Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Mikle Kolyada <zlogene@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: net-nds/openldap/
Date: Wed, 12 Feb 2020 16:38:32
Message-Id: 1581525503.79afa36ff4994a224a4750bac21e31c718282e0d.zlogene@gentoo
1 commit: 79afa36ff4994a224a4750bac21e31c718282e0d
2 Author: Mikle Kolyada <zlogene <AT> gentoo <DOT> org>
3 AuthorDate: Wed Feb 12 16:24:56 2020 +0000
4 Commit: Mikle Kolyada <zlogene <AT> gentoo <DOT> org>
5 CommitDate: Wed Feb 12 16:38:23 2020 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=79afa36f
7
8 net-nds/openldap: Version bump (v2.4.49)
9
10 Package-Manager: Portage-2.3.84, Repoman-2.3.20
11 Signed-off-by: Mikle Kolyada <zlogene <AT> gentoo.org>
12
13 net-nds/openldap/Manifest | 1 +
14 net-nds/openldap/openldap-2.4.49.ebuild | 901 ++++++++++++++++++++++++++++++++
15 2 files changed, 902 insertions(+)
16
17 diff --git a/net-nds/openldap/Manifest b/net-nds/openldap/Manifest
18 index 0aba7c48052..ed0cf9a5574 100644
19 --- a/net-nds/openldap/Manifest
20 +++ b/net-nds/openldap/Manifest
21 @@ -1,3 +1,4 @@
22 DIST openldap-2.4.45.tgz 5672845 BLAKE2B e1f97553482a2e8630b62bc0f439af2484f1a2349a1a077382a124354424fe510ab55f32c073565b142d0c9318870fe31a2652268ebabd97d3afd8c833bc7aab SHA512 1c9fc84efed8998f107ce6e1c6be3f5466388241afdca0cb3847720c9def0bc263a2dbc15bf0f9112d1b4c391fd01e8531a4fb08c5532c30fb86924c08daedab
23 DIST openldap-2.4.48.tgz 5704883 BLAKE2B ef856ff0b22c9187e68e9c09583a176fe4c2ee1f5bfe6b169f03bc0058294170ec4d1aa1b164e28eecd2ef6bafab539c1b942b0bd74e93852205beeaff39aeef SHA512 cf694a415be0bd55cc7f606099da2ed461748efd276561944cd29d7f5a8252a9be799d8778fac2d4fa9f382731eb4ca48c6b85630cb58a3b8249843561ae8feb
24 +DIST openldap-2.4.49.tgz 5704723 BLAKE2B ee777588d758f6704b0d38b90feb85b27e2307510a05d1d147324e9958a6f6fc5bc7dd521a1462971c3f707429ad38fab734f508d71fd88b447770e112e844a2 SHA512 99d1943d126b06e62865e31e5825fcff2cb15415f7f85ae4962fa0e7425bc3b58db5b9639150d7b09e3642c80257724c745e47c25ab4fcb1bba0ba771011dd49
25 DIST rfc2307bis.schema-20140524 12262 BLAKE2B 98031f49e9bde1e4821e637af3382364d8344ed7017649686a088070d96a632dffa6c661552352656b1b159c0fd962965580069a64c7f3d5bb6a3ed75f60fd99 SHA512 83b89a1deeefc8566b97e7e865b9b6d04541099cbdf719e24538a7d27d61b6209e87ab9003a9f140bd9afd018ec569e71721e3a24090e1902c8b6659d2ba103e
26
27 diff --git a/net-nds/openldap/openldap-2.4.49.ebuild b/net-nds/openldap/openldap-2.4.49.ebuild
28 new file mode 100644
29 index 00000000000..d7df0d817e0
30 --- /dev/null
31 +++ b/net-nds/openldap/openldap-2.4.49.ebuild
32 @@ -0,0 +1,901 @@
33 +# Copyright 1999-2020 Gentoo Authors
34 +# Distributed under the terms of the GNU General Public License v2
35 +
36 +EAPI=7
37 +
38 +inherit autotools db-use flag-o-matic multilib-minimal ssl-cert toolchain-funcs user systemd
39 +
40 +BIS_PN=rfc2307bis.schema
41 +BIS_PV=20140524
42 +BIS_P="${BIS_PN}-${BIS_PV}"
43 +
44 +DESCRIPTION="LDAP suite of application and development tools"
45 +HOMEPAGE="http://www.OpenLDAP.org/"
46 +
47 +# mirrors are mostly not working, using canonical URI
48 +SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz
49 + mirror://gentoo/${BIS_P}"
50 +
51 +LICENSE="OPENLDAP GPL-2"
52 +SLOT="0"
53 +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-linux ~x86-linux ~x86-solaris"
54 +
55 +IUSE_DAEMON="crypt samba tcpd experimental minimal"
56 +IUSE_BACKEND="+berkdb"
57 +IUSE_OVERLAY="overlays perl"
58 +IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 libressl +syslog selinux static-libs test"
59 +IUSE_CONTRIB="smbkrb5passwd kerberos kinit pbkdf2 sha2"
60 +IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
61 +IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
62 +
63 +RESTRICT="!test? ( test )"
64 +REQUIRED_USE="cxx? ( sasl )
65 + pbkdf2? ( ssl )
66 + test? ( berkdb )
67 + ?? ( test minimal )"
68 +
69 +# always list newer first
70 +# Do not add any AGPL-3 BDB here!
