diff options
author | Robin H. Johnson <robbat2@gentoo.org> | 2009-07-28 18:45:51 +0000 |
---|---|---|
committer | Robin H. Johnson <robbat2@gentoo.org> | 2009-07-28 18:45:51 +0000 |
commit | 0a5fcb048503b2ae811957122bc2e9bc1c637531 (patch) | |
tree | 958cb1458b3d0eea314dbeb31d6f4ff326061566 /sys-auth | |
parent | Version bump, add support for kernel version 2.6.30 (diff) | |
download | gentoo-2-0a5fcb048503b2ae811957122bc2e9bc1c637531.tar.gz gentoo-2-0a5fcb048503b2ae811957122bc2e9bc1c637531.tar.bz2 gentoo-2-0a5fcb048503b2ae811957122bc2e9bc1c637531.zip |
Version bump. Bug #214750 - fix automagic deps on kerberos, ssl, sasl.
(Portage version: 2.2_rc33/cvs/Linux x86_64)
Diffstat (limited to 'sys-auth')
-rw-r--r-- | sys-auth/nss_ldap/ChangeLog | 8 | ||||
-rw-r--r-- | sys-auth/nss_ldap/files/nss_ldap-264-disable-automagic.patch | 109 | ||||
-rw-r--r-- | sys-auth/nss_ldap/nss_ldap-264.ebuild | 101 |
3 files changed, 217 insertions, 1 deletions
diff --git a/sys-auth/nss_ldap/ChangeLog b/sys-auth/nss_ldap/ChangeLog index d52ab00afd21..d3372f01a581 100644 --- a/sys-auth/nss_ldap/ChangeLog +++ b/sys-auth/nss_ldap/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for sys-auth/nss_ldap # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-auth/nss_ldap/ChangeLog,v 1.57 2009/07/28 16:49:56 robbat2 Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-auth/nss_ldap/ChangeLog,v 1.58 2009/07/28 18:45:51 robbat2 Exp $ + +*nss_ldap-264 (28 Jul 2009) + + 28 Jul 2009; Robin H. Johnson <robbat2@gentoo.org> +nss_ldap-264.ebuild, + +files/nss_ldap-264-disable-automagic.patch: + Version bump. Bug #214750 - fix automagic deps on kerberos, ssl, sasl. 28 Jul 2009; Robin H. Johnson <robbat2@gentoo.org> -nss_ldap-239-r1.ebuild, -nss_ldap-249.ebuild, -nss_ldap-250.ebuild, diff --git a/sys-auth/nss_ldap/files/nss_ldap-264-disable-automagic.patch b/sys-auth/nss_ldap/files/nss_ldap-264-disable-automagic.patch new file mode 100644 index 000000000000..7671574da4da --- /dev/null +++ b/sys-auth/nss_ldap/files/nss_ldap-264-disable-automagic.patch @@ -0,0 +1,109 @@ +Explicitly provide a way to disable Kerberos/SASL/SSL usage in nss_ldap, so +that you can build non-kerberos versions on systems with Kerberos installed +WITHOUT it linking due to presence. + +Signed-off-by: Robin H. Johnson <robbat2@gentoo.org> + +diff -Nuar nss_ldap-264.orig/configure.in nss_ldap-264/configure.in +--- nss_ldap-264.orig/configure.in 2009-07-28 10:35:27.599965878 -0700 ++++ nss_ldap-264/configure.in 2009-07-28 10:36:00.620375469 -0700 +@@ -10,6 +10,21 @@ + AC_PROG_INSTALL + + dnl ++dnl Turn on/off SSL ++dnl ++AC_ARG_ENABLE(ssl, [ --enable-ssl enable SSL code ], [AC_DEFINE([WANT_SSL], [1], [Define if SSL is wanted])]) ++ ++dnl ++dnl Turn on/off Kerberos ++dnl ++AC_ARG_ENABLE(krb, [ --enable-krb enable Kerberos code ], [AC_DEFINE([WANT_KRB], [1], [Define if Kerberos is wanted])]) ++ ++dnl ++dnl Turn on/off SASL ++dnl ++AC_ARG_ENABLE(sasl, [ --enable-sasl enable Kerberos code ], [AC_DEFINE([WANT_SASL], [1], [Define if SASL is wanted])]) ++ ++dnl + dnl --enable-rfc2307bis is now deprecated; if this option is set, + dnl then RFC2307bis support will be enabled by default. However + dnl it can now always be enabled at runtime with the nss_schema +@@ -178,12 +193,18 @@ + AC_CHECK_HEADERS(sys/un.h) + AC_CHECK_HEADERS(libc-lock.h) + AC_CHECK_HEADERS(bits/libc-lock.h) +-AC_CHECK_HEADERS(sasl.h sasl/sasl.h) ++if test "$enable_sasl" \!