local odbc_lib="unixodbc"
1795 + if use iodbc ; then
1796 + odbc_lib="iodbc"
1797 + append-cppflags -I"${EPREFIX}"/usr/include/iodbc
1798 + fi
1799 + myconf+=( --with-odbc=${odbc_lib} )
1800 + fi
1801 +
1802 + # slapd options
1803 + myconf+=(
1804 + $(use_enable crypt)
1805 + $(use_enable slp)
1806 + $(use_enable samba lmpasswd)
1807 + $(use_enable syslog)
1808 + )
1809 + if use experimental ; then
1810 + myconf+=(
1811 + --enable-dynacl
1812 + --enable-aci=mod
1813 + )
1814 + fi
1815 + for option in aci cleartext modules rewrite rlookups slapi; do
1816 + myconf+=( --enable-${option} )
1817 + done
1818 +
1819 + # slapd overlay options
1820 + # Compile-in the syncprov, the others as module
1821 + myconf+=( --enable-syncprov=yes )
1822 + use overlays && myconf+=( --enable-overlays=mod )
1823 +
1824 + else
1825 + myconf+=(
1826 + --disable-slapd
1827 + --disable-bdb
1828 + --disable-hdb
1829 + --disable-overlays
1830 + --disable-syslog
1831 + )
1832 + fi
1833 +
1834 + # basic functionality stuff
1835 + myconf+=(
1836 + $(use_enable ipv6)
1837 + $(multilib_native_use_with sasl cyrus-sasl)
1838 + $(multilib_native_use_enable sasl spasswd)
1839 + $(use_enable tcpd wrappers)
1840 + )
1841 +
1842 + # Some cross-compiling tests don't pan out well.
1843 + tc-is-cross-compiler && myconf+=(
1844 + --with-yielding-select=yes
1845 + )
1846 +
1847 + local ssl_lib="no"
1848 + if use ssl || ( ! use minimal && use samba ) ; then
1849 + ssl_lib="openssl"
1850 + use gnutls && ssl_lib="gnutls"
1851 + fi
1852 +
1853 + myconf+=( --with-tls=${ssl_lib} )
1854 +
1855 + for basicflag in dynamic local proctitle shared static; do
1856 + myconf+=( --enable-${basicflag} )
1857 + done
1858 +
1859 + tc-export AR CC CXX
1860 + ECONF_SOURCE=${S} \
1861 + STRIP=/bin/true \
1862 + econf \
1863 + --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
1864 + "${myconf[@]}"
1865 + emake depend
1866 +}
1867 +
1868 +src_configure_cxx() {
1869 + # This needs the libraries built by the first build run.
1870 + # So we have to run it AFTER the main build, not just after the main
1871 + # configure.
1872 + local myconf_ldapcpp=(
1873 + --with-ldap-includes="${S}"/include
1874 + )
1875 +
1876 + mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die
1877 + cd "${BUILD_DIR}/contrib/ldapc++" || die
1878 +
1879 + local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS}
1880 + append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
1881 + -L"${BUILD_DIR}"/libraries/libldap/.libs
1882 + append-cppflags -I"${BUILD_DIR}"/include
1883 + ECONF_SOURCE=${S}/contrib/ldapc++ \
1884 + econf "${myconf_ldapcpp[@]}" \
1885 + CC="${CC}" \
1886 + CXX="${CXX}"
1887 +}
1888 +
1889 +multilib_src_compile() {
1890 + tc-export AR CC CXX
1891 + emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash
1892 + local lt="${BUILD_DIR}/libtool"
1893 + export echo="echo"
1894 +
1895 + if ! use minimal && multilib_is_native_abi ; then
1896 + if use cxx ; then
1897 + einfo "Building contrib library: ldapc++"
1898 + src_configure_cxx
1899 + cd "${BUILD_DIR}/contrib/ldapc++" || die
1900 + emake \
1901 + CC="${CC}" CXX="${CXX}"
1902 + fi
1903 +
1904 + if use smbkrb5passwd ; then
1905 + einfo "Building contrib-module: smbk5pwd"
1906 + cd "${S}/contrib/slapd-modules/smbk5pwd" || die
1907 +
1908 + emake \
1909 + DEFS="-DDO_SAMBA -DDO_KRB5 -DDO_SHADOW" \
1910 + KRB5_INC="$(krb5-config --cflags)" \
1911 + LDAP_BUILD="${BUILD_DIR}" \
1912 + CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
1913 + fi
1914 +
1915 + if use overlays ; then
1916 + einfo "Building contrib-module: samba4"
1917 + cd "${S}/contrib/slapd-modules/samba4" || die
1918 +
1919 + emake \
1920 + LDAP_BUILD="${BUILD_DIR}" \
1921 + CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap"
1922 + fi
1923 +
1924 + if use kerberos ; then
1925 + cd "${S}/contrib/slapd-modules/passwd" || die
1926 + einfo "Compiling contrib-module: pw-kerberos"
1927 + "${lt}" --mode=compile --tag=CC \
1928 + "${CC}" \
1929 + -I"${BUILD_DIR}"/include \
1930 + -I../../../include \
1931 + ${CFLAGS} \
1932 + $(krb5-config --cflags) \
1933 + -DHAVE_KRB5 \
1934 + -o kerberos.lo \
1935 + -c kerberos.c || die "compiling pw-kerberos failed"
1936 + einfo "Linking contrib-module: pw-kerberos"
1937 + "${lt}" --mode=link --tag=CC \
1938 + "${CC}" -module \
1939 + ${CFLAGS} \
1940 + ${LDFLAGS} \
1941 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
1942 + -o pw-kerberos.la \
1943 + kerberos.lo || die "linking pw-kerberos failed"
1944 + fi
1945 + # We could build pw-radius if GNURadius would install radlib.h
1946 + cd "${S}/contrib/slapd-modules/passwd" || die
1947 + einfo "Compiling contrib-module: pw-netscape"
1948 + "${lt}" --mode=compile --tag=CC \
1949 + "${CC}" \
1950 + -I"${BUILD_DIR}"/include \
1951 + -I../../../include \
1952 + ${CFLAGS} \
1953 + -o netscape.lo \
1954 + -c netscape.c || die "compiling pw-netscape failed"
1955 + einfo "Linking contrib-module: pw-netscape"
1956 + "${lt}" --mode=link --tag=CC \
1957 + "${CC}" -module \
1958 + ${CFLAGS} \
1959 + ${LDFLAGS} \
1960 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
1961 + -o pw-netscape.la \
1962 + netscape.lo || die "linking pw-netscape failed"
1963 +
1964 + build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
1965 + build_contrib_module "allop" "allop.c" "overlay-allop"
1966 + build_contrib_module "allowed" "allowed.c" "allowed"
1967 + build_contrib_module "autogroup" "autogroup.c" "autogroup"
1968 + build_contrib_module "denyop" "denyop.c" "denyop-overlay"
1969 + build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
1970 + # lastmod may not play well with other overlays
1971 + build_contrib_module "lastmod" "lastmod.c" "lastmod"
1972 + build_contrib_module "nops" "nops.c" "nops-overlay"
1973 + build_contrib_module "trace" "trace.c" "trace"
1974 + # build slapi-plugins
1975 + cd "${S}/contrib/slapi-plugins/addrdnvalues" || die
1976 + einfo "Building contrib-module: addrdnvalues plugin"
1977 + "${CC}" -shared \
1978 + -I"${BUILD_DIR}"/include \
1979 + -I../../../include \
1980 + ${CFLAGS} \
1981 + -fPIC \
1982 + ${LDFLAGS} \
1983 + -o libaddrdnvalues-plugin.so \
1984 + addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
1985 +
1986 + fi
1987 +}
1988 +
1989 +multilib_src_test() {
1990 + if multilib_is_native_abi; then
1991 + cd tests || die
1992 + make tests || die "make tests failed"
1993 + fi
1994 +}
1995 +
1996 +multilib_src_install() {
1997 + local lt="${BUILD_DIR}/libtool"
1998 + emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install
1999 +
2000 + if ! use minimal && multilib_is_native_abi; then
2001 + # openldap modules go here
2002 + # TODO: write some code to populate slapd.conf with moduleload statements
2003 + keepdir /usr/$(get_libdir)/openldap/openldap/
2004 +
2005 + # initial data storage dir
2006 + keepdir /var/lib/openldap-data
2007 + use prefix || fowners ldap:ldap /var/lib/openldap-data
2008 + fperms 0700 /var/lib/openldap-data
2009 +
2010 + echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
2011 + echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
2012 + echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
2013 +
2014 + # use our config
2015 + rm "${ED}"etc/openldap/slapd.conf
2016 + insinto /etc/openldap
2017 + newins "${FILESDIR}"/${PN}-2.3.34-slapd-conf slapd.conf
2018 + configfile="${ED}"etc/openldap/slapd.conf
2019 +
2020 + # populate with built backends
2021 + ebegin "populate config with built backends"
2022 + for x in "${ED}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
2023 + elog "Adding $(basename ${x})"
2024 + sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
2025 + done
2026 + sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
2027 + use prefix || fowners root:ldap /etc/openldap/slapd.conf
2028 + fperms 0640 /etc/openldap/slapd.conf
2029 + cp "${configfile}" "${configfile}".default
2030 + eend
2031 +
2032 + # install our own init scripts and systemd unit files
2033 + newinitd "${FILESDIR}"/slapd-initd-2.4.28-r1 slapd
2034 + newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd
2035 + systemd_dounit "${FILESDIR}"/slapd.service
2036 + systemd_install_serviced "${FILESDIR}"/slapd.service.conf
2037 + systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf
2038 +
2039 + if [[ $(get_libdir) != lib ]]; then
2040 + sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i \
2041 + "${ED}"/etc/init.d/slapd \
2042 + "${ED}"/usr/lib/systemd/system/slapd.service || die
2043 + fi
2044 + # If built without SLP, we don't need to be before avahi
2045 + use slp \
2046 + || sed -i \
2047 + -e '/before/{s/avahi-daemon//g}' \
2048 + "${ED}"etc/init.d/slapd
2049 +
2050 + if use cxx ; then
2051 + einfo "Install the ldapc++ library"
2052 + cd "${BUILD_DIR}/contrib/ldapc++" || die
2053 + emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
2054 + cd "${S}"/contrib/ldapc++ || die
2055 + newdoc README ldapc++-README
2056 + fi
2057 +
2058 + if use smbkrb5passwd ; then
2059 + einfo "Install the smbk5pwd module"
2060 + cd "${S}/contrib/slapd-modules/smbk5pwd" || die
2061 + emake DESTDIR="${D}" \
2062 + LDAP_BUILD="${BUILD_DIR}" \
2063 + libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
2064 + newdoc README smbk5pwd-README
2065 + fi
2066 +
2067 + if use overlays ; then
2068 + einfo "Install the samba4 module"
2069 + cd "${S}/contrib/slapd-modules/samba4" || die
2070 + emake DESTDIR="${D}" \
2071 + LDAP_BUILD="${BUILD_DIR}" \
2072 + libexecdir="/usr/$(get_libdir)/openldap" install
2073 + newdoc README samba4-README
2074 + fi
2075 +
2076 + einfo "Installing contrib modules"
2077 + cd "${S}/contrib/slapd-modules" || die
2078 + for l in */*.la; do
2079 + "${lt}" --mode=install cp ${l} \
2080 + "${ED}"usr/$(get_libdir)/openldap/openldap || \
2081 + die "installing ${l} failed"
2082 + done
2083 +
2084 + docinto contrib
2085 + newdoc addpartial/README addpartial-README
2086 + newdoc allop/README allop-README
2087 + doman allop/slapo-allop.5
2088 + newdoc autogroup/README autogroup-README
2089 + newdoc denyop/denyop.c denyop-denyop.c
2090 + newdoc dsaschema/README dsaschema-README
2091 + doman lastmod/slapo-lastmod.5
2092 + doman nops/slapo-nops.5
2093 + newdoc passwd/README passwd-README
2094 + cd "${S}/contrib/slapi-plugins" || die
2095 + insinto /usr/$(get_libdir)/openldap/openldap
2096 + doins */*.so
2097 + docinto contrib
2098 + newdoc addrdnvalues/README addrdnvalues-README
2099 +
2100 + insinto /etc/openldap/schema
2101 + newins "${DISTDIR}"/${BIS_P} ${BIS_PN}
2102 + fi
2103 +}
2104 +
2105 +multilib_src_install_all() {
2106 + dodoc ANNOUNCEMENT CHANGES COPYRIGHT README "${FILESDIR}"/DB_CONFIG.fast.example
2107 + docinto rfc ; dodoc doc/rfc/*.txt
2108 +}
2109 +
2110 +pkg_preinst() {
2111 + # keep old libs if any
2112 + preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0)
2113 +}
2114 +
2115 +pkg_postinst() {
2116 + if ! use minimal ; then
2117 + # You cannot build SSL certificates during src_install that will make
2118 + # binary packages containing your SSL key, which is both a security risk
2119 + # and a misconfiguration if multiple machines use the same key and cert.
2120 + if use ssl; then
2121 + install_cert /etc/openldap/ssl/ldap
2122 + use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.*
2123 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
2124 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
2125 + ewarn "add 'TLS_REQCERT never' if you want to use them."
2126 + fi
2127 +
2128 + if use prefix; then
2129 + # Warn about prefix issues with slapd
2130 + eerror "slapd might NOT be usable on Prefix systems as it requires root privileges"
2131 + eerror "to start up, and requires that certain files directories be owned by"
2132 + eerror "ldap:ldap. As Prefix does not support changing ownership of files and"
2133 + eerror "directories, you will have to manually fix this yourself."
2134 + fi
2135 +
2136 + # These lines force the permissions of various content to be correct
2137 + use prefix || chown ldap:ldap "${EROOT}"var/run/openldap
2138 + chmod 0755 "${EROOT}"var/run/openldap
2139 + use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default}
2140 + chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default}
2141 + use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data
2142 + fi
2143 +
2144 + elog "Getting started using OpenLDAP? There is some documentation available:"
2145 + elog "Gentoo Guide to OpenLDAP Authentication"
2146 + elog "(https://www.gentoo.org/doc/en/ldap-howto.xml)"
2147 + elog "---"
2148 + elog "An example file for tuning BDB backends with openldap is"
2149 + elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
2150 +
2151 + preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0)
2152 +}
2153
2154 diff --git a/net-nds/openldap/openldap-2.4.40-r2.ebuild b/net-nds/openldap/openldap-2.4.40-r2.ebuild
2155 new file mode 100644
2156 index 00000000..ffe3d74
2157 --- /dev/null
2158 +++ b/net-nds/openldap/openldap-2.4.40-r2.ebuild
2159 @@ -0,0 +1,821 @@
2160 +# Copyright 1999-2016 Gentoo Foundation
2161 +# Distributed under the terms of the GNU General Public License v2
2162 +# $Id$
2163 +
2164 +EAPI="5"
2165 +
2166 +inherit db-use eutils flag-o-matic multilib multilib-minimal ssl-cert versionator toolchain-funcs autotools user systemd
2167 +
2168 +BIS_PN=rfc2307bis.schema
2169 +BIS_PV=20140524
2170 +BIS_P="${BIS_PN}-${BIS_PV}"
2171 +
2172 +DESCRIPTION="LDAP suite of application and development tools"
2173 +HOMEPAGE="http://www.OpenLDAP.org/"
2174 +
2175 +# mirrors are mostly not working, using canonical URI
2176 +SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz
2177 + mirror://gentoo/${BIS_P}"
2178 +
2179 +LICENSE="OPENLDAP GPL-2"
2180 +SLOT="0"
2181 +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~x86-linux ~x86-solaris"
2182 +
2183 +IUSE_DAEMON="crypt icu samba slp tcpd experimental minimal"
2184 +IUSE_BACKEND="+berkdb"
2185 +IUSE_OVERLAY="overlays perl"
2186 +IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 +syslog selinux static-libs"
2187 +IUSE_CONTRIB="smbkrb5passwd kerberos"
2188 +IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
2189 +IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
2190 +
2191 +REQUIRED_USE="cxx? ( sasl )"
2192 +
2193 +# always list newer first
2194 +# Do not add any AGPL-3 BDB here!
2195 +# See bug 525110, comment 15.
2196 +BDB_SLOTS='5.3 5.1 4.8 4.7 4.6 4.5 4.4'
2197 +BDB_PKGS=''
2198 +for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done
2199 +
2200 +# openssl is needed to generate lanman-passwords required by samba
2201 +CDEPEND="icu? ( dev-libs/icu:= )
2202 + ssl? ( !gnutls? ( >=dev-libs/openssl-1.0.1h-r2[${MULTILIB_USEDEP}] )
2203 + gnutls? ( >=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}] >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] ) )
2204 + sasl? ( dev-libs/cyrus-sasl:= )
2205 + !minimal? (
2206 + sys-devel/libtool
2207 + sys-libs/e2fsprogs-libs
2208 + >=dev-db/lmdb-0.9.14
2209 + tcpd? ( sys-apps/tcp-wrappers )
2210 + odbc? ( !iodbc? ( dev-db/unixODBC )
2211 + iodbc? ( dev-db/libiodbc ) )
2212 + slp? ( net-libs/openslp )
2213 + perl? ( dev-lang/perl:=[-build(-)] )
2214 + samba? ( dev-libs/openssl )
2215 + berkdb? (
2216 + <sys-libs/db-6.0:=
2217 + || ( ${BDB_PKGS} )
2218 + )
2219 + smbkrb5passwd? (
2220 + dev-libs/openssl
2221 + kerberos? ( app-crypt/heimdal )
2222 + )
2223 + kerberos? ( virtual/krb5 )
2224 + cxx? ( dev-libs/cyrus-sasl:= )
2225 + )
2226 + abi_x86_32? (
2227 + !<=app-emulation/emul-linux-x86-baselibs-20140508-r3
2228 + !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
2229 + )"
2230 +DEPEND="${CDEPEND}
2231 + sys-apps/groff"
2232 +RDEPEND="${CDEPEND}
2233 + selinux? ( sec-policy/selinux-ldap )
2234 +"
2235 +# for tracking versions
2236 +OPENLDAP_VERSIONTAG=".version-tag"
2237 +OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
2238 +
2239 +MULTILIB_WRAPPED_HEADERS=(
2240 + # USE=cxx
2241 + /usr/include/LDAPAsynConnection.h
2242 + /usr/include/LDAPAttrType.h
2243 + /usr/include/LDAPAttribute.h
2244 + /usr/include/LDAPAttributeList.h
2245 + /usr/include/LDAPConnection.h
2246 + /usr/include/LDAPConstraints.h
2247 + /usr/include/LDAPControl.h
2248 + /usr/include/LDAPControlSet.h
2249 + /usr/include/LDAPEntry.h
2250 + /usr/include/LDAPEntryList.h
2251 + /usr/include/LDAPException.h
2252 + /usr/include/LDAPExtResult.h
2253 + /usr/include/LDAPMessage.h
2254 + /usr/include/LDAPMessageQueue.h
2255 + /usr/include/LDAPModList.h
2256 + /usr/include/LDAPModification.h
2257 + /usr/include/LDAPObjClass.h
2258 + /usr/include/LDAPRebind.h
2259 + /usr/include/LDAPRebindAuth.h
2260 + /usr/include/LDAPReferenceList.h
2261 + /usr/include/LDAPResult.h
2262 + /usr/include/LDAPSaslBindResult.h
2263 + /usr/include/LDAPSchema.h
2264 + /usr/include/LDAPSearchReference.h
2265 + /usr/include/LDAPSearchResult.h
2266 + /usr/include/LDAPSearchResults.h
2267 + /usr/include/LDAPUrl.h
2268 + /usr/include/LDAPUrlList.h
2269 + /usr/include/LdifReader.h
2270 + /usr/include/LdifWriter.h
2271 + /usr/include/SaslInteraction.h
2272 + /usr/include/SaslInteractionHandler.h
2273 + /usr/include/StringList.h
2274 + /usr/include/TlsOptions.h
2275 +)
2276 +
2277 +openldap_filecount() {
2278 + local dir="$1"
2279 + find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
2280 +}
2281 +
2282 +openldap_find_versiontags() {
2283 + # scan for all datadirs
2284 + openldap_datadirs=""
2285 + if [ -f "${EROOT}"/etc/openldap/slapd.conf ]; then
2286 + openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${EROOT}/etc/openldap/slapd.conf)"
2287 + fi
2288 + openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
2289 +
2290 + einfo
2291 + einfo "Scanning datadir(s) from slapd.conf and"
2292 + einfo "the default installdir for Versiontags"
2293 + einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
2294 + einfo
2295 +
2296 + # scan datadirs if we have a version tag
2297 + openldap_found_tag=0
2298 + have_files=0
2299 + for each in ${openldap_datadirs}; do
2300 + CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
2301 + CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
2302 + if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
2303 + einfo "- Checking ${each}..."
2304 + if [ -r ${CURRENT_TAG} ] ; then
2305 + # yey, we have one :)
2306 + einfo " Found Versiontag in ${each}"
2307 + source ${CURRENT_TAG}
2308 + if [ "${OLDPF}" == "" ] ; then
2309 + eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
2310 + eerror "Please delete it"
2311 + eerror
2312 + die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
2313 + fi
2314 +
2315 + OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
2316 +
2317 + [ $(openldap_filecount ${CURRENT_TAGDIR}) -gt 0 ] && have_files=1
2318 +
2319 + # are we on the same branch?
2320 + if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
2321 + ewarn " Versiontag doesn't match current major release!"
2322 + if [[ "${have_files}" == "1" ]] ; then
2323 + eerror " Versiontag says other major and you (probably) have datafiles!"
2324 + echo
2325 + openldap_upgrade_howto
2326 + else
2327 + einfo " No real problem, seems there's no database."
2328 + fi
2329 + else
2330 + einfo " Versiontag is fine here :)"
2331 + fi
2332 + else
2333 + einfo " Non-tagged dir ${each}"
2334 + [ $(openldap_filecount ${each}) -gt 0 ] && have_files=1
2335 + if [[ "${have_files}" == "1" ]] ; then
2336 + einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
2337 + echo
2338 +
2339 + eerror
2340 + eerror "Your OpenLDAP Installation has a non tagged datadir that"
2341 + eerror "possibly contains a database at ${CURRENT_TAGDIR}"
2342 + eerror
2343 + eerror "Please export data if any entered and empty or remove"
2344 + eerror "the directory, installation has been stopped so you"
2345 + eerror "can take required action"
2346 + eerror
2347 + eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
2348 + eerror
2349 + openldap_upgrade_howto
2350 + die "Please move the datadir ${CURRENT_TAGDIR} away"
2351 + fi
2352 + fi
2353 + einfo
2354 + fi
2355 + done
2356 + [ "${have_files}" == "1" ] && einfo "DB files present" || einfo "No DB files present"
2357 +
2358 + # Now we must check for the major version of sys-libs/db linked against.
2359 + SLAPD_PATH=${EROOT}/usr/$(get_libdir)/openldap/slapd
2360 + if [ "${have_files}" == "1" -a -f "${SLAPD_PATH}" ]; then
2361 + OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
2362 + | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
2363 + if use berkdb; then
2364 + # find which one would be used
2365 + for bdb_slot in $BDB_SLOTS ; do
2366 + NEWVER="$(db_findver "=sys-libs/db-${bdb_slot}*")"
2367 + [[ -n "$NEWVER" ]] && break
2368 + done
2369 + fi
2370 + local fail=0
2371 + if [ -z "${OLDVER}" -a -z "${NEWVER}" ]; then
2372 + :
2373 + # Nothing wrong here.
2374 + elif [ -z "${OLDVER}" -a -n "${NEWVER}" ]; then
2375 + eerror " Your existing version of OpenLDAP was not built against"
2376 + eerror " any version of sys-libs/db, but the new one will build"
2377 + eerror " against ${NEWVER} and your database may be inaccessible."
2378 + echo
2379 + fail=1
2380 + elif [ -n "${OLDVER}" -a -z "${NEWVER}" ]; then
2381 + eerror " Your existing version of OpenLDAP was built against"
2382 + eerror " sys-libs/db:${OLDVER}, but the new one will not be"
2383 + eerror " built against any version and your database may be"
2384 + eerror " inaccessible."
2385 + echo
2386 + fail=1
2387 + elif [ "${OLDVER}" != "${NEWVER}" ]; then
2388 + eerror " Your existing version of OpenLDAP was built against"
2389 + eerror " sys-libs/db:${OLDVER}, but the new one will build against"
2390 + eerror " ${NEWVER} and your database would be inaccessible."
2391 + echo
2392 + fail=1
2393 + fi
2394 + [ "${fail}" == "1" ] && openldap_upgrade_howto
2395 + fi
2396 +
2397 + echo
2398 + einfo
2399 + einfo "All datadirs are fine, proceeding with merge now..."
2400 + einfo
2401 +}
2402 +
2403 +openldap_upgrade_howto() {
2404 + eerror
2405 + eerror "A (possible old) installation of OpenLDAP was detected,"
2406 + eerror "installation will not proceed for now."
2407 + eerror
2408 + eerror "As major version upgrades can corrupt your database,"
2409 + eerror "you need to dump your database and re-create it afterwards."
2410 + eerror
2411 + eerror "Additionally, rebuilding against different major versions of the"
2412 + eerror "sys-libs/db libraries will cause your database to be inaccessible."
2413 + eerror ""
2414 + d="$(date -u +%s)"
2415 + l="/root/ldapdump.${d}"
2416 + i="${l}.raw"
2417 + eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
2418 + eerror " 2. slapcat -l ${i}"
2419 + eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
2420 + eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
2421 + eerror " 5. emerge --update \=net-nds/${PF}"
2422 + eerror " 6. etc-update, and ensure that you apply the changes"
2423 + eerror " 7. slapadd -l ${l}"
2424 + eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
2425 + eerror " 9. /etc/init.d/slapd start"
2426 + eerror "10. check that your data is intact."
2427 + eerror "11. set up the new replication system."
2428 + eerror
2429 + if [ "${FORCE_UPGRADE}" != "1" ]; then
2430 + die "You need to upgrade your database first"
2431 + else
2432 + eerror "You have the magical FORCE_UPGRADE=1 in place."
2433 + eerror "Don't say you weren't warned about data loss."
2434 + fi
2435 +}
2436 +
2437 +pkg_setup() {
2438 + if ! use sasl && use cxx ; then
2439 + die "To build the ldapc++ library you must emerge openldap with sasl support"
2440 + fi
2441 + # Bug #322787
2442 + if use minimal && ! has_version "net-nds/openldap" ; then
2443 + einfo "No datadir scan needed, openldap not installed"
2444 + elif use minimal && has_version "net-nds/openldap" && built_with_use net-nds/openldap minimal ; then
2445 + einfo "Skipping scan for previous datadirs as requested by minimal useflag"
2446 + else
2447 + openldap_find_versiontags
2448 + fi
2449 +
2450 + # The user/group are only used for running daemons which are
2451 + # disabled in minimal builds, so elide the accounts too.
2452 + if ! use minimal ; then
2453 + enewgroup ldap 439
2454 + enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
2455 + fi
2456 +}
2457 +
2458 +src_prepare() {
2459 + # ensure correct SLAPI path by default
2460 + sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \
2461 + "${S}"/include/ldap_defaults.h
2462 +
2463 + epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
2464 +
2465 + epatch \
2466 + "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \
2467 + "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
2468 +
2469 + # bug #116045 - still present in 2.4.28
2470 + epatch "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
2471 + # bug #408077 - samba4
2472 + epatch "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
2473 +
2474 + # bug #189817
2475 + epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
2476 +
2477 + # bug #233633
2478 + epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch
2479 +
2480 + # bug #281495
2481 + epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
2482 +
2483 + # bug #294350
2484 + epatch "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
2485 +
2486 + # unbreak /bin/sh -> dash
2487 + epatch "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
2488 +
2489 + # bug #420959
2490 + epatch "${FILESDIR}"/${PN}-2.4.31-gcc47.patch
2491 +
2492 + # bug #421463
2493 + #epatch "${FILESDIR}"/${PN}-2.4.33-gnutls.patch # merged upstream
2494 +
2495 + # unbundle lmdb
2496 + epatch "${FILESDIR}"/${P}-mdb-unbundle.patch
2497 + rm -rf "${S}"/libraries/liblmdb
2498 +
2499 + cd "${S}"/build || die
2500 + einfo "Making sure upstream build strip does not do stripping too early"
2501 + sed -i.orig \
2502 + -e '/^STRIP/s,-s,,g' \
2503 + top.mk || die "Failed to block stripping"
2504 +
2505 + # wrong assumption that /bin/sh is /bin/bash
2506 + sed -i \
2507 + -e 's|/bin/sh|/bin/bash|g' \
2508 + "${S}"/tests/scripts/* || die "sed failed"
2509 +
2510 + cd "${S}" || die
2511 +
2512 + AT_NOEAUTOMAKE=yes eautoreconf
2513 +}
2514 +
2515 +build_contrib_module() {
2516 + # <dir> <sources> <outputname>
2517 + cd "${S}/contrib/slapd-modules/$1" || die
2518 + einfo "Compiling contrib-module: $3"
2519 + # Make sure it's uppercase
2520 + local define_name="$(echo "SLAPD_OVER_${1}" | LC_ALL=C tr '[:lower:]' '[:upper:]')"
2521 + "${lt}" --mode=compile --tag=CC \
2522 + "${CC}" \
2523 + -D${define_name}=SLAPD_MOD_DYNAMIC \
2524 + -I"${BUILD_DIR}"/include \
2525 + -I../../../include -I../../../servers/slapd ${CFLAGS} \
2526 + -o ${2%.c}.lo -c $2 || die "compiling $3 failed"
2527 + einfo "Linking contrib-module: $3"
2528 + "${lt}" --mode=link --tag=CC \
2529 + "${CC}" -module \
2530 + ${CFLAGS} \
2531 + ${LDFLAGS} \
2532 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
2533 + -o $3.la ${2%.c}.lo || die "linking $3 failed"
2534 +}
2535 +
2536 +src_configure() {
2537 + #Fix for glibc-2.8 and ucred. Bug 228457.