71 +# See bug 525110, comment 15.
72 +# Advanced usage: OPENLDAP_BDB_SLOTS in the environment can be used to force a slot during build.
73 +BDB_SLOTS="${OPENLDAP_BDB_SLOTS:=5.3 5.1 4.8 4.7 4.6 4.5 4.4}"
74 +BDB_PKGS=''
75 +for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done
76 +
77 +# openssl is needed to generate lanman-passwords required by samba
78 +COMMON_DEPEND="
79 + ssl? (
80 + !gnutls? (
81 + !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] )
82 + libressl? ( dev-libs/libressl:0=[${MULTILIB_USEDEP}] )
83 + )
84 + gnutls? (
85 + >=net-libs/gnutls-2.12.23-r6:=[${MULTILIB_USEDEP}]
86 + >=dev-libs/libgcrypt-1.5.3:0=[${MULTILIB_USEDEP}]
87 + )
88 + )
89 + sasl? ( dev-libs/cyrus-sasl:= )
90 + !minimal? (
91 + sys-devel/libtool
92 + sys-libs/e2fsprogs-libs
93 + >=dev-db/lmdb-0.9.18:=
94 + tcpd? ( sys-apps/tcp-wrappers )
95 + odbc? ( !iodbc? ( dev-db/unixODBC )
96 + iodbc? ( dev-db/libiodbc ) )
97 + perl? ( dev-lang/perl:=[-build(-)] )
98 + samba? (
99 + !libressl? ( dev-libs/openssl:0= )
100 + libressl? ( dev-libs/libressl:0= )
101 + )
102 + berkdb? (
103 + <sys-libs/db-6.0:=
104 + || ( ${BDB_PKGS} )
105 + )
106 + smbkrb5passwd? (
107 + !libressl? ( dev-libs/openssl:0= )
108 + libressl? ( dev-libs/libressl:0= )
109 + kerberos? ( app-crypt/heimdal )
110 + )
111 + kerberos? (
112 + virtual/krb5
113 + kinit? ( !app-crypt/heimdal )
114 + )
115 + cxx? ( dev-libs/cyrus-sasl:= )
116 + )
117 +"
118 +DEPEND="${COMMON_DEPEND}
119 + sys-apps/groff
120 +"
121 +RDEPEND="${COMMON_DEPEND}
122 + selinux? ( sec-policy/selinux-ldap )
123 +"
124 +# for tracking versions
125 +OPENLDAP_VERSIONTAG=".version-tag"
126 +OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
127 +
128 +MULTILIB_WRAPPED_HEADERS=(
129 + # USE=cxx
130 + /usr/include/LDAPAsynConnection.h
131 + /usr/include/LDAPAttrType.h
132 + /usr/include/LDAPAttribute.h
133 + /usr/include/LDAPAttributeList.h
134 + /usr/include/LDAPConnection.h
135 + /usr/include/LDAPConstraints.h
136 + /usr/include/LDAPControl.h
137 + /usr/include/LDAPControlSet.h
138 + /usr/include/LDAPEntry.h
139 + /usr/include/LDAPEntryList.h
140 + /usr/include/LDAPException.h
141 + /usr/include/LDAPExtResult.h
142 + /usr/include/LDAPMessage.h
143 + /usr/include/LDAPMessageQueue.h
144 + /usr/include/LDAPModList.h
145 + /usr/include/LDAPModification.h
146 + /usr/include/LDAPObjClass.h
147 + /usr/include/LDAPRebind.h
148 + /usr/include/LDAPRebindAuth.h
149 + /usr/include/LDAPReferenceList.h
150 + /usr/include/LDAPResult.h
151 + /usr/include/LDAPSaslBindResult.h
152 + /usr/include/LDAPSchema.h
153 + /usr/include/LDAPSearchReference.h
154 + /usr/include/LDAPSearchResult.h
155 + /usr/include/LDAPSearchResults.h
156 + /usr/include/LDAPUrl.h
157 + /usr/include/LDAPUrlList.h
158 + /usr/include/LdifReader.h
159 + /usr/include/LdifWriter.h
160 + /usr/include/SaslInteraction.h
161 + /usr/include/SaslInteractionHandler.h
162 + /usr/include/StringList.h
163 + /usr/include/TlsOptions.h
164 +)
165 +
166 +PATCHES=(
167 + "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
168 +
169 + "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch
170 + "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
171 +
172 + # bug #116045 - still present in 2.4.28
173 + "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
174 + # bug #408077 - samba4
175 + "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
176 +
177 + # bug #189817
178 + "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
179 +
180 + # bug #233633
181 + "${FILESDIR}"/${PN}-2.4.45-fix-lmpasswd-gnutls-symbols.patch
182 +
183 + # bug #281495
184 + "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
185 +
186 + # bug #294350
187 + "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
188 +
189 + # unbreak /bin/sh -> dash
190 + "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
191 +
192 + # bug #420959
193 + "${FILESDIR}"/${PN}-2.4.31-gcc47.patch
194 +
195 + # unbundle lmdb
196 + "${FILESDIR}"/${PN}-2.4.42-mdb-unbundle.patch
197 +
198 + # bug #622464
199 + "${FILESDIR}"/${PN}-2.4.47-libressl.patch
200 +
201 + # fix some compiler warnings
202 + "${FILESDIR}"/${PN}-2.4.47-warnings.patch
203 +)
204 +