= "no"; then ++ AC_CHECK_HEADERS(sasl.h sasl/sasl.h) ++fi + AC_CHECK_HEADERS(strings.h) +-AC_CHECK_HEADERS(gssldap.h) +-AC_CHECK_HEADERS(gsssasl.h) +-AC_CHECK_HEADERS(gssapi/gssapi_krb5.h gssapi/gssapi.h gssapi.h) +-AC_CHECK_HEADERS(krb5.h) ++if test "$enable_krb" \!= "no"; then ++ AC_CHECK_HEADERS(gssldap.h) ++ if test "$enable_sasl" \!= "no"; then ++ AC_CHECK_HEADERS(gsssasl.h) ++ fi ++ AC_CHECK_HEADERS(gssapi/gssapi_krb5.h gssapi/gssapi.h gssapi.h) ++ AC_CHECK_HEADERS(krb5.h) ++fi + + AC_CHECK_LIB(resolv, main) + AC_CHECK_LIB(nsl, main) +@@ -286,19 +307,25 @@ + AC_CHECK_LIB(dl, dlopen,[LIBS="-ldl $LIBS"],,$LIBS) + dnl AC_CHECK_LIB(db, main,[LIBS="-ldb $LIBS"],,$LIBS) + +-AC_CHECK_LIB(gssapi, gss_krb5_ccache_name,[LIBS="-lgssapi $LIBS" found_gssapi_lib=yes],,$LIBS) +-if test -z "$found_gssapi_lib"; then +- AC_CHECK_LIB(gssapi_krb5, gss_krb5_ccache_name,[LIBS="-lgssapi_krb5 $LIBS"],,$LIBS) ++if test "$enable_krb" \!= "no"; then ++ AC_CHECK_LIB(gssapi, gss_krb5_ccache_name,[LIBS="-lgssapi $LIBS" found_gssapi_lib=yes],,$LIBS) ++ if test -z "$found_gssapi_lib"; then ++ AC_CHECK_LIB(gssapi_krb5, gss_krb5_ccache_name,[LIBS="-lgssapi_krb5 $LIBS"],,$LIBS) ++ fi + fi + + dnl Following checks probably not strictly necessary. + dnl AC_CHECK_LIB(crypto, main,[LIBS="-lcrypto $LIBS"],,$LIBS) + dnl AC_CHECK_LIB(ssl, main,[LIBS="-lssl $LIBS"],,$LIBS) + AC_CHECK_LIB(com_err, main,[LIBS="-lcom_err $LIBS"],,$LIBS) +-dnl AC_CHECK_LIB(k5crypto, main,[LIBS="-lk5crypto $LIBS"],,$LIBS) +-AC_CHECK_LIB(krb5, main,[LIBS="-lkrb5 $LIBS"],,$LIBS) +-dnl AC_CHECK_LIB(krb4, main,[LIBS="-lkrb4 $LIBS"],,$LIBS) +-AC_CHECK_LIB(sasl2, sasl_client_init) ++if test "$enable_krb" \!= "no"; then ++ dnl AC_CHECK_LIB(k5crypto, main,[LIBS="-lk5crypto $LIBS"],,$LIBS) ++ AC_CHECK_LIB(krb5, main,[LIBS="-lkrb5 $LIBS"],,$LIBS) ++ dnl AC_CHECK_LIB(krb4, main,[LIBS="-lkrb4 $LIBS"],,$LIBS) ++fi ++if test "$enable_sasl" \!= "no"; then ++ AC_CHECK_LIB(sasl2, sasl_client_init) ++fi + + if test -z "$found_ldap_lib" -a \( $with_ldap_lib = auto -o $with_ldap_lib = umich -o $with_ldap_lib = openldap \); then + AC_CHECK_LIB(lber, main) +@@ -331,13 +358,17 @@ + AC_CHECK_LIB(pthread, main) + fi + +-AC_CHECK_LIB(gssldap, ldap_gss_bind,[LIBS="-lgssldap $LIBS"],,$LIBS) ++if test "$enable_krb" \!= "no"; then ++ AC_CHECK_LIB(gssldap, ldap_gss_bind,[LIBS="-lgssldap $LIBS"],,$LIBS) ++fi + +-AC_CHECK_FUNCS(sasl_auxprop_request) + AC_CHECK_FUNCS(ldap_init ldap_get_lderrno ldap_parse_result ldap_memfree ldap_controls_free) + AC_CHECK_FUNCS(ldap_ld_free ldap_explode_rdn ldap_set_option ldap_get_option) +-AC_CHECK_FUNCS(ldap_sasl_interactive_bind_s ldap_initialize ldap_search_ext) ++AC_CHECK_FUNCS(ldap_initialize ldap_search_ext) + AC_CHECK_FUNCS(ldap_create_control ldap_create_page_control ldap_parse_page_control) ++if test "$enable_sasl" \!