2538 + append-cppflags -D_GNU_SOURCE
2539 +
2540 + # Bug 408001
2541 + use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync
2542 +
2543 + # connectionless ldap per bug #342439
2544 + append-cppflags -DLDAP_CONNECTIONLESS
2545 +
2546 + multilib-minimal_src_configure
2547 +}
2548 +
2549 +multilib_src_configure() {
2550 + local myconf=()
2551 +
2552 + use debug && myconf+=( $(use_enable debug) )
2553 +
2554 + # ICU usage is not configurable
2555 + export ac_cv_header_unicode_utypes_h="$(multilib_is_native_abi && use icu && echo yes || echo no)"
2556 +
2557 + if ! use minimal && multilib_is_native_abi; then
2558 + local CPPFLAGS=${CPPFLAGS}
2559 +
2560 + # re-enable serverside overlay chains per bug #296567
2561 + # see ldap docs chaper 12.3.1 for details
2562 + myconf+=( --enable-ldap )
2563 +
2564 + # backends
2565 + myconf+=( --enable-slapd )
2566 + if use berkdb ; then
2567 + einfo "Using Berkeley DB for local backend"
2568 + myconf+=( --enable-bdb --enable-hdb )
2569 + DBINCLUDE=$(db_includedir $BDB_SLOTS)
2570 + einfo "Using $DBINCLUDE for sys-libs/db version"
2571 + # We need to include the slotted db.h dir for FreeBSD
2572 + append-cppflags -I${DBINCLUDE}
2573 + else
2574 + myconf+=( --disable-bdb --disable-hdb )
2575 + fi
2576 + for backend in dnssrv ldap mdb meta monitor null passwd relay shell sock; do
2577 + myconf+=( --enable-${backend}=mod )
2578 + done
2579 +
2580 + myconf+=( $(use_enable perl perl mod) )
2581 +
2582 + myconf+=( $(use_enable odbc sql mod) )
2583 + if use odbc ; then
2584 + local odbc_lib="unixodbc"
2585 + if use iodbc ; then
2586 + odbc_lib="iodbc"
2587 + append-cppflags -I"${EPREFIX}"/usr/include/iodbc
2588 + fi
2589 + myconf+=( --with-odbc=${odbc_lib} )
2590 + fi
2591 +
2592 + # slapd options
2593 + myconf+=(
2594 + $(use_enable crypt)
2595 + $(use_enable slp)
2596 + $(use_enable samba lmpasswd)
2597 + $(use_enable syslog)
2598 + )
2599 + if use experimental ; then
2600 + myconf+=(
2601 + --enable-dynacl
2602 + --enable-aci=mod
2603 + )
2604 + fi
2605 + for option in aci cleartext modules rewrite rlookups slapi; do
2606 + myconf+=( --enable-${option} )
2607 + done
2608 +
2609 + # slapd overlay options
2610 + # Compile-in the syncprov, the others as module
2611 + myconf+=( --enable-syncprov=yes )
2612 + use overlays && myconf+=( --enable-overlays=mod )
2613 +
2614 + else
2615 + myconf+=(
2616 + --disable-backends
2617 + --disable-slapd
2618 + --disable-bdb
2619 + --disable-hdb
2620 + --disable-mdb
2621 + --disable-overlays
2622 + --disable-syslog
2623 + )
2624 + fi
2625 +
2626 + # basic functionality stuff
2627 + myconf+=(
2628 + $(use_enable ipv6)
2629 + $(multilib_native_use_with sasl cyrus-sasl)
2630 + $(multilib_native_use_enable sasl spasswd)
2631 + $(use_enable tcpd wrappers)
2632 + )
2633 +
2634 + # Some cross-compiling tests don't pan out well.
2635 + tc-is-cross-compiler && myconf+=(
2636 + --with-yielding-select=yes
2637 + )
2638 +
2639 + local ssl_lib="no"
2640 + if use ssl || ( ! use minimal && use samba ) ; then
2641 + ssl_lib="openssl"
2642 + use gnutls && ssl_lib="gnutls"
2643 + fi
2644 +
2645 + myconf+=( --with-tls=${ssl_lib} )
2646 +
2647 + for basicflag in dynamic local proctitle shared; do
2648 + myconf+=( --enable-${basicflag} )
2649 + done
2650 +
2651 + tc-export AR CC CXX
2652 + ECONF_SOURCE=${S} \
2653 + STRIP=/bin/true \
2654 + econf \
2655 + --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
2656 + $(use_enable static-libs static) \
2657 + "${myconf[@]}"
2658 + emake depend
2659 +}
2660 +
2661 +src_configure_cxx() {
2662 + # This needs the libraries built by the first build run.
2663 + # So we have to run it AFTER the main build, not just after the main
2664 + # configure.
2665 + local myconf_ldapcpp=(
2666 + --with-ldap-includes="${S}"/include
2667 + )
2668 +
2669 + mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die
2670 + cd "${BUILD_DIR}/contrib/ldapc++" || die
2671 +
2672 + local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS}
2673 + append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
2674 + -L"${BUILD_DIR}"/libraries/libldap/.libs
2675 + append-cppflags -I"${BUILD_DIR}"/include
2676 + ECONF_SOURCE=${S}/contrib/ldapc++ \
2677 + econf "${myconf_ldapcpp[@]}" \
2678 + CC="${CC}" \
2679 + CXX="${CXX}"
2680 +}
2681 +
2682 +multilib_src_compile() {
2683 + tc-export AR CC CXX
2684 + emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash
2685 + local lt="${BUILD_DIR}/libtool"
2686 + export echo="echo"
2687 +
2688 + if ! use minimal && multilib_is_native_abi ; then
2689 + if use cxx ; then
2690 + einfo "Building contrib library: ldapc++"
2691 + src_configure_cxx
2692 + cd "${BUILD_DIR}/contrib/ldapc++" || die
2693 + emake \
2694 + CC="${CC}" CXX="${CXX}"
2695 + fi
2696 +
2697 + if use smbkrb5passwd ; then
2698 + einfo "Building contrib-module: smbk5pwd"
2699 + cd "${S}/contrib/slapd-modules/smbk5pwd" || die
2700 +
2701 + MY_DEFS="-DDO_SHADOW"
2702 + if use samba ; then
2703 + MY_DEFS="${MY_DEFS} -DDO_SAMBA"
2704 + MY_KRB5_INC=""
2705 + fi
2706 + if use kerberos ; then
2707 + MY_DEFS="${MY_DEFS} -DDO_KRB5"
2708 + MY_KRB5_INC="$(krb5-config --cflags)"
2709 + fi
2710 +
2711 + emake \
2712 + DEFS="${MY_DEFS}" \
2713 + KRB5_INC="${MY_KRB5_INC}" \
2714 + LDAP_BUILD="${BUILD_DIR}" \
2715 + CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
2716 + fi
2717 +
2718 + if use overlays ; then
2719 + einfo "Building contrib-module: samba4"
2720 + cd "${S}/contrib/slapd-modules/samba4" || die
2721 +
2722 + emake \
2723 + LDAP_BUILD="${BUILD_DIR}" \
2724 + CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap"
2725 + fi
2726 +
2727 + if use kerberos ; then
2728 + build_contrib_module "kinit" "kinit.c" "kinit"
2729 + cd "${S}/contrib/slapd-modules/passwd" || die
2730 + einfo "Compiling contrib-module: pw-kerberos"
2731 + "${lt}" --mode=compile --tag=CC \
2732 + "${CC}" \
2733 + -I"${BUILD_DIR}"/include \
2734 + -I../../../include \
2735 + ${CFLAGS} \
2736 + $(krb5-config --cflags) \
2737 + -DHAVE_KRB5 \
2738 + -o kerberos.lo \
2739 + -c kerberos.c || die "compiling pw-kerberos failed"
2740 + einfo "Linking contrib-module: pw-kerberos"
2741 + "${lt}" --mode=link --tag=CC \
2742 + "${CC}" -module \
2743 + ${CFLAGS} \
2744 + ${LDFLAGS} \
2745 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
2746 + -o pw-kerberos.la \
2747 + kerberos.lo || die "linking pw-kerberos failed"
2748 + fi
2749 + # We could build pw-radius if GNURadius would install radlib.h
2750 + cd "${S}/contrib/slapd-modules/passwd" || die
2751 + einfo "Compiling contrib-module: pw-netscape"
2752 + "${lt}" --mode=compile --tag=CC \
2753 + "${CC}" \
2754 + -I"${BUILD_DIR}"/include \
2755 + -I../../../include \
2756 + ${CFLAGS} \
2757 + -o netscape.lo \
2758 + -c netscape.c || die "compiling pw-netscape failed"
2759 + einfo "Linking contrib-module: pw-netscape"
2760 + "${lt}" --mode=link --tag=CC \
2761 + "${CC}" -module \
2762 + ${CFLAGS} \
2763 + ${LDFLAGS} \
2764 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
2765 + -o pw-netscape.la \
2766 + netscape.lo || die "linking pw-netscape failed"
2767 +
2768 + #build_contrib_module "acl" "posixgroup.c" "posixGroup" # example code only
2769 + #build_contrib_module "acl" "gssacl.c" "gss" # example code only, also needs kerberos
2770 + build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
2771 + build_contrib_module "allop" "allop.c" "overlay-allop"
2772 + build_contrib_module "allowed" "allowed.c" "allowed"
2773 + build_contrib_module "autogroup" "autogroup.c" "autogroup"
2774 + build_contrib_module "cloak" "cloak.c" "cloak"
2775 + # build_contrib_module "comp_match" "comp_match.c" "comp_match" # really complex, adds new external deps, questionable demand
2776 + build_contrib_module "denyop" "denyop.c" "denyop-overlay"
2777 + build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
2778 + build_contrib_module "dupent" "dupent.c" "dupent"
2779 + build_contrib_module "lastbind" "lastbind.c" "lastbind"
2780 + # lastmod may not play well with other overlays
2781 + build_contrib_module "lastmod" "lastmod.c" "lastmod"
2782 + build_contrib_module "noopsrch" "noopsrch.c" "noopsrch"
2783 + build_contrib_module "nops" "nops.c" "nops-overlay"
2784 + #build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER
2785 + build_contrib_module "trace" "trace.c" "trace"
2786 + # build slapi-plugins
2787 + cd "${S}/contrib/slapi-plugins/addrdnvalues" || die
2788 + einfo "Building contrib-module: addrdnvalues plugin"
2789 + "${CC}" -shared \
2790 + -I"${BUILD_DIR}"/include \
2791 + -I../../../include \
2792 + ${CFLAGS} \
2793 + -fPIC \
2794 + ${LDFLAGS} \
2795 + -o libaddrdnvalues-plugin.so \
2796 + addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
2797 +
2798 + fi
2799 +}
2800 +
2801 +multilib_src_test() {
2802 + if multilib_is_native_abi; then
2803 + cd tests || die
2804 + emake tests || die "make tests failed"
2805 + fi
2806 +}
2807 +
2808 +multilib_src_install() {
2809 + local lt="${BUILD_DIR}/libtool"
2810 + emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install
2811 + use static-libs || prune_libtool_files --all
2812 +
2813 + if ! use minimal && multilib_is_native_abi; then
2814 + # openldap modules go here
2815 + # TODO: write some code to populate slapd.conf with moduleload statements
2816 + keepdir /usr/$(get_libdir)/openldap/openldap/
2817 +
2818 + # initial data storage dir
2819 + keepdir /var/lib/openldap-data
2820 + use prefix || fowners ldap:ldap /var/lib/openldap-data
2821 + fperms 0700 /var/lib/openldap-data
2822 +
2823 + echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
2824 + echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
2825 + echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
2826 +
2827 + # use our config
2828 + rm "${ED}"etc/openldap/slapd.conf
2829 + insinto /etc/openldap
2830 + newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf
2831 + configfile="${ED}"etc/openldap/slapd.conf
2832 +
2833 + # populate with built backends
2834 + ebegin "populate config with built backends"
2835 + for x in "${ED}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
2836 + einfo "Adding $(basename ${x})"
2837 + sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
2838 + done
2839 + sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
2840 + use prefix || fowners root:ldap /etc/openldap/slapd.conf
2841 + fperms 0640 /etc/openldap/slapd.conf
2842 + cp "${configfile}" "${configfile}".default
2843 + eend
2844 +
2845 + # install our own init scripts and systemd unit files
2846 + einfo "Install init scripts"
2847 + newinitd "${FILESDIR}"/slapd-initd-2.4.40-r1 slapd
2848 + newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd
2849 + einfo "Install systemd service"
2850 + systemd_dounit "${FILESDIR}"/slapd.service
2851 + systemd_install_serviced "${FILESDIR}"/slapd.service.conf
2852 + systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf
2853 +
2854 + if [[ $(get_libdir) != lib ]]; then
2855 + sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i \
2856 + "${ED}"/etc/init.d/slapd \
2857 + "${ED}"/usr/lib/systemd/system/slapd.service || die
2858 + fi
2859 + # If built without SLP, we don't need to be before avahi
2860 + use slp \
2861 + || sed -i \
2862 + -e '/before/{s/avahi-daemon//g}' \
2863 + "${ED}"etc/init.d/slapd
2864 +
2865 + if use cxx ; then
2866 + einfo "Install the ldapc++ library"
2867 + cd "${BUILD_DIR}/contrib/ldapc++" || die
2868 + emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
2869 + cd "${S}"/contrib/ldapc++ || die
2870 + newdoc README ldapc++-README
2871 + fi
2872 +
2873 + if use smbkrb5passwd ; then
2874 + einfo "Install the smbk5pwd module"
2875 + cd "${S}/contrib/slapd-modules/smbk5pwd" || die
2876 + emake DESTDIR="${D}" \
2877 + LDAP_BUILD="${BUILD_DIR}" \
2878 + libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
2879 + newdoc README smbk5pwd-README
2880 + fi
2881 +
2882 + if use overlays ; then
2883 + einfo "Install the samba4 module"
2884 + cd "${S}/contrib/slapd-modules/samba4" || die
2885 + emake DESTDIR="${D}" \
2886 + LDAP_BUILD="${BUILD_DIR}" \
2887 + libexecdir="/usr/$(get_libdir)/openldap" install
2888 + newdoc README samba4-README
2889 + fi
2890 +
2891 + einfo "Installing contrib modules"
2892 + cd "${S}/contrib/slapd-modules" || die
2893 + for l in */*.la; do
2894 + "${lt}" --mode=install cp ${l} \
2895 + "${ED}"usr/$(get_libdir)/openldap/openldap || \
2896 + die "installing ${l} failed"
2897 + done
2898 +
2899 + dodoc "${FILESDIR}"/DB_CONFIG.fast.example
2900 + docinto contrib
2901 + doman */*.5
2902 + #newdoc acl/README*
2903 + newdoc addpartial/README addpartial-README
2904 + newdoc allop/README allop-README
2905 + newdoc allowed/README allowed-README
2906 + newdoc autogroup/README autogroup-README
2907 + newdoc dsaschema/README dsaschema-README
2908 + newdoc passwd/README passwd-README
2909 + cd "${S}/contrib/slapi-plugins" || die
2910 + insinto /usr/$(get_libdir)/openldap/openldap
2911 + doins */*.so
2912 + docinto contrib
2913 + newdoc addrdnvalues/README addrdnvalues-README
2914 +
2915 + insinto /etc/openldap/schema
2916 + newins "${DISTDIR}"/${BIS_P} ${BIS_PN}
2917 +
2918 + docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample*
2919 + docinto back-shell ; dodoc "${S}"/servers/slapd/back-shell/searchexample*
2920 + docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm
2921 +
2922 + dosbin "${S}"/contrib/slapd-tools/statslog
2923 + newdoc "${S}"/contrib/slapd-tools/README README.statslog
2924 + fi
2925 +}
2926 +
2927 +multilib_src_install_all() {
2928 + dodoc ANNOUNCEMENT CHANGES COPYRIGHT README
2929 + docinto rfc ; dodoc doc/rfc/*.txt
2930 +}
2931 +
2932 +pkg_preinst() {
2933 + # keep old libs if any
2934 + preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0)
2935 + # bug 440470, only display the getting started help there was no openldap before,
2936 + # or we are going to a non-minimal build
2937 + ! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]'
2938 + OPENLDAP_PRINT_MESSAGES=$((! $?))
2939 +}
2940 +
2941 +pkg_postinst() {
2942 + if ! use minimal ; then
2943 + # You cannot build SSL certificates during src_install that will make
2944 + # binary packages containing your SSL key, which is both a security risk
2945 + # and a misconfiguration if multiple machines use the same key and cert.
2946 + if use ssl; then
2947 + install_cert /etc/openldap/ssl/ldap
2948 + use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.*
2949 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
2950 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
2951 + ewarn "add 'TLS_REQCERT allow' if you want to use them."
2952 + fi
2953 +
2954 + if use prefix; then
2955 + # Warn about prefix issues with slapd
2956 + eerror "slapd might NOT be usable on Prefix systems as it requires root privileges"
2957 + eerror "to start up, and requires that certain files directories be owned by"
2958 + eerror "ldap:ldap. As Prefix does not support changing ownership of files and"
2959 + eerror "directories, you will have to manually fix this yourself."
2960 + fi
2961 +
2962 + # These lines force the permissions of various content to be correct
2963 + use prefix || chown ldap:ldap "${EROOT}"var/run/openldap
2964 + chmod 0755 "${EROOT}"var/run/openldap
2965 + use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default}
2966 + chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default}
2967 + use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data
2968 + fi
2969 +
2970 + if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then
2971 + elog "Getting started using OpenLDAP? There is some documentation available:"
2972 + elog "Gentoo Guide to OpenLDAP Authentication"
2973 + elog "(https://www.gentoo.org/doc/en/ldap-howto.xml)"
2974 + elog "---"
2975 + elog "An example file for tuning BDB backends with openldap is"
2976 + elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
2977 + fi
2978 +
2979 + preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0)
2980 +}
2981
2982 diff --git a/net-nds/openldap/openldap-2.4.40-r4.ebuild b/net-nds/openldap/openldap-2.4.40-r4.ebuild
2983 new file mode 100644
2984 index 00000000..26c2ac1
2985 --- /dev/null
2986 +++ b/net-nds/openldap/openldap-2.4.40-r4.ebuild
2987 @@ -0,0 +1,821 @@
2988 +# Copyright 1999-2016 Gentoo Foundation
2989 +# Distributed under the terms of the GNU General Public License v2
2990 +# $Id$
2991 +
2992 +EAPI="5"
2993 +
2994 +inherit db-use eutils flag-o-matic multilib multilib-minimal ssl-cert versionator toolchain-funcs autotools user systemd
2995 +
2996 +BIS_PN=rfc2307bis.schema
2997 +BIS_PV=20140524
2998 +BIS_P="${BIS_PN}-${BIS_PV}"
2999 +
3000 +DESCRIPTION="LDAP suite of application and development tools"
3001 +HOMEPAGE="http://www.OpenLDAP.org/"
3002 +
3003 +# mirrors are mostly not working, using canonical URI
3004 +SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz
3005 + mirror://gentoo/${BIS_P}"
3006 +
3007 +LICENSE="OPENLDAP GPL-2"
3008 +SLOT="0"
3009 +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~x86-linux ~x86-solaris"
3010 +
3011 +IUSE_DAEMON="crypt icu samba slp tcpd experimental minimal"
3012 +IUSE_BACKEND="+berkdb"
3013 +IUSE_OVERLAY="overlays perl"
3014 +IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 +syslog selinux static-libs"
3015 +IUSE_CONTRIB="smbkrb5passwd kerberos"
3016 +IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
3017 +IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
3018 +
3019 +REQUIRED_USE="cxx? ( sasl )"
3020 +
3021 +# always list newer first
3022 +# Do not add any AGPL-3 BDB here!
3023 +# See bug 525110, comment 15.
3024 +BDB_SLOTS='5.3 5.1 4.8 4.7 4.6 4.5 4.4'
3025 +BDB_PKGS=''
3026 +for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done
3027 +
3028 +# openssl is needed to generate lanman-passwords required by samba
3029 +CDEPEND="icu? ( dev-libs/icu:= )
3030 + ssl? ( !gnutls? ( >=dev-libs/openssl-1.0.1h-r2[${MULTILIB_USEDEP}] )
3031 + gnutls? ( >=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}] >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] ) )
3032 + sasl? ( dev-libs/cyrus-sasl:= )
3033 + !minimal? (
3034 + sys-devel/libtool
3035 + sys-libs/e2fsprogs-libs
3036 + >=dev-db/lmdb-0.9.14
3037 + tcpd? ( sys-apps/tcp-wrappers )
3038 + odbc? ( !iodbc? ( dev-db/unixODBC )
3039 + iodbc? ( dev-db/libiodbc ) )
3040 + slp? ( net-libs/openslp )
3041 + perl? ( dev-lang/perl:=[-build(-)] )
3042 + samba? ( dev-libs/openssl )
3043 + berkdb? (
3044 + <sys-libs/db-6.0:=
3045 + || ( ${BDB_PKGS} )
3046 + )
3047 + smbkrb5passwd? (
3048 + dev-libs/openssl
3049 + kerberos? ( app-crypt/heimdal )
3050 + )
3051 + kerberos? ( virtual/krb5 )
3052 + cxx? ( dev-libs/cyrus-sasl:= )
3053 + )
3054 + abi_x86_32? (
3055 + !<=app-emulation/emul-linux-x86-baselibs-20140508-r3
3056 + !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
3057 + )"
3058 +DEPEND="${CDEPEND}
3059 + sys-apps/groff"
3060 +RDEPEND="${CDEPEND}
3061 + selinux? ( sec-policy/selinux-ldap )
3062 +"
3063 +# for tracking versions
3064 +OPENLDAP_VERSIONTAG=".version-tag"
3065 +OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
3066 +
3067 +MULTILIB_WRAPPED_HEADERS=(
3068 + # USE=cxx
3069 + /usr/include/LDAPAsynConnection.h
3070 + /usr/include/LDAPAttrType.h
3071 + /usr/include/LDAPAttribute.h
3072 + /usr/include/LDAPAttributeList.h
3073 + /usr/include/LDAPConnection.h
3074 + /usr/include/LDAPConstraints.h
3075 + /usr/include/LDAPControl.h
3076 + /usr/include/LDAPControlSet.h
3077 + /usr/include/LDAPEntry.h
3078 + /usr/include/LDAPEntryList.h
3079 + /usr/include/LDAPException.h
3080 + /usr/include/LDAPExtResult.h
3081 + /usr/include/LDAPMessage.h
3082 + /usr/include/LDAPMessageQueue.h
3083 + /usr/include/LDAPModList.h
3084 + /usr/include/LDAPModification.h
3085 + /usr/include/LDAPObjClass.h
3086 + /usr/include/LDAPRebind.h
3087 + /usr/include/LDAPRebindAuth.h
3088 + /usr/include/LDAPReferenceList.h
3089 + /usr/include/LDAPResult.h
3090 + /usr/include/LDAPSaslBindResult.h
3091 + /usr/include/LDAPSchema.h
3092 + /usr/include/LDAPSearchReference.h
3093 + /usr/include/LDAPSearchResult.h
3094 + /usr/include/LDAPSearchResults.h
3095 + /usr/include/LDAPUrl.h
3096 + /usr/include/LDAPUrlList.h
3097 + /usr/include/LdifReader.h
3098 + /usr/include/LdifWriter.h
3099 + /usr/include/SaslInteraction.h
3100 + /usr/include/SaslInteractionHandler.h
3101 + /usr/include/StringList.h
3102 + /usr/include/TlsOptions.h
3103 +)
3104 +
3105 +openldap_filecount() {
3106 + local dir="$1"
3107 + find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
3108 +}
3109 +
3110 +openldap_find_versiontags() {
3111 + # scan for all datadirs
3112 + openldap_datadirs=""
3113 + if [ -f "${EROOT}"/etc/openldap/slapd.conf ]; then
3114 + openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${EROOT}/etc/openldap/slapd.conf)"
3115 + fi
3116 + openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
3117 +
3118 + einfo
3119 + einfo "Scanning datadir(s) from slapd.conf and"
3120 + einfo "the default installdir for Versiontags"
3121 + einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
3122 + einfo
3123 +
3124 + # scan datadirs if we have a version tag
3125 + openldap_found_tag=0
3126 + have_files=0
3127 + for each in ${openldap_datadirs}; do
3128 + CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
3129 + CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
3130 + if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
3131 + einfo "- Checking ${each}..."
3132 + if [ -r ${CURRENT_TAG} ] ; then
3133 + # yey, we have one :)
3134 + einfo " Found Versiontag in ${each}"
3135 + source ${CURRENT_TAG}
3136 + if [ "${OLDPF}" == "" ] ; then
3137 + eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
3138 + eerror "Please delete it"
3139 + eerror
3140 + die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
3141 + fi
3142 +
3143 + OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
3144 +
3145 + [ $(openldap_filecount ${CURRENT_TAGDIR}) -gt 0 ] && have_files=1
3146 +
3147 + # are we on the same branch?
3148 + if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
3149 + ewarn " Versiontag doesn't match current major release!"
3150 + if [[ "${have_files}" == "1" ]] ; then
3151 + eerror " Versiontag says other major and you (probably) have datafiles!"
3152 + echo
3153 + openldap_upgrade_howto
3154 + else
3155 + einfo " No real problem, seems there's no database."
3156 + fi
3157 + else
3158 + einfo " Versiontag is fine here :)"
3159 + fi
3160 + else
3161 + einfo " Non-tagged dir ${each}"
3162 + [ $(openldap_filecount ${each}) -gt 0 ] && have_files=1
3163 + if [[ "${have_files}" == "1" ]] ; then
3164 + einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
3165 + echo
3166 +
3167 + eerror
3168 + eerror "Your OpenLDAP Installation has a non tagged datadir that"
3169 + eerror "possibly contains a database at ${CURRENT_TAGDIR}"
3170 + eerror
3171 + eerror "Please export data if any entered and empty or remove"
3172 + eerror "the directory, installation has been stopped so you"
3173 + eerror "can take required action"
3174 + eerror
3175 + eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
3176 + eerror
3177 + openldap_upgrade_howto
3178 + die "Please move the datadir ${CURRENT_TAGDIR} away"
3179 + fi
3180 + fi
3181 + einfo
3182 + fi
3183 + done
3184 + [ "${have_files}" == "1" ] && einfo "DB files present" || einfo "No DB files present"
3185 +
3186 + # Now we must check for the major version of sys-libs/db linked against.
3187 + SLAPD_PATH=${EROOT}/usr/$(get_libdir)/openldap/slapd
3188 + if [ "${have_files}" == "1" -a -f "${SLAPD_PATH}" ]; then
3189 + OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
3190 + | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
3191 + if use berkdb; then
3192 + # find which one would be used
3193 + for bdb_slot in $BDB_SLOTS ; do
3194 + NEWVER="$(db_findver "=sys-libs/db-${bdb_slot}*")"
3195 + [[ -n "$NEWVER" ]] && break
3196 + done
3197 + fi
3198 + local fail=0
3199 + if [ -z "${OLDVER}" -a -z "${NEWVER}" ]; then
3200 + :
3201 + # Nothing wrong here.
3202 + elif [ -z "${OLDVER}" -a -n "${NEWVER}" ]; then
3203 + eerror " Your existing version of OpenLDAP was not built against"
3204 + eerror " any version of sys-libs/db, but the new one will build"
3205 + eerror " against ${NEWVER} and your database may be inaccessible."
3206 + echo
3207 + fail=1
3208 + elif [ -n "${OLDVER}" -a -z "${NEWVER}" ]; then
3209 + eerror " Your existing version of OpenLDAP was built against"
3210 + eerror " sys-libs/db:${OLDVER}, but the new one will not be"
3211 + eerror " built against any version and your database may be"
3212 + eerror " inaccessible."
3213 + echo
3214 + fail=1
3215 + elif [ "${OLDVER}" != "${NEWVER}" ]; then
3216 + eerror " Your existing version of OpenLDAP was built against"
3217 + eerror " sys-libs/db:${OLDVER}, but the new one will build against"
3218 + eerror " ${NEWVER} and your database would be inaccessible."
3219 + echo
3220 + fail=1
3221 + fi
3222 + [ "${fail}" == "1" ] && openldap_upgrade_howto
3223 + fi
3224 +
3225 + echo
3226 + einfo
3227 + einfo "All datadirs are fine, proceeding with merge now..."
3228 + einfo
3229 +}
3230 +
3231 +openldap_upgrade_howto() {
3232 + eerror
3233 + eerror "A (possible old) installation of OpenLDAP was detected,"
3234 + eerror "installation will not proceed for now."
3235 + eerror
3236 + eerror "As major version upgrades can corrupt your database,"
3237 + eerror "you need to dump your database and re-create it afterwards."
3238 + eerror
3239 + eerror "Additionally, rebuilding against different major versions of the"
3240 + eerror "sys-libs/db libraries will cause your database to be inaccessible."
3241 + eerror ""
3242 + d="$(date -u +%s)"
3243 + l="/root/ldapdump.${d}"
3244 + i="${l}.raw"
3245 + eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
3246 + eerror " 2. slapcat -l ${i}"
3247 + eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
3248 + eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
3249 + eerror " 5. emerge --update \=net-nds/${PF}"
3250 + eerror " 6. etc-update, and ensure that you apply the changes"
3251 + eerror " 7. slapadd -l ${l}"
3252 + eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
3253 + eerror " 9. /etc/init.d/slapd start"
3254 + eerror "10. check that your data is intact."
3255 + eerror "11. set up the new replication system."
3256 + eerror
3257 + if [ "${FORCE_UPGRADE}" != "1" ]; then
3258 + die "You need to upgrade your database first"
3259 + else
3260 + eerror "You have the magical FORCE_UPGRADE=1 in place."
3261 + eerror "Don't say you weren't warned about data loss."
3262 + fi
3263 +}
3264 +
3265 +pkg_setup() {
3266 + if ! use sasl && use cxx ; then
3267 + die "To build the ldapc++ library you must emerge openldap with sasl support"
3268 + fi
3269 + # Bug #322787
3270 + if use minimal && ! has_version "net-nds/openldap" ; then
3271 + einfo "No datadir scan needed, openldap not installed"
3272 + elif use minimal && has_version "net-nds/openldap" && built_with_use net-nds/openldap minimal ; then
3273 + einfo "Skipping scan for previous datadirs as requested by minimal useflag"
3274 + else
3275 + openldap_find_versiontags
3276 + fi
3277 +
3278 + # The user/group are only used for running daemons which are
3279 + # disabled in minimal builds, so elide the accounts too.
3280 + if ! use minimal ; then
3281 + enewgroup ldap 439
3282 + enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
3283 + fi
3284 +}
3285 +
3286 +src_prepare() {
3287 + # ensure correct SLAPI path by default
3288 + sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \
3289 + "${S}"/include/ldap_defaults.h
3290 +
3291 + epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
3292 +
3293 + epatch \
3294 + "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \
3295 + "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
3296 +
3297 + # bug #116045 - still present in 2.4.28
3298 + epatch "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
3299 + # bug #408077 - samba4
3300 + epatch "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
3301 +
3302 + # bug #189817
3303 + epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
3304 +
3305 + # bug #233633
3306 + epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch
3307 +
3308 + # bug #281495
3309 + epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
3310 +
3311 + # bug #294350
3312 + epatch "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
3313 +
3314 + # unbreak /bin/sh -> dash
3315 + epatch "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
3316 +
3317 + # bug #420959
3318 + epatch "${FILESDIR}"/${PN}-2.4.31-gcc47.patch
3319 +
3320 + # bug #421463
3321 + #epatch "${FILESDIR}"/${PN}-2.4.33-gnutls.patch # merged upstream
3322 +
3323 + # unbundle lmdb
3324 + epatch "${FILESDIR}"/${P}-mdb-unbundle.patch
3325 + rm -rf "${S}"/libraries/liblmdb
3326 +
3327 + cd "${S}"/build || die
3328 + einfo "Making sure upstream build strip does not do stripping too early"
3329 + sed -i.orig \
3330 + -e '/^STRIP/s,-s,,g' \
3331 + top.mk || die "Failed to block stripping"
3332 +
3333 + # wrong assumption that /bin/sh is /bin/bash
3334 + sed -i \
3335 + -e 's|/bin/sh|/bin/bash|g' \
3336 + "${S}"/tests/scripts/* || die "sed failed"
3337 +
3338 + cd "${S}" || die
3339 +
3340 + AT_NOEAUTOMAKE=yes eautoreconf
3341 +}
3342 +
3343 +build_contrib_module() {
3344 + # <dir> <sources> <outputname>
3345 + cd "${S}/contrib/slapd-modules/$1" || die
3346 + einfo "Compiling contrib-module: $3"
3347 + # Make sure it's uppercase
3348 + local define_name="$(echo "SLAPD_OVER_${1}" | LC_ALL=C tr '[:lower:]' '[:upper:]')"
3349 + "${lt}" --mode=compile --tag=CC \
3350 + "${CC}" \
3351 + -D${define_name}=SLAPD_MOD_DYNAMIC \
3352 + -I"${BUILD_DIR}"/include \
3353 + -I../../../include -I../../../servers/slapd ${CFLAGS} \
3354 + -o ${2%.c}.lo -c $2 || die "compiling $3 failed"
3355 + einfo "Linking contrib-module: $3"
3356 + "${lt}" --mode=link --tag=CC \
3357 + "${CC}" -module \
3358 + ${CFLAGS} \
3359 + ${LDFLAGS} \
3360 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
3361 + -o $3.la ${2%.c}.lo || die "linking $3 failed"
3362 +}
3363 +
3364 +src_configure() {
3365 + #Fix for glibc-2.8 and ucred. Bug 228457.
