summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobin H. Johnson <robbat2@gentoo.org>2009-07-28 18:45:51 +0000
committerRobin H. Johnson <robbat2@gentoo.org>2009-07-28 18:45:51 +0000
commit0a5fcb048503b2ae811957122bc2e9bc1c637531 (patch)
tree958cb1458b3d0eea314dbeb31d6f4ff326061566 /sys-auth
parentVersion bump, add support for kernel version 2.6.30 (diff)
downloadgentoo-2-0a5fcb048503b2ae811957122bc2e9bc1c637531.tar.gz
gentoo-2-0a5fcb048503b2ae811957122bc2e9bc1c637531.tar.bz2
gentoo-2-0a5fcb048503b2ae811957122bc2e9bc1c637531.zip
Version bump. Bug #214750 - fix automagic deps on kerberos, ssl, sasl.
(Portage version: 2.2_rc33/cvs/Linux x86_64)
Diffstat (limited to 'sys-auth')
-rw-r--r--sys-auth/nss_ldap/ChangeLog8
-rw-r--r--sys-auth/nss_ldap/files/nss_ldap-264-disable-automagic.patch109
-rw-r--r--sys-auth/nss_ldap/nss_ldap-264.ebuild101
3 files changed, 217 insertions, 1 deletions
diff --git a/sys-auth/nss_ldap/ChangeLog b/sys-auth/nss_ldap/ChangeLog
index d52ab00afd21..d3372f01a581 100644
--- a/sys-auth/nss_ldap/ChangeLog
+++ b/sys-auth/nss_ldap/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for sys-auth/nss_ldap
# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-auth/nss_ldap/ChangeLog,v 1.57 2009/07/28 16:49:56 robbat2 Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-auth/nss_ldap/ChangeLog,v 1.58 2009/07/28 18:45:51 robbat2 Exp $
+
+*nss_ldap-264 (28 Jul 2009)
+
+ 28 Jul 2009; Robin H. Johnson <robbat2@gentoo.org> +nss_ldap-264.ebuild,
+ +files/nss_ldap-264-disable-automagic.patch:
+ Version bump. Bug #214750 - fix automagic deps on kerberos, ssl, sasl.
28 Jul 2009; Robin H. Johnson <robbat2@gentoo.org>
-nss_ldap-239-r1.ebuild, -nss_ldap-249.ebuild, -nss_ldap-250.ebuild,
diff --git a/sys-auth/nss_ldap/files/nss_ldap-264-disable-automagic.patch b/sys-auth/nss_ldap/files/nss_ldap-264-disable-automagic.patch
new file mode 100644
index 000000000000..7671574da4da
--- /dev/null
+++ b/sys-auth/nss_ldap/files/nss_ldap-264-disable-automagic.patch
@@ -0,0 +1,109 @@
+Explicitly provide a way to disable Kerberos/SASL/SSL usage in nss_ldap, so
+that you can build non-kerberos versions on systems with Kerberos installed
+WITHOUT it linking due to presence.
+
+Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
+
+diff -Nuar nss_ldap-264.orig/configure.in nss_ldap-264/configure.in
+--- nss_ldap-264.orig/configure.in 2009-07-28 10:35:27.599965878 -0700
++++ nss_ldap-264/configure.in 2009-07-28 10:36:00.620375469 -0700
+@@ -10,6 +10,21 @@
+ AC_PROG_INSTALL
+
+ dnl
++dnl Turn on/off SSL
++dnl
++AC_ARG_ENABLE(ssl, [ --enable-ssl enable SSL code ], [AC_DEFINE([WANT_SSL], [1], [Define if SSL is wanted])])
++
++dnl
++dnl Turn on/off Kerberos
++dnl
++AC_ARG_ENABLE(krb, [ --enable-krb enable Kerberos code ], [AC_DEFINE([WANT_KRB], [1], [Define if Kerberos is wanted])])
++
++dnl
++dnl Turn on/off SASL
++dnl
++AC_ARG_ENABLE(sasl, [ --enable-sasl enable Kerberos code ], [AC_DEFINE([WANT_SASL], [1], [Define if SASL is wanted])])
++
++dnl
+ dnl --enable-rfc2307bis is now deprecated; if this option is set,
+ dnl then RFC2307bis support will be enabled by default. However