205 +openldap_filecount() {
206 + local dir="$1"
207 + find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
208 +}
209 +
210 +openldap_find_versiontags() {
211 + # scan for all datadirs
212 + local openldap_datadirs=()
213 + if [[ -f "${EROOT}"/etc/openldap/slapd.conf ]]; then
214 + openldap_datadirs=( $(awk '{if($1 == "directory") print $2 }' "${EROOT}"/etc/openldap/slapd.conf) )
215 + fi
216 + openldap_datadirs+=( ${OPENLDAP_DEFAULTDIR_VERSIONTAG} )
217 +
218 + einfo
219 + einfo "Scanning datadir(s) from slapd.conf and"
220 + einfo "the default installdir for Versiontags"
221 + einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
222 + einfo
223 +
224 + # scan datadirs if we have a version tag
225 + openldap_found_tag=0
226 + have_files=0
227 + for each in ${openldap_datadirs[@]} ; do
228 + CURRENT_TAGDIR="${ROOT}$(sed "s:\/::" <<< ${each})"
229 + CURRENT_TAG="${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}"
230 + if [[ -d "${CURRENT_TAGDIR}" ]] && [[ "${openldap_found_tag}" == 0 ]] ; then
231 + einfo "- Checking ${each}..."
232 + if [[ -r "${CURRENT_TAG}" ]] ; then
233 + # yey, we have one :)
234 + einfo " Found Versiontag in ${each}"
235 + source "${CURRENT_TAG}"
236 + if [[ "${OLDPF}" == "" ]] ; then
237 + eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
238 + eerror "Please delete it"
239 + eerror
240 + die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
241 + fi
242 +
243 + OLD_MAJOR=$(ver_cut 2-3 ${OLDPF})
244 +
245 + [[ "$(openldap_filecount ${CURRENT_TAGDIR})" -gt 0 ]] && have_files=1
246 +
247 + # are we on the same branch?
248 + if [[ "${OLD_MAJOR}" != "${PV:0:3}" ]] ; then
249 + ewarn " Versiontag doesn't match current major release!"
250 + if [[ "${have_files}" == "1" ]] ; then
251 + eerror " Versiontag says other major and you (probably) have datafiles!"
252 + echo
253 + openldap_upgrade_howto
254 + else
255 + einfo " No real problem, seems there's no database."
256 + fi
257 + else
258 + einfo " Versiontag is fine here :)"
259 + fi
260 + else
261 + einfo " Non-tagged dir ${each}"
262 + [[ "$(openldap_filecount ${each})" -gt 0 ]] && have_files=1
263 + if [[ "${have_files}" == "1" ]] ; then
264 + einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
265 + echo
266 +
267 + eerror
268 + eerror "Your OpenLDAP Installation has a non tagged datadir that"
269 + eerror "possibly contains a database at ${CURRENT_TAGDIR}"
270 + eerror
271 + eerror "Please export data if any entered and empty or remove"
272 + eerror "the directory, installation has been stopped so you"
273 + eerror "can take required action"
274 + eerror
275 + eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
276 + eerror
277 + openldap_upgrade_howto
278 + die "Please move the datadir ${CURRENT_TAGDIR} away"
279 + fi
280 + fi
281 + einfo
282 + fi
283 + done
284 + [[ "${have_files}" == "1" ]] && einfo "DB files present" || einfo "No DB files present"
285 +
286 + # Now we must check for the major version of sys-libs/db linked against.
287 + SLAPD_PATH="${EROOT}/usr/$(get_libdir)/openldap/slapd"
288 + if [[ "${have_files}" == "1" ]] && [[ -f "${SLAPD_PATH}" ]]; then
289 + OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
290 + | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
291 + if use berkdb; then
292 + # find which one would be used
293 + for bdb_slot in ${BDB_SLOTS} ; do
294 + NEWVER="$(db_findver "=sys-libs/db-${bdb_slot}*")"
295 + [[ -n "${NEWVER}" ]] && break
296 + done
297 + fi
298 + local fail=0
299 + if [[ -z "${OLDVER}" ]] && [[ -z "${NEWVER}" ]]; then
300 + :
301 + # Nothing wrong here.
302 + elif [[ -z "${OLDVER}" ]] && [[ -n "${NEWVER}" ]]; then
303 + eerror " Your existing version of OpenLDAP was not built against"
304 + eerror " any version of sys-libs/db, but the new one will build"
305 + eerror " against ${NEWVER} and your database may be inaccessible."
306 + echo
307 + fail=1
308 + elif [[ -n "${OLDVER}" ]] && [[ -z "${NEWVER}" ]]; then
309 + eerror " Your existing version of OpenLDAP was built against"
310 + eerror " sys-libs/db:${OLDVER}, but the new one will not be"
311 + eerror " built against any version and your database may be"
312 + eerror " inaccessible."