3366 + append-cppflags -D_GNU_SOURCE
3367 +
3368 + # Bug 408001
3369 + use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync
3370 +
3371 + # connectionless ldap per bug #342439
3372 + append-cppflags -DLDAP_CONNECTIONLESS
3373 +
3374 + multilib-minimal_src_configure
3375 +}
3376 +
3377 +multilib_src_configure() {
3378 + local myconf=()
3379 +
3380 + use debug && myconf+=( $(use_enable debug) )
3381 +
3382 + # ICU usage is not configurable
3383 + export ac_cv_header_unicode_utypes_h="$(multilib_is_native_abi && use icu && echo yes || echo no)"
3384 +
3385 + if ! use minimal && multilib_is_native_abi; then
3386 + local CPPFLAGS=${CPPFLAGS}
3387 +
3388 + # re-enable serverside overlay chains per bug #296567
3389 + # see ldap docs chaper 12.3.1 for details
3390 + myconf+=( --enable-ldap )
3391 +
3392 + # backends
3393 + myconf+=( --enable-slapd )
3394 + if use berkdb ; then
3395 + einfo "Using Berkeley DB for local backend"
3396 + myconf+=( --enable-bdb --enable-hdb )
3397 + DBINCLUDE=$(db_includedir $BDB_SLOTS)
3398 + einfo "Using $DBINCLUDE for sys-libs/db version"
3399 + # We need to include the slotted db.h dir for FreeBSD
3400 + append-cppflags -I${DBINCLUDE}
3401 + else
3402 + myconf+=( --disable-bdb --disable-hdb )
3403 + fi
3404 + for backend in dnssrv ldap mdb meta monitor null passwd relay shell sock; do
3405 + myconf+=( --enable-${backend}=mod )
3406 + done
3407 +
3408 + myconf+=( $(use_enable perl perl mod) )
3409 +
3410 + myconf+=( $(use_enable odbc sql mod) )
3411 + if use odbc ; then
3412 + local odbc_lib="unixodbc"
3413 + if use iodbc ; then
3414 + odbc_lib="iodbc"
3415 + append-cppflags -I"${EPREFIX}"/usr/include/iodbc
3416 + fi
3417 + myconf+=( --with-odbc=${odbc_lib} )
3418 + fi
3419 +
3420 + # slapd options
3421 + myconf+=(
3422 + $(use_enable crypt)
3423 + $(use_enable slp)
3424 + $(use_enable samba lmpasswd)
3425 + $(use_enable syslog)
3426 + )
3427 + if use experimental ; then
3428 + myconf+=(
3429 + --enable-dynacl
3430 + --enable-aci=mod
3431 + )
3432 + fi
3433 + for option in aci cleartext modules rewrite rlookups slapi; do
3434 + myconf+=( --enable-${option} )
3435 + done
3436 +
3437 + # slapd overlay options
3438 + # Compile-in the syncprov, the others as module
3439 + myconf+=( --enable-syncprov=yes )
3440 + use overlays && myconf+=( --enable-overlays=mod )
3441 +
3442 + else
3443 + myconf+=(
3444 + --disable-backends
3445 + --disable-slapd
3446 + --disable-bdb
3447 + --disable-hdb
3448 + --disable-mdb
3449 + --disable-overlays
3450 + --disable-syslog
3451 + )
3452 + fi
3453 +
3454 + # basic functionality stuff
3455 + myconf+=(
3456 + $(use_enable ipv6)
3457 + $(multilib_native_use_with sasl cyrus-sasl)
3458 + $(multilib_native_use_enable sasl spasswd)
3459 + $(use_enable tcpd wrappers)
3460 + )
3461 +
3462 + # Some cross-compiling tests don't pan out well.
3463 + tc-is-cross-compiler && myconf+=(
3464 + --with-yielding-select=yes
3465 + )
3466 +
3467 + local ssl_lib="no"
3468 + if use ssl || ( ! use minimal && use samba ) ; then
3469 + ssl_lib="openssl"
3470 + use gnutls && ssl_lib="gnutls"
3471 + fi
3472 +
3473 + myconf+=( --with-tls=${ssl_lib} )
3474 +
3475 + for basicflag in dynamic local proctitle shared; do
3476 + myconf+=( --enable-${basicflag} )
3477 + done
3478 +
3479 + tc-export AR CC CXX
3480 + ECONF_SOURCE=${S} \
3481 + STRIP=/bin/true \
3482 + econf \
3483 + --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
3484 + $(use_enable static-libs static) \
3485 + "${myconf[@]}"
3486 + emake depend
3487 +}
3488 +
3489 +src_configure_cxx() {
3490 + # This needs the libraries built by the first build run.
3491 + # So we have to run it AFTER the main build, not just after the main
3492 + # configure.
3493 + local myconf_ldapcpp=(
3494 + --with-ldap-includes="${S}"/include
3495 + )
3496 +
3497 + mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die
3498 + cd "${BUILD_DIR}/contrib/ldapc++" || die
3499 +
3500 + local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS}
3501 + append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
3502 + -L"${BUILD_DIR}"/libraries/libldap/.libs
3503 + append-cppflags -I"${BUILD_DIR}"/include
3504 + ECONF_SOURCE=${S}/contrib/ldapc++ \
3505 + econf "${myconf_ldapcpp[@]}" \
3506 + CC="${CC}" \
3507 + CXX="${CXX}"
3508 +}
3509 +
3510 +multilib_src_compile() {
3511 + tc-export AR CC CXX
3512 + emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash
3513 + local lt="${BUILD_DIR}/libtool"
3514 + export echo="echo"
3515 +
3516 + if ! use minimal && multilib_is_native_abi ; then
3517 + if use cxx ; then
3518 + einfo "Building contrib library: ldapc++"
3519 + src_configure_cxx
3520 + cd "${BUILD_DIR}/contrib/ldapc++" || die
3521 + emake \
3522 + CC="${CC}" CXX="${CXX}"
3523 + fi
3524 +
3525 + if use smbkrb5passwd ; then
3526 + einfo "Building contrib-module: smbk5pwd"
3527 + cd "${S}/contrib/slapd-modules/smbk5pwd" || die
3528 +
3529 + MY_DEFS="-DDO_SHADOW"
3530 + if use samba ; then
3531 + MY_DEFS="${MY_DEFS} -DDO_SAMBA"
3532 + MY_KRB5_INC=""
3533 + fi
3534 + if use kerberos ; then
3535 + MY_DEFS="${MY_DEFS} -DDO_KRB5"
3536 + MY_KRB5_INC="$(krb5-config --cflags)"
3537 + fi
3538 +
3539 + emake \
3540 + DEFS="${MY_DEFS}" \
3541 + KRB5_INC="${MY_KRB5_INC}" \
3542 + LDAP_BUILD="${BUILD_DIR}" \
3543 + CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
3544 + fi
3545 +
3546 + if use overlays ; then
3547 + einfo "Building contrib-module: samba4"
3548 + cd "${S}/contrib/slapd-modules/samba4" || die
3549 +
3550 + emake \
3551 + LDAP_BUILD="${BUILD_DIR}" \
3552 + CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap"
3553 + fi
3554 +
3555 + if use kerberos ; then
3556 + build_contrib_module "kinit" "kinit.c" "kinit"
3557 + cd "${S}/contrib/slapd-modules/passwd" || die
3558 + einfo "Compiling contrib-module: pw-kerberos"
3559 + "${lt}" --mode=compile --tag=CC \
3560 + "${CC}" \
3561 + -I"${BUILD_DIR}"/include \
3562 + -I../../../include \
3563 + ${CFLAGS} \
3564 + $(krb5-config --cflags) \
3565 + -DHAVE_KRB5 \
3566 + -o kerberos.lo \
3567 + -c kerberos.c || die "compiling pw-kerberos failed"
3568 + einfo "Linking contrib-module: pw-kerberos"
3569 + "${lt}" --mode=link --tag=CC \
3570 + "${CC}" -module \
3571 + ${CFLAGS} \
3572 + ${LDFLAGS} \
3573 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
3574 + -o pw-kerberos.la \
3575 + kerberos.lo || die "linking pw-kerberos failed"
3576 + fi
3577 + # We could build pw-radius if GNURadius would install radlib.h
3578 + cd "${S}/contrib/slapd-modules/passwd" || die
3579 + einfo "Compiling contrib-module: pw-netscape"
3580 + "${lt}" --mode=compile --tag=CC \
3581 + "${CC}" \
3582 + -I"${BUILD_DIR}"/include \
3583 + -I../../../include \
3584 + ${CFLAGS} \
3585 + -o netscape.lo \
3586 + -c netscape.c || die "compiling pw-netscape failed"
3587 + einfo "Linking contrib-module: pw-netscape"
3588 + "${lt}" --mode=link --tag=CC \
3589 + "${CC}" -module \
3590 + ${CFLAGS} \
3591 + ${LDFLAGS} \
3592 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
3593 + -o pw-netscape.la \
3594 + netscape.lo || die "linking pw-netscape failed"
3595 +
3596 + #build_contrib_module "acl" "posixgroup.c" "posixGroup" # example code only
3597 + #build_contrib_module "acl" "gssacl.c" "gss" # example code only, also needs kerberos
3598 + build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
3599 + build_contrib_module "allop" "allop.c" "overlay-allop"
3600 + build_contrib_module "allowed" "allowed.c" "allowed"
3601 + build_contrib_module "autogroup" "autogroup.c" "autogroup"
3602 + build_contrib_module "cloak" "cloak.c" "cloak"
3603 + # build_contrib_module "comp_match" "comp_match.c" "comp_match" # really complex, adds new external deps, questionable demand
3604 + build_contrib_module "denyop" "denyop.c" "denyop-overlay"
3605 + build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
3606 + build_contrib_module "dupent" "dupent.c" "dupent"
3607 + build_contrib_module "lastbind" "lastbind.c" "lastbind"
3608 + # lastmod may not play well with other overlays
3609 + build_contrib_module "lastmod" "lastmod.c" "lastmod"
3610 + build_contrib_module "noopsrch" "noopsrch.c" "noopsrch"
3611 + build_contrib_module "nops" "nops.c" "nops-overlay"
3612 + #build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER
3613 + build_contrib_module "trace" "trace.c" "trace"
3614 + # build slapi-plugins
3615 + cd "${S}/contrib/slapi-plugins/addrdnvalues" || die
3616 + einfo "Building contrib-module: addrdnvalues plugin"
3617 + "${CC}" -shared \
3618 + -I"${BUILD_DIR}"/include \
3619 + -I../../../include \
3620 + ${CFLAGS} \
3621 + -fPIC \
3622 + ${LDFLAGS} \
3623 + -o libaddrdnvalues-plugin.so \
3624 + addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
3625 +
3626 + fi
3627 +}
3628 +
3629 +multilib_src_test() {
3630 + if multilib_is_native_abi; then
3631 + cd tests || die
3632 + emake tests || die "make tests failed"
3633 + fi
3634 +}
3635 +
3636 +multilib_src_install() {
3637 + local lt="${BUILD_DIR}/libtool"
3638 + emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install
3639 + use static-libs || prune_libtool_files --all
3640 +
3641 + if ! use minimal && multilib_is_native_abi; then
3642 + # openldap modules go here
3643 + # TODO: write some code to populate slapd.conf with moduleload statements
3644 + keepdir /usr/$(get_libdir)/openldap/openldap/
3645 +
3646 + # initial data storage dir
3647 + keepdir /var/lib/openldap-data
3648 + use prefix || fowners ldap:ldap /var/lib/openldap-data
3649 + fperms 0700 /var/lib/openldap-data
3650 +
3651 + echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
3652 + echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
3653 + echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
3654 +
3655 + # use our config
3656 + rm "${ED}"etc/openldap/slapd.conf
3657 + insinto /etc/openldap
3658 + newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf
3659 + configfile="${ED}"etc/openldap/slapd.conf
3660 +
3661 + # populate with built backends
3662 + ebegin "populate config with built backends"
3663 + for x in "${ED}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
3664 + einfo "Adding $(basename ${x})"
3665 + sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
3666 + done
3667 + sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
3668 + use prefix || fowners root:ldap /etc/openldap/slapd.conf
3669 + fperms 0640 /etc/openldap/slapd.conf
3670 + cp "${configfile}" "${configfile}".default
3671 + eend
3672 +
3673 + # install our own init scripts and systemd unit files
3674 + einfo "Install init scripts"
3675 + newinitd "${FILESDIR}"/slapd-initd-2.4.40-r2 slapd
3676 + newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd
3677 + einfo "Install systemd service"
3678 + systemd_dounit "${FILESDIR}"/slapd.service
3679 + systemd_install_serviced "${FILESDIR}"/slapd.service.conf
3680 + systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf
3681 +
3682 + if [[ $(get_libdir) != lib ]]; then
3683 + sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i \
3684 + "${ED}"/etc/init.d/slapd \
3685 + "${ED}"/usr/lib/systemd/system/slapd.service || die
3686 + fi
3687 + # If built without SLP, we don't need to be before avahi
3688 + use slp \
3689 + || sed -i \
3690 + -e '/before/{s/avahi-daemon//g}' \
3691 + "${ED}"etc/init.d/slapd
3692 +
3693 + if use cxx ; then
3694 + einfo "Install the ldapc++ library"
3695 + cd "${BUILD_DIR}/contrib/ldapc++" || die
3696 + emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
3697 + cd "${S}"/contrib/ldapc++ || die
3698 + newdoc README ldapc++-README
3699 + fi
3700 +
3701 + if use smbkrb5passwd ; then
3702 + einfo "Install the smbk5pwd module"
3703 + cd "${S}/contrib/slapd-modules/smbk5pwd" || die
3704 + emake DESTDIR="${D}" \
3705 + LDAP_BUILD="${BUILD_DIR}" \
3706 + libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
3707 + newdoc README smbk5pwd-README
3708 + fi
3709 +
3710 + if use overlays ; then
3711 + einfo "Install the samba4 module"
3712 + cd "${S}/contrib/slapd-modules/samba4" || die
3713 + emake DESTDIR="${D}" \
3714 + LDAP_BUILD="${BUILD_DIR}" \
3715 + libexecdir="/usr/$(get_libdir)/openldap" install
3716 + newdoc README samba4-README
3717 + fi
3718 +
3719 + einfo "Installing contrib modules"
3720 + cd "${S}/contrib/slapd-modules" || die
3721 + for l in */*.la; do
3722 + "${lt}" --mode=install cp ${l} \
3723 + "${ED}"usr/$(get_libdir)/openldap/openldap || \
3724 + die "installing ${l} failed"
3725 + done
3726 +
3727 + dodoc "${FILESDIR}"/DB_CONFIG.fast.example
3728 + docinto contrib
3729 + doman */*.5
3730 + #newdoc acl/README*
3731 + newdoc addpartial/README addpartial-README
3732 + newdoc allop/README allop-README
3733 + newdoc allowed/README allowed-README
3734 + newdoc autogroup/README autogroup-README
3735 + newdoc dsaschema/README dsaschema-README
3736 + newdoc passwd/README passwd-README
3737 + cd "${S}/contrib/slapi-plugins" || die
3738 + insinto /usr/$(get_libdir)/openldap/openldap
3739 + doins */*.so
3740 + docinto contrib
3741 + newdoc addrdnvalues/README addrdnvalues-README
3742 +
3743 + insinto /etc/openldap/schema
3744 + newins "${DISTDIR}"/${BIS_P} ${BIS_PN}
3745 +
3746 + docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample*
3747 + docinto back-shell ; dodoc "${S}"/servers/slapd/back-shell/searchexample*
3748 + docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm
3749 +
3750 + dosbin "${S}"/contrib/slapd-tools/statslog
3751 + newdoc "${S}"/contrib/slapd-tools/README README.statslog
3752 + fi
3753 +}
3754 +
3755 +multilib_src_install_all() {
3756 + dodoc ANNOUNCEMENT CHANGES COPYRIGHT README
3757 + docinto rfc ; dodoc doc/rfc/*.txt
3758 +}
3759 +
3760 +pkg_preinst() {
3761 + # keep old libs if any
3762 + preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0)
3763 + # bug 440470, only display the getting started help there was no openldap before,
3764 + # or we are going to a non-minimal build
3765 + ! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]'
3766 + OPENLDAP_PRINT_MESSAGES=$((! $?))
3767 +}
3768 +
3769 +pkg_postinst() {
3770 + if ! use minimal ; then
3771 + # You cannot build SSL certificates during src_install that will make
3772 + # binary packages containing your SSL key, which is both a security risk
3773 + # and a misconfiguration if multiple machines use the same key and cert.
3774 + if use ssl; then
3775 + install_cert /etc/openldap/ssl/ldap
3776 + use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.*
3777 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
3778 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
3779 + ewarn "add 'TLS_REQCERT allow' if you want to use them."
3780 + fi
3781 +
3782 + if use prefix; then
3783 + # Warn about prefix issues with slapd
3784 + eerror "slapd might NOT be usable on Prefix systems as it requires root privileges"
3785 + eerror "to start up, and requires that certain files directories be owned by"
3786 + eerror "ldap:ldap. As Prefix does not support changing ownership of files and"
3787 + eerror "directories, you will have to manually fix this yourself."
3788 + fi
3789 +
3790 + # These lines force the permissions of various content to be correct
3791 + use prefix || chown ldap:ldap "${EROOT}"var/run/openldap
3792 + chmod 0755 "${EROOT}"var/run/openldap
3793 + use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default}
3794 + chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default}
3795 + use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data
3796 + fi
3797 +
3798 + if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then
3799 + elog "Getting started using OpenLDAP? There is some documentation available:"
3800 + elog "Gentoo Guide to OpenLDAP Authentication"
3801 + elog "(https://www.gentoo.org/doc/en/ldap-howto.xml)"
3802 + elog "---"
3803 + elog "An example file for tuning BDB backends with openldap is"
3804 + elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
3805 + fi
3806 +
3807 + preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0)
3808 +}
3809
3810 diff --git a/net-nds/openldap/openldap-2.4.40.ebuild b/net-nds/openldap/openldap-2.4.40.ebuild
3811 new file mode 100644
3812 index 00000000..5c7a172
3813 --- /dev/null
3814 +++ b/net-nds/openldap/openldap-2.4.40.ebuild
3815 @@ -0,0 +1,822 @@
3816 +# Copyright 1999-2016 Gentoo Foundation
3817 +# Distributed under the terms of the GNU General Public License v2
3818 +# $Id$
3819 +
3820 +EAPI="5"
3821 +
3822 +inherit db-use eutils flag-o-matic multilib multilib-minimal ssl-cert versionator toolchain-funcs autotools user systemd
3823 +
3824 +BIS_PN=rfc2307bis.schema
3825 +BIS_PV=20140524
3826 +BIS_P="${BIS_PN}-${BIS_PV}"
3827 +
3828 +DESCRIPTION="LDAP suite of application and development tools"
3829 +HOMEPAGE="http://www.OpenLDAP.org/"
3830 +
3831 +# mirrors are mostly not working, using canonical URI
3832 +SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz
3833 + mirror://gentoo/${BIS_P}"
3834 +
3835 +LICENSE="OPENLDAP GPL-2"
3836 +SLOT="0"
3837 +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~x86-linux ~x86-solaris"
3838 +
3839 +IUSE_DAEMON="crypt icu samba slp tcpd experimental minimal"
3840 +IUSE_BACKEND="+berkdb"
3841 +IUSE_OVERLAY="overlays perl"
3842 +IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 +syslog selinux static-libs"
3843 +IUSE_CONTRIB="smbkrb5passwd kerberos"
3844 +IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
3845 +IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
3846 +
3847 +REQUIRED_USE="cxx? ( sasl )"
3848 +
3849 +# openssl is needed to generate lanman-passwords required by samba
3850 +CDEPEND="icu? ( dev-libs/icu:= )
3851 + ssl? ( !gnutls? ( >=dev-libs/openssl-1.0.1h-r2[${MULTILIB_USEDEP}] )
3852 + gnutls? ( >=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}] >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] ) )
3853 + sasl? ( dev-libs/cyrus-sasl:= )
3854 + !minimal? (
3855 + sys-devel/libtool
3856 + sys-libs/e2fsprogs-libs
3857 + tcpd? ( sys-apps/tcp-wrappers )
3858 + odbc? ( !iodbc? ( dev-db/unixODBC )
3859 + iodbc? ( dev-db/libiodbc ) )
3860 + slp? ( net-libs/openslp )
3861 + perl? ( dev-lang/perl:=[-build(-)] )
3862 + samba? ( dev-libs/openssl )
3863 + berkdb? ( sys-libs/db )
3864 + smbkrb5passwd? (
3865 + dev-libs/openssl
3866 + kerberos? ( app-crypt/heimdal )
3867 + )
3868 + kerberos? ( virtual/krb5 )
3869 + cxx? ( dev-libs/cyrus-sasl:= )
3870 + )
3871 + abi_x86_32? (
3872 + !<=app-emulation/emul-linux-x86-baselibs-20140508-r3
3873 + !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
3874 + )"
3875 +DEPEND="${CDEPEND}
3876 + sys-apps/groff"
3877 +RDEPEND="${CDEPEND}
3878 + selinux? ( sec-policy/selinux-ldap )
3879 +"
3880 +# for tracking versions
3881 +OPENLDAP_VERSIONTAG=".version-tag"
3882 +OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
3883 +
3884 +MULTILIB_WRAPPED_HEADERS=(
3885 + # USE=cxx
3886 + /usr/include/LDAPAsynConnection.h
3887 + /usr/include/LDAPAttrType.h
3888 + /usr/include/LDAPAttribute.h
3889 + /usr/include/LDAPAttributeList.h
3890 + /usr/include/LDAPConnection.h
3891 + /usr/include/LDAPConstraints.h
3892 + /usr/include/LDAPControl.h
3893 + /usr/include/LDAPControlSet.h
3894 + /usr/include/LDAPEntry.h
3895 + /usr/include/LDAPEntryList.h
3896 + /usr/include/LDAPException.h
3897 + /usr/include/LDAPExtResult.h
3898 + /usr/include/LDAPMessage.h
3899 + /usr/include/LDAPMessageQueue.h
3900 + /usr/include/LDAPModList.h
3901 + /usr/include/LDAPModification.h
3902 + /usr/include/LDAPObjClass.h
3903 + /usr/include/LDAPRebind.h
3904 + /usr/include/LDAPRebindAuth.h
3905 + /usr/include/LDAPReferenceList.h
3906 + /usr/include/LDAPResult.h
3907 + /usr/include/LDAPSaslBindResult.h
3908 + /usr/include/LDAPSchema.h
3909 + /usr/include/LDAPSearchReference.h
3910 + /usr/include/LDAPSearchResult.h
3911 + /usr/include/LDAPSearchResults.h
3912 + /usr/include/LDAPUrl.h
3913 + /usr/include/LDAPUrlList.h
3914 + /usr/include/LdifReader.h
3915 + /usr/include/LdifWriter.h
3916 + /usr/include/SaslInteraction.h
3917 + /usr/include/SaslInteractionHandler.h
3918 + /usr/include/StringList.h
3919 + /usr/include/TlsOptions.h
3920 +
3921 + # USE=-minimal
3922 + /usr/include/lmdb.h
3923 +)
3924 +
3925 +openldap_filecount() {
3926 + local dir="$1"
3927 + find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
3928 +}
3929 +
3930 +openldap_find_versiontags() {
3931 + # scan for all datadirs
3932 + openldap_datadirs=""
3933 + if [ -f "${EROOT}"/etc/openldap/slapd.conf ]; then
3934 + openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${EROOT}/etc/openldap/slapd.conf)"
3935 + fi
3936 + openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
3937 +
3938 + einfo
3939 + einfo "Scanning datadir(s) from slapd.conf and"
3940 + einfo "the default installdir for Versiontags"
3941 + einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
3942 + einfo
3943 +
3944 + # scan datadirs if we have a version tag
3945 + openldap_found_tag=0
3946 + have_files=0
3947 + for each in ${openldap_datadirs}; do
3948 + CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
3949 + CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
3950 + if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
3951 + einfo "- Checking ${each}..."
3952 + if [ -r ${CURRENT_TAG} ] ; then
3953 + # yey, we have one :)
3954 + einfo " Found Versiontag in ${each}"
3955 + source ${CURRENT_TAG}
3956 + if [ "${OLDPF}" == "" ] ; then
3957 + eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
3958 + eerror "Please delete it"
3959 + eerror
3960 + die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
3961 + fi
3962 +
3963 + OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
3964 +
3965 + [ $(openldap_filecount ${CURRENT_TAGDIR}) -gt 0 ] && have_files=1
3966 +
3967 + # are we on the same branch?
3968 + if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
3969 + ewarn " Versiontag doesn't match current major release!"
3970 + if [[ "${have_files}" == "1" ]] ; then
3971 + eerror " Versiontag says other major and you (probably) have datafiles!"
3972 + echo
3973 + openldap_upgrade_howto
3974 + else
3975 + einfo " No real problem, seems there's no database."
3976 + fi
3977 + else
3978 + einfo " Versiontag is fine here :)"
3979 + fi
3980 + else
3981 + einfo " Non-tagged dir ${each}"
3982 + [ $(openldap_filecount ${each}) -gt 0 ] && have_files=1
3983 + if [[ "${have_files}" == "1" ]] ; then
3984 + einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
3985 + echo
3986 +
3987 + eerror
3988 + eerror "Your OpenLDAP Installation has a non tagged datadir that"
3989 + eerror "possibly contains a database at ${CURRENT_TAGDIR}"
3990 + eerror
3991 + eerror "Please export data if any entered and empty or remove"
3992 + eerror "the directory, installation has been stopped so you"
3993 + eerror "can take required action"
3994 + eerror
3995 + eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
3996 + eerror
3997 + openldap_upgrade_howto
3998 + die "Please move the datadir ${CURRENT_TAGDIR} away"
3999 + fi
4000 + fi
4001 + einfo
4002 + fi
4003 + done
4004 + [ "${have_files}" == "1" ] && einfo "DB files present" || einfo "No DB files present"
4005 +
4006 + # Now we must check for the major version of sys-libs/db linked against.
4007 + SLAPD_PATH=${EROOT}/usr/$(get_libdir)/openldap/slapd
4008 + if [ "${have_files}" == "1" -a -f "${SLAPD_PATH}" ]; then
4009 + OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
4010 + | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
4011 + NEWVER="$(use berkdb && db_findver sys-libs/db)"
4012 + local fail=0
4013 + if [ -z "${OLDVER}" -a -z "${NEWVER}" ]; then
4014 + :
4015 + # Nothing wrong here.
4016 + elif [ -z "${OLDVER}" -a -n "${NEWVER}" ]; then
4017 + eerror " Your existing version of OpenLDAP was not built against"
4018 + eerror " any version of sys-libs/db, but the new one will build"
4019 + eerror " against ${NEWVER} and your database may be inaccessible."
4020 + echo
4021 + fail=1
4022 + elif [ -n "${OLDVER}" -a -z "${NEWVER}" ]; then
4023 + eerror " Your existing version of OpenLDAP was built against"
4024 + eerror " sys-libs/db:${OLDVER}, but the new one will not be"
4025 + eerror " built against any version and your database may be"
4026 + eerror " inaccessible."
4027 + echo
4028 + fail=1
4029 + elif [ "${OLDVER}" != "${NEWVER}" ]; then
4030 + eerror " Your existing version of OpenLDAP was built against"
4031 + eerror " sys-libs/db:${OLDVER}, but the new one will build against"
4032 + eerror " ${NEWVER} and your database would be inaccessible."
4033 + echo
4034 + fail=1
4035 + fi
4036 + [ "${fail}" == "1" ] && openldap_upgrade_howto
4037 + fi
4038 +
4039 + echo
4040 + einfo
4041 + einfo "All datadirs are fine, proceeding with merge now..."
4042 + einfo
4043 +}
4044 +
4045 +openldap_upgrade_howto() {
4046 + eerror
4047 + eerror "A (possible old) installation of OpenLDAP was detected,"
4048 + eerror "installation will not proceed for now."
4049 + eerror
4050 + eerror "As major version upgrades can corrupt your database,"
4051 + eerror "you need to dump your database and re-create it afterwards."
4052 + eerror
4053 + eerror "Additionally, rebuilding against different major versions of the"
4054 + eerror "sys-libs/db libraries will cause your database to be inaccessible."
4055 + eerror ""
4056 + d="$(date -u +%s)"
4057 + l="/root/ldapdump.${d}"
4058 + i="${l}.raw"
4059 + eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
4060 + eerror " 2. slapcat -l ${i}"
4061 + eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
4062 + eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
4063 + eerror " 5. emerge --update \=net-nds/${PF}"
4064 + eerror " 6. etc-update, and ensure that you apply the changes"
4065 + eerror " 7. slapadd -l ${l}"
4066 + eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
4067 + eerror " 9. /etc/init.d/slapd start"
4068 + eerror "10. check that your data is intact."
4069 + eerror "11. set up the new replication system."
4070 + eerror
4071 + if [ "${FORCE_UPGRADE}" != "1" ]; then
4072 + die "You need to upgrade your database first"
4073 + else
4074 + eerror "You have the magical FORCE_UPGRADE=1 in place."
4075 + eerror "Don't say you weren't warned about data loss."
4076 + fi
4077 +}
4078 +
4079 +pkg_setup() {
4080 + if ! use sasl && use cxx ; then
4081 + die "To build the ldapc++ library you must emerge openldap with sasl support"
4082 + fi
4083 + # Bug #322787
4084 + if use minimal && ! has_version "net-nds/openldap" ; then
4085 + einfo "No datadir scan needed, openldap not installed"
4086 + elif use minimal && has_version "net-nds/openldap" && built_with_use net-nds/openldap minimal ; then
4087 + einfo "Skipping scan for previous datadirs as requested by minimal useflag"
4088 + else
4089 + openldap_find_versiontags
4090 + fi
4091 +
4092 + # The user/group are only used for running daemons which are
4093 + # disabled in minimal builds, so elide the accounts too.