+ dnl it can now always be enabled at runtime with the nss_schema
+@@ -178,12 +193,18 @@
+ AC_CHECK_HEADERS(sys/un.h)
+ AC_CHECK_HEADERS(libc-lock.h)
+ AC_CHECK_HEADERS(bits/libc-lock.h)
+-AC_CHECK_HEADERS(sasl.h sasl/sasl.h)
++if test "$enable_sasl" \!= "no"; then
++ AC_CHECK_HEADERS(sasl.h sasl/sasl.h)
++fi
+ AC_CHECK_HEADERS(strings.h)
+-AC_CHECK_HEADERS(gssldap.h)
+-AC_CHECK_HEADERS(gsssasl.h)
+-AC_CHECK_HEADERS(gssapi/gssapi_krb5.h gssapi/gssapi.h gssapi.h)
+-AC_CHECK_HEADERS(krb5.h)
++if test "$enable_krb" \!= "no"; then
++ AC_CHECK_HEADERS(gssldap.h)
++ if test "$enable_sasl" \!= "no"; then
++ AC_CHECK_HEADERS(gsssasl.h)
++ fi
++ AC_CHECK_HEADERS(gssapi/gssapi_krb5.h gssapi/gssapi.h gssapi.h)
++ AC_CHECK_HEADERS(krb5.h)
++fi
+
+ AC_CHECK_LIB(resolv, main)
+ AC_CHECK_LIB(nsl, main)
+@@ -286,19 +307,25 @@
+ AC_CHECK_LIB(dl, dlopen,[LIBS="-ldl $LIBS"],,$LIBS)
+ dnl AC_CHECK_LIB(db, main,[LIBS="-ldb $LIBS"],,$LIBS)
+
+-AC_CHECK_LIB(gssapi, gss_krb5_ccache_name,[LIBS="-lgssapi $LIBS" found_gssapi_lib=yes],,$LIBS)
+-if test -z "$found_gssapi_lib"; then
+- AC_CHECK_LIB(gssapi_krb5, gss_krb5_ccache_name,[LIBS="-lgssapi_krb5 $LIBS"],,$LIBS)
++if test "$enable_krb" \!= "no"; then
++ AC_CHECK_LIB(gssapi, gss_krb5_ccache_name,[LIBS="-lgssapi $LIBS" found_gssapi_lib=yes],,$LIBS)
++ if test -z "$found_gssapi_lib"; then
++ AC_CHECK_LIB(gssapi_krb5, gss_krb5_ccache_name,[LIBS="-lgssapi_krb5 $LIBS"],,$LIBS)
++ fi
+ fi
+
+ dnl Following checks probably not strictly necessary.
+ dnl AC_CHECK_LIB(crypto, main,[LIBS="-lcrypto $LIBS"],,$LIBS)
+ dnl AC_CHECK_LIB(ssl, main,[LIBS="-lssl $LIBS"],,$LIBS)
+ AC_CHECK_LIB(com_err, main,[LIBS="-lcom_err $LIBS"],,$LIBS)
+-dnl AC_CHECK_LIB(k5crypto, main,[LIBS="-lk5crypto $LIBS"],,$LIBS)
+-AC_CHECK_LIB(krb5, main,[LIBS="-lkrb5 $LIBS"],,$LIBS)
+-dnl AC_CHECK_LIB(krb4, main,[LIBS="-lkrb4 $LIBS"],,$LIBS)
+-AC_CHECK_LIB(sasl2, sasl_client_init)
++if test "$enable_krb" \!= "no"; then
++ dnl AC_CHECK_LIB(k5crypto, main,[LIBS="-lk5crypto $LIBS"],,$LIBS)
++ AC_CHECK_LIB(krb5, main,[LIBS="-lkrb5 $LIBS"],,$LIBS)
++ dnl AC_CHECK_LIB(krb4, main,[LIBS="-lkrb4 $LIBS"],,$LIBS)
++fi
++if test "$enable_sasl" \!= "no"; then
++ AC_CHECK_LIB(sasl2, sasl_client_init)
++fi
+
+ if test -z "$found_ldap_lib" -a \( $with_ldap_lib = auto -o $with_ldap_lib = umich -o $with_ldap_lib = openldap \); then
+ AC_CHECK_LIB(lber, main)
+@@ -331,13 +358,17 @@
+ AC_CHECK_LIB(pthread, main)
+ fi
+
+-AC_CHECK_LIB(gssldap, ldap_gss_bind,[LIBS="-lgssldap $LIBS"],,$LIBS)
++if test "$enable_krb" \!= "no"; then
++ AC_CHECK_LIB(gssldap, ldap_gss_bind,[LIBS="-lgssldap $LIBS"],,$LIBS)
++fi
+
+-AC_CHECK_FUNCS(sasl_auxprop_request)
+ AC_CHECK_FUNCS(ldap_init ldap_get_lderrno ldap_parse_result ldap_memfree ldap_controls_free)
+ AC_CHECK_FUNCS(ldap_ld_free ldap_explode_rdn ldap_set_option ldap_get_option)
+-AC_CHECK_FUNCS(ldap_sasl_interactive_bind_s ldap_initialize ldap_search_ext)
++AC_CHECK_FUNCS(ldap_initialize ldap_search_ext)
+ AC_CHECK_FUNCS(ldap_create_control ldap_create_page_control ldap_parse_page_control)
++if test "$enable_sasl" \!= "no"; then