313 + echo
314 + fail=1
315 + elif [[ "${OLDVER}" != "${NEWVER}" ]]; then
316 + eerror " Your existing version of OpenLDAP was built against"
317 + eerror " sys-libs/db:${OLDVER}, but the new one will build against"
318 + eerror " ${NEWVER} and your database would be inaccessible."
319 + echo
320 + fail=1
321 + fi
322 + [[ "${fail}" == "1" ]] && openldap_upgrade_howto
323 + fi
324 +
325 + echo
326 + einfo
327 + einfo "All datadirs are fine, proceeding with merge now..."
328 + einfo
329 +}
330 +
331 +openldap_upgrade_howto() {
332 + local d l i
333 + eerror
334 + eerror "A (possible old) installation of OpenLDAP was detected,"
335 + eerror "installation will not proceed for now."
336 + eerror
337 + eerror "As major version upgrades can corrupt your database,"
338 + eerror "you need to dump your database and re-create it afterwards."
339 + eerror
340 + eerror "Additionally, rebuilding against different major versions of the"
341 + eerror "sys-libs/db libraries will cause your database to be inaccessible."
342 + eerror ""
343 + d="$(date -u +%s)"
344 + l="/root/ldapdump.${d}"
345 + i="${l}.raw"
346 + eerror " 1. /etc/init.d/slapd stop"
347 + eerror " 2. slapcat -l ${i}"
348 + eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
349 + eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
350 + eerror " 5. emerge --update \=net-nds/${PF}"
351 + eerror " 6. etc-update, and ensure that you apply the changes"
352 + eerror " 7. slapadd -l ${l}"
353 + eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
354 + eerror " 9. /etc/init.d/slapd start"
355 + eerror "10. check that your data is intact."
356 + eerror "11. set up the new replication system."
357 + eerror
358 + if [[ "${FORCE_UPGRADE}" != "1" ]]; then
359 + die "You need to upgrade your database first"
360 + else
361 + eerror "You have the magical FORCE_UPGRADE=1 in place."
362 + eerror "Don't say you weren't warned about data loss."
363 + fi
364 +}
365 +
366 +pkg_setup() {
367 + if ! use sasl && use cxx ; then
368 + die "To build the ldapc++ library you must emerge openldap with sasl support"
369 + fi
370 + # Bug #322787
371 + if use minimal && ! has_version "net-nds/openldap" ; then
372 + einfo "No datadir scan needed, openldap not installed"
373 + elif use minimal && has_version 'net-nds/openldap[minimal]' ; then
374 + einfo "Skipping scan for previous datadirs as requested by minimal useflag"
375 + else
376 + openldap_find_versiontags
377 + fi
378 +
379 + # The user/group are only used for running daemons which are
380 + # disabled in minimal builds, so elide the accounts too.
381 + if ! use minimal ; then
382 + enewgroup ldap 439
383 + enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
384 + fi
385 +}
386 +
387 +src_prepare() {
388 + # ensure correct SLAPI path by default
389 + sed -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \
390 + -i include/ldap_defaults.h || die
391 +
392 + default
393 + rm -r libraries/liblmdb || die
394 +
395 + pushd build &>/dev/null || die "pushd build"
396 + einfo "Making sure upstream build strip does not do stripping too early"
397 + sed -i.orig \
398 + -e '/^STRIP/s,-s,,g' \
399 + top.mk || die "Failed to block stripping"
400 + popd &>/dev/null || die
401 +
402 + # wrong assumption that /bin/sh is /bin/bash
403 + sed \
404 + -e 's|/bin/sh|/bin/bash|g' \
405 + -i tests/scripts/* || die "sed failed"
406 +
407 + AT_NOEAUTOMAKE=yes eautoreconf
408 +}
409 +
410 +build_contrib_module() {
411 + # <dir> <sources> <outputname>
412 + pushd "${S}/contrib/slapd-modules/$1" &>/dev/null || die "pushd contrib/slapd-modules/$1"
413 + einfo "Compiling contrib-module: $3"
414 + # Make sure it's uppercase
415 + local define_name="$(LC_ALL=C tr '[:lower:]' '[:upper:]' <<< "SLAPD_OVER_${1}")"
416 + "${lt}" --mode=compile --tag=CC \
417 + "${CC}" \
418 + -D${define_name}=SLAPD_MOD_DYNAMIC \
419 + -I"${BUILD_DIR}"/include \
420 + -I../../../include -I../../../servers/slapd ${CFLAGS} \