4094 + if ! use minimal ; then
4095 + enewgroup ldap 439
4096 + enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
4097 + fi
4098 +}
4099 +
4100 +src_prepare() {
4101 + # ensure correct SLAPI path by default
4102 + sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \
4103 + "${S}"/include/ldap_defaults.h
4104 +
4105 + epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
4106 +
4107 + epatch \
4108 + "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \
4109 + "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
4110 +
4111 + # bug #116045 - still present in 2.4.28
4112 + epatch "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
4113 + # bug #408077 - samba4
4114 + epatch "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
4115 +
4116 + # bug #189817
4117 + epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
4118 +
4119 + # bug #233633
4120 + epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch
4121 +
4122 + # bug #281495
4123 + epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
4124 +
4125 + # bug #294350
4126 + epatch "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
4127 +
4128 + # unbreak /bin/sh -> dash
4129 + epatch "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
4130 +
4131 + # bug #420959
4132 + epatch "${FILESDIR}"/${PN}-2.4.31-gcc47.patch
4133 +
4134 + # bug #421463
4135 + #epatch "${FILESDIR}"/${PN}-2.4.33-gnutls.patch # merged upstream
4136 +
4137 + sed -i.orig \
4138 + -e '/IDOCS.*DESTDIR/s,/man/man1,/share/man/man1,g' \
4139 + -e '/ILIBS.*DESTDIR/s,/lib,/$(LIBDIR),g' \
4140 + "${S}"/libraries/liblmdb/Makefile \
4141 + || die "Failed to fix LMDB manpage install location"
4142 +
4143 + cd "${S}"/build || die
4144 + einfo "Making sure upstream build strip does not do stripping too early"
4145 + sed -i.orig \
4146 + -e '/^STRIP/s,-s,,g' \
4147 + top.mk || die "Failed to block stripping"
4148 +
4149 + # wrong assumption that /bin/sh is /bin/bash
4150 + sed -i \
4151 + -e 's|/bin/sh|/bin/bash|g' \
4152 + "${S}"/tests/scripts/* || die "sed failed"
4153 +
4154 + cd "${S}" || die
4155 + AT_NOEAUTOMAKE=yes eautoreconf
4156 +}
4157 +
4158 +build_contrib_module() {
4159 + # <dir> <sources> <outputname>
4160 + cd "${S}/contrib/slapd-modules/$1" || die
4161 + einfo "Compiling contrib-module: $3"
4162 + # Make sure it's uppercase
4163 + local define_name="$(echo "SLAPD_OVER_${1}" | LC_ALL=C tr '[:lower:]' '[:upper:]')"
4164 + "${lt}" --mode=compile --tag=CC \
4165 + "${CC}" \
4166 + -D${define_name}=SLAPD_MOD_DYNAMIC \
4167 + -I"${BUILD_DIR}"/include \
4168 + -I../../../include -I../../../servers/slapd ${CFLAGS} \
4169 + -o ${2%.c}.lo -c $2 || die "compiling $3 failed"
4170 + einfo "Linking contrib-module: $3"
4171 + "${lt}" --mode=link --tag=CC \
4172 + "${CC}" -module \
4173 + ${CFLAGS} \
4174 + ${LDFLAGS} \
4175 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
4176 + -o $3.la ${2%.c}.lo || die "linking $3 failed"
4177 +}
4178 +
4179 +src_configure() {
4180 + #Fix for glibc-2.8 and ucred. Bug 228457.
4181 + append-cppflags -D_GNU_SOURCE
4182 +
4183 + # Bug 408001
4184 + use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync
4185 +
4186 + # connectionless ldap per bug #342439
4187 + append-cppflags -DLDAP_CONNECTIONLESS
4188 +
4189 + multilib-minimal_src_configure
4190 +}
4191 +
4192 +multilib_src_configure() {
4193 + local myconf=()
4194 +
4195 + use debug && myconf+=( $(use_enable debug) )
4196 +
4197 + # ICU usage is not configurable
4198 + export ac_cv_header_unicode_utypes_h="$(multilib_is_native_abi && use icu && echo yes || echo no)"
4199 +
4200 + if ! use minimal && multilib_is_native_abi; then
4201 + local CPPFLAGS=${CPPFLAGS}
4202 +
4203 + # re-enable serverside overlay chains per bug #296567
4204 + # see ldap docs chaper 12.3.1 for details
4205 + myconf+=( --enable-ldap )
4206 +
4207 + # backends
4208 + myconf+=( --enable-slapd )
4209 + if use berkdb ; then
4210 + einfo "Using Berkeley DB for local backend"
4211 + myconf+=( --enable-bdb --enable-hdb )
4212 + # We need to include the slotted db.h dir for FreeBSD
4213 + append-cppflags -I$(db_includedir)
4214 + else
4215 + ewarn
4216 + ewarn "Note: if you disable berkdb, you can only use remote-backends!"
4217 + ewarn
4218 + myconf+=( --disable-bdb --disable-hdb )
4219 + fi
4220 + for backend in dnssrv ldap mdb meta monitor null passwd relay shell sock; do
4221 + myconf+=( --enable-${backend}=mod )
4222 + done
4223 +
4224 + myconf+=( $(use_enable perl perl mod) )
4225 +
4226 + myconf+=( $(use_enable odbc sql mod) )
4227 + if use odbc ; then
4228 + local odbc_lib="unixodbc"
4229 + if use iodbc ; then
4230 + odbc_lib="iodbc"
4231 + append-cppflags -I"${EPREFIX}"/usr/include/iodbc
4232 + fi
4233 + myconf+=( --with-odbc=${odbc_lib} )
4234 + fi
4235 +
4236 + # slapd options
4237 + myconf+=(
4238 + $(use_enable crypt)
4239 + $(use_enable slp)
4240 + $(use_enable samba lmpasswd)
4241 + $(use_enable syslog)
4242 + )
4243 + if use experimental ; then
4244 + myconf+=(
4245 + --enable-dynacl
4246 + --enable-aci=mod
4247 + )
4248 + fi
4249 + for option in aci cleartext modules rewrite rlookups slapi; do
4250 + myconf+=( --enable-${option} )
4251 + done
4252 +
4253 + # slapd overlay options
4254 + # Compile-in the syncprov, the others as module
4255 + myconf+=( --enable-syncprov=yes )
4256 + use overlays && myconf+=( --enable-overlays=mod )
4257 +
4258 + else
4259 + myconf+=(
4260 + --disable-backends
4261 + --disable-slapd
4262 + --disable-bdb
4263 + --disable-hdb
4264 + --disable-mdb
4265 + --disable-overlays
4266 + --disable-syslog
4267 + )
4268 + fi
4269 +
4270 + # basic functionality stuff
4271 + myconf+=(
4272 + $(use_enable ipv6)
4273 + $(multilib_native_use_with sasl cyrus-sasl)
4274 + $(multilib_native_use_enable sasl spasswd)
4275 + $(use_enable tcpd wrappers)
4276 + )
4277 +
4278 + # Some cross-compiling tests don't pan out well.
4279 + tc-is-cross-compiler && myconf+=(
4280 + --with-yielding-select=yes
4281 + )
4282 +
4283 + local ssl_lib="no"
4284 + if use ssl || ( ! use minimal && use samba ) ; then
4285 + ssl_lib="openssl"
4286 + use gnutls && ssl_lib="gnutls"
4287 + fi
4288 +
4289 + myconf+=( --with-tls=${ssl_lib} )
4290 +
4291 + for basicflag in dynamic local proctitle shared; do
4292 + myconf+=( --enable-${basicflag} )
4293 + done
4294 +
4295 + tc-export AR CC CXX
4296 + ECONF_SOURCE=${S} \
4297 + STRIP=/bin/true \
4298 + econf \
4299 + --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
4300 + $(use_enable static-libs static) \
4301 + "${myconf[@]}"
4302 + emake depend
4303 +}
4304 +
4305 +src_configure_cxx() {
4306 + # This needs the libraries built by the first build run.
4307 + # So we have to run it AFTER the main build, not just after the main
4308 + # configure.
4309 + local myconf_ldapcpp=(
4310 + --with-ldap-includes="${S}"/include
4311 + )
4312 +
4313 + mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die
4314 + cd "${BUILD_DIR}/contrib/ldapc++" || die
4315 +
4316 + local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS}
4317 + append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
4318 + -L"${BUILD_DIR}"/libraries/libldap/.libs
4319 + append-cppflags -I"${BUILD_DIR}"/include
4320 + ECONF_SOURCE=${S}/contrib/ldapc++ \
4321 + econf "${myconf_ldapcpp[@]}" \
4322 + CC="${CC}" \
4323 + CXX="${CXX}"
4324 +}
4325 +
4326 +multilib_src_compile() {
4327 + tc-export AR CC CXX
4328 + emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash
4329 + local lt="${BUILD_DIR}/libtool"
4330 + export echo="echo"
4331 +
4332 + if ! use minimal && multilib_is_native_abi ; then
4333 + if use cxx ; then
4334 + einfo "Building contrib library: ldapc++"
4335 + src_configure_cxx
4336 + cd "${BUILD_DIR}/contrib/ldapc++" || die
4337 + emake \
4338 + CC="${CC}" CXX="${CXX}"
4339 + fi
4340 +
4341 + # LMDB tools
4342 + cp -ral "${S}"/libraries/liblmdb "${BUILD_DIR}"/libraries/liblmdb || die
4343 + cd "${BUILD_DIR}"/libraries/liblmdb || die
4344 + emake CC="${CC}" CXX="${CXX}" OPT="${CFLAGS}" prefix="${EPREFIX}/usr" DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash LIBDIR="$(get_libdir)"
4345 +
4346 + if use smbkrb5passwd ; then
4347 + einfo "Building contrib-module: smbk5pwd"
4348 + cd "${S}/contrib/slapd-modules/smbk5pwd" || die
4349 +
4350 + MY_DEFS="-DDO_SHADOW"
4351 + if use samba ; then
4352 + MY_DEFS="${MY_DEFS} -DDO_SAMBA"
4353 + MY_KRB5_INC=""
4354 + fi
4355 + if use kerberos ; then
4356 + MY_DEFS="${MY_DEFS} -DDO_KRB5"
4357 + MY_KRB5_INC="$(krb5-config --cflags)"
4358 + fi
4359 +
4360 + emake \
4361 + DEFS="${MY_DEFS}" \
4362 + KRB5_INC="${MY_KRB5_INC}" \
4363 + LDAP_BUILD="${BUILD_DIR}" \
4364 + CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
4365 + fi
4366 +
4367 + if use overlays ; then
4368 + einfo "Building contrib-module: samba4"
4369 + cd "${S}/contrib/slapd-modules/samba4" || die
4370 +
4371 + emake \
4372 + LDAP_BUILD="${BUILD_DIR}" \
4373 + CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap"
4374 + fi
4375 +
4376 + if use kerberos ; then
4377 + build_contrib_module "kinit" "kinit.c" "kinit"
4378 + cd "${S}/contrib/slapd-modules/passwd" || die
4379 + einfo "Compiling contrib-module: pw-kerberos"
4380 + "${lt}" --mode=compile --tag=CC \
4381 + "${CC}" \
4382 + -I"${BUILD_DIR}"/include \
4383 + -I../../../include \
4384 + ${CFLAGS} \
4385 + $(krb5-config --cflags) \
4386 + -DHAVE_KRB5 \
4387 + -o kerberos.lo \
4388 + -c kerberos.c || die "compiling pw-kerberos failed"
4389 + einfo "Linking contrib-module: pw-kerberos"
4390 + "${lt}" --mode=link --tag=CC \
4391 + "${CC}" -module \
4392 + ${CFLAGS} \
4393 + ${LDFLAGS} \
4394 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
4395 + -o pw-kerberos.la \
4396 + kerberos.lo || die "linking pw-kerberos failed"
4397 + fi
4398 + # We could build pw-radius if GNURadius would install radlib.h
4399 + cd "${S}/contrib/slapd-modules/passwd" || die
4400 + einfo "Compiling contrib-module: pw-netscape"
4401 + "${lt}" --mode=compile --tag=CC \
4402 + "${CC}" \
4403 + -I"${BUILD_DIR}"/include \
4404 + -I../../../include \
4405 + ${CFLAGS} \
4406 + -o netscape.lo \
4407 + -c netscape.c || die "compiling pw-netscape failed"
4408 + einfo "Linking contrib-module: pw-netscape"
4409 + "${lt}" --mode=link --tag=CC \
4410 + "${CC}" -module \
4411 + ${CFLAGS} \
4412 + ${LDFLAGS} \
4413 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
4414 + -o pw-netscape.la \
4415 + netscape.lo || die "linking pw-netscape failed"
4416 +
4417 + #build_contrib_module "acl" "posixgroup.c" "posixGroup" # example code only
4418 + #build_contrib_module "acl" "gssacl.c" "gss" # example code only, also needs kerberos
4419 + build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
4420 + build_contrib_module "allop" "allop.c" "overlay-allop"
4421 + build_contrib_module "allowed" "allowed.c" "allowed"
4422 + build_contrib_module "autogroup" "autogroup.c" "autogroup"
4423 + build_contrib_module "cloak" "cloak.c" "cloak"
4424 + # build_contrib_module "comp_match" "comp_match.c" "comp_match" # really complex, adds new external deps, questionable demand
4425 + build_contrib_module "denyop" "denyop.c" "denyop-overlay"
4426 + build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
4427 + build_contrib_module "dupent" "dupent.c" "dupent"
4428 + build_contrib_module "lastbind" "lastbind.c" "lastbind"
4429 + # lastmod may not play well with other overlays
4430 + build_contrib_module "lastmod" "lastmod.c" "lastmod"
4431 + build_contrib_module "noopsrch" "noopsrch.c" "noopsrch"
4432 + build_contrib_module "nops" "nops.c" "nops-overlay"
4433 + #build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER
4434 + build_contrib_module "trace" "trace.c" "trace"
4435 + # build slapi-plugins
4436 + cd "${S}/contrib/slapi-plugins/addrdnvalues" || die
4437 + einfo "Building contrib-module: addrdnvalues plugin"
4438 + "${CC}" -shared \
4439 + -I"${BUILD_DIR}"/include \
4440 + -I../../../include \
4441 + ${CFLAGS} \
4442 + -fPIC \
4443 + ${LDFLAGS} \
4444 + -o libaddrdnvalues-plugin.so \
4445 + addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
4446 +
4447 + fi
4448 +}
4449 +
4450 +multilib_src_test() {
4451 + if multilib_is_native_abi; then
4452 + cd tests || die
4453 + make tests || die "make tests failed"
4454 + fi
4455 +}
4456 +
4457 +multilib_src_install() {
4458 + local lt="${BUILD_DIR}/libtool"
4459 + emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install
4460 + use static-libs || prune_libtool_files --all
4461 +
4462 + if ! use minimal && multilib_is_native_abi; then
4463 + # LMDB tools
4464 + cd "${BUILD_DIR}"/libraries/liblmdb || die
4465 + dodir /usr/include /usr/lib /usr/bin /usr/share/man/man1 # otherwise this will make them files :-(
4466 + emake CC="${CC}" CXX="${CXX}" OPT="${CFLAGS}" prefix="${EPREFIX}/usr" DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash LIBDIR="$(get_libdir)" install
4467 +
4468 + # openldap modules go here
4469 + # TODO: write some code to populate slapd.conf with moduleload statements
4470 + keepdir /usr/$(get_libdir)/openldap/openldap/
4471 +
4472 + # initial data storage dir
4473 + keepdir /var/lib/openldap-data
4474 + use prefix || fowners ldap:ldap /var/lib/openldap-data
4475 + fperms 0700 /var/lib/openldap-data
4476 +
4477 + echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
4478 + echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
4479 + echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
4480 +
4481 + # use our config
4482 + rm "${ED}"etc/openldap/slapd.conf
4483 + insinto /etc/openldap
4484 + newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf
4485 + configfile="${ED}"etc/openldap/slapd.conf
4486 +
4487 + # populate with built backends
4488 + ebegin "populate config with built backends"
4489 + for x in "${ED}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
4490 + einfo "Adding $(basename ${x})"
4491 + sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
4492 + done
4493 + sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
4494 + use prefix || fowners root:ldap /etc/openldap/slapd.conf
4495 + fperms 0640 /etc/openldap/slapd.conf
4496 + cp "${configfile}" "${configfile}".default
4497 + eend
4498 +
4499 + # install our own init scripts and systemd unit files
4500 + einfo "Install init scripts"
4501 + newinitd "${FILESDIR}"/slapd-initd-2.4.40 slapd
4502 + newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd
4503 + einfo "Install systemd service"
4504 + systemd_dounit "${FILESDIR}"/slapd.service
4505 + systemd_install_serviced "${FILESDIR}"/slapd.service.conf
4506 + systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf
4507 +
4508 + if [[ $(get_libdir) != lib ]]; then
4509 + sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i \
4510 + "${ED}"/etc/init.d/slapd \
4511 + "${ED}"/usr/lib/systemd/system/slapd.service || die
4512 + fi
4513 + # If built without SLP, we don't need to be before avahi
4514 + use slp \
4515 + || sed -i \
4516 + -e '/before/{s/avahi-daemon//g}' \
4517 + "${ED}"etc/init.d/slapd
4518 +
4519 + if use cxx ; then
4520 + einfo "Install the ldapc++ library"
4521 + cd "${BUILD_DIR}/contrib/ldapc++" || die
4522 + emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
4523 + cd "${S}"/contrib/ldapc++ || die
4524 + newdoc README ldapc++-README
4525 + fi
4526 +
4527 + if use smbkrb5passwd ; then
4528 + einfo "Install the smbk5pwd module"
4529 + cd "${S}/contrib/slapd-modules/smbk5pwd" || die
4530 + emake DESTDIR="${D}" \
4531 + LDAP_BUILD="${BUILD_DIR}" \
4532 + libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
4533 + newdoc README smbk5pwd-README
4534 + fi
4535 +
4536 + if use overlays ; then
4537 + einfo "Install the samba4 module"
4538 + cd "${S}/contrib/slapd-modules/samba4" || die
4539 + emake DESTDIR="${D}" \
4540 + LDAP_BUILD="${BUILD_DIR}" \
4541 + libexecdir="/usr/$(get_libdir)/openldap" install
4542 + newdoc README samba4-README
4543 + fi
4544 +
4545 + einfo "Installing contrib modules"
4546 + cd "${S}/contrib/slapd-modules" || die
4547 + for l in */*.la; do
4548 + "${lt}" --mode=install cp ${l} \
4549 + "${ED}"usr/$(get_libdir)/openldap/openldap || \
4550 + die "installing ${l} failed"
4551 + done
4552 +
4553 + dodoc "${FILESDIR}"/DB_CONFIG.fast.example
4554 + docinto contrib
4555 + doman */*.5
4556 + #newdoc acl/README*
4557 + newdoc addpartial/README addpartial-README
4558 + newdoc allop/README allop-README
4559 + newdoc allowed/README allowed-README
4560 + newdoc autogroup/README autogroup-README
4561 + newdoc dsaschema/README dsaschema-README
4562 + newdoc passwd/README passwd-README
4563 + cd "${S}/contrib/slapi-plugins" || die
4564 + insinto /usr/$(get_libdir)/openldap/openldap
4565 + doins */*.so
4566 + docinto contrib
4567 + newdoc addrdnvalues/README addrdnvalues-README
4568 +
4569 + insinto /etc/openldap/schema
4570 + newins "${DISTDIR}"/${BIS_P} ${BIS_PN}
4571 +
4572 + docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample*
4573 + docinto back-shell ; dodoc "${S}"/servers/slapd/back-shell/searchexample*
4574 + docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm
4575 +
4576 + docinto liblmdb ; dodoc "${S}"/libraries/liblmdb/{sample*txt,CHANGES,COPYRIGHT,LICENSE}
4577 + doman "${S}"/libraries/liblmdb/*.1
4578 +
4579 + dosbin "${S}"/contrib/slapd-tools/statslog
4580 + newdoc "${S}"/contrib/slapd-tools/README README.statslog
4581 + fi
4582 +}
4583 +
4584 +multilib_src_install_all() {
4585 + dodoc ANNOUNCEMENT CHANGES COPYRIGHT README
4586 + docinto rfc ; dodoc doc/rfc/*.txt
4587 +}
4588 +
4589 +pkg_preinst() {
4590 + # keep old libs if any
4591 + preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0)
4592 + # bug 440470, only display the getting started help there was no openldap before,
4593 + # or we are going to a non-minimal build
4594 + ! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]'
4595 + OPENLDAP_PRINT_MESSAGES=$((! $?))
4596 +}
4597 +
4598 +pkg_postinst() {
4599 + if ! use minimal ; then
4600 + # You cannot build SSL certificates during src_install that will make
4601 + # binary packages containing your SSL key, which is both a security risk
4602 + # and a misconfiguration if multiple machines use the same key and cert.
4603 + if use ssl; then
4604 + install_cert /etc/openldap/ssl/ldap
4605 + use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.*
4606 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
4607 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
4608 + ewarn "add 'TLS_REQCERT allow' if you want to use them."
4609 + fi
4610 +
4611 + if use prefix; then
4612 + # Warn about prefix issues with slapd
4613 + eerror "slapd might NOT be usable on Prefix systems as it requires root privileges"
4614 + eerror "to start up, and requires that certain files directories be owned by"
4615 + eerror "ldap:ldap. As Prefix does not support changing ownership of files and"
4616 + eerror "directories, you will have to manually fix this yourself."
4617 + fi
4618 +
4619 + # These lines force the permissions of various content to be correct
4620 + use prefix || chown ldap:ldap "${EROOT}"var/run/openldap
4621 + chmod 0755 "${EROOT}"var/run/openldap
4622 + use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default}
4623 + chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default}
4624 + use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data
4625 + fi
4626 +
4627 + if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then
4628 + elog "Getting started using OpenLDAP? There is some documentation available:"
4629 + elog "Gentoo Guide to OpenLDAP Authentication"
4630 + elog "(https://www.gentoo.org/doc/en/ldap-howto.xml)"
4631 + elog "---"
4632 + elog "An example file for tuning BDB backends with openldap is"
4633 + elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
4634 + fi
4635 +
4636 + preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0)
4637 +}
4638
4639 diff --git a/net-nds/openldap/openldap-2.4.42-r1.ebuild b/net-nds/openldap/openldap-2.4.42-r1.ebuild
4640 new file mode 100644
4641 index 00000000..e7033de
4642 --- /dev/null
4643 +++ b/net-nds/openldap/openldap-2.4.42-r1.ebuild
4644 @@ -0,0 +1,828 @@
4645 +# Copyright 1999-2016 Gentoo Foundation
4646 +# Distributed under the terms of the GNU General Public License v2
4647 +# $Id$
4648 +
4649 +EAPI="5"
4650 +
4651 +inherit db-use eutils flag-o-matic multilib multilib-minimal ssl-cert versionator toolchain-funcs autotools user systemd
4652 +
4653 +BIS_PN=rfc2307bis.schema
4654 +BIS_PV=20140524
4655 +BIS_P="${BIS_PN}-${BIS_PV}"
4656 +
4657 +DESCRIPTION="LDAP suite of application and development tools"
4658 +HOMEPAGE="http://www.OpenLDAP.org/"
4659 +
4660 +# mirrors are mostly not working, using canonical URI
4661 +SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz
4662 + mirror://gentoo/${BIS_P}"
4663 +
4664 +LICENSE="OPENLDAP GPL-2"
4665 +SLOT="0"
4666 +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~x86-linux ~x86-solaris"
4667 +
4668 +IUSE_DAEMON="crypt icu samba slp tcpd experimental minimal"
4669 +IUSE_BACKEND="+berkdb"
4670 +IUSE_OVERLAY="overlays perl"
4671 +IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 libressl +syslog selinux static-libs"
4672 +IUSE_CONTRIB="smbkrb5passwd kerberos"
4673 +IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
4674 +IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
4675 +
4676 +REQUIRED_USE="cxx? ( sasl )
4677 + ?? ( gnutls libressl )"
4678 +
4679 +# always list newer first
4680 +# Do not add any AGPL-3 BDB here!
4681 +# See bug 525110, comment 15.
4682 +BDB_SLOTS='5.3 5.1 4.8 4.7 4.6 4.5 4.4'
4683 +BDB_PKGS=''
4684 +for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done
4685 +
4686 +# openssl is needed to generate lanman-passwords required by samba
4687 +CDEPEND="icu? ( dev-libs/icu:= )
4688 + ssl? (
4689 + !gnutls? (
4690 + !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] )
4691 + )
4692 + gnutls? ( >=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}]
4693 + libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] )
4694 + >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] ) )
4695 + sasl? ( dev-libs/cyrus-sasl:= )
4696 + !minimal? (
4697 + sys-devel/libtool
4698 + sys-libs/e2fsprogs-libs
4699 + >=dev-db/lmdb-0.9.17
4700 + tcpd? ( sys-apps/tcp-wrappers )
4701 + odbc? ( !iodbc? ( dev-db/unixODBC )
4702 + iodbc? ( dev-db/libiodbc ) )
4703 + slp? ( net-libs/openslp )
4704 + perl? ( dev-lang/perl:=[-build(-)] )
4705 + samba? (
4706 + !libressl? ( dev-libs/openssl:0 )
4707 + libressl? ( dev-libs/libressl )
4708 + )
4709 + berkdb? (
4710 + <sys-libs/db-6.0:=
4711 + || ( ${BDB_PKGS} )
4712 + )
4713 + smbkrb5passwd? (
4714 + !libressl? ( dev-libs/openssl:0 )
4715 + libressl? ( dev-libs/libressl )
4716 + kerberos? ( app-crypt/heimdal )
4717 + )
4718 + kerberos? ( virtual/krb5 )
4719 + cxx? ( dev-libs/cyrus-sasl:= )
4720 + )
4721 + abi_x86_32? (
4722 + !<=app-emulation/emul-linux-x86-baselibs-20140508-r3
4723 + !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
4724 + )"
4725 +DEPEND="${CDEPEND}
4726 + sys-apps/groff"
4727 +RDEPEND="${CDEPEND}
4728 + selinux? ( sec-policy/selinux-ldap )
4729 +"
4730 +# for tracking versions
4731 +OPENLDAP_VERSIONTAG=".version-tag"
4732 +OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
4733 +
4734 +MULTILIB_WRAPPED_HEADERS=(
4735 + # USE=cxx
4736 + /usr/include/LDAPAsynConnection.h
4737 + /usr/include/LDAPAttrType.h
4738 + /usr/include/LDAPAttribute.h
4739 + /usr/include/LDAPAttributeList.h
4740 + /usr/include/LDAPConnection.h
4741 + /usr/include/LDAPConstraints.h
4742 + /usr/include/LDAPControl.h
4743 + /usr/include/LDAPControlSet.h
4744 + /usr/include/LDAPEntry.h
4745 + /usr/include/LDAPEntryList.h
4746 + /usr/include/LDAPException.h
4747 + /usr/include/LDAPExtResult.h
4748 + /usr/include/LDAPMessage.h
4749 + /usr/include/LDAPMessageQueue.h
4750 + /usr/include/LDAPModList.h
4751 + /usr/include/LDAPModification.h
4752 + /usr/include/LDAPObjClass.h
4753 + /usr/include/LDAPRebind.h
4754 + /usr/include/LDAPRebindAuth.h
4755 + /usr/include/LDAPReferenceList.h
4756 + /usr/include/LDAPResult.h
4757 + /usr/include/LDAPSaslBindResult.h
4758 + /usr/include/LDAPSchema.h
4759 + /usr/include/LDAPSearchReference.h
4760 + /usr/include/LDAPSearchResult.h
4761 + /usr/include/LDAPSearchResults.h
4762 + /usr/include/LDAPUrl.h
4763 + /usr/include/LDAPUrlList.h
4764 + /usr/include/LdifReader.h
4765 + /usr/include/LdifWriter.h
4766 + /usr/include/SaslInteraction.h
4767 + /usr/include/SaslInteractionHandler.h
4768 + /usr/include/StringList.h
4769 + /usr/include/TlsOptions.h
4770 +)
4771 +
4772 +openldap_filecount() {
4773 + local dir="$1"
4774 + find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
4775 +}
4776 +
4777 +openldap_find_versiontags() {
4778 + # scan for all datadirs
4779 + openldap_datadirs=""
4780 + if [ -f "${EROOT}"/etc/openldap/slapd.conf ]; then
4781 + openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${EROOT}/etc/openldap/slapd.conf)"
4782 + fi
4783 + openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
4784 +
4785 + einfo
4786 + einfo "Scanning datadir(s) from slapd.conf and"
4787 + einfo "the default installdir for Versiontags"
4788 + einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
4789 + einfo
4790 +
4791 + # scan datadirs if we have a version tag
4792 + openldap_found_tag=0
4793 + have_files=0
4794 + for each in ${openldap_datadirs}; do
4795 + CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
4796 + CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
4797 + if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
4798 + einfo "- Checking ${each}..."
4799 + if [ -r ${CURRENT_TAG} ] ; then
4800 + # yey, we have one :)
4801 + einfo " Found Versiontag in ${each}"
4802 + source ${CURRENT_TAG}
4803 + if [ "${OLDPF}" == "" ] ; then
4804 + eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
4805 + eerror "Please delete it"
4806 + eerror
4807 + die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
4808 + fi
4809 +
4810 + OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
4811 +
4812 + [ $(openldap_filecount ${CURRENT_TAGDIR}) -gt 0 ] && have_files=1
4813 +
4814 + # are we on the same branch?
4815 + if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
4816 + ewarn " Versiontag doesn't match current major release!"
4817 + if [[ "${have_files}" == "1" ]] ; then
4818 + eerror " Versiontag says other major and you (probably) have datafiles!"
4819 + echo
4820 + openldap_upgrade_howto
4821 + else
4822 + einfo " No real problem, seems there's no database."
4823 + fi
4824 + else
4825 + einfo " Versiontag is fine here :)"
4826 + fi
4827 + else
4828 + einfo " Non-tagged dir ${each}"
4829 + [ $(openldap_filecount ${each}) -gt 0 ] && have_files=1
4830 + if [[ "${have_files}" == "1" ]] ; then
4831 + einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
4832 + echo
4833 +
4834 + eerror
4835 + eerror "Your OpenLDAP Installation has a non tagged datadir that"
4836 + eerror "possibly contains a database at ${CURRENT_TAGDIR}"
4837 + eerror
4838 + eerror "Please export data if any entered and empty or remove"
4839 + eerror "the directory, installation has been stopped so you"
4840 + eerror "can take required action"
4841 + eerror
4842 + eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
4843 + eerror
4844 + openldap_upgrade_howto
4845 + die "Please move the datadir ${CURRENT_TAGDIR} away"
4846 + fi
4847 + fi
4848 + einfo
4849 + fi
4850 + done
4851 + [ "${have_files}" == "1" ] && einfo "DB files present" || einfo "No DB files present"
4852 +
4853 + # Now we must check for the major version of sys-libs/db linked against.
4854 + SLAPD_PATH=${EROOT}/usr/$(get_libdir)/openldap/slapd
4855 + if [ "${have_files}" == "1" -a -f "${SLAPD_PATH}" ]; then
4856 + OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
4857 + | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
4858 + if use berkdb; then
4859 + # find which one would be used
4860 + for bdb_slot in $BDB_SLOTS ; do
4861 + NEWVER="$(db_findver "=sys-libs/db-${bdb_slot}*")"
4862 + [[ -n "$NEWVER" ]] && break
4863 + done
4864 + fi
4865 + local fail=0
4866 + if [ -z "${OLDVER}" -a -z "${NEWVER}" ]; then
4867 + :
4868 + # Nothing wrong here.