= "no"; then ++ AC_CHECK_FUNCS(sasl_auxprop_request ldap_sasl_interactive_bind_s) ++fi + if test "$enable_ssl" \!= "no"; then + AC_CHECK_FUNCS(ldapssl_client_init ldap_start_tls_s ldap_pvt_tls_set_option ldap_start_tls) + fi diff --git a/sys-auth/nss_ldap/nss_ldap-264.ebuild b/sys-auth/nss_ldap/nss_ldap-264.ebuild new file mode 100644 index 000000000000..ebbbd1eb7228 --- /dev/null +++ b/sys-auth/nss_ldap/nss_ldap-264.ebuild @@ -0,0 +1,101 @@ +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-auth/nss_ldap/nss_ldap-264.ebuild,v 1.1 2009/07/28 18:45:51 robbat2 Exp $ + +EAPI=2 +inherit fixheadtails eutils multilib autotools + +IUSE="debug ssl sasl kerberos" + +DESCRIPTION="NSS LDAP Module" +HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html" +SRC_URI="http://www.padl.com/download/${P}.tar.gz" + +SLOT="0" +LICENSE="LGPL-2" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86" + +DEPEND=">=net-nds/openldap-2.1.30-r5 + sasl? ( dev-libs/cyrus-sasl ) + kerberos? ( virtual/krb5 ) + ssl? ( dev-libs/openssl )" +RDEPEND="${DEPEND} + !<net-fs/autofs-4.1.3" + +src_prepare() { + cd "${S}" + + epatch "${FILESDIR}"/nsswitch.ldap.diff + + # Applied by upstream + #epatch "${FILESDIR}"/${PN}-239-tls-security-bug.patch + + epatch "${FILESDIR}"/${PN}-249-sasl-compile.patch + + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-252-reconnect-timeouts.patch + + # Applied by upstream + #EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-254-nss_getgrent_skipmembers.patch + + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-257-nss_max_group_depth.patch + + sed -i.orig \ + -e '/^ @(#)\$Id: ldap.conf,v/s,^,#,' \ + "${S}"/ldap.conf || die "failed to clean up initial version marker" + + # fix head/tail stuff + ht_fix_file "${S}"/Makefile.am "${S}"/Makefile.in "${S}"/depcomp + + # fix build borkage + for i in Makefile.{in,am}; do + sed -i.orig \ + -e '/^install-exec-local: nss_ldap.so/s,nss_ldap.so,,g' \ + "${S}"/$i + done + + epatch "${FILESDIR}"/${PN}-257.2-gssapi-headers.patch + + # Bug #214750, no automagic deps + epatch "${FILESDIR}"/${PN}-264-disable-automagic.patch + + # Upstream forgets the version number sometimes + #sed -i \ + # -e "/^AM_INIT_AUTOMAKE/s~2..~$PV~" \ + # "${S}"/configure.in + + eautoreconf +} + +src_configure() { + local myconf="" + use debug && myconf="${myconf} --enable-debugging" + use kerberos && myconf="${myconf} --enable-configurable-krb5-ccname-gssapi" + # --enable-schema-mapping \ + econf \ + --with-ldap-lib=openldap \ + --libdir=/$(get_libdir) \ + --enable-paged-results \ + --enable-rfc2307bis \ + $(use_enable ssl) \ + $(use_enable sasl) \ + $(use_enable kerberos krb) \ + ${myconf} || die "configure failed" +} + +src_install() { + dodir /$(get_libdir) + + emake -j1 DESTDIR="${D}" install || die "make install failed" + + insinto /etc + doins ldap.conf + + dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \ + COPYING CVSVersionInfo.txt README nsswitch.ldap certutil + docinto docs; dodoc doc/* +} + +pkg_postinst() { + elog "If you use a ldaps:// string in the 'uri' setting of" + elog "your /etc/ldap.conf, you must set 'ssl on'!" +} |