421 + -o ${2%.c}.lo -c $2 || die "compiling $3 failed"
422 + einfo "Linking contrib-module: $3"
423 + "${lt}" --mode=link --tag=CC \
424 + "${CC}" -module \
425 + ${CFLAGS} \
426 + ${LDFLAGS} \
427 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
428 + -o $3.la ${2%.c}.lo || die "linking $3 failed"
429 + popd &>/dev/null || die
430 +}
431 +
432 +src_configure() {
433 + # Bug 408001
434 + use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync
435 +
436 + # connectionless ldap per bug #342439
437 + append-cppflags -DLDAP_CONNECTIONLESS
438 +
439 + multilib-minimal_src_configure
440 +}
441 +
442 +multilib_src_configure() {
443 + local myconf=()
444 +
445 + use debug && myconf+=( $(use_enable debug) )
446 +
447 + # ICU exists only in the configure, nowhere in the codebase, bug #510858
448 + export ac_cv_header_unicode_utypes_h=no ol_cv_lib_icu=no
449 +
450 + if ! use minimal && multilib_is_native_abi; then
451 + local CPPFLAGS=${CPPFLAGS}
452 +
453 + # re-enable serverside overlay chains per bug #296567
454 + # see ldap docs chaper 12.3.1 for details
455 + myconf+=( --enable-ldap )
456 +
457 + # backends
458 + myconf+=( --enable-slapd )
459 + if use berkdb ; then
460 + einfo "Using Berkeley DB for local backend"
461 + myconf+=( --enable-bdb --enable-hdb )
462 + DBINCLUDE=$(db_includedir ${BDB_SLOTS})
463 + einfo "Using ${DBINCLUDE} for sys-libs/db version"
464 + # We need to include the slotted db.h dir for FreeBSD
465 + append-cppflags -I${DBINCLUDE}
466 + else
467 + myconf+=( --disable-bdb --disable-hdb )
468 + fi
469 + for backend in dnssrv ldap mdb meta monitor null passwd relay shell sock; do
470 + myconf+=( --enable-${backend}=mod )
471 + done
472 +
473 + myconf+=( $(use_enable perl perl mod) )
474 +
475 + myconf+=( $(use_enable odbc sql mod) )
476 + if use odbc ; then
477 + local odbc_lib="unixodbc"
478 + if use iodbc ; then
479 + odbc_lib="iodbc"
480 + append-cppflags -I"${EPREFIX}"/usr/include/iodbc
481 + fi
482 + myconf+=( --with-odbc=${odbc_lib} )
483 + fi
484 +
485 + # slapd options
486 + myconf+=(
487 + $(use_enable crypt)
488 + --disable-slp
489 + $(use_enable samba lmpasswd)
490 + $(use_enable syslog)
491 + )
492 + if use experimental ; then
493 + myconf+=(
494 + --enable-dynacl
495 + --enable-aci=mod
496 + )
497 + fi
498 + for option in aci cleartext modules rewrite rlookups slapi; do
499 + myconf+=( --enable-${option} )
500 + done
501 +
502 + # slapd overlay options
503 + # Compile-in the syncprov, the others as module
504 + myconf+=( --enable-syncprov=yes )
505 + use overlays && myconf+=( --enable-overlays=mod )
506 +
507 + else
508 + myconf+=(
509 + --disable-backends
510 + --disable-slapd
511 + --disable-bdb
512 + --disable-hdb
513 + --disable-mdb
514 + --disable-overlays
515 + --disable-syslog
516 + )
517 + fi
518 +
519 + # basic functionality stuff
520 + myconf+=(
521 + $(use_enable ipv6)
522 + $(multilib_native_use_with sasl cyrus-sasl)
523 + $(multilib_native_use_enable sasl spasswd)
524 + $(use_enable tcpd wrappers)
525 + )
526 +
527 + # Some cross-compiling tests don't pan out well.
528 + tc-is-cross-compiler && myconf+=(
529 + --with-yielding-select=yes
530 + )
531 +
532 + local ssl_lib="no"
533 + if use ssl || ( ! use minimal && use samba ) ; then
534 + ssl_lib="openssl"
535 + use gnutls && ssl_lib="gnutls"
536 + fi
537 +
538 + myconf+=( --with-tls=${ssl_lib} )
539 +
540 + for basicflag in dynamic local proctitle shared; do
541 + myconf+=( --enable-${basicflag} )
542 + done
543 +
544 + tc-export AR CC CXX
545 + CONFIG_SHELL="/bin/bash" \
546 + ECONF_SOURCE="${S}" \
547 + STRIP=/bin/true \
548 + econf \
549 + --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
550 + $(use_enable static-libs static) \
551 + "${myconf[@]}"
552 + emake depend
553 +}
554 +
555 +src_configure_cxx() {
556 + # This needs the libraries built by the first build run.
557 + # So we have to run it AFTER the main build, not just after the main
558 + # configure.