4869 + elif [ -z "${OLDVER}" -a -n "${NEWVER}" ]; then
4870 + eerror " Your existing version of OpenLDAP was not built against"
4871 + eerror " any version of sys-libs/db, but the new one will build"
4872 + eerror " against ${NEWVER} and your database may be inaccessible."
4873 + echo
4874 + fail=1
4875 + elif [ -n "${OLDVER}" -a -z "${NEWVER}" ]; then
4876 + eerror " Your existing version of OpenLDAP was built against"
4877 + eerror " sys-libs/db:${OLDVER}, but the new one will not be"
4878 + eerror " built against any version and your database may be"
4879 + eerror " inaccessible."
4880 + echo
4881 + fail=1
4882 + elif [ "${OLDVER}" != "${NEWVER}" ]; then
4883 + eerror " Your existing version of OpenLDAP was built against"
4884 + eerror " sys-libs/db:${OLDVER}, but the new one will build against"
4885 + eerror " ${NEWVER} and your database would be inaccessible."
4886 + echo
4887 + fail=1
4888 + fi
4889 + [ "${fail}" == "1" ] && openldap_upgrade_howto
4890 + fi
4891 +
4892 + echo
4893 + einfo
4894 + einfo "All datadirs are fine, proceeding with merge now..."
4895 + einfo
4896 +}
4897 +
4898 +openldap_upgrade_howto() {
4899 + eerror
4900 + eerror "A (possible old) installation of OpenLDAP was detected,"
4901 + eerror "installation will not proceed for now."
4902 + eerror
4903 + eerror "As major version upgrades can corrupt your database,"
4904 + eerror "you need to dump your database and re-create it afterwards."
4905 + eerror
4906 + eerror "Additionally, rebuilding against different major versions of the"
4907 + eerror "sys-libs/db libraries will cause your database to be inaccessible."
4908 + eerror ""
4909 + d="$(date -u +%s)"
4910 + l="/root/ldapdump.${d}"
4911 + i="${l}.raw"
4912 + eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
4913 + eerror " 2. slapcat -l ${i}"
4914 + eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
4915 + eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
4916 + eerror " 5. emerge --update \=net-nds/${PF}"
4917 + eerror " 6. etc-update, and ensure that you apply the changes"
4918 + eerror " 7. slapadd -l ${l}"
4919 + eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
4920 + eerror " 9. /etc/init.d/slapd start"
4921 + eerror "10. check that your data is intact."
4922 + eerror "11. set up the new replication system."
4923 + eerror
4924 + if [ "${FORCE_UPGRADE}" != "1" ]; then
4925 + die "You need to upgrade your database first"
4926 + else
4927 + eerror "You have the magical FORCE_UPGRADE=1 in place."
4928 + eerror "Don't say you weren't warned about data loss."
4929 + fi
4930 +}
4931 +
4932 +pkg_setup() {
4933 + if ! use sasl && use cxx ; then
4934 + die "To build the ldapc++ library you must emerge openldap with sasl support"
4935 + fi
4936 + # Bug #322787
4937 + if use minimal && ! has_version "net-nds/openldap" ; then
4938 + einfo "No datadir scan needed, openldap not installed"
4939 + elif use minimal && has_version "net-nds/openldap" && built_with_use net-nds/openldap minimal ; then
4940 + einfo "Skipping scan for previous datadirs as requested by minimal useflag"
4941 + else
4942 + openldap_find_versiontags
4943 + fi
4944 +
4945 + # The user/group are only used for running daemons which are
4946 + # disabled in minimal builds, so elide the accounts too.
4947 + if ! use minimal ; then
4948 + enewgroup ldap 439
4949 + enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
4950 + fi
4951 +}
4952 +
4953 +src_prepare() {
4954 + # ensure correct SLAPI path by default
4955 + sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \
4956 + "${S}"/include/ldap_defaults.h
4957 +
4958 + epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
4959 +
4960 + epatch \
4961 + "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \
4962 + "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
4963 +
4964 + # bug #116045 - still present in 2.4.28
4965 + epatch "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
4966 + # bug #408077 - samba4
4967 + epatch "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
4968 +
4969 + # bug #189817
4970 + epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
4971 +
4972 + # bug #233633
4973 + epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch
4974 +
4975 + # bug #281495
4976 + epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
4977 +
4978 + # bug #294350
4979 + epatch "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
4980 +
4981 + # unbreak /bin/sh -> dash
4982 + epatch "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
4983 +
4984 + # bug #420959
4985 + epatch "${FILESDIR}"/${PN}-2.4.31-gcc47.patch
4986 +
4987 + # bug #421463
4988 + #epatch "${FILESDIR}"/${PN}-2.4.33-gnutls.patch # merged upstream
4989 +
4990 + # unbundle lmdb
4991 + epatch "${FILESDIR}"/${P}-mdb-unbundle.patch
4992 + rm -rf "${S}"/libraries/liblmdb
4993 +
4994 + cd "${S}"/build || die
4995 + einfo "Making sure upstream build strip does not do stripping too early"
4996 + sed -i.orig \
4997 + -e '/^STRIP/s,-s,,g' \
4998 + top.mk || die "Failed to block stripping"
4999 +
5000 + # wrong assumption that /bin/sh is /bin/bash
5001 + sed -i \
5002 + -e 's|/bin/sh|/bin/bash|g' \
5003 + "${S}"/tests/scripts/* || die "sed failed"
5004 +
5005 + cd "${S}" || die
5006 +
5007 + AT_NOEAUTOMAKE=yes eautoreconf
5008 +}
5009 +
5010 +build_contrib_module() {
5011 + # <dir> <sources> <outputname>
5012 + cd "${S}/contrib/slapd-modules/$1" || die
5013 + einfo "Compiling contrib-module: $3"
5014 + # Make sure it's uppercase
5015 + local define_name="$(echo "SLAPD_OVER_${1}" | LC_ALL=C tr '[:lower:]' '[:upper:]')"
5016 + "${lt}" --mode=compile --tag=CC \
5017 + "${CC}" \
5018 + -D${define_name}=SLAPD_MOD_DYNAMIC \
5019 + -I"${BUILD_DIR}"/include \
5020 + -I../../../include -I../../../servers/slapd ${CFLAGS} \
5021 + -o ${2%.c}.lo -c $2 || die "compiling $3 failed"
5022 + einfo "Linking contrib-module: $3"
5023 + "${lt}" --mode=link --tag=CC \
5024 + "${CC}" -module \
5025 + ${CFLAGS} \
5026 + ${LDFLAGS} \
5027 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
5028 + -o $3.la ${2%.c}.lo || die "linking $3 failed"
5029 +}
5030 +
5031 +src_configure() {
5032 + # Bug 408001
5033 + use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync
5034 +
5035 + # connectionless ldap per bug #342439
5036 + append-cppflags -DLDAP_CONNECTIONLESS
5037 +
5038 + multilib-minimal_src_configure
5039 +}
5040 +
5041 +multilib_src_configure() {
5042 + local myconf=()
5043 +
5044 + use debug && myconf+=( $(use_enable debug) )
5045 +
5046 + # ICU usage is not configurable
5047 + export ac_cv_header_unicode_utypes_h="$(multilib_is_native_abi && use icu && echo yes || echo no)"
5048 +
5049 + if ! use minimal && multilib_is_native_abi; then
5050 + local CPPFLAGS=${CPPFLAGS}
5051 +
5052 + # re-enable serverside overlay chains per bug #296567
5053 + # see ldap docs chaper 12.3.1 for details
5054 + myconf+=( --enable-ldap )
5055 +
5056 + # backends
5057 + myconf+=( --enable-slapd )
5058 + if use berkdb ; then
5059 + einfo "Using Berkeley DB for local backend"
5060 + myconf+=( --enable-bdb --enable-hdb )
5061 + DBINCLUDE=$(db_includedir $BDB_SLOTS)
5062 + einfo "Using $DBINCLUDE for sys-libs/db version"
5063 + # We need to include the slotted db.h dir for FreeBSD
5064 + append-cppflags -I${DBINCLUDE}
5065 + else
5066 + myconf+=( --disable-bdb --disable-hdb )
5067 + fi
5068 + for backend in dnssrv ldap mdb meta monitor null passwd relay shell sock; do
5069 + myconf+=( --enable-${backend}=mod )
5070 + done
5071 +
5072 + myconf+=( $(use_enable perl perl mod) )
5073 +
5074 + myconf+=( $(use_enable odbc sql mod) )
5075 + if use odbc ; then
5076 + local odbc_lib="unixodbc"
5077 + if use iodbc ; then
5078 + odbc_lib="iodbc"
5079 + append-cppflags -I"${EPREFIX}"/usr/include/iodbc
5080 + fi
5081 + myconf+=( --with-odbc=${odbc_lib} )
5082 + fi
5083 +
5084 + # slapd options
5085 + myconf+=(
5086 + $(use_enable crypt)
5087 + $(use_enable slp)
5088 + $(use_enable samba lmpasswd)
5089 + $(use_enable syslog)
5090 + )
5091 + if use experimental ; then
5092 + myconf+=(
5093 + --enable-dynacl
5094 + --enable-aci=mod
5095 + )
5096 + fi
5097 + for option in aci cleartext modules rewrite rlookups slapi; do
5098 + myconf+=( --enable-${option} )
5099 + done
5100 +
5101 + # slapd overlay options
5102 + # Compile-in the syncprov, the others as module
5103 + myconf+=( --enable-syncprov=yes )
5104 + use overlays && myconf+=( --enable-overlays=mod )
5105 +
5106 + else
5107 + myconf+=(
5108 + --disable-backends
5109 + --disable-slapd
5110 + --disable-bdb
5111 + --disable-hdb
5112 + --disable-mdb
5113 + --disable-overlays
5114 + --disable-syslog
5115 + )
5116 + fi
5117 +
5118 + # basic functionality stuff
5119 + myconf+=(
5120 + $(use_enable ipv6)
5121 + $(multilib_native_use_with sasl cyrus-sasl)
5122 + $(multilib_native_use_enable sasl spasswd)
5123 + $(use_enable tcpd wrappers)
5124 + )
5125 +
5126 + # Some cross-compiling tests don't pan out well.
5127 + tc-is-cross-compiler && myconf+=(
5128 + --with-yielding-select=yes
5129 + )
5130 +
5131 + local ssl_lib="no"
5132 + if use ssl || ( ! use minimal && use samba ) ; then
5133 + ssl_lib="openssl"
5134 + use gnutls && ssl_lib="gnutls"
5135 + fi
5136 +
5137 + myconf+=( --with-tls=${ssl_lib} )
5138 +
5139 + for basicflag in dynamic local proctitle shared; do
5140 + myconf+=( --enable-${basicflag} )
5141 + done
5142 +
5143 + tc-export AR CC CXX
5144 + ECONF_SOURCE=${S} \
5145 + STRIP=/bin/true \
5146 + econf \
5147 + --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
5148 + $(use_enable static-libs static) \
5149 + "${myconf[@]}"
5150 + emake depend
5151 +}
5152 +
5153 +src_configure_cxx() {
5154 + # This needs the libraries built by the first build run.
5155 + # So we have to run it AFTER the main build, not just after the main
5156 + # configure.
5157 + local myconf_ldapcpp=(
5158 + --with-ldap-includes="${S}"/include
5159 + )
5160 +
5161 + mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die
5162 + cd "${BUILD_DIR}/contrib/ldapc++" || die
5163 +
5164 + local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS}
5165 + append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
5166 + -L"${BUILD_DIR}"/libraries/libldap/.libs
5167 + append-cppflags -I"${BUILD_DIR}"/include
5168 + ECONF_SOURCE=${S}/contrib/ldapc++ \
5169 + econf "${myconf_ldapcpp[@]}" \
5170 + CC="${CC}" \
5171 + CXX="${CXX}"
5172 +}
5173 +
5174 +multilib_src_compile() {
5175 + tc-export AR CC CXX
5176 + emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash
5177 + local lt="${BUILD_DIR}/libtool"
5178 + export echo="echo"
5179 +
5180 + if ! use minimal && multilib_is_native_abi ; then
5181 + if use cxx ; then
5182 + einfo "Building contrib library: ldapc++"
5183 + src_configure_cxx
5184 + cd "${BUILD_DIR}/contrib/ldapc++" || die
5185 + emake \
5186 + CC="${CC}" CXX="${CXX}"
5187 + fi
5188 +
5189 + if use smbkrb5passwd ; then
5190 + einfo "Building contrib-module: smbk5pwd"
5191 + cd "${S}/contrib/slapd-modules/smbk5pwd" || die
5192 +
5193 + MY_DEFS="-DDO_SHADOW"
5194 + if use samba ; then
5195 + MY_DEFS="${MY_DEFS} -DDO_SAMBA"
5196 + MY_KRB5_INC=""
5197 + fi
5198 + if use kerberos ; then
5199 + MY_DEFS="${MY_DEFS} -DDO_KRB5"
5200 + MY_KRB5_INC="$(krb5-config --cflags)"
5201 + fi
5202 +
5203 + emake \
5204 + DEFS="${MY_DEFS}" \
5205 + KRB5_INC="${MY_KRB5_INC}" \
5206 + LDAP_BUILD="${BUILD_DIR}" \
5207 + CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
5208 + fi
5209 +
5210 + if use overlays ; then
5211 + einfo "Building contrib-module: samba4"
5212 + cd "${S}/contrib/slapd-modules/samba4" || die
5213 +
5214 + emake \
5215 + LDAP_BUILD="${BUILD_DIR}" \
5216 + CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap"
5217 + fi
5218 +
5219 + if use kerberos ; then
5220 + build_contrib_module "kinit" "kinit.c" "kinit"
5221 + cd "${S}/contrib/slapd-modules/passwd" || die
5222 + einfo "Compiling contrib-module: pw-kerberos"
5223 + "${lt}" --mode=compile --tag=CC \
5224 + "${CC}" \
5225 + -I"${BUILD_DIR}"/include \
5226 + -I../../../include \
5227 + ${CFLAGS} \
5228 + $(krb5-config --cflags) \
5229 + -DHAVE_KRB5 \
5230 + -o kerberos.lo \
5231 + -c kerberos.c || die "compiling pw-kerberos failed"
5232 + einfo "Linking contrib-module: pw-kerberos"
5233 + "${lt}" --mode=link --tag=CC \
5234 + "${CC}" -module \
5235 + ${CFLAGS} \
5236 + ${LDFLAGS} \
5237 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
5238 + -o pw-kerberos.la \
5239 + kerberos.lo || die "linking pw-kerberos failed"
5240 + fi
5241 + # We could build pw-radius if GNURadius would install radlib.h
5242 + cd "${S}/contrib/slapd-modules/passwd" || die
5243 + einfo "Compiling contrib-module: pw-netscape"
5244 + "${lt}" --mode=compile --tag=CC \
5245 + "${CC}" \
5246 + -I"${BUILD_DIR}"/include \
5247 + -I../../../include \
5248 + ${CFLAGS} \
5249 + -o netscape.lo \
5250 + -c netscape.c || die "compiling pw-netscape failed"
5251 + einfo "Linking contrib-module: pw-netscape"
5252 + "${lt}" --mode=link --tag=CC \
5253 + "${CC}" -module \
5254 + ${CFLAGS} \
5255 + ${LDFLAGS} \
5256 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
5257 + -o pw-netscape.la \
5258 + netscape.lo || die "linking pw-netscape failed"
5259 +
5260 + #build_contrib_module "acl" "posixgroup.c" "posixGroup" # example code only
5261 + #build_contrib_module "acl" "gssacl.c" "gss" # example code only, also needs kerberos
5262 + build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
5263 + build_contrib_module "allop" "allop.c" "overlay-allop"
5264 + build_contrib_module "allowed" "allowed.c" "allowed"
5265 + build_contrib_module "autogroup" "autogroup.c" "autogroup"
5266 + build_contrib_module "cloak" "cloak.c" "cloak"
5267 + # build_contrib_module "comp_match" "comp_match.c" "comp_match" # really complex, adds new external deps, questionable demand
5268 + build_contrib_module "denyop" "denyop.c" "denyop-overlay"
5269 + build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
5270 + build_contrib_module "dupent" "dupent.c" "dupent"
5271 + build_contrib_module "lastbind" "lastbind.c" "lastbind"
5272 + # lastmod may not play well with other overlays
5273 + build_contrib_module "lastmod" "lastmod.c" "lastmod"
5274 + build_contrib_module "noopsrch" "noopsrch.c" "noopsrch"
5275 + build_contrib_module "nops" "nops.c" "nops-overlay"
5276 + #build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER
5277 + build_contrib_module "trace" "trace.c" "trace"
5278 + # build slapi-plugins
5279 + cd "${S}/contrib/slapi-plugins/addrdnvalues" || die
5280 + einfo "Building contrib-module: addrdnvalues plugin"
5281 + "${CC}" -shared \
5282 + -I"${BUILD_DIR}"/include \
5283 + -I../../../include \
5284 + ${CFLAGS} \
5285 + -fPIC \
5286 + ${LDFLAGS} \
5287 + -o libaddrdnvalues-plugin.so \
5288 + addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
5289 +
5290 + fi
5291 +}
5292 +
5293 +multilib_src_test() {
5294 + if multilib_is_native_abi; then
5295 + cd tests || die
5296 + emake tests || die "make tests failed"
5297 + fi
5298 +}
5299 +
5300 +multilib_src_install() {
5301 + local lt="${BUILD_DIR}/libtool"
5302 + emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install
5303 + use static-libs || prune_libtool_files --all
5304 +
5305 + if ! use minimal && multilib_is_native_abi; then
5306 + # openldap modules go here
5307 + # TODO: write some code to populate slapd.conf with moduleload statements
5308 + keepdir /usr/$(get_libdir)/openldap/openldap/
5309 +
5310 + # initial data storage dir
5311 + keepdir /var/lib/openldap-data
5312 + use prefix || fowners ldap:ldap /var/lib/openldap-data
5313 + fperms 0700 /var/lib/openldap-data
5314 +
5315 + echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
5316 + echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
5317 + echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
5318 +
5319 + # use our config
5320 + rm "${ED}"etc/openldap/slapd.conf
5321 + insinto /etc/openldap
5322 + newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf
5323 + configfile="${ED}"etc/openldap/slapd.conf
5324 +
5325 + # populate with built backends
5326 + ebegin "populate config with built backends"
5327 + for x in "${ED}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
5328 + einfo "Adding $(basename ${x})"
5329 + sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
5330 + done
5331 + sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
5332 + use prefix || fowners root:ldap /etc/openldap/slapd.conf
5333 + fperms 0640 /etc/openldap/slapd.conf
5334 + cp "${configfile}" "${configfile}".default
5335 + eend
5336 +
5337 + # install our own init scripts and systemd unit files
5338 + einfo "Install init scripts"
5339 + newinitd "${FILESDIR}"/slapd-initd-2.4.40-r2 slapd
5340 + newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd
5341 + einfo "Install systemd service"
5342 + systemd_dounit "${FILESDIR}"/slapd.service
5343 + systemd_install_serviced "${FILESDIR}"/slapd.service.conf
5344 + systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf
5345 +
5346 + if [[ $(get_libdir) != lib ]]; then
5347 + sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i \
5348 + "${ED}"/etc/init.d/slapd \
5349 + "${ED}"/usr/lib/systemd/system/slapd.service || die
5350 + fi
5351 + # If built without SLP, we don't need to be before avahi
5352 + use slp \
5353 + || sed -i \
5354 + -e '/before/{s/avahi-daemon//g}' \
5355 + "${ED}"etc/init.d/slapd
5356 +
5357 + if use cxx ; then
5358 + einfo "Install the ldapc++ library"
5359 + cd "${BUILD_DIR}/contrib/ldapc++" || die
5360 + emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
5361 + cd "${S}"/contrib/ldapc++ || die
5362 + newdoc README ldapc++-README
5363 + fi
5364 +
5365 + if use smbkrb5passwd ; then
5366 + einfo "Install the smbk5pwd module"
5367 + cd "${S}/contrib/slapd-modules/smbk5pwd" || die
5368 + emake DESTDIR="${D}" \
5369 + LDAP_BUILD="${BUILD_DIR}" \
5370 + libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
5371 + newdoc README smbk5pwd-README
5372 + fi
5373 +
5374 + if use overlays ; then
5375 + einfo "Install the samba4 module"
5376 + cd "${S}/contrib/slapd-modules/samba4" || die
5377 + emake DESTDIR="${D}" \
5378 + LDAP_BUILD="${BUILD_DIR}" \
5379 + libexecdir="/usr/$(get_libdir)/openldap" install
5380 + newdoc README samba4-README
5381 + fi
5382 +
5383 + einfo "Installing contrib modules"
5384 + cd "${S}/contrib/slapd-modules" || die
5385 + for l in */*.la; do
5386 + "${lt}" --mode=install cp ${l} \
5387 + "${ED}"usr/$(get_libdir)/openldap/openldap || \
5388 + die "installing ${l} failed"
5389 + done
5390 +
5391 + dodoc "${FILESDIR}"/DB_CONFIG.fast.example
5392 + docinto contrib
5393 + doman */*.5
5394 + #newdoc acl/README*
5395 + newdoc addpartial/README addpartial-README
5396 + newdoc allop/README allop-README
5397 + newdoc allowed/README allowed-README
5398 + newdoc autogroup/README autogroup-README
5399 + newdoc dsaschema/README dsaschema-README
5400 + newdoc passwd/README passwd-README
5401 + cd "${S}/contrib/slapi-plugins" || die
5402 + insinto /usr/$(get_libdir)/openldap/openldap
5403 + doins */*.so
5404 + docinto contrib
5405 + newdoc addrdnvalues/README addrdnvalues-README
5406 +
5407 + insinto /etc/openldap/schema
5408 + newins "${DISTDIR}"/${BIS_P} ${BIS_PN}
5409 +
5410 + docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample*
5411 + docinto back-shell ; dodoc "${S}"/servers/slapd/back-shell/searchexample*
5412 + docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm
5413 +
5414 + dosbin "${S}"/contrib/slapd-tools/statslog
5415 + newdoc "${S}"/contrib/slapd-tools/README README.statslog
5416 + fi
5417 +}
5418 +
5419 +multilib_src_install_all() {
5420 + dodoc ANNOUNCEMENT CHANGES COPYRIGHT README
5421 + docinto rfc ; dodoc doc/rfc/*.txt
5422 +}
5423 +
5424 +pkg_preinst() {
5425 + # keep old libs if any
5426 + preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0)
5427 + # bug 440470, only display the getting started help there was no openldap before,
5428 + # or we are going to a non-minimal build
5429 + ! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]'
5430 + OPENLDAP_PRINT_MESSAGES=$((! $?))
5431 +}
5432 +
5433 +pkg_postinst() {
5434 + if ! use minimal ; then
5435 + # You cannot build SSL certificates during src_install that will make
5436 + # binary packages containing your SSL key, which is both a security risk
5437 + # and a misconfiguration if multiple machines use the same key and cert.
5438 + if use ssl; then
5439 + install_cert /etc/openldap/ssl/ldap
5440 + use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.*
5441 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
5442 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
5443 + ewarn "add 'TLS_REQCERT allow' if you want to use them."
5444 + fi
5445 +
5446 + if use prefix; then
5447 + # Warn about prefix issues with slapd
5448 + eerror "slapd might NOT be usable on Prefix systems as it requires root privileges"
5449 + eerror "to start up, and requires that certain files directories be owned by"
5450 + eerror "ldap:ldap. As Prefix does not support changing ownership of files and"
5451 + eerror "directories, you will have to manually fix this yourself."
5452 + fi
5453 +
5454 + # These lines force the permissions of various content to be correct
5455 + use prefix || chown ldap:ldap "${EROOT}"var/run/openldap
5456 + chmod 0755 "${EROOT}"var/run/openldap
5457 + use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default}
5458 + chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default}
5459 + use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data
5460 + fi
5461 +
5462 + if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then
5463 + elog "Getting started using OpenLDAP? There is some documentation available:"
5464 + elog "Gentoo Guide to OpenLDAP Authentication"
5465 + elog "(https://www.gentoo.org/doc/en/ldap-howto.xml)"
5466 + elog "---"
5467 + elog "An example file for tuning BDB backends with openldap is"
5468 + elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
5469 + fi
5470 +
5471 + preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0)
5472 +}
5473
5474 diff --git a/net-nds/openldap/openldap-2.4.42.ebuild b/net-nds/openldap/openldap-2.4.42.ebuild
5475 new file mode 100644
5476 index 00000000..4aa1760
5477 --- /dev/null
5478 +++ b/net-nds/openldap/openldap-2.4.42.ebuild
5479 @@ -0,0 +1,818 @@
5480 +# Copyright 1999-2016 Gentoo Foundation
5481 +# Distributed under the terms of the GNU General Public License v2
5482 +# $Id$
5483 +
5484 +EAPI="5"
5485 +
5486 +inherit db-use eutils flag-o-matic multilib multilib-minimal ssl-cert versionator toolchain-funcs autotools user systemd
5487 +
5488 +BIS_PN=rfc2307bis.schema
5489 +BIS_PV=20140524
5490 +BIS_P="${BIS_PN}-${BIS_PV}"
5491 +
5492 +DESCRIPTION="LDAP suite of application and development tools"
5493 +HOMEPAGE="http://www.OpenLDAP.org/"
5494 +
5495 +# mirrors are mostly not working, using canonical URI
5496 +SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz
5497 + mirror://gentoo/${BIS_P}"
5498 +
5499 +LICENSE="OPENLDAP GPL-2"
5500 +SLOT="0"
5501 +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~x86-linux ~x86-solaris"
5502 +
5503 +IUSE_DAEMON="crypt icu samba slp tcpd experimental minimal"
5504 +IUSE_BACKEND="+berkdb"
5505 +IUSE_OVERLAY="overlays perl"
5506 +IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 +syslog selinux static-libs"
5507 +IUSE_CONTRIB="smbkrb5passwd kerberos"
5508 +IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
5509 +IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
5510 +
5511 +REQUIRED_USE="cxx? ( sasl )"
5512 +
5513 +# always list newer first
5514 +# Do not add any AGPL-3 BDB here!
5515 +# See bug 525110, comment 15.
5516 +BDB_SLOTS='5.3 5.1 4.8 4.7 4.6 4.5 4.4'
5517 +BDB_PKGS=''
5518 +for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done
5519 +
5520 +# openssl is needed to generate lanman-passwords required by samba
5521 +CDEPEND="icu? ( dev-libs/icu:= )
5522 + ssl? ( !gnutls? ( >=dev-libs/openssl-1.0.1h-r2[${MULTILIB_USEDEP}] )
5523 + gnutls? ( >=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}] >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] ) )
5524 + sasl? ( dev-libs/cyrus-sasl:= )
5525 + !minimal? (
5526 + sys-devel/libtool
5527 + sys-libs/e2fsprogs-libs
5528 + >=dev-db/lmdb-0.9.17
5529 + tcpd? ( sys-apps/tcp-wrappers )
5530 + odbc? ( !iodbc? ( dev-db/unixODBC )
5531 + iodbc? ( dev-db/libiodbc ) )
5532 + slp? ( net-libs/openslp )
5533 + perl? ( dev-lang/perl:=[-build(-)] )
5534 + samba? ( dev-libs/openssl )
5535 + berkdb? (
5536 + <sys-libs/db-6.0:=
5537 + || ( ${BDB_PKGS} )
5538 + )
5539 + smbkrb5passwd? (
5540 + dev-libs/openssl
5541 + kerberos? ( app-crypt/heimdal )
5542 + )
5543 + kerberos? ( virtual/krb5 )
5544 + cxx? ( dev-libs/cyrus-sasl:= )
5545 + )
5546 + abi_x86_32? (
5547 + !<=app-emulation/emul-linux-x86-baselibs-20140508-r3
5548 + !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
5549 + )"
5550 +DEPEND="${CDEPEND}
5551 + sys-apps/groff"
5552 +RDEPEND="${CDEPEND}
5553 + selinux? ( sec-policy/selinux-ldap )
5554 +"
5555 +# for tracking versions
5556 +OPENLDAP_VERSIONTAG=".version-tag"
5557 +OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
5558 +
5559 +MULTILIB_WRAPPED_HEADERS=(
5560 + # USE=cxx
5561 + /usr/include/LDAPAsynConnection.h
5562 + /usr/include/LDAPAttrType.h
5563 + /usr/include/LDAPAttribute.h
5564 + /usr/include/LDAPAttributeList.h
5565 + /usr/include/LDAPConnection.h
5566 + /usr/include/LDAPConstraints.h
5567 + /usr/include/LDAPControl.h
5568 + /usr/include/LDAPControlSet.h
5569 + /usr/include/LDAPEntry.h
5570 + /usr/include/LDAPEntryList.h
5571 + /usr/include/LDAPException.h
5572 + /usr/include/LDAPExtResult.h
5573 + /usr/include/LDAPMessage.h
5574 + /usr/include/LDAPMessageQueue.h
5575 + /usr/include/LDAPModList.h
5576 + /usr/include/LDAPModification.h
5577 + /usr/include/LDAPObjClass.h
5578 + /usr/include/LDAPRebind.h
5579 + /usr/include/LDAPRebindAuth.h
5580 + /usr/include/LDAPReferenceList.h
5581 + /usr/include/LDAPResult.h
5582 + /usr/include/LDAPSaslBindResult.h
5583 + /usr/include/LDAPSchema.h
5584 + /usr/include/LDAPSearchReference.h
5585 + /usr/include/LDAPSearchResult.h
5586 + /usr/include/LDAPSearchResults.h
5587 + /usr/include/LDAPUrl.h
5588 + /usr/include/LDAPUrlList.h
5589 + /usr/include/LdifReader.h
5590 + /usr/include/LdifWriter.h
5591 + /usr/include/SaslInteraction.h
5592 + /usr/include/SaslInteractionHandler.h
5593 + /usr/include/StringList.h
5594 + /usr/include/TlsOptions.h
5595 +)
5596 +
5597 +openldap_filecount() {
5598 + local dir="$1"
5599 + find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
5600 +}
5601 +
5602 +openldap_find_versiontags() {
5603 + # scan for all datadirs
5604 + openldap_datadirs=""
5605 + if [ -f "${EROOT}"/etc/openldap/slapd.conf ]; then
5606 + openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${EROOT}/etc/openldap/slapd.conf)"
5607 + fi
5608 + openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
5609 +
5610 + einfo
5611 + einfo "Scanning datadir(s) from slapd.conf and"
5612 + einfo "the default installdir for Versiontags"
5613 + einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
5614 + einfo
5615 +
5616 + # scan datadirs if we have a version tag
5617 + openldap_found_tag=0
5618 + have_files=0
5619 + for each in ${openldap_datadirs}; do
5620 + CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
5621 + CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
5622 + if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
5623 + einfo "- Checking ${each}..."
5624 + if [ -r ${CURRENT_TAG} ] ; then
5625 + # yey, we have one :)
5626 + einfo " Found Versiontag in ${each}"
5627 + source ${CURRENT_TAG}
5628 + if [ "${OLDPF}" == "" ] ; then
5629 + eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
5630 + eerror "Please delete it"
5631 + eerror
5632 + die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
5633 + fi
5634 +
5635 + OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
5636 +
5637 + [ $(openldap_filecount ${CURRENT_TAGDIR}) -gt 0 ] && have_files=1
5638 +
5639 + # are we on the same branch?