++ AC_CHECK_FUNCS(sasl_auxprop_request ldap_sasl_interactive_bind_s)
++fi
+ if test "$enable_ssl" \!= "no"; then
+ AC_CHECK_FUNCS(ldapssl_client_init ldap_start_tls_s ldap_pvt_tls_set_option ldap_start_tls)
+ fi
diff --git a/sys-auth/nss_ldap/nss_ldap-264.ebuild b/sys-auth/nss_ldap/nss_ldap-264.ebuild
new file mode 100644
index 000000000000..ebbbd1eb7228
--- /dev/null
+++ b/sys-auth/nss_ldap/nss_ldap-264.ebuild
@@ -0,0 +1,101 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-auth/nss_ldap/nss_ldap-264.ebuild,v 1.1 2009/07/28 18:45:51 robbat2 Exp $
+
+EAPI=2
+inherit fixheadtails eutils multilib autotools
+
+IUSE="debug ssl sasl kerberos"
+
+DESCRIPTION="NSS LDAP Module"
+HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html"
+SRC_URI="http://www.padl.com/download/${P}.tar.gz"
+
+SLOT="0"
+LICENSE="LGPL-2"
+KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86"
+
+DEPEND=">=net-nds/openldap-2.1.30-r5
+ sasl? ( dev-libs/cyrus-sasl )
+ kerberos? ( virtual/krb5 )
+ ssl? ( dev-libs/openssl )"
+RDEPEND="${DEPEND}
+ !<net-fs/autofs-4.1.3"
+
+src_prepare() {
+ cd "${S}"
+
+ epatch "${FILESDIR}"/nsswitch.ldap.diff
+
+ # Applied by upstream
+ #epatch "${FILESDIR}"/${PN}-239-tls-security-bug.patch
+
+ epatch "${FILESDIR}"/${PN}-249-sasl-compile.patch
+
+ EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-252-reconnect-timeouts.patch
+
+ # Applied by upstream
+ #EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-254-nss_getgrent_skipmembers.patch
+
+ EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-257-nss_max_group_depth.patch
+
+ sed -i.orig \
+ -e '/^ @(#)\$Id: ldap.conf,v/s,^,#,' \
+ "${S}"/ldap.conf || die "failed to clean up initial version marker"
+
+ # fix head/tail stuff
+ ht_fix_file "${S}"/Makefile.am "${S}"/Makefile.in "${S}"/depcomp
+
+ # fix build borkage
+ for i in Makefile.{in,am}; do
+ sed -i.orig \
+ -e '/^install-exec-local: nss_ldap.so/s,nss_ldap.so,,g' \
+ "${S}"/$i
+ done
+
+ epatch "${FILESDIR}"/${PN}-257.2-gssapi-headers.patch
+
+ # Bug #214750, no automagic deps
+ epatch "${FILESDIR}"/${PN}-264-disable-automagic.patch
+
+ # Upstream forgets the version number sometimes
+ #sed -i \
+ # -e "/^AM_INIT_AUTOMAKE/s~2..~$PV~" \
+ # "${S}"/configure.in
+
+ eautoreconf
+}
+
+src_configure() {
+ local myconf=""
+ use debug && myconf="${myconf} --enable-debugging"
+ use kerberos && myconf="${myconf} --enable-configurable-krb5-ccname-gssapi"
+ # --enable-schema-mapping \
+ econf \
+ --with-ldap-lib=openldap \
+ --libdir=/$(get_libdir) \
+ --enable-paged-results \
+ --enable-rfc2307bis \
+ $(use_enable ssl) \
+ $(use_enable sasl) \
+ $(use_enable kerberos krb) \
+ ${myconf} || die "configure failed"
+}
+
+src_install() {
+ dodir /$(get_libdir)
+
+ emake -j1 DESTDIR="${D}" install || die "make install failed"
+
+ insinto /etc
+ doins ldap.conf
+
+ dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \
+ COPYING CVSVersionInfo.txt README nsswitch.ldap certutil
+ docinto docs; dodoc doc/*
+}
+
+pkg_postinst() {
+ elog "If you use a ldaps:// string in the 'uri' setting of"
+ elog "your /etc/ldap.conf, you must set 'ssl on'!"
+}