559 + local myconf_ldapcpp=(
560 + --with-ldap-includes="${S}"/include
561 + )
562 +
563 + mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die
564 + pushd "${BUILD_DIR}/contrib/ldapc++" &>/dev/null || die "pushd contrib/ldapc++"
565 +
566 + local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS}
567 + append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
568 + -L"${BUILD_DIR}"/libraries/libldap/.libs
569 + append-cppflags -I"${BUILD_DIR}"/include
570 + ECONF_SOURCE=${S}/contrib/ldapc++ \
571 + econf "${myconf_ldapcpp[@]}" \
572 + CC="${CC}" \
573 + CXX="${CXX}"
574 + popd &>/dev/null || die
575 +}
576 +
577 +multilib_src_compile() {
578 + tc-export AR CC CXX
579 + emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash
580 + local lt="${BUILD_DIR}/libtool"
581 + export echo="echo"
582 +
583 + if ! use minimal && multilib_is_native_abi ; then
584 + if use cxx ; then
585 + einfo "Building contrib library: ldapc++"
586 + src_configure_cxx
587 + pushd "${BUILD_DIR}/contrib/ldapc++" &>/dev/null || die "pushd contrib/ldapc++"
588 + emake CC="${CC}" CXX="${CXX}"
589 + popd &>/dev/null || die
590 + fi
591 +
592 + if use smbkrb5passwd ; then
593 + einfo "Building contrib-module: smbk5pwd"
594 + pushd "${S}/contrib/slapd-modules/smbk5pwd" &>/dev/null || die "pushd contrib/slapd-modules/smbk5pwd"
595 +
596 + MY_DEFS="-DDO_SHADOW"
597 + if use samba ; then
598 + MY_DEFS="${MY_DEFS} -DDO_SAMBA"
599 + MY_KRB5_INC=""
600 + fi
601 + if use kerberos ; then
602 + MY_DEFS="${MY_DEFS} -DDO_KRB5"
603 + MY_KRB5_INC="$(krb5-config --cflags)"
604 + fi
605 +
606 + emake \
607 + DEFS="${MY_DEFS}" \
608 + KRB5_INC="${MY_KRB5_INC}" \
609 + LDAP_BUILD="${BUILD_DIR}" \
610 + CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
611 + popd &>/dev/null || die
612 + fi
613 +
614 + if use overlays ; then
615 + einfo "Building contrib-module: samba4"
616 + pushd "${S}/contrib/slapd-modules/samba4" &>/dev/null || die "pushd contrib/slapd-modules/samba4"
617 +
618 + emake \
619 + LDAP_BUILD="${BUILD_DIR}" \
620 + CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap"
621 + popd &>/dev/null || die
622 + fi
623 +
624 + if use kerberos ; then
625 + if use kinit ; then
626 + build_contrib_module "kinit" "kinit.c" "kinit"
627 + fi
628 + pushd "${S}/contrib/slapd-modules/passwd" &>/dev/null || die "pushd contrib/slapd-modules/passwd"
629 + einfo "Compiling contrib-module: pw-kerberos"
630 + "${lt}" --mode=compile --tag=CC \
631 + "${CC}" \
632 + -I"${BUILD_DIR}"/include \
633 + -I../../../include \
634 + ${CFLAGS} \
635 + $(krb5-config --cflags) \
636 + -DHAVE_KRB5 \
637 + -o kerberos.lo \
638 + -c kerberos.c || die "compiling pw-kerberos failed"
639 + einfo "Linking contrib-module: pw-kerberos"
640 + "${lt}" --mode=link --tag=CC \
641 + "${CC}" -module \
642 + ${CFLAGS} \
643 + ${LDFLAGS} \
644 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
645 + -o pw-kerberos.la \
646 + kerberos.lo || die "linking pw-kerberos failed"
647 + popd &>/dev/null || die
648 + fi
649 +
650 + if use pbkdf2; then
651 + pushd "${S}/contrib/slapd-modules/passwd/pbkdf2" &>/dev/null || die "pushd contrib/slapd-modules/passwd/pbkdf2"
652 + einfo "Compiling contrib-module: pw-pbkdf2"
653 + "${lt}" --mode=compile --tag=CC \
654 + "${CC}" \
655 + -I"${BUILD_DIR}"/include \
656 + -I../../../../include \
657 + ${CFLAGS} \
658 + -o pbkdf2.lo \
659 + -c pw-pbkdf2.c || die "compiling pw-pbkdf2 failed"
660 + einfo "Linking contrib-module: pw-pbkdf2"
661 + "${lt}" --mode=link --tag=CC \
662 + "${CC}" -module \
663 + ${CFLAGS} \
664 + ${LDFLAGS} \
665 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
666 + -o pw-pbkdf2.la \
667 + pbkdf2.lo || die "linking pw-pbkdf2 failed"
668 + popd &>/dev/null || die
669 + fi
670 +
671 + if use sha2 ; then
672 + pushd "${S}/contrib/slapd-modules/passwd/sha2" &>/dev/null || die "pushd contrib/slapd-modules/passwd/sha2"
673 + einfo "Compiling contrib-module: pw-sha2"
674 + "${lt}" --mode=compile --tag=CC \
675 + "${CC}" \
676 + -I"${BUILD_DIR}"/include \
677 + -I../../../../include \
678 + ${CFLAGS} \
679 + -o sha2.lo \
680 + -c sha2.c || die "compiling pw-sha2 failed"
681 + "${lt}" --mode=compile --tag=CC \
682 + "${CC}" \
683 + -I"${BUILD_DIR}"/include \
684 + -I../../../../include \
685 + ${CFLAGS} \
686 + -o slapd-sha2.lo \
687 + -c slapd-sha2.c || die "compiling pw-sha2 failed"
688 + einfo "Linking contrib-module: pw-sha2"
689 + "${lt}" --mode=link --tag=CC \
690 + "${CC}" -module \
691 + ${CFLAGS} \
692 + ${LDFLAGS} \
693 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
694 + -o pw-sha2.la \
695 + sha2.lo slapd-sha2.lo || die "linking pw-sha2 failed"
696 + popd &>/dev/null || die
697 + fi
698 +
699 + # We could build pw-radius if GNURadius would install radlib.h
700 + pushd "${S}/contrib/slapd-modules/passwd" &>/dev/null || die "pushd contrib/slapd-modules/passwd"