5640 + if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
5641 + ewarn " Versiontag doesn't match current major release!"
5642 + if [[ "${have_files}" == "1" ]] ; then
5643 + eerror " Versiontag says other major and you (probably) have datafiles!"
5644 + echo
5645 + openldap_upgrade_howto
5646 + else
5647 + einfo " No real problem, seems there's no database."
5648 + fi
5649 + else
5650 + einfo " Versiontag is fine here :)"
5651 + fi
5652 + else
5653 + einfo " Non-tagged dir ${each}"
5654 + [ $(openldap_filecount ${each}) -gt 0 ] && have_files=1
5655 + if [[ "${have_files}" == "1" ]] ; then
5656 + einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
5657 + echo
5658 +
5659 + eerror
5660 + eerror "Your OpenLDAP Installation has a non tagged datadir that"
5661 + eerror "possibly contains a database at ${CURRENT_TAGDIR}"
5662 + eerror
5663 + eerror "Please export data if any entered and empty or remove"
5664 + eerror "the directory, installation has been stopped so you"
5665 + eerror "can take required action"
5666 + eerror
5667 + eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
5668 + eerror
5669 + openldap_upgrade_howto
5670 + die "Please move the datadir ${CURRENT_TAGDIR} away"
5671 + fi
5672 + fi
5673 + einfo
5674 + fi
5675 + done
5676 + [ "${have_files}" == "1" ] && einfo "DB files present" || einfo "No DB files present"
5677 +
5678 + # Now we must check for the major version of sys-libs/db linked against.
5679 + SLAPD_PATH=${EROOT}/usr/$(get_libdir)/openldap/slapd
5680 + if [ "${have_files}" == "1" -a -f "${SLAPD_PATH}" ]; then
5681 + OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
5682 + | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
5683 + if use berkdb; then
5684 + # find which one would be used
5685 + for bdb_slot in $BDB_SLOTS ; do
5686 + NEWVER="$(db_findver "=sys-libs/db-${bdb_slot}*")"
5687 + [[ -n "$NEWVER" ]] && break
5688 + done
5689 + fi
5690 + local fail=0
5691 + if [ -z "${OLDVER}" -a -z "${NEWVER}" ]; then
5692 + :
5693 + # Nothing wrong here.
5694 + elif [ -z "${OLDVER}" -a -n "${NEWVER}" ]; then
5695 + eerror " Your existing version of OpenLDAP was not built against"
5696 + eerror " any version of sys-libs/db, but the new one will build"
5697 + eerror " against ${NEWVER} and your database may be inaccessible."
5698 + echo
5699 + fail=1
5700 + elif [ -n "${OLDVER}" -a -z "${NEWVER}" ]; then
5701 + eerror " Your existing version of OpenLDAP was built against"
5702 + eerror " sys-libs/db:${OLDVER}, but the new one will not be"
5703 + eerror " built against any version and your database may be"
5704 + eerror " inaccessible."
5705 + echo
5706 + fail=1
5707 + elif [ "${OLDVER}" != "${NEWVER}" ]; then
5708 + eerror " Your existing version of OpenLDAP was built against"
5709 + eerror " sys-libs/db:${OLDVER}, but the new one will build against"
5710 + eerror " ${NEWVER} and your database would be inaccessible."
5711 + echo
5712 + fail=1
5713 + fi
5714 + [ "${fail}" == "1" ] && openldap_upgrade_howto
5715 + fi
5716 +
5717 + echo
5718 + einfo
5719 + einfo "All datadirs are fine, proceeding with merge now..."
5720 + einfo
5721 +}
5722 +
5723 +openldap_upgrade_howto() {
5724 + eerror
5725 + eerror "A (possible old) installation of OpenLDAP was detected,"
5726 + eerror "installation will not proceed for now."
5727 + eerror
5728 + eerror "As major version upgrades can corrupt your database,"
5729 + eerror "you need to dump your database and re-create it afterwards."
5730 + eerror
5731 + eerror "Additionally, rebuilding against different major versions of the"
5732 + eerror "sys-libs/db libraries will cause your database to be inaccessible."
5733 + eerror ""
5734 + d="$(date -u +%s)"
5735 + l="/root/ldapdump.${d}"
5736 + i="${l}.raw"
5737 + eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
5738 + eerror " 2. slapcat -l ${i}"
5739 + eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
5740 + eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
5741 + eerror " 5. emerge --update \=net-nds/${PF}"
5742 + eerror " 6. etc-update, and ensure that you apply the changes"
5743 + eerror " 7. slapadd -l ${l}"
5744 + eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
5745 + eerror " 9. /etc/init.d/slapd start"
5746 + eerror "10. check that your data is intact."
5747 + eerror "11. set up the new replication system."
5748 + eerror
5749 + if [ "${FORCE_UPGRADE}" != "1" ]; then
5750 + die "You need to upgrade your database first"
5751 + else
5752 + eerror "You have the magical FORCE_UPGRADE=1 in place."
5753 + eerror "Don't say you weren't warned about data loss."
5754 + fi
5755 +}
5756 +
5757 +pkg_setup() {
5758 + if ! use sasl && use cxx ; then
5759 + die "To build the ldapc++ library you must emerge openldap with sasl support"
5760 + fi
5761 + # Bug #322787
5762 + if use minimal && ! has_version "net-nds/openldap" ; then
5763 + einfo "No datadir scan needed, openldap not installed"
5764 + elif use minimal && has_version "net-nds/openldap" && built_with_use net-nds/openldap minimal ; then
5765 + einfo "Skipping scan for previous datadirs as requested by minimal useflag"
5766 + else
5767 + openldap_find_versiontags
5768 + fi
5769 +
5770 + # The user/group are only used for running daemons which are
5771 + # disabled in minimal builds, so elide the accounts too.
5772 + if ! use minimal ; then
5773 + enewgroup ldap 439
5774 + enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
5775 + fi
5776 +}
5777 +
5778 +src_prepare() {
5779 + # ensure correct SLAPI path by default
5780 + sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \
5781 + "${S}"/include/ldap_defaults.h
5782 +
5783 + epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
5784 +
5785 + epatch \
5786 + "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \
5787 + "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
5788 +
5789 + # bug #116045 - still present in 2.4.28
5790 + epatch "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
5791 + # bug #408077 - samba4
5792 + epatch "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
5793 +
5794 + # bug #189817
5795 + epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
5796 +
5797 + # bug #233633
5798 + epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch
5799 +
5800 + # bug #281495
5801 + epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
5802 +
5803 + # bug #294350
5804 + epatch "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
5805 +
5806 + # unbreak /bin/sh -> dash
5807 + epatch "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
5808 +
5809 + # bug #420959
5810 + epatch "${FILESDIR}"/${PN}-2.4.31-gcc47.patch
5811 +
5812 + # bug #421463
5813 + #epatch "${FILESDIR}"/${PN}-2.4.33-gnutls.patch # merged upstream
5814 +
5815 + # unbundle lmdb
5816 + epatch "${FILESDIR}"/${P}-mdb-unbundle.patch
5817 + rm -rf "${S}"/libraries/liblmdb
5818 +
5819 + cd "${S}"/build || die
5820 + einfo "Making sure upstream build strip does not do stripping too early"
5821 + sed -i.orig \
5822 + -e '/^STRIP/s,-s,,g' \
5823 + top.mk || die "Failed to block stripping"
5824 +
5825 + # wrong assumption that /bin/sh is /bin/bash
5826 + sed -i \
5827 + -e 's|/bin/sh|/bin/bash|g' \
5828 + "${S}"/tests/scripts/* || die "sed failed"
5829 +
5830 + cd "${S}" || die
5831 +
5832 + AT_NOEAUTOMAKE=yes eautoreconf
5833 +}
5834 +
5835 +build_contrib_module() {
5836 + # <dir> <sources> <outputname>
5837 + cd "${S}/contrib/slapd-modules/$1" || die
5838 + einfo "Compiling contrib-module: $3"
5839 + # Make sure it's uppercase
5840 + local define_name="$(echo "SLAPD_OVER_${1}" | LC_ALL=C tr '[:lower:]' '[:upper:]')"
5841 + "${lt}" --mode=compile --tag=CC \
5842 + "${CC}" \
5843 + -D${define_name}=SLAPD_MOD_DYNAMIC \
5844 + -I"${BUILD_DIR}"/include \
5845 + -I../../../include -I../../../servers/slapd ${CFLAGS} \
5846 + -o ${2%.c}.lo -c $2 || die "compiling $3 failed"
5847 + einfo "Linking contrib-module: $3"
5848 + "${lt}" --mode=link --tag=CC \
5849 + "${CC}" -module \
5850 + ${CFLAGS} \
5851 + ${LDFLAGS} \
5852 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
5853 + -o $3.la ${2%.c}.lo || die "linking $3 failed"
5854 +}
5855 +
5856 +src_configure() {
5857 + # Bug 408001
5858 + use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync
5859 +
5860 + # connectionless ldap per bug #342439
5861 + append-cppflags -DLDAP_CONNECTIONLESS
5862 +
5863 + multilib-minimal_src_configure
5864 +}
5865 +
5866 +multilib_src_configure() {
5867 + local myconf=()
5868 +
5869 + use debug && myconf+=( $(use_enable debug) )
5870 +
5871 + # ICU usage is not configurable
5872 + export ac_cv_header_unicode_utypes_h="$(multilib_is_native_abi && use icu && echo yes || echo no)"
5873 +
5874 + if ! use minimal && multilib_is_native_abi; then
5875 + local CPPFLAGS=${CPPFLAGS}
5876 +
5877 + # re-enable serverside overlay chains per bug #296567
5878 + # see ldap docs chaper 12.3.1 for details
5879 + myconf+=( --enable-ldap )
5880 +
5881 + # backends
5882 + myconf+=( --enable-slapd )
5883 + if use berkdb ; then
5884 + einfo "Using Berkeley DB for local backend"
5885 + myconf+=( --enable-bdb --enable-hdb )
5886 + DBINCLUDE=$(db_includedir $BDB_SLOTS)
5887 + einfo "Using $DBINCLUDE for sys-libs/db version"
5888 + # We need to include the slotted db.h dir for FreeBSD
5889 + append-cppflags -I${DBINCLUDE}
5890 + else
5891 + myconf+=( --disable-bdb --disable-hdb )
5892 + fi
5893 + for backend in dnssrv ldap mdb meta monitor null passwd relay shell sock; do
5894 + myconf+=( --enable-${backend}=mod )
5895 + done
5896 +
5897 + myconf+=( $(use_enable perl perl mod) )
5898 +
5899 + myconf+=( $(use_enable odbc sql mod) )
5900 + if use odbc ; then
5901 + local odbc_lib="unixodbc"
5902 + if use iodbc ; then
5903 + odbc_lib="iodbc"
5904 + append-cppflags -I"${EPREFIX}"/usr/include/iodbc
5905 + fi
5906 + myconf+=( --with-odbc=${odbc_lib} )
5907 + fi
5908 +
5909 + # slapd options
5910 + myconf+=(
5911 + $(use_enable crypt)
5912 + $(use_enable slp)
5913 + $(use_enable samba lmpasswd)
5914 + $(use_enable syslog)
5915 + )
5916 + if use experimental ; then
5917 + myconf+=(
5918 + --enable-dynacl
5919 + --enable-aci=mod
5920 + )
5921 + fi
5922 + for option in aci cleartext modules rewrite rlookups slapi; do
5923 + myconf+=( --enable-${option} )
5924 + done
5925 +
5926 + # slapd overlay options
5927 + # Compile-in the syncprov, the others as module
5928 + myconf+=( --enable-syncprov=yes )
5929 + use overlays && myconf+=( --enable-overlays=mod )
5930 +
5931 + else
5932 + myconf+=(
5933 + --disable-backends
5934 + --disable-slapd
5935 + --disable-bdb
5936 + --disable-hdb
5937 + --disable-mdb
5938 + --disable-overlays
5939 + --disable-syslog
5940 + )
5941 + fi
5942 +
5943 + # basic functionality stuff
5944 + myconf+=(
5945 + $(use_enable ipv6)
5946 + $(multilib_native_use_with sasl cyrus-sasl)
5947 + $(multilib_native_use_enable sasl spasswd)
5948 + $(use_enable tcpd wrappers)
5949 + )
5950 +
5951 + # Some cross-compiling tests don't pan out well.
5952 + tc-is-cross-compiler && myconf+=(
5953 + --with-yielding-select=yes
5954 + )
5955 +
5956 + local ssl_lib="no"
5957 + if use ssl || ( ! use minimal && use samba ) ; then
5958 + ssl_lib="openssl"
5959 + use gnutls && ssl_lib="gnutls"
5960 + fi
5961 +
5962 + myconf+=( --with-tls=${ssl_lib} )
5963 +
5964 + for basicflag in dynamic local proctitle shared; do
5965 + myconf+=( --enable-${basicflag} )
5966 + done
5967 +
5968 + tc-export AR CC CXX
5969 + ECONF_SOURCE=${S} \
5970 + STRIP=/bin/true \
5971 + econf \
5972 + --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
5973 + $(use_enable static-libs static) \
5974 + "${myconf[@]}"
5975 + emake depend
5976 +}
5977 +
5978 +src_configure_cxx() {
5979 + # This needs the libraries built by the first build run.
5980 + # So we have to run it AFTER the main build, not just after the main
5981 + # configure.
5982 + local myconf_ldapcpp=(
5983 + --with-ldap-includes="${S}"/include
5984 + )
5985 +
5986 + mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die
5987 + cd "${BUILD_DIR}/contrib/ldapc++" || die
5988 +
5989 + local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS}
5990 + append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
5991 + -L"${BUILD_DIR}"/libraries/libldap/.libs
5992 + append-cppflags -I"${BUILD_DIR}"/include
5993 + ECONF_SOURCE=${S}/contrib/ldapc++ \
5994 + econf "${myconf_ldapcpp[@]}" \
5995 + CC="${CC}" \
5996 + CXX="${CXX}"
5997 +}
5998 +
5999 +multilib_src_compile() {
6000 + tc-export AR CC CXX
6001 + emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash
6002 + local lt="${BUILD_DIR}/libtool"
6003 + export echo="echo"
6004 +
6005 + if ! use minimal && multilib_is_native_abi ; then
6006 + if use cxx ; then
6007 + einfo "Building contrib library: ldapc++"
6008 + src_configure_cxx
6009 + cd "${BUILD_DIR}/contrib/ldapc++" || die
6010 + emake \
6011 + CC="${CC}" CXX="${CXX}"
6012 + fi
6013 +
6014 + if use smbkrb5passwd ; then
6015 + einfo "Building contrib-module: smbk5pwd"
6016 + cd "${S}/contrib/slapd-modules/smbk5pwd" || die
6017 +
6018 + MY_DEFS="-DDO_SHADOW"
6019 + if use samba ; then
6020 + MY_DEFS="${MY_DEFS} -DDO_SAMBA"
6021 + MY_KRB5_INC=""
6022 + fi
6023 + if use kerberos ; then
6024 + MY_DEFS="${MY_DEFS} -DDO_KRB5"
6025 + MY_KRB5_INC="$(krb5-config --cflags)"
6026 + fi
6027 +
6028 + emake \
6029 + DEFS="${MY_DEFS}" \
6030 + KRB5_INC="${MY_KRB5_INC}" \
6031 + LDAP_BUILD="${BUILD_DIR}" \
6032 + CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
6033 + fi
6034 +
6035 + if use overlays ; then
6036 + einfo "Building contrib-module: samba4"
6037 + cd "${S}/contrib/slapd-modules/samba4" || die
6038 +
6039 + emake \
6040 + LDAP_BUILD="${BUILD_DIR}" \
6041 + CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap"
6042 + fi
6043 +
6044 + if use kerberos ; then
6045 + build_contrib_module "kinit" "kinit.c" "kinit"
6046 + cd "${S}/contrib/slapd-modules/passwd" || die
6047 + einfo "Compiling contrib-module: pw-kerberos"
6048 + "${lt}" --mode=compile --tag=CC \
6049 + "${CC}" \
6050 + -I"${BUILD_DIR}"/include \
6051 + -I../../../include \
6052 + ${CFLAGS} \
6053 + $(krb5-config --cflags) \
6054 + -DHAVE_KRB5 \
6055 + -o kerberos.lo \
6056 + -c kerberos.c || die "compiling pw-kerberos failed"
6057 + einfo "Linking contrib-module: pw-kerberos"
6058 + "${lt}" --mode=link --tag=CC \
6059 + "${CC}" -module \
6060 + ${CFLAGS} \
6061 + ${LDFLAGS} \
6062 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
6063 + -o pw-kerberos.la \
6064 + kerberos.lo || die "linking pw-kerberos failed"
6065 + fi
6066 + # We could build pw-radius if GNURadius would install radlib.h
6067 + cd "${S}/contrib/slapd-modules/passwd" || die
6068 + einfo "Compiling contrib-module: pw-netscape"
6069 + "${lt}" --mode=compile --tag=CC \
6070 + "${CC}" \
6071 + -I"${BUILD_DIR}"/include \
6072 + -I../../../include \
6073 + ${CFLAGS} \
6074 + -o netscape.lo \
6075 + -c netscape.c || die "compiling pw-netscape failed"
6076 + einfo "Linking contrib-module: pw-netscape"
6077 + "${lt}" --mode=link --tag=CC \
6078 + "${CC}" -module \
6079 + ${CFLAGS} \
6080 + ${LDFLAGS} \
6081 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
6082 + -o pw-netscape.la \
6083 + netscape.lo || die "linking pw-netscape failed"
6084 +
6085 + #build_contrib_module "acl" "posixgroup.c" "posixGroup" # example code only
6086 + #build_contrib_module "acl" "gssacl.c" "gss" # example code only, also needs kerberos
6087 + build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
6088 + build_contrib_module "allop" "allop.c" "overlay-allop"
6089 + build_contrib_module "allowed" "allowed.c" "allowed"
6090 + build_contrib_module "autogroup" "autogroup.c" "autogroup"
6091 + build_contrib_module "cloak" "cloak.c" "cloak"
6092 + # build_contrib_module "comp_match" "comp_match.c" "comp_match" # really complex, adds new external deps, questionable demand
6093 + build_contrib_module "denyop" "denyop.c" "denyop-overlay"
6094 + build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
6095 + build_contrib_module "dupent" "dupent.c" "dupent"
6096 + build_contrib_module "lastbind" "lastbind.c" "lastbind"
6097 + # lastmod may not play well with other overlays
6098 + build_contrib_module "lastmod" "lastmod.c" "lastmod"
6099 + build_contrib_module "noopsrch" "noopsrch.c" "noopsrch"
6100 + build_contrib_module "nops" "nops.c" "nops-overlay"
6101 + #build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER
6102 + build_contrib_module "trace" "trace.c" "trace"
6103 + # build slapi-plugins
6104 + cd "${S}/contrib/slapi-plugins/addrdnvalues" || die
6105 + einfo "Building contrib-module: addrdnvalues plugin"
6106 + "${CC}" -shared \
6107 + -I"${BUILD_DIR}"/include \
6108 + -I../../../include \
6109 + ${CFLAGS} \
6110 + -fPIC \
6111 + ${LDFLAGS} \
6112 + -o libaddrdnvalues-plugin.so \
6113 + addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
6114 +
6115 + fi
6116 +}
6117 +
6118 +multilib_src_test() {
6119 + if multilib_is_native_abi; then
6120 + cd tests || die
6121 + emake tests || die "make tests failed"
6122 + fi
6123 +}
6124 +
6125 +multilib_src_install() {
6126 + local lt="${BUILD_DIR}/libtool"
6127 + emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install
6128 + use static-libs || prune_libtool_files --all
6129 +
6130 + if ! use minimal && multilib_is_native_abi; then
6131 + # openldap modules go here
6132 + # TODO: write some code to populate slapd.conf with moduleload statements
6133 + keepdir /usr/$(get_libdir)/openldap/openldap/
6134 +
6135 + # initial data storage dir
6136 + keepdir /var/lib/openldap-data
6137 + use prefix || fowners ldap:ldap /var/lib/openldap-data
6138 + fperms 0700 /var/lib/openldap-data
6139 +
6140 + echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
6141 + echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
6142 + echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
6143 +
6144 + # use our config
6145 + rm "${ED}"etc/openldap/slapd.conf
6146 + insinto /etc/openldap
6147 + newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf
6148 + configfile="${ED}"etc/openldap/slapd.conf
6149 +
6150 + # populate with built backends
6151 + ebegin "populate config with built backends"
6152 + for x in "${ED}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
6153 + einfo "Adding $(basename ${x})"
6154 + sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
6155 + done
6156 + sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
6157 + use prefix || fowners root:ldap /etc/openldap/slapd.conf
6158 + fperms 0640 /etc/openldap/slapd.conf
6159 + cp "${configfile}" "${configfile}".default
6160 + eend
6161 +
6162 + # install our own init scripts and systemd unit files
6163 + einfo "Install init scripts"
6164 + newinitd "${FILESDIR}"/slapd-initd-2.4.40-r2 slapd
6165 + newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd
6166 + einfo "Install systemd service"
6167 + systemd_dounit "${FILESDIR}"/slapd.service
6168 + systemd_install_serviced "${FILESDIR}"/slapd.service.conf
6169 + systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf
6170 +
6171 + if [[ $(get_libdir) != lib ]]; then
6172 + sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i \
6173 + "${ED}"/etc/init.d/slapd \
6174 + "${ED}"/usr/lib/systemd/system/slapd.service || die
6175 + fi
6176 + # If built without SLP, we don't need to be before avahi
6177 + use slp \
6178 + || sed -i \
6179 + -e '/before/{s/avahi-daemon//g}' \
6180 + "${ED}"etc/init.d/slapd
6181 +
6182 + if use cxx ; then
6183 + einfo "Install the ldapc++ library"
6184 + cd "${BUILD_DIR}/contrib/ldapc++" || die
6185 + emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
6186 + cd "${S}"/contrib/ldapc++ || die
6187 + newdoc README ldapc++-README
6188 + fi
6189 +
6190 + if use smbkrb5passwd ; then
6191 + einfo "Install the smbk5pwd module"
6192 + cd "${S}/contrib/slapd-modules/smbk5pwd" || die
6193 + emake DESTDIR="${D}" \
6194 + LDAP_BUILD="${BUILD_DIR}" \
6195 + libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
6196 + newdoc README smbk5pwd-README
6197 + fi
6198 +
6199 + if use overlays ; then
6200 + einfo "Install the samba4 module"
6201 + cd "${S}/contrib/slapd-modules/samba4" || die
6202 + emake DESTDIR="${D}" \
6203 + LDAP_BUILD="${BUILD_DIR}" \
6204 + libexecdir="/usr/$(get_libdir)/openldap" install
6205 + newdoc README samba4-README
6206 + fi
6207 +
6208 + einfo "Installing contrib modules"
6209 + cd "${S}/contrib/slapd-modules" || die
6210 + for l in */*.la; do
6211 + "${lt}" --mode=install cp ${l} \
6212 + "${ED}"usr/$(get_libdir)/openldap/openldap || \
6213 + die "installing ${l} failed"
6214 + done
6215 +
6216 + dodoc "${FILESDIR}"/DB_CONFIG.fast.example
6217 + docinto contrib
6218 + doman */*.5
6219 + #newdoc acl/README*
6220 + newdoc addpartial/README addpartial-README
6221 + newdoc allop/README allop-README
6222 + newdoc allowed/README allowed-README
6223 + newdoc autogroup/README autogroup-README
6224 + newdoc dsaschema/README dsaschema-README
6225 + newdoc passwd/README passwd-README
6226 + cd "${S}/contrib/slapi-plugins" || die
6227 + insinto /usr/$(get_libdir)/openldap/openldap
6228 + doins */*.so
6229 + docinto contrib
6230 + newdoc addrdnvalues/README addrdnvalues-README
6231 +
6232 + insinto /etc/openldap/schema
6233 + newins "${DISTDIR}"/${BIS_P} ${BIS_PN}
6234 +
6235 + docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample*
6236 + docinto back-shell ; dodoc "${S}"/servers/slapd/back-shell/searchexample*
6237 + docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm
6238 +
6239 + dosbin "${S}"/contrib/slapd-tools/statslog
6240 + newdoc "${S}"/contrib/slapd-tools/README README.statslog
6241 + fi
6242 +}
6243 +
6244 +multilib_src_install_all() {
6245 + dodoc ANNOUNCEMENT CHANGES COPYRIGHT README
6246 + docinto rfc ; dodoc doc/rfc/*.txt
6247 +}
6248 +
6249 +pkg_preinst() {
6250 + # keep old libs if any
6251 + preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0)
6252 + # bug 440470, only display the getting started help there was no openldap before,
6253 + # or we are going to a non-minimal build
6254 + ! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]'
6255 + OPENLDAP_PRINT_MESSAGES=$((! $?))
6256 +}
6257 +
6258 +pkg_postinst() {
6259 + if ! use minimal ; then
6260 + # You cannot build SSL certificates during src_install that will make
6261 + # binary packages containing your SSL key, which is both a security risk
6262 + # and a misconfiguration if multiple machines use the same key and cert.
6263 + if use ssl; then
6264 + install_cert /etc/openldap/ssl/ldap
6265 + use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.*
6266 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
6267 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
6268 + ewarn "add 'TLS_REQCERT allow' if you want to use them."
6269 + fi
6270 +
6271 + if use prefix; then
6272 + # Warn about prefix issues with slapd
6273 + eerror "slapd might NOT be usable on Prefix systems as it requires root privileges"
6274 + eerror "to start up, and requires that certain files directories be owned by"
6275 + eerror "ldap:ldap. As Prefix does not support changing ownership of files and"
6276 + eerror "directories, you will have to manually fix this yourself."
6277 + fi
6278 +
6279 + # These lines force the permissions of various content to be correct
6280 + use prefix || chown ldap:ldap "${EROOT}"var/run/openldap
6281 + chmod 0755 "${EROOT}"var/run/openldap
6282 + use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default}
6283 + chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default}
6284 + use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data
6285 + fi
6286 +
6287 + if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then
6288 + elog "Getting started using OpenLDAP? There is some documentation available:"
6289 + elog "Gentoo Guide to OpenLDAP Authentication"
6290 + elog "(https://www.gentoo.org/doc/en/ldap-howto.xml)"
6291 + elog "---"
6292 + elog "An example file for tuning BDB backends with openldap is"
6293 + elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
6294 + fi
6295 +
6296 + preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0)
6297 +}
6298
6299 diff --git a/net-nds/openldap/openldap-2.4.43-r1.ebuild b/net-nds/openldap/openldap-2.4.43-r1.ebuild
6300 new file mode 100644
6301 index 00000000..ee27b3c
6302 --- /dev/null
6303 +++ b/net-nds/openldap/openldap-2.4.43-r1.ebuild
6304 @@ -0,0 +1,830 @@
6305 +# Copyright 1999-2016 Gentoo Foundation
6306 +# Distributed under the terms of the GNU General Public License v2
6307 +# $Id$
6308 +
6309 +EAPI="5"
6310 +
6311 +inherit db-use eutils flag-o-matic multilib multilib-minimal ssl-cert versionator toolchain-funcs autotools user systemd
6312 +
6313 +BIS_PN=rfc2307bis.schema
6314 +BIS_PV=20140524
6315 +BIS_P="${BIS_PN}-${BIS_PV}"
6316 +
6317 +DESCRIPTION="LDAP suite of application and development tools"
6318 +HOMEPAGE="http://www.OpenLDAP.org/"
6319 +
6320 +# mirrors are mostly not working, using canonical URI
6321 +SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz
6322 + mirror://gentoo/${BIS_P}"
6323 +
6324 +LICENSE="OPENLDAP GPL-2"
6325 +SLOT="0"
6326 +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~x86-linux ~x86-solaris"
6327 +
6328 +IUSE_DAEMON="crypt icu samba slp tcpd experimental minimal"
6329 +IUSE_BACKEND="+berkdb"
6330 +IUSE_OVERLAY="overlays perl"
6331 +IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 libressl +syslog selinux static-libs"
6332 +IUSE_CONTRIB="smbkrb5passwd kerberos kinit"
6333 +IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
6334 +IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
6335 +
6336 +REQUIRED_USE="cxx? ( sasl )
6337 + ?? ( gnutls libressl )"
6338 +
6339 +# always list newer first
6340 +# Do not add any AGPL-3 BDB here!
6341 +# See bug 525110, comment 15.
6342 +BDB_SLOTS='5.3 5.1 4.8 4.7 4.6 4.5 4.4'
6343 +BDB_PKGS=''
6344 +for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done
6345 +
6346 +# openssl is needed to generate lanman-passwords required by samba
6347 +CDEPEND="icu? ( dev-libs/icu:= )
6348 + ssl? (
6349 + !gnutls? (
6350 + !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] )
6351 + )
6352 + gnutls? ( >=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}]
6353 + libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] )
6354 + >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] ) )
6355 + sasl? ( dev-libs/cyrus-sasl:= )
6356 + !minimal? (
6357 + sys-devel/libtool
6358 + sys-libs/e2fsprogs-libs
6359 + >=dev-db/lmdb-0.9.17
6360 + tcpd? ( sys-apps/tcp-wrappers )
6361 + odbc? ( !iodbc? ( dev-db/unixODBC )
6362 + iodbc? ( dev-db/libiodbc ) )
6363 + slp? ( net-libs/openslp )
6364 + perl? ( dev-lang/perl:=[-build(-)] )
6365 + samba? (
6366 + !libressl? ( dev-libs/openssl:0 )
6367 + libressl? ( dev-libs/libressl )
6368 + )
6369 + berkdb? (
6370 + <sys-libs/db-6.0:=
6371 + || ( ${BDB_PKGS} )
6372 + )
6373 + smbkrb5passwd? (
6374 + !libressl? ( dev-libs/openssl:0 )
6375 + libressl? ( dev-libs/libressl )
6376 + kerberos? ( app-crypt/heimdal )
6377 + )
6378 + kerberos? (
6379 + virtual/krb5
6380 + kinit? ( !app-crypt/heimdal )
6381 + )
6382 + cxx? ( dev-libs/cyrus-sasl:= )
6383 + )
6384 + abi_x86_32? (
6385 + !<=app-emulation/emul-linux-x86-baselibs-20140508-r3
6386 + !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
6387 + )"
6388 +DEPEND="${CDEPEND}
6389 + sys-apps/groff"
6390 +RDEPEND="${CDEPEND}
6391 + selinux? ( sec-policy/selinux-ldap )
6392 +"
6393 +# for tracking versions
6394 +OPENLDAP_VERSIONTAG=".version-tag"
6395 +OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
6396 +
6397 +MULTILIB_WRAPPED_HEADERS=(
6398 + # USE=cxx
6399 + /usr/include/LDAPAsynConnection.h
6400 + /usr/include/LDAPAttrType.h
6401 + /usr/include/LDAPAttribute.h
6402 + /usr/include/LDAPAttributeList.h
6403 + /usr/include/LDAPConnection.h
6404 + /usr/include/LDAPConstraints.h
6405 + /usr/include/LDAPControl.h
6406 + /usr/include/LDAPControlSet.h
6407 + /usr/include/LDAPEntry.h
6408 + /usr/include/LDAPEntryList.h
6409 + /usr/include/LDAPException.h
6410 + /usr/include/LDAPExtResult.h
6411 + /usr/include/LDAPMessage.h
6412 + /usr/include/LDAPMessageQueue.h
6413 + /usr/include/LDAPModList.h
6414 + /usr/include/LDAPModification.h
6415 + /usr/include/LDAPObjClass.h
6416 + /usr/include/LDAPRebind.h
6417 + /usr/include/LDAPRebindAuth.h
6418 + /usr/include/LDAPReferenceList.h
6419 + /usr/include/LDAPResult.h
6420 + /usr/include/LDAPSaslBindResult.h
6421 + /usr/include/LDAPSchema.h
6422 + /usr/include/LDAPSearchReference.h
6423 + /usr/include/LDAPSearchResult.h
6424 + /usr/include/LDAPSearchResults.h
6425 + /usr/include/LDAPUrl.h
6426 + /usr/include/LDAPUrlList.h
6427 + /usr/include/LdifReader.h
6428 + /usr/include/LdifWriter.h
6429 + /usr/include/SaslInteraction.h
6430 + /usr/include/SaslInteractionHandler.h
6431 + /usr/include/StringList.h
6432 + /usr/include/TlsOptions.h
6433 +)
6434 +
6435 +openldap_filecount() {
6436 + local dir="$1"
6437 + find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
6438 +}
6439 +
6440 +openldap_find_versiontags() {
6441 + # scan for all datadirs
6442 + openldap_datadirs=""
6443 + if [ -f "${EROOT}"/etc/openldap/slapd.conf ]; then
6444 + openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${EROOT}/etc/openldap/slapd.conf)"
6445 + fi
6446 + openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
6447 +
6448 + einfo
6449 + einfo "Scanning datadir(s) from slapd.conf and"
6450 + einfo "the default installdir for Versiontags"
6451 + einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
6452 + einfo
6453 +
6454 + # scan datadirs if we have a version tag
6455 + openldap_found_tag=0
6456 + have_files=0
6457 + for each in ${openldap_datadirs}; do
6458 + CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
6459 + CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
6460 + if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
6461 + einfo "- Checking ${each}..."