701 + einfo "Compiling contrib-module: pw-netscape"
702 + "${lt}" --mode=compile --tag=CC \
703 + "${CC}" \
704 + -I"${BUILD_DIR}"/include \
705 + -I../../../include \
706 + ${CFLAGS} \
707 + -o netscape.lo \
708 + -c netscape.c || die "compiling pw-netscape failed"
709 + einfo "Linking contrib-module: pw-netscape"
710 + "${lt}" --mode=link --tag=CC \
711 + "${CC}" -module \
712 + ${CFLAGS} \
713 + ${LDFLAGS} \
714 + -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
715 + -o pw-netscape.la \
716 + netscape.lo || die "linking pw-netscape failed"
717 +
718 + #build_contrib_module "acl" "posixgroup.c" "posixGroup" # example code only
719 + #build_contrib_module "acl" "gssacl.c" "gss" # example code only, also needs kerberos
720 + build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
721 + build_contrib_module "allop" "allop.c" "overlay-allop"
722 + build_contrib_module "allowed" "allowed.c" "allowed"
723 + build_contrib_module "autogroup" "autogroup.c" "autogroup"
724 + build_contrib_module "cloak" "cloak.c" "cloak"
725 + # build_contrib_module "comp_match" "comp_match.c" "comp_match" # really complex, adds new external deps, questionable demand
726 + build_contrib_module "denyop" "denyop.c" "denyop-overlay"
727 + build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
728 + build_contrib_module "dupent" "dupent.c" "dupent"
729 + build_contrib_module "lastbind" "lastbind.c" "lastbind"
730 + # lastmod may not play well with other overlays
731 + build_contrib_module "lastmod" "lastmod.c" "lastmod"
732 + build_contrib_module "noopsrch" "noopsrch.c" "noopsrch"
733 + build_contrib_module "nops" "nops.c" "nops-overlay"
734 + #build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER
735 + build_contrib_module "trace" "trace.c" "trace"
736 + popd &>/dev/null || die
737 + # build slapi-plugins
738 + pushd "${S}/contrib/slapi-plugins/addrdnvalues" &>/dev/null || die "pushd contrib/slapi-plugins/addrdnvalues"
739 + einfo "Building contrib-module: addrdnvalues plugin"
740 + "${CC}" -shared \
741 + -I"${BUILD_DIR}"/include \
742 + -I../../../include \
743 + ${CFLAGS} \
744 + -fPIC \
745 + ${LDFLAGS} \
746 + -o libaddrdnvalues-plugin.so \
747 + addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
748 + popd &>/dev/null || die
749 + fi
750 +}
751 +
752 +multilib_src_test() {
753 + if multilib_is_native_abi; then
754 + cd tests || die
755 + emake tests
756 + fi
757 +}
758 +
759 +multilib_src_install() {
760 + local lt="${BUILD_DIR}/libtool"
761 + emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install
762 +
763 + if ! use minimal && multilib_is_native_abi; then
764 + # openldap modules go here
765 + # TODO: write some code to populate slapd.conf with moduleload statements
766 + keepdir /usr/$(get_libdir)/openldap/openldap/
767 +
768 + # initial data storage dir
769 + keepdir /var/lib/openldap-data
770 + use prefix || fowners ldap:ldap /var/lib/openldap-data
771 + fperms 0700 /var/lib/openldap-data
772 +
773 + echo "OLDPF='${PF}'" > "${ED%/}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
774 + echo "# do NOT delete this. it is used" >> "${ED%/}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
775 + echo "# to track versions for upgrading." >> "${ED%/}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
776 +
777 + # use our config
778 + rm "${ED%/}"/etc/openldap/slapd.conf
779 + insinto /etc/openldap
780 + newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf
781 + configfile="${ED%/}"/etc/openldap/slapd.conf
782 +
783 + # populate with built backends
784 + ebegin "populate config with built backends"
785 + for x in "${ED%/}"/usr/$(get_libdir)/openldap/openldap/back_*.so; do
786 + einfo "Adding $(basename ${x})"
787 + sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}" || die
788 + done
789 + sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
790 + use prefix || fowners root:ldap /etc/openldap/slapd.conf
791 + fperms 0640 /etc/openldap/slapd.conf
792 + cp "${configfile}" "${configfile}".default || die
793 + eend
794 +
795 + # install our own init scripts and systemd unit files
796 + einfo "Install init scripts"
797 + sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd-initd-2.4.40-r2 > "${T}"/slapd || die
798 + doinitd "${T}"/slapd
799 + newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd
800 +
801 + einfo "Install systemd service"
802 + sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd.service > "${T}"/slapd.service || die
803 + systemd_dounit "${T}"/slapd.service
804 + systemd_install_serviced "${FILESDIR}"/slapd.service.conf
805 + systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf
806 +
807 + # If built without SLP, we don't need to be before avahi
808 + sed -i \
809 + -e '/before/{s/avahi-daemon//g}' \
810 + "${ED%/}"/etc/init.d/slapd \