6462 + if [ -r ${CURRENT_TAG} ] ; then
6463 + # yey, we have one :)
6464 + einfo " Found Versiontag in ${each}"
6465 + source ${CURRENT_TAG}
6466 + if [ "${OLDPF}" == "" ] ; then
6467 + eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
6468 + eerror "Please delete it"
6469 + eerror
6470 + die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
6471 + fi
6472 +
6473 + OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
6474 +
6475 + [ $(openldap_filecount ${CURRENT_TAGDIR}) -gt 0 ] && have_files=1
6476 +
6477 + # are we on the same branch?
6478 + if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
6479 + ewarn " Versiontag doesn't match current major release!"
6480 + if [[ "${have_files}" == "1" ]] ; then
6481 + eerror " Versiontag says other major and you (probably) have datafiles!"
6482 + echo
6483 + openldap_upgrade_howto
6484 + else
6485 + einfo " No real problem, seems there's no database."
6486 + fi
6487 + else
6488 + einfo " Versiontag is fine here :)"
6489 + fi
6490 + else
6491 + einfo " Non-tagged dir ${each}"
6492 + [ $(openldap_filecount ${each}) -gt 0 ] && have_files=1
6493 + if [[ "${have_files}" == "1" ]] ; then
6494 + einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
6495 + echo
6496 +
6497 + eerror
6498 + eerror "Your OpenLDAP Installation has a non tagged datadir that"
6499 + eerror "possibly contains a database at ${CURRENT_TAGDIR}"
6500 + eerror
6501 + eerror "Please export data if any entered and empty or remove"
6502 + eerror "the directory, installation has been stopped so you"
6503 + eerror "can take required action"
6504 + eerror
6505 + eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
6506 + eerror
6507 + openldap_upgrade_howto
6508 + die "Please move the datadir ${CURRENT_TAGDIR} away"
6509 + fi
6510 + fi
6511 + einfo
6512 + fi
6513 + done
6514 + [ "${have_files}" == "1" ] && einfo "DB files present" || einfo "No DB files present"
6515 +
6516 + # Now we must check for the major version of sys-libs/db linked against.
6517 + SLAPD_PATH=${EROOT}/usr/$(get_libdir)/openldap/slapd
6518 + if [ "${have_files}" == "1" -a -f "${SLAPD_PATH}" ]; then
6519 + OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
6520 + | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
6521 + if use berkdb; then
6522 + # find which one would be used
6523 + for bdb_slot in $BDB_SLOTS ; do
6524 + NEWVER="$(db_findver "=sys-libs/db-${bdb_slot}*")"
6525 + [[ -n "$NEWVER" ]] && break
6526 + done
6527 + fi
6528 + local fail=0
6529 + if [ -z "${OLDVER}" -a -z "${NEWVER}" ]; then
6530 + :
6531 + # Nothing wrong here.
6532 + elif [ -z "${OLDVER}" -a -n "${NEWVER}" ]; then
6533 + eerror " Your existing version of OpenLDAP was not built against"
6534 + eerror " any version of sys-libs/db, but the new one will build"
6535 + eerror " against ${NEWVER} and your database may be inaccessible."
6536 + echo
6537 + fail=1
6538 + elif [ -n "${OLDVER}" -a -z "${NEWVER}" ]; then
6539 + eerror " Your existing version of OpenLDAP was built against"
6540 + eerror " sys-libs/db:${OLDVER}, but the new one will not be"
6541 + eerror " built against any version and your database may be"
6542 + eerror " inaccessible."
6543 + echo
6544 + fail=1
6545 + elif [ "${OLDVER}" != "${NEWVER}" ]; then
6546 + eerror " Your existing version of OpenLDAP was built against"
6547 + eerror " sys-libs/db:${OLDVER}, but the new one will build against"
6548 + eerror " ${NEWVER} and your database would be inaccessible."
6549 + echo
6550 + fail=1
6551 + fi
6552 + [ "${fail}" == "1" ] && openldap_upgrade_howto
6553 + fi
6554 +
6555 + echo
6556 + einfo
6557 + einfo "All datadirs are fine, proceeding with merge now..."
6558 + einfo
6559 +}
6560 +
6561 +openldap_upgrade_howto() {
6562 + eerror
6563 + eerror "A (possible old) installation of OpenLDAP was detected,"
6564 + eerror "installation will not proceed for now."
6565 + eerror
6566 + eerror "As major version upgrades can corrupt your database,"
6567 + eerror "you need to dump your database and re-create it afterwards."
6568 + eerror
6569 + eerror "Additionally, rebuilding against different major versions of the"
6570 + eerror "sys-libs/db libraries will cause your database to be inaccessible."
6571 + eerror ""
6572 + d="$(date -u +%s)"
6573 + l="/root/ldapdump.${d}"
6574 + i="${l}.raw"
6575 + eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
6576 + eerror " 2. slapcat -l ${i}"
6577 + eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
6578 + eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
6579 + eerror " 5. emerge --update \=net-nds/${PF}"
6580 + eerror " 6. etc-update, and ensure that you apply the changes"
6581 + eerror " 7. slapadd -l ${l}"
6582 + eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
6583 + eerror " 9. /etc/init.d/slapd start"
6584 + eerror "10. check that your data is intact."
6585 + eerror "11. set up the new replication system."
6586 + eerror
6587 + if [ "${FORCE_UPGRADE}" != "1" ]; then
6588 + die "You need to upgrade your database first"
6589 + else
6590 + eerror "You have the magical FORCE_UPGRADE=1 in place."
6591 + eerror "Don't say you weren't warned about data loss."
6592 + fi
6593 +}
6594 +
6595 +pkg_setup() {
6596 + if ! use sasl && use cxx ; then
6597 + die "To build the ldapc++ library you must emerge openldap with sasl support"
6598 + fi
6599 + # Bug #322787
6600 + if use minimal && ! has_version "net-nds/openldap" ; then
6601 + einfo "No datadir scan needed, openldap not installed"
6602 + elif use minimal && has_version "net-nds/openldap" && built_with_use net-nds/openldap minimal ; then
6603 + einfo "Skipping scan for previous datadirs as requested by minimal useflag"
6604 + else
6605 + openldap_find_versiontags
6606 + fi
6607 +
6608 + # The user/group are only used for running daemons which are
6609 + # disabled in minimal builds, so elide the accounts too.
6610 + if ! use minimal ; then
6611 + enewgroup ldap 439
6612 + enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
6613 + fi
6614 +}
6615 +
6616 +src_prepare() {
6617 + # ensure correct SLAPI path by default
6618 + sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \
6619 + "${S}"/include/ldap_defaults.h
6620 +
6621 + epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
6622 +
6623 + epatch \
6624 + "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \
6625 + "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
6626 +
6627 + # bug #116045 - still present in 2.4.28
6628 + epatch "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
6629 + # bug #408077 - samba4
6630 + epatch "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
6631 +
6632 + # bug #189817
6633 + epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
6634 +
6635 + # bug #233633
6636 + epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch
6637 +
6638 + # bug #281495
6639 + epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
6640 +
6641 + # bug #294350
6642 + epatch "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
6643 +
6644 + # unbreak /bin/sh -> dash
6645 + epatch "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
6646 +
6647 + # bug #420959
6648 + epatch "${FILESDIR}"/${PN}-2.4.31-gcc47.patch
6649 +
6650 + # unbundle lmdb
6651 + epatch "${FILESDIR}"/${PN}-2.4.42-mdb-unbundle.patch
6652 + rm -rf "${S}"/libraries/liblmdb
6653 +
6654 + cd "${S}"/build || die
6655 + einfo "Making sure upstream build strip does not do stripping too early"
6656 + sed -i.orig \
6657 + -e '/^STRIP/s,-s,,g' \
6658 + top.mk || die "Failed to block stripping"
6659 +
6660 + # wrong assumption that /bin/sh is /bin/bash
6661 + sed -i \
6662 + -e 's|/bin/sh|/bin/bash|g' \
6663 + "${S}"/tests/scripts/* || die "sed failed"
6664 +
6665 + cd "${S}" || die
6666 +
6667 + AT_NOEAUTOMAKE=yes eautoreconf
6668 +}
6669 +
6670 +build_contrib_module() {
6671 + # <dir> <sources> <outputname>
6672 + cd "${S}/contrib/slapd-modules/$1" || die
6673 + einfo "Compiling contrib-module: $3"
6674 + # Make sure it's uppercase
6675 + local define_name="$(echo "SLAPD_OVER_${1}" | LC_ALL=C tr '[:lower:]' '[:upper:]')"
6676 + "${lt}" --mode=compile --tag=CC \
6677 + "${CC}" \
6678 + -D${define_name}=SLAPD_MOD_DYNAMIC \
6679 + -I"${BUILD_DIR}"/include \
6680 + -I../../../include -I../../../servers/slapd ${CFLAGS} \
6681 + -o ${2%.c}.lo -c $2 || die "compiling $3 failed"
6682 + einfo "Linking contrib-module: $3"
6683 + "${lt}" --mode=link --tag=CC \
6684 + "${CC}" -module \
6685 + ${CFLAGS} \
6686 + ${LDFLAGS} \
6687 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
6688 + -o $3.la ${2%.c}.lo || die "linking $3 failed"
6689 +}
6690 +
6691 +src_configure() {
6692 + # Bug 408001
6693 + use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync
6694 +
6695 + # connectionless ldap per bug #342439
6696 + append-cppflags -DLDAP_CONNECTIONLESS
6697 +
6698 + multilib-minimal_src_configure
6699 +}
6700 +
6701 +multilib_src_configure() {
6702 + local myconf=()
6703 +
6704 + use debug && myconf+=( $(use_enable debug) )
6705 +
6706 + # ICU usage is not configurable
6707 + export ac_cv_header_unicode_utypes_h="$(multilib_is_native_abi && use icu && echo yes || echo no)"
6708 +
6709 + if ! use minimal && multilib_is_native_abi; then
6710 + local CPPFLAGS=${CPPFLAGS}
6711 +
6712 + # re-enable serverside overlay chains per bug #296567
6713 + # see ldap docs chaper 12.3.1 for details
6714 + myconf+=( --enable-ldap )
6715 +
6716 + # backends
6717 + myconf+=( --enable-slapd )
6718 + if use berkdb ; then
6719 + einfo "Using Berkeley DB for local backend"
6720 + myconf+=( --enable-bdb --enable-hdb )
6721 + DBINCLUDE=$(db_includedir $BDB_SLOTS)
6722 + einfo "Using $DBINCLUDE for sys-libs/db version"
6723 + # We need to include the slotted db.h dir for FreeBSD
6724 + append-cppflags -I${DBINCLUDE}
6725 + else
6726 + myconf+=( --disable-bdb --disable-hdb )
6727 + fi
6728 + for backend in dnssrv ldap mdb meta monitor null passwd relay shell sock; do
6729 + myconf+=( --enable-${backend}=mod )
6730 + done
6731 +
6732 + myconf+=( $(use_enable perl perl mod) )
6733 +
6734 + myconf+=( $(use_enable odbc sql mod) )
6735 + if use odbc ; then
6736 + local odbc_lib="unixodbc"
6737 + if use iodbc ; then
6738 + odbc_lib="iodbc"
6739 + append-cppflags -I"${EPREFIX}"/usr/include/iodbc
6740 + fi
6741 + myconf+=( --with-odbc=${odbc_lib} )
6742 + fi
6743 +
6744 + # slapd options
6745 + myconf+=(
6746 + $(use_enable crypt)
6747 + $(use_enable slp)
6748 + $(use_enable samba lmpasswd)
6749 + $(use_enable syslog)
6750 + )
6751 + if use experimental ; then
6752 + myconf+=(
6753 + --enable-dynacl
6754 + --enable-aci=mod
6755 + )
6756 + fi
6757 + for option in aci cleartext modules rewrite rlookups slapi; do
6758 + myconf+=( --enable-${option} )
6759 + done
6760 +
6761 + # slapd overlay options
6762 + # Compile-in the syncprov, the others as module
6763 + myconf+=( --enable-syncprov=yes )
6764 + use overlays && myconf+=( --enable-overlays=mod )
6765 +
6766 + else
6767 + myconf+=(
6768 + --disable-backends
6769 + --disable-slapd
6770 + --disable-bdb
6771 + --disable-hdb
6772 + --disable-mdb
6773 + --disable-overlays
6774 + --disable-syslog
6775 + )
6776 + fi
6777 +
6778 + # basic functionality stuff
6779 + myconf+=(
6780 + $(use_enable ipv6)
6781 + $(multilib_native_use_with sasl cyrus-sasl)
6782 + $(multilib_native_use_enable sasl spasswd)
6783 + $(use_enable tcpd wrappers)
6784 + )
6785 +
6786 + # Some cross-compiling tests don't pan out well.
6787 + tc-is-cross-compiler && myconf+=(
6788 + --with-yielding-select=yes
6789 + )
6790 +
6791 + local ssl_lib="no"
6792 + if use ssl || ( ! use minimal && use samba ) ; then
6793 + ssl_lib="openssl"
6794 + use gnutls && ssl_lib="gnutls"
6795 + fi
6796 +
6797 + myconf+=( --with-tls=${ssl_lib} )
6798 +
6799 + for basicflag in dynamic local proctitle shared; do
6800 + myconf+=( --enable-${basicflag} )
6801 + done
6802 +
6803 + tc-export AR CC CXX
6804 + ECONF_SOURCE=${S} \
6805 + STRIP=/bin/true \
6806 + econf \
6807 + --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
6808 + $(use_enable static-libs static) \
6809 + "${myconf[@]}"
6810 + emake depend
6811 +}
6812 +
6813 +src_configure_cxx() {
6814 + # This needs the libraries built by the first build run.
6815 + # So we have to run it AFTER the main build, not just after the main
6816 + # configure.
6817 + local myconf_ldapcpp=(
6818 + --with-ldap-includes="${S}"/include
6819 + )
6820 +
6821 + mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die
6822 + cd "${BUILD_DIR}/contrib/ldapc++" || die
6823 +
6824 + local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS}
6825 + append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
6826 + -L"${BUILD_DIR}"/libraries/libldap/.libs
6827 + append-cppflags -I"${BUILD_DIR}"/include
6828 + ECONF_SOURCE=${S}/contrib/ldapc++ \
6829 + econf "${myconf_ldapcpp[@]}" \
6830 + CC="${CC}" \
6831 + CXX="${CXX}"
6832 +}
6833 +
6834 +multilib_src_compile() {
6835 + tc-export AR CC CXX
6836 + emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash
6837 + local lt="${BUILD_DIR}/libtool"
6838 + export echo="echo"
6839 +
6840 + if ! use minimal && multilib_is_native_abi ; then
6841 + if use cxx ; then
6842 + einfo "Building contrib library: ldapc++"
6843 + src_configure_cxx
6844 + cd "${BUILD_DIR}/contrib/ldapc++" || die
6845 + emake \
6846 + CC="${CC}" CXX="${CXX}"
6847 + fi
6848 +
6849 + if use smbkrb5passwd ; then
6850 + einfo "Building contrib-module: smbk5pwd"
6851 + cd "${S}/contrib/slapd-modules/smbk5pwd" || die
6852 +
6853 + MY_DEFS="-DDO_SHADOW"
6854 + if use samba ; then
6855 + MY_DEFS="${MY_DEFS} -DDO_SAMBA"
6856 + MY_KRB5_INC=""
6857 + fi
6858 + if use kerberos ; then
6859 + MY_DEFS="${MY_DEFS} -DDO_KRB5"
6860 + MY_KRB5_INC="$(krb5-config --cflags)"
6861 + fi
6862 +
6863 + emake \
6864 + DEFS="${MY_DEFS}" \
6865 + KRB5_INC="${MY_KRB5_INC}" \
6866 + LDAP_BUILD="${BUILD_DIR}" \
6867 + CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
6868 + fi
6869 +
6870 + if use overlays ; then
6871 + einfo "Building contrib-module: samba4"
6872 + cd "${S}/contrib/slapd-modules/samba4" || die
6873 +
6874 + emake \
6875 + LDAP_BUILD="${BUILD_DIR}" \
6876 + CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap"
6877 + fi
6878 +
6879 + if use kerberos ; then
6880 + if use kinit ; then
6881 + build_contrib_module "kinit" "kinit.c" "kinit"
6882 + fi
6883 + cd "${S}/contrib/slapd-modules/passwd" || die
6884 + einfo "Compiling contrib-module: pw-kerberos"
6885 + "${lt}" --mode=compile --tag=CC \
6886 + "${CC}" \
6887 + -I"${BUILD_DIR}"/include \
6888 + -I../../../include \
6889 + ${CFLAGS} \
6890 + $(krb5-config --cflags) \
6891 + -DHAVE_KRB5 \
6892 + -o kerberos.lo \
6893 + -c kerberos.c || die "compiling pw-kerberos failed"
6894 + einfo "Linking contrib-module: pw-kerberos"
6895 + "${lt}" --mode=link --tag=CC \
6896 + "${CC}" -module \
6897 + ${CFLAGS} \
6898 + ${LDFLAGS} \
6899 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
6900 + -o pw-kerberos.la \
6901 + kerberos.lo || die "linking pw-kerberos failed"
6902 + fi
6903 + # We could build pw-radius if GNURadius would install radlib.h
6904 + cd "${S}/contrib/slapd-modules/passwd" || die
6905 + einfo "Compiling contrib-module: pw-netscape"
6906 + "${lt}" --mode=compile --tag=CC \
6907 + "${CC}" \
6908 + -I"${BUILD_DIR}"/include \
6909 + -I../../../include \
6910 + ${CFLAGS} \
6911 + -o netscape.lo \
6912 + -c netscape.c || die "compiling pw-netscape failed"
6913 + einfo "Linking contrib-module: pw-netscape"
6914 + "${lt}" --mode=link --tag=CC \
6915 + "${CC}" -module \
6916 + ${CFLAGS} \
6917 + ${LDFLAGS} \
6918 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
6919 + -o pw-netscape.la \
6920 + netscape.lo || die "linking pw-netscape failed"
6921 +
6922 + #build_contrib_module "acl" "posixgroup.c" "posixGroup" # example code only
6923 + #build_contrib_module "acl" "gssacl.c" "gss" # example code only, also needs kerberos
6924 + build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
6925 + build_contrib_module "allop" "allop.c" "overlay-allop"
6926 + build_contrib_module "allowed" "allowed.c" "allowed"
6927 + build_contrib_module "autogroup" "autogroup.c" "autogroup"
6928 + build_contrib_module "cloak" "cloak.c" "cloak"
6929 + # build_contrib_module "comp_match" "comp_match.c" "comp_match" # really complex, adds new external deps, questionable demand
6930 + build_contrib_module "denyop" "denyop.c" "denyop-overlay"
6931 + build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
6932 + build_contrib_module "dupent" "dupent.c" "dupent"
6933 + build_contrib_module "lastbind" "lastbind.c" "lastbind"
6934 + # lastmod may not play well with other overlays
6935 + build_contrib_module "lastmod" "lastmod.c" "lastmod"
6936 + build_contrib_module "noopsrch" "noopsrch.c" "noopsrch"
6937 + build_contrib_module "nops" "nops.c" "nops-overlay"
6938 + #build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER
6939 + build_contrib_module "trace" "trace.c" "trace"
6940 + # build slapi-plugins
6941 + cd "${S}/contrib/slapi-plugins/addrdnvalues" || die
6942 + einfo "Building contrib-module: addrdnvalues plugin"
6943 + "${CC}" -shared \
6944 + -I"${BUILD_DIR}"/include \
6945 + -I../../../include \
6946 + ${CFLAGS} \
6947 + -fPIC \
6948 + ${LDFLAGS} \
6949 + -o libaddrdnvalues-plugin.so \
6950 + addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
6951 +
6952 + fi
6953 +}
6954 +
6955 +multilib_src_test() {
6956 + if multilib_is_native_abi; then
6957 + cd tests || die
6958 + emake tests || die "make tests failed"
6959 + fi
6960 +}
6961 +
6962 +multilib_src_install() {
6963 + local lt="${BUILD_DIR}/libtool"
6964 + emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install
6965 + use static-libs || prune_libtool_files --all
6966 +
6967 + if ! use minimal && multilib_is_native_abi; then
6968 + # openldap modules go here
6969 + # TODO: write some code to populate slapd.conf with moduleload statements
6970 + keepdir /usr/$(get_libdir)/openldap/openldap/
6971 +
6972 + # initial data storage dir
6973 + keepdir /var/lib/openldap-data
6974 + use prefix || fowners ldap:ldap /var/lib/openldap-data
6975 + fperms 0700 /var/lib/openldap-data
6976 +
6977 + echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
6978 + echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
6979 + echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
6980 +
6981 + # use our config
6982 + rm "${ED}"etc/openldap/slapd.conf
6983 + insinto /etc/openldap
6984 + newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf
6985 + configfile="${ED}"etc/openldap/slapd.conf
6986 +
6987 + # populate with built backends
6988 + ebegin "populate config with built backends"
6989 + for x in "${ED}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
6990 + einfo "Adding $(basename ${x})"
6991 + sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
6992 + done
6993 + sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
6994 + use prefix || fowners root:ldap /etc/openldap/slapd.conf
6995 + fperms 0640 /etc/openldap/slapd.conf
6996 + cp "${configfile}" "${configfile}".default
6997 + eend
6998 +
6999 + # install our own init scripts and systemd unit files
7000 + einfo "Install init scripts"
7001 + newinitd "${FILESDIR}"/slapd-initd-2.4.40-r2 slapd
7002 + newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd
7003 + einfo "Install systemd service"
7004 + systemd_dounit "${FILESDIR}"/slapd.service
7005 + systemd_install_serviced "${FILESDIR}"/slapd.service.conf
7006 + systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf
7007 +
7008 + if [[ $(get_libdir) != lib ]]; then
7009 + sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i \
7010 + "${ED}"/etc/init.d/slapd \
7011 + "${ED}"/usr/lib/systemd/system/slapd.service || die
7012 + fi
7013 + # If built without SLP, we don't need to be before avahi
7014 + use slp \
7015 + || sed -i \
7016 + -e '/before/{s/avahi-daemon//g}' \
7017 + "${ED}"etc/init.d/slapd
7018 +
7019 + if use cxx ; then
7020 + einfo "Install the ldapc++ library"
7021 + cd "${BUILD_DIR}/contrib/ldapc++" || die
7022 + emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
7023 + cd "${S}"/contrib/ldapc++ || die
7024 + newdoc README ldapc++-README
7025 + fi
7026 +
7027 + if use smbkrb5passwd ; then
7028 + einfo "Install the smbk5pwd module"
7029 + cd "${S}/contrib/slapd-modules/smbk5pwd" || die
7030 + emake DESTDIR="${D}" \
7031 + LDAP_BUILD="${BUILD_DIR}" \
7032 + libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
7033 + newdoc README smbk5pwd-README
7034 + fi
7035 +
7036 + if use overlays ; then
7037 + einfo "Install the samba4 module"
7038 + cd "${S}/contrib/slapd-modules/samba4" || die
7039 + emake DESTDIR="${D}" \
7040 + LDAP_BUILD="${BUILD_DIR}" \
7041 + libexecdir="/usr/$(get_libdir)/openldap" install
7042 + newdoc README samba4-README
7043 + fi
7044 +
7045 + einfo "Installing contrib modules"
7046 + cd "${S}/contrib/slapd-modules" || die
7047 + for l in */*.la; do
7048 + "${lt}" --mode=install cp ${l} \
7049 + "${ED}"usr/$(get_libdir)/openldap/openldap || \
7050 + die "installing ${l} failed"
7051 + done
7052 +
7053 + dodoc "${FILESDIR}"/DB_CONFIG.fast.example
7054 + docinto contrib
7055 + doman */*.5
7056 + #newdoc acl/README*
7057 + newdoc addpartial/README addpartial-README
7058 + newdoc allop/README allop-README
7059 + newdoc allowed/README allowed-README
7060 + newdoc autogroup/README autogroup-README
7061 + newdoc dsaschema/README dsaschema-README
7062 + newdoc passwd/README passwd-README
7063 + cd "${S}/contrib/slapi-plugins" || die
7064 + insinto /usr/$(get_libdir)/openldap/openldap
7065 + doins */*.so
7066 + docinto contrib
7067 + newdoc addrdnvalues/README addrdnvalues-README
7068 +
7069 + insinto /etc/openldap/schema
7070 + newins "${DISTDIR}"/${BIS_P} ${BIS_PN}
7071 +
7072 + docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample*
7073 + docinto back-shell ; dodoc "${S}"/servers/slapd/back-shell/searchexample*
7074 + docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm
7075 +
7076 + dosbin "${S}"/contrib/slapd-tools/statslog
7077 + newdoc "${S}"/contrib/slapd-tools/README README.statslog
7078 + fi
7079 +}
7080 +
7081 +multilib_src_install_all() {
7082 + dodoc ANNOUNCEMENT CHANGES COPYRIGHT README
7083 + docinto rfc ; dodoc doc/rfc/*.txt
7084 +}
7085 +
7086 +pkg_preinst() {
7087 + # keep old libs if any
7088 + preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0)
7089 + # bug 440470, only display the getting started help there was no openldap before,
7090 + # or we are going to a non-minimal build
7091 + ! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]'
7092 + OPENLDAP_PRINT_MESSAGES=$((! $?))
7093 +}
7094 +
7095 +pkg_postinst() {
7096 + if ! use minimal ; then
7097 + # You cannot build SSL certificates during src_install that will make
7098 + # binary packages containing your SSL key, which is both a security risk
7099 + # and a misconfiguration if multiple machines use the same key and cert.
7100 + if use ssl; then
7101 + install_cert /etc/openldap/ssl/ldap
7102 + use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.*
7103 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
7104 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
7105 + ewarn "add 'TLS_REQCERT allow' if you want to use them."
7106 + fi
7107 +
7108 + if use prefix; then
7109 + # Warn about prefix issues with slapd
7110 + eerror "slapd might NOT be usable on Prefix systems as it requires root privileges"
7111 + eerror "to start up, and requires that certain files directories be owned by"
7112 + eerror "ldap:ldap. As Prefix does not support changing ownership of files and"
7113 + eerror "directories, you will have to manually fix this yourself."
7114 + fi
7115 +
7116 + # These lines force the permissions of various content to be correct
7117 + use prefix || chown ldap:ldap "${EROOT}"var/run/openldap
7118 + chmod 0755 "${EROOT}"var/run/openldap
7119 + use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default}
7120 + chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default}
7121 + use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data
7122 + fi
7123 +
7124 + if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then
7125 + elog "Getting started using OpenLDAP? There is some documentation available:"
7126 + elog "Gentoo Guide to OpenLDAP Authentication"
7127 + elog "(https://www.gentoo.org/doc/en/ldap-howto.xml)"
7128 + elog "---"
7129 + elog "An example file for tuning BDB backends with openldap is"
7130 + elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
7131 + fi
7132 +
7133 + preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0)
7134 +}
7135
7136 diff --git a/net-nds/openldap/openldap-2.4.43.ebuild b/net-nds/openldap/openldap-2.4.43.ebuild
7137 new file mode 100644
7138 index 00000000..dd6af16
7139 --- /dev/null
7140 +++ b/net-nds/openldap/openldap-2.4.43.ebuild
7141 @@ -0,0 +1,825 @@
7142 +# Copyright 1999-2016 Gentoo Foundation
7143 +# Distributed under the terms of the GNU General Public License v2
7144 +# $Id$
7145 +
7146 +EAPI="5"
7147 +
7148 +inherit db-use eutils flag-o-matic multilib multilib-minimal ssl-cert versionator toolchain-funcs autotools user systemd
7149 +
7150 +BIS_PN=rfc2307bis.schema
7151 +BIS_PV=20140524
7152 +BIS_P="${BIS_PN}-${BIS_PV}"
7153 +
7154 +DESCRIPTION="LDAP suite of application and development tools"
7155 +HOMEPAGE="http://www.OpenLDAP.org/"
7156 +
7157 +# mirrors are mostly not working, using canonical URI
7158 +SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz
7159 + mirror://gentoo/${BIS_P}"
7160 +
7161 +LICENSE="OPENLDAP GPL-2"
7162 +SLOT="0"
7163 +KEYWORDS="~alpha amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~x86-linux ~x86-solaris"
7164 +
7165 +IUSE_DAEMON="crypt icu samba slp tcpd experimental minimal"
7166 +IUSE_BACKEND="+berkdb"
7167 +IUSE_OVERLAY="overlays perl"
7168 +IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 libressl +syslog selinux static-libs"
7169 +IUSE_CONTRIB="smbkrb5passwd kerberos"
7170 +IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
7171 +IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
7172 +
7173 +REQUIRED_USE="cxx? ( sasl )
7174 + ?? ( gnutls libressl )"
7175 +
7176 +# always list newer first
7177 +# Do not add any AGPL-3 BDB here!
7178 +# See bug 525110, comment 15.
7179 +BDB_SLOTS='5.3 5.1 4.8 4.7 4.6 4.5 4.4'
7180 +BDB_PKGS=''
7181 +for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done
7182 +
7183 +# openssl is needed to generate lanman-passwords required by samba
7184 +CDEPEND="icu? ( dev-libs/icu:= )
7185 + ssl? (
7186 + !gnutls? (
7187 + !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] )
7188 + )
7189 + gnutls? ( >=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}]
7190 + libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] )
7191 + >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] ) )
7192 + sasl? ( dev-libs/cyrus-sasl:= )
7193 + !minimal? (
7194 + sys-devel/libtool
7195 + sys-libs/e2fsprogs-libs
7196 + >=dev-db/lmdb-0.9.17
7197 + tcpd? ( sys-apps/tcp-wrappers )
7198 + odbc? ( !iodbc? ( dev-db/unixODBC )
7199 + iodbc? ( dev-db/libiodbc ) )
7200 + slp? ( net-libs/openslp )
7201 + perl? ( dev-lang/perl:=[-build(-)] )
7202 + samba? (
7203 + !libressl? ( dev-libs/openssl:0 )
7204 + libressl? ( dev-libs/libressl )
7205 + )
7206 + berkdb? (
7207 + <sys-libs/db-6.0:=
7208 + || ( ${BDB_PKGS} )
7209 + )
7210 + smbkrb5passwd? (
7211 + !libressl? ( dev-libs/openssl:0 )
7212 + libressl? ( dev-libs/libressl )
7213 + kerberos? ( app-crypt/heimdal )
7214 + )
7215 + kerberos? ( virtual/krb5 )
7216 + cxx? ( dev-libs/cyrus-sasl:= )
7217 + )
7218 + abi_x86_32? (
7219 + !<=app-emulation/emul-linux-x86-baselibs-20140508-r3
7220 + !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
7221 + )"
7222 +DEPEND="${CDEPEND}
7223 + sys-apps/groff"
7224 +RDEPEND="${CDEPEND}
7225 + selinux? ( sec-policy/selinux-ldap )
7226 +"
7227 +# for tracking versions
7228 +OPENLDAP_VERSIONTAG=".version-tag"
7229 +OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
7230 +
7231 +MULTILIB_WRAPPED_HEADERS=(
7232 + # USE=cxx
7233 + /usr/include/LDAPAsynConnection.h
7234 + /usr/include/LDAPAttrType.h
7235 + /usr/include/LDAPAttribute.h
7236 + /usr/include/LDAPAttributeList.h
7237 + /usr/include/LDAPConnection.h
7238 + /usr/include/LDAPConstraints.h
7239 + /usr/include/LDAPControl.h
7240 + /usr/include/LDAPControlSet.h
7241 + /usr/include/LDAPEntry.h
7242 + /usr/include/LDAPEntryList.h
7243 + /usr/include/LDAPException.h
7244 + /usr/include/LDAPExtResult.h
7245 + /usr/include/LDAPMessage.h
7246 + /usr/include/LDAPMessageQueue.h
7247 + /usr/include/LDAPModList.h
7248 + /usr/include/LDAPModification.h
7249 + /usr/include/LDAPObjClass.h
7250 + /usr/include/LDAPRebind.h
7251 + /usr/include/LDAPRebindAuth.h
7252 + /usr/include/LDAPReferenceList.h
7253 + /usr/include/LDAPResult.h
7254 + /usr/include/LDAPSaslBindResult.h
7255 + /usr/include/LDAPSchema.h
7256 + /usr/include/LDAPSearchReference.h
7257 + /usr/include/LDAPSearchResult.h
7258 + /usr/include/LDAPSearchResults.h
7259 + /usr/include/LDAPUrl.h
7260 + /usr/include/LDAPUrlList.h
7261 + /usr/include/LdifReader.h
7262 + /usr/include/LdifWriter.h
7263 + /usr/include/SaslInteraction.h
7264 + /usr/include/SaslInteractionHandler.h
7265 + /usr/include/StringList.h
7266 + /usr/include/TlsOptions.h
7267 +)
7268 +
7269 +openldap_filecount() {
7270 + local dir="$1"
7271 + find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
7272 +}
7273 +
7274 +openldap_find_versiontags() {
7275 + # scan for all datadirs
7276 + openldap_datadirs=""
7277 + if [ -f "${EROOT}"/etc/openldap/slapd.conf ]; then
7278 + openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${EROOT}/etc/openldap/slapd.conf)"
7279 + fi
7280 + openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
7281 +
7282 + einfo
7283 + einfo "Scanning datadir(s) from slapd.conf and"
7284 + einfo "the default installdir for Versiontags"
7285 + einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
7286 + einfo
7287 +
7288 + # scan datadirs if we have a version tag
7289 + openldap_found_tag=0
7290 + have_files=0
7291 + for each in ${openldap_datadirs}; do
7292 + CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
7293 + CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
7294 + if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
7295 + einfo "- Checking ${each}..."
7296 + if [ -r ${CURRENT_TAG} ] ; then
7297 + # yey, we have one :)
7298 + einfo " Found Versiontag in ${each}"
7299 + source ${CURRENT_TAG}
7300 + if [ "${OLDPF}" == "" ] ; then
7301 + eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
7302 + eerror "Please delete it"
7303 + eerror
7304 + die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
7305 + fi
7306 +
7307 + OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
7308 +
7309 + [ $(openldap_filecount ${CURRENT_TAGDIR}) -gt 0 ] && have_files=1
7310 +
7311 + # are we on the same branch?
7312 + if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
7313 + ewarn " Versiontag doesn't match current major release!"
7314 + if [[ "${have_files}" == "1" ]] ; then
7315 + eerror " Versiontag says other major and you (probably) have datafiles!"
7316 + echo
7317 + openldap_upgrade_howto
7318 + else
7319 + einfo " No real problem, seems there's no database."
7320 + fi
7321 + else
7322 + einfo " Versiontag is fine here :)"
7323 + fi
7324 + else
7325 + einfo " Non-tagged dir ${each}"
7326 + [ $(openldap_filecount ${each}) -gt 0 ] && have_files=1
7327 + if [[ "${have_files}" == "1" ]] ; then
7328 + einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
7329 + echo
7330 +
7331 + eerror
7332 + eerror "Your OpenLDAP Installation has a non tagged datadir that"
7333 + eerror "possibly contains a database at ${CURRENT_TAGDIR}"
7334 + eerror
7335 + eerror "Please export data if any entered and empty or remove"
7336 + eerror "the directory, installation has been stopped so you"
7337 + eerror "can take required action"
7338 + eerror
7339 + eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
7340 + eerror
7341 + openldap_upgrade_howto
7342 + die "Please move the datadir ${CURRENT_TAGDIR} away"
7343 + fi
7344 + fi
7345 + einfo
7346 + fi
7347 + done
7348 + [ "${have_files}" == "1" ] && einfo "DB files present" || einfo "No DB files present"
7349 +
7350 + # Now we must check for the major version of sys-libs/db linked against.
7351 + SLAPD_PATH=${EROOT}/usr/$(get_libdir)/openldap/slapd
7352 + if [ "${have_files}" == "1" -a -f "${SLAPD_PATH}" ]; then
7353 + OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
7354 + | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
7355 + if use berkdb; then
7356 + # find which one would be used
7357 + for bdb_slot in $BDB_SLOTS ; do
7358 + NEWVER="$(db_findver "=sys-libs/db-${bdb_slot}*")"
7359 + [[ -n "$NEWVER" ]] && break
7360 + done
7361 + fi
7362 + local fail=0
7363 + if [ -z "${OLDVER}" -a -z "${NEWVER}" ]; then
7364 + :
7365 + # Nothing wrong here.
7366 + elif [ -z "${OLDVER}" -a -n "${NEWVER}" ]; then
7367 + eerror " Your existing version of OpenLDAP was not built against"
7368 + eerror " any version of sys-libs/db, but the new one will build"
7369 + eerror " against ${NEWVER} and your database may be inaccessible."
7370 + echo
7371 + fail=1
7372 + elif [ -n "${OLDVER}" -a -z "${NEWVER}" ]; then
7373 + eerror " Your existing version of OpenLDAP was built against"
7374 + eerror " sys-libs/db:${OLDVER}, but the new one will not be"
7375 + eerror " built against any version and your database may be"
7376 + eerror " inaccessible."
7377 + echo
7378 + fail=1
7379 + elif [ "${OLDVER}" != "${NEWVER}" ]; then
7380 + eerror " Your existing version of OpenLDAP was built against"
7381 + eerror " sys-libs/db:${OLDVER}, but the new one will build against"
7382 + eerror " ${NEWVER} and your database would be inaccessible."
7383 + echo
7384 + fail=1
7385 + fi
7386 + [ "${fail}" == "1" ] && openldap_upgrade_howto
7387 + fi
7388 +
7389 + echo
7390 + einfo
7391 + einfo "All datadirs are fine, proceeding with merge now..."
7392 + einfo
7393 +}
7394 +
7395 +openldap_upgrade_howto() {
7396 + eerror
7397 + eerror "A (possible old) installation of OpenLDAP was detected,"
7398 + eerror "installation will not proceed for now."
7399 + eerror
7400 + eerror "As major version upgrades can corrupt your database,"
7401 + eerror "you need to dump your database and re-create it afterwards."
7402 + eerror
7403 + eerror "Additionally, rebuilding against different major versions of the"
7404 + eerror "sys-libs/db libraries will cause your database to be inaccessible."
7405 + eerror ""
7406 + d="$(date -u +%s)"
7407 + l="/root/ldapdump.${d}"
7408 + i="${l}.raw"
7409 + eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
7410 + eerror " 2. slapcat -l ${i}"
7411 + eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
7412 + eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
7413 + eerror " 5. emerge --update \=net-nds/${PF}"
7414 + eerror " 6. etc-update, and ensure that you apply the changes"
7415 + eerror " 7. slapadd -l ${l}"
7416 + eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
7417 + eerror " 9. /etc/init.d/slapd start"
7418 + eerror "10. check that your data is intact."
7419 + eerror "11. set up the new replication system."
7420 + eerror
7421 + if [ "${FORCE_UPGRADE}" != "1" ]; then
7422 + die "You need to upgrade your database first"
7423 + else
7424 + eerror "You have the magical FORCE_UPGRADE=1 in place."
7425 + eerror "Don't say you weren't warned about data loss."
7426 + fi
7427 +}
7428 +
7429 +pkg_setup() {
7430 + if ! use sasl && use cxx ; then
7431 + die "To build the ldapc++ library you must emerge openldap with sasl support"
7432 + fi
7433 + # Bug #322787
7434 + if use minimal && ! has_version "net-nds/openldap" ; then
7435 + einfo "No datadir scan needed, openldap not installed"
7436 + elif use minimal && has_version "net-nds/openldap" && built_with_use net-nds/openldap minimal ; then
7437 + einfo "Skipping scan for previous datadirs as requested by minimal useflag"
7438 + else
7439 + openldap_find_versiontags
7440 + fi
7441 +
7442 + # The user/group are only used for running daemons which are
7443 + # disabled in minimal builds, so elide the accounts too.
7444 + if ! use minimal ; then
7445 + enewgroup ldap 439
7446 + enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
7447 + fi
7448 +}
7449 +
7450 +src_prepare() {
7451 + # ensure correct SLAPI path by default
7452 + sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \
7453 + "${S}"/include/ldap_defaults.h
7454 +
7455 + epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
7456 +
7457 + epatch \
7458 + "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \
7459 + "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
7460 +
7461 + # bug #116045 - still present in 2.4.28
7462 + epatch "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
7463 + # bug #408077 - samba4
7464 + epatch "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
7465 +
7466 + # bug #189817
7467 + epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
7468 +
7469 + # bug #233633
7470 + epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch
7471 +
7472 + # bug #281495
7473 + epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
7474 +
7475 + # bug #294350
7476 + epatch "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
7477 +
7478 + # unbreak /bin/sh -> dash
7479 + epatch "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
7480 +
7481 + # bug #420959
7482 + epatch "${FILESDIR}"/${PN}-2.4.31-gcc47.patch
7483 +
7484 + # unbundle lmdb
7485 + epatch "${FILESDIR}"/${PN}-2.4.42-mdb-unbundle.patch
7486 + rm -rf "${S}"/libraries/liblmdb
7487 +
7488 + cd "${S}"/build || die
7489 + einfo "Making sure upstream build strip does not do stripping too early"
7490 + sed -i.orig \
7491 + -e '/^STRIP/s,-s,,g' \
7492 + top.mk || die "Failed to block stripping"
7493 +
7494 + # wrong assumption that /bin/sh is /bin/bash
7495 + sed -i \
7496 + -e 's|/bin/sh|/bin/bash|g' \
7497 + "${S}"/tests/scripts/* || die "sed failed"
7498 +
7499 + cd "${S}" || die
7500 +
7501 + AT_NOEAUTOMAKE=yes eautoreconf
7502 +}
7503 +
7504 +build_contrib_module() {
7505 + # <dir> <sources> <outputname>
7506 + cd "${S}/contrib/slapd-modules/$1" || die
7507 + einfo "Compiling contrib-module: $3"
7508 + # Make sure it's uppercase
7509 + local define_name="$(echo "SLAPD_OVER_${1}" | LC_ALL=C tr '[:lower:]' '[:upper:]')"
7510 + "${lt}" --mode=compile --tag=CC \
7511 + "${CC}" \
7512 + -D${define_name}=SLAPD_MOD_DYNAMIC \
7513 + -I"${BUILD_DIR}"/include \
7514 + -I../../../include -I../../../servers/slapd ${CFLAGS} \
7515 + -o ${2%.c}.lo -c $2 || die "compiling $3 failed"
7516 + einfo "Linking contrib-module: $3"
7517 + "${lt}" --mode=link --tag=CC \
7518 + "${CC}" -module \
7519 + ${CFLAGS} \
7520 + ${LDFLAGS} \
7521 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
7522 + -o $3.la ${2%.c}.lo || die "linking $3 failed"
7523 +}
7524 +
7525 +src_configure() {
7526 + # Bug 408001
7527 + use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync
7528 +
7529 + # connectionless ldap per bug #342439
7530 + append-cppflags -DLDAP_CONNECTIONLESS
7531 +
7532 + multilib-minimal_src_configure
7533 +}
7534 +
7535 +multilib_src_configure() {
7536 + local myconf=()
7537 +
7538 + use debug && myconf+=( $(use_enable debug) )
7539 +
7540 + # ICU usage is not configurable
7541 + export ac_cv_header_unicode_utypes_h="$(multilib_is_native_abi && use icu && echo yes || echo no)"
7542 +
7543 + if ! use minimal && multilib_is_native_abi; then
7544 + local CPPFLAGS=${CPPFLAGS}
7545 +
7546 + # re-enable serverside overlay chains per bug #296567
7547 + # see ldap docs chaper 12.3.1 for details
7548 + myconf+=( --enable-ldap )
7549 +
7550 + # backends
7551 + myconf+=( --enable-slapd )
7552 + if use berkdb ; then
7553 + einfo "Using Berkeley DB for local backend"
7554 + myconf+=( --enable-bdb --enable-hdb )
7555 + DBINCLUDE=$(db_includedir $BDB_SLOTS)
7556 + einfo "Using $DBINCLUDE for sys-libs/db version"
7557 + # We need to include the slotted db.h dir for FreeBSD
7558 + append-cppflags -I${DBINCLUDE}
7559 + else
7560 + myconf+=( --disable-bdb --disable-hdb )
7561 + fi
7562 + for backend in dnssrv ldap mdb meta monitor null passwd relay shell sock; do
7563 + myconf+=( --enable-${backend}=mod )
7564 + done
7565 +
7566 + myconf+=( $(use_enable perl perl mod) )
7567 +
7568 + myconf+=( $(use_enable odbc sql mod) )
7569 + if use odbc ; then
7570 + local odbc_lib="unixodbc"
7571 + if use iodbc ; then
7572 + odbc_lib="iodbc"
7573 + append-cppflags -I"${EPREFIX}"/usr/include/iodbc
7574 + fi
7575 + myconf+=( --with-odbc=${odbc_lib} )
7576 + fi
7577 +
7578 + # slapd options
7579 + myconf+=(
7580 + $(use_enable crypt)
7581 + $(use_enable slp)
7582 + $(use_enable samba lmpasswd)
7583 + $(use_enable syslog)
7584 + )
7585 + if use experimental ; then
7586 + myconf+=(
7587 + --enable-dynacl
7588 + --enable-aci=mod
7589 + )
7590 + fi
7591 + for option in aci cleartext modules rewrite rlookups slapi; do
7592 + myconf+=( --enable-${option} )
7593 + done
7594 +
7595 + # slapd overlay options
7596 + # Compile-in the syncprov, the others as module
7597 + myconf+=( --enable-syncprov=yes )
7598 + use overlays && myconf+=( --enable-overlays=mod )
7599 +
7600 + else
7601 + myconf+=(
7602 + --disable-backends
7603 + --disable-slapd
7604 + --disable-bdb
7605 + --disable-hdb
7606 + --disable-mdb
7607 + --disable-overlays
7608 + --disable-syslog
7609 + )
7610 + fi
7611 +
7612 + # basic functionality stuff
7613 + myconf+=(
7614 + $(use_enable ipv6)
7615 + $(multilib_native_use_with sasl cyrus-sasl)
7616 + $(multilib_native_use_enable sasl spasswd)
7617 + $(use_enable tcpd wrappers)
7618 + )
7619 +
7620 + # Some cross-compiling tests don't pan out well.
7621 + tc-is-cross-compiler && myconf+=(
7622 + --with-yielding-select=yes
7623 + )
7624 +
7625 + local ssl_lib="no"
7626 + if use ssl || ( ! use minimal && use samba ) ; then
7627 + ssl_lib="openssl"
7628 + use gnutls && ssl_lib="gnutls"
7629 + fi
7630 +
7631 + myconf+=( --with-tls=${ssl_lib} )
7632 +
7633 + for basicflag in dynamic local proctitle shared; do
7634 + myconf+=( --enable-${basicflag} )
7635 + done
7636 +
7637 + tc-export AR CC CXX
7638 + ECONF_SOURCE=${S} \
7639 + STRIP=/bin/true \
7640 + econf \
7641 + --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
7642 + $(use_enable static-libs static) \
7643 + "${myconf[@]}"
7644 + emake depend
7645 +}
7646 +
7647 +src_configure_cxx() {
7648 + # This needs the libraries built by the first build run.
7649 + # So we have to run it AFTER the main build, not just after the main
7650 + # configure.
7651 + local myconf_ldapcpp=(
7652 + --with-ldap-includes="${S}"/include
7653 + )
7654 +
7655 + mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die
7656 + cd "${BUILD_DIR}/contrib/ldapc++" || die
7657 +
7658 + local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS}
7659 + append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
7660 + -L"${BUILD_DIR}"/libraries/libldap/.libs
7661 + append-cppflags -I"${BUILD_DIR}"/include
7662 + ECONF_SOURCE=${S}/contrib/ldapc++ \
7663 + econf "${myconf_ldapcpp[@]}" \
7664 + CC="${CC}" \
7665 + CXX="${CXX}"
7666 +}
7667 +
7668 +multilib_src_compile() {
7669 + tc-export AR CC CXX
7670 + emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash
7671 + local lt="${BUILD_DIR}/libtool"
7672 + export echo="echo"
7673 +
7674 + if ! use minimal && multilib_is_native_abi ; then
7675 + if use cxx ; then
7676 + einfo "Building contrib library: ldapc++"
7677 + src_configure_cxx
7678 + cd "${BUILD_DIR}/contrib/ldapc++" || die
7679 + emake \
7680 + CC="${CC}" CXX="${CXX}"
7681 + fi
7682 +
7683 + if use smbkrb5passwd ; then
7684 + einfo "Building contrib-module: smbk5pwd"
7685 + cd "${S}/contrib/slapd-modules/smbk5pwd" || die
7686 +
7687 + MY_DEFS="-DDO_SHADOW"
7688 + if use samba ; then
7689 + MY_DEFS="${MY_DEFS} -DDO_SAMBA"
7690 + MY_KRB5_INC=""
7691 + fi
7692 + if use kerberos ; then
7693 + MY_DEFS="${MY_DEFS} -DDO_KRB5"
7694 + MY_KRB5_INC="$(krb5-config --cflags)"
7695 + fi
7696 +
7697 + emake \
7698 + DEFS="${MY_DEFS}" \
7699 + KRB5_INC="${MY_KRB5_INC}" \
7700 + LDAP_BUILD="${BUILD_DIR}" \
7701 + CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
7702 + fi
7703 +
7704 + if use overlays ; then
7705 + einfo "Building contrib-module: samba4"
7706 + cd "${S}/contrib/slapd-modules/samba4" || die
7707 +
7708 + emake \
7709 + LDAP_BUILD="${BUILD_DIR}" \
7710 + CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap"
7711 + fi
7712 +
7713 + if use kerberos ; then
7714 + build_contrib_module "kinit" "kinit.c" "kinit"
7715 + cd "${S}/contrib/slapd-modules/passwd" || die
7716 + einfo "Compiling contrib-module: pw-kerberos"
7717 + "${lt}" --mode=compile --tag=CC \
7718 + "${CC}" \
7719 + -I"${BUILD_DIR}"/include \
7720 + -I../../../include \
7721 + ${CFLAGS} \
7722 + $(krb5-config --cflags) \
7723 + -DHAVE_KRB5 \
7724 + -o kerberos.lo \
7725 + -c kerberos.c || die "compiling pw-kerberos failed"
7726 + einfo "Linking contrib-module: pw-kerberos"
7727 + "${lt}" --mode=link --tag=CC \
7728 + "${CC}" -module \
7729 + ${CFLAGS} \
7730 + ${LDFLAGS} \
7731 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
7732 + -o pw-kerberos.la \
7733 + kerberos.lo || die "linking pw-kerberos failed"
7734 + fi
7735 + # We could build pw-radius if GNURadius would install radlib.h
7736 + cd "${S}/contrib/slapd-modules/passwd" || die
7737 + einfo "Compiling contrib-module: pw-netscape"
7738 + "${lt}" --mode=compile --tag=CC \
7739 + "${CC}" \
7740 + -I"${BUILD_DIR}"/include \
7741 + -I../../../include \
7742 + ${CFLAGS} \
7743 + -o netscape.lo \
7744 + -c netscape.c || die "compiling pw-netscape failed"
7745 + einfo "Linking contrib-module: pw-netscape"
7746 + "${lt}" --mode=link --tag=CC \
7747 + "${CC}" -module \
7748 + ${CFLAGS} \
7749 + ${LDFLAGS} \
7750 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
7751 + -o pw-netscape.la \
7752 + netscape.lo || die "linking pw-netscape failed"
7753 +
7754 + #build_contrib_module "acl" "posixgroup.c" "posixGroup" # example code only
7755 + #build_contrib_module "acl" "gssacl.c" "gss" # example code only, also needs kerberos
7756 + build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
7757 + build_contrib_module "allop" "allop.c" "overlay-allop"
7758 + build_contrib_module "allowed" "allowed.c" "allowed"
7759 + build_contrib_module "autogroup" "autogroup.c" "autogroup"
7760 + build_contrib_module "cloak" "cloak.c" "cloak"
7761 + # build_contrib_module "comp_match" "comp_match.c" "comp_match" # really complex, adds new external deps, questionable demand
7762 + build_contrib_module "denyop" "denyop.c" "denyop-overlay"
7763 + build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
7764 + build_contrib_module "dupent" "dupent.c" "dupent"
7765 + build_contrib_module "lastbind" "lastbind.c" "lastbind"
7766 + # lastmod may not play well with other overlays
7767 + build_contrib_module "lastmod" "lastmod.c" "lastmod"
7768 + build_contrib_module "noopsrch" "noopsrch.c" "noopsrch"
7769 + build_contrib_module "nops" "nops.c" "nops-overlay"
7770 + #build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER
7771 + build_contrib_module "trace" "trace.c" "trace"
7772 + # build slapi-plugins
7773 + cd "${S}/contrib/slapi-plugins/addrdnvalues" || die
7774 + einfo "Building contrib-module: addrdnvalues plugin"
7775 + "${CC}" -shared \
7776 + -I"${BUILD_DIR}"/include \
7777 + -I../../../include \
7778 + ${CFLAGS} \
7779 + -fPIC \
7780 + ${LDFLAGS} \
7781 + -o libaddrdnvalues-plugin.so \
7782 + addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
7783 +
7784 + fi
7785 +}
7786 +
7787 +multilib_src_test() {
7788 + if multilib_is_native_abi; then
7789 + cd tests || die
7790 + emake tests || die "make tests failed"
7791 + fi
7792 +}
7793 +
7794 +multilib_src_install() {
7795 + local lt="${BUILD_DIR}/libtool"
7796 + emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install
7797 + use static-libs || prune_libtool_files --all
7798 +
7799 + if ! use minimal && multilib_is_native_abi; then
7800 + # openldap modules go here
7801 + # TODO: write some code to populate slapd.conf with moduleload statements
7802 + keepdir /usr/$(get_libdir)/openldap/openldap/
7803 +
7804 + # initial data storage dir
7805 + keepdir /var/lib/openldap-data
7806 + use prefix || fowners ldap:ldap /var/lib/openldap-data
7807 + fperms 0700 /var/lib/openldap-data
7808 +
7809 + echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
7810 + echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
7811 + echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
7812 +
7813 + # use our config
7814 + rm "${ED}"etc/openldap/slapd.conf
7815 + insinto /etc/openldap
7816 + newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf
7817 + configfile="${ED}"etc/openldap/slapd.conf
7818 +
7819 + # populate with built backends
7820 + ebegin "populate config with built backends"
7821 + for x in "${ED}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
7822 + einfo "Adding $(basename ${x})"
7823 + sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
7824 + done
7825 + sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
7826 + use prefix || fowners root:ldap /etc/openldap/slapd.conf
7827 + fperms 0640 /etc/openldap/slapd.conf
7828 + cp "${configfile}" "${configfile}".default
7829 + eend
7830 +
7831 + # install our own init scripts and systemd unit files
7832 + einfo "Install init scripts"
7833 + newinitd "${FILESDIR}"/slapd-initd-2.4.40-r2 slapd
7834 + newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd
7835 + einfo "Install systemd service"
7836 + systemd_dounit "${FILESDIR}"/slapd.service
7837 + systemd_install_serviced "${FILESDIR}"/slapd.service.conf
7838 + systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf
7839 +
7840 + if [[ $(get_libdir) != lib ]]; then
7841 + sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i \
7842 + "${ED}"/etc/init.d/slapd \
7843 + "${ED}"/usr/lib/systemd/system/slapd.service || die
7844 + fi
7845 + # If built without SLP, we don't need to be before avahi
7846 + use slp \
7847 + || sed -i \
7848 + -e '/before/{s/avahi-daemon//g}' \
7849 + "${ED}"etc/init.d/slapd
7850 +
7851 + if use cxx ; then
7852 + einfo "Install the ldapc++ library"
7853 + cd "${BUILD_DIR}/contrib/ldapc++" || die
7854 + emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
7855 + cd "${S}"/contrib/ldapc++ || die
7856 + newdoc README ldapc++-README
7857 + fi
7858 +
7859 + if use smbkrb5passwd ; then
7860 + einfo "Install the smbk5pwd module"
7861 + cd "${S}/contrib/slapd-modules/smbk5pwd" || die
7862 + emake DESTDIR="${D}" \
7863 + LDAP_BUILD="${BUILD_DIR}" \
7864 + libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
7865 + newdoc README smbk5pwd-README
7866 + fi
7867 +
7868 + if use overlays ; then
7869 + einfo "Install the samba4 module"
7870 + cd "${S}/contrib/slapd-modules/samba4" || die
7871 + emake DESTDIR="${D}" \
7872 + LDAP_BUILD="${BUILD_DIR}" \
7873 + libexecdir="/usr/$(get_libdir)/openldap" install
7874 + newdoc README samba4-README
7875 + fi
7876 +
7877 + einfo "Installing contrib modules"
7878 + cd "${S}/contrib/slapd-modules" || die
7879 + for l in */*.la; do
7880 + "${lt}" --mode=install cp ${l} \
7881 + "${ED}"usr/$(get_libdir)/openldap/openldap || \
7882 + die "installing ${l} failed"
7883 + done
7884 +
7885 + dodoc "${FILESDIR}"/DB_CONFIG.fast.example
7886 + docinto contrib
7887 + doman */*.5
7888 + #newdoc acl/README*
7889 + newdoc addpartial/README addpartial-README
7890 + newdoc allop/README allop-README
7891 + newdoc allowed/README allowed-README
7892 + newdoc autogroup/README autogroup-README
7893 + newdoc dsaschema/README dsaschema-README
7894 + newdoc passwd/README passwd-README
7895 + cd "${S}/contrib/slapi-plugins" || die
7896 + insinto /usr/$(get_libdir)/openldap/openldap
7897 + doins */*.so
7898 + docinto contrib
7899 + newdoc addrdnvalues/README addrdnvalues-README
7900 +
7901 + insinto /etc/openldap/schema
7902 + newins "${DISTDIR}"/${BIS_P} ${BIS_PN}
7903 +
7904 + docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample*
7905 + docinto back-shell ; dodoc "${S}"/servers/slapd/back-shell/searchexample*
7906 + docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm
7907 +
7908 + dosbin "${S}"/contrib/slapd-tools/statslog
7909 + newdoc "${S}"/contrib/slapd-tools/README README.statslog
7910 + fi
7911 +}
7912 +
7913 +multilib_src_install_all() {
7914 + dodoc ANNOUNCEMENT CHANGES COPYRIGHT README
7915 + docinto rfc ; dodoc doc/rfc/*.txt
7916 +}
7917 +
7918 +pkg_preinst() {
7919 + # keep old libs if any
7920 + preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0)
7921 + # bug 440470, only display the getting started help there was no openldap before,
7922 + # or we are going to a non-minimal build
7923 + ! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]'
7924 + OPENLDAP_PRINT_MESSAGES=$((! $?))
7925 +}
7926 +
7927 +pkg_postinst() {
7928 + if ! use minimal ; then
7929 + # You cannot build SSL certificates during src_install that will make
7930 + # binary packages containing your SSL key, which is both a security risk
7931 + # and a misconfiguration if multiple machines use the same key and cert.
7932 + if use ssl; then
7933 + install_cert /etc/openldap/ssl/ldap
7934 + use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.*
7935 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
7936 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
7937 + ewarn "add 'TLS_REQCERT allow' if you want to use them."
7938 + fi
7939 +
7940 + if use prefix; then
7941 + # Warn about prefix issues with slapd
7942 + eerror "slapd might NOT be usable on Prefix systems as it requires root privileges"
7943 + eerror "to start up, and requires that certain files directories be owned by"
7944 + eerror "ldap:ldap. As Prefix does not support changing ownership of files and"
7945 + eerror "directories, you will have to manually fix this yourself."
7946 + fi
7947 +
7948 + # These lines force the permissions of various content to be correct
7949 + use prefix || chown ldap:ldap "${EROOT}"var/run/openldap
7950 + chmod 0755 "${EROOT}"var/run/openldap
7951 + use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default}
7952 + chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default}
7953 + use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data
7954 + fi
7955 +
7956 + if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then
7957 + elog "Getting started using OpenLDAP? There is some documentation available:"
7958 + elog "Gentoo Guide to OpenLDAP Authentication"
7959 + elog "(https://www.gentoo.org/doc/en/ldap-howto.xml)"
7960 + elog "---"
7961 + elog "An example file for tuning BDB backends with openldap is"
7962 + elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
7963 + fi
7964 +
7965 + preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0)
7966 +}
Report Message
Find on MARC Find on Google Groups