811 + || die
812 +
813 + if use cxx ; then
814 + einfo "Install the ldapc++ library"
815 + cd "${BUILD_DIR}/contrib/ldapc++" || die
816 + emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
817 + cd "${S}"/contrib/ldapc++ || die
818 + newdoc README ldapc++-README
819 + fi
820 +
821 + if use smbkrb5passwd ; then
822 + einfo "Install the smbk5pwd module"
823 + cd "${S}/contrib/slapd-modules/smbk5pwd" || die
824 + emake DESTDIR="${D}" \
825 + LDAP_BUILD="${BUILD_DIR}" \
826 + libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
827 + newdoc README smbk5pwd-README
828 + fi
829 +
830 + if use overlays ; then
831 + einfo "Install the samba4 module"
832 + cd "${S}/contrib/slapd-modules/samba4" || die
833 + emake DESTDIR="${D}" \
834 + LDAP_BUILD="${BUILD_DIR}" \
835 + libexecdir="/usr/$(get_libdir)/openldap" install
836 + newdoc README samba4-README
837 + fi
838 +
839 + einfo "Installing contrib modules"
840 + cd "${S}/contrib/slapd-modules" || die
841 + for l in */*.la */*/*.la; do
842 + [[ -e ${l} ]] || continue
843 + "${lt}" --mode=install cp ${l} \
844 + "${ED%/}"/usr/$(get_libdir)/openldap/openldap || \
845 + die "installing ${l} failed"
846 + done
847 +
848 + dodoc "${FILESDIR}"/DB_CONFIG.fast.example
849 + docinto contrib
850 + doman */*.5
851 + #newdoc acl/README*
852 + newdoc addpartial/README addpartial-README
853 + newdoc allop/README allop-README
854 + newdoc allowed/README allowed-README
855 + newdoc autogroup/README autogroup-README
856 + newdoc dsaschema/README dsaschema-README
857 + newdoc passwd/README passwd-README
858 + cd "${S}/contrib/slapi-plugins" || die
859 + insinto /usr/$(get_libdir)/openldap/openldap
860 + doins */*.so
861 + docinto contrib
862 + newdoc addrdnvalues/README addrdnvalues-README
863 +
864 + insinto /etc/openldap/schema
865 + newins "${DISTDIR}"/${BIS_P} ${BIS_PN}
866 +
867 + docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample*
868 + docinto back-shell ; dodoc "${S}"/servers/slapd/back-shell/searchexample*
869 + docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm
870 +
871 + dosbin "${S}"/contrib/slapd-tools/statslog
872 + newdoc "${S}"/contrib/slapd-tools/README README.statslog
873 + fi
874 +
875 + if ! use static-libs ; then
876 + find "${ED}" \( -name '*.a' -o -name '*.la' \) -delete || die
877 + fi
878 +}
879 +
880 +multilib_src_install_all() {
881 + dodoc ANNOUNCEMENT CHANGES COPYRIGHT README
882 + docinto rfc ; dodoc doc/rfc/*.txt
883 +}
884 +
885 +pkg_preinst() {
886 + # keep old libs if any
887 + preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0)
888 + # bug 440470, only display the getting started help there was no openldap before,
889 + # or we are going to a non-minimal build
890 + ! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]'
891 + OPENLDAP_PRINT_MESSAGES=$((! $?))
892 +}
893 +
894 +pkg_postinst() {
895 + if ! use minimal ; then
896 + # You cannot build SSL certificates during src_install that will make
897 + # binary packages containing your SSL key, which is both a security risk
898 + # and a misconfiguration if multiple machines use the same key and cert.
899 + if use ssl; then
900 + install_cert /etc/openldap/ssl/ldap
901 + use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.*
902 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
903 + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
904 + ewarn "add 'TLS_REQCERT allow' if you want to use them."
905 + fi
906 +
907 + if use prefix; then
908 + # Warn about prefix issues with slapd
909 + eerror "slapd might NOT be usable on Prefix systems as it requires root privileges"
910 + eerror "to start up, and requires that certain files directories be owned by"
911 + eerror "ldap:ldap. As Prefix does not support changing ownership of files and"
912 + eerror "directories, you will have to manually fix this yourself."
913 + fi
914 +
915 + # These lines force the permissions of various content to be correct
916 + use prefix || chown ldap:ldap "${EROOT}"var/run/openldap
917 + chmod 0755 "${EROOT}"var/run/openldap
918 + use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default}
919 + chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default}
920 + use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data
921 + fi
922 +
923 + if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then
924 + elog "Getting started using OpenLDAP? There is some documentation available:"
925 + elog "Gentoo Guide to OpenLDAP Authentication"
926 + elog "(https://wiki.gentoo.org/wiki/Centralized_authentication_using_OpenLDAP)"
927 + elog "---"
928 + elog "An example file for tuning BDB backends with openldap is"
929 + elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
930 + fi
931 +
932 + preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0)
933 +}
Report Message
Find on MARC Find on Google Groups