From 0a5fcb048503b2ae811957122bc2e9bc1c637531 Mon Sep 17 00:00:00 2001
From: "Robin H. Johnson" <robbat2@gentoo.org>
Date: Tue, 28 Jul 2009 18:45:51 +0000
Subject: Version bump. Bug #214750 - fix automagic deps on kerberos, ssl,
 sasl. (Portage version: 2.2_rc33/cvs/Linux x86_64)

---
 sys-auth/nss_ldap/ChangeLog                        |   8 +-
 .../files/nss_ldap-264-disable-automagic.patch     | 109 +++++++++++++++++++++
 sys-auth/nss_ldap/nss_ldap-264.ebuild              | 101 +++++++++++++++++++
 3 files changed, 217 insertions(+), 1 deletion(-)
 create mode 100644 sys-auth/nss_ldap/files/nss_ldap-264-disable-automagic.patch
 create mode 100644 sys-auth/nss_ldap/nss_ldap-264.ebuild

(limited to 'sys-auth')

diff --git a/sys-auth/nss_ldap/ChangeLog b/sys-auth/nss_ldap/ChangeLog
index d52ab00afd21..d3372f01a581 100644
--- a/sys-auth/nss_ldap/ChangeLog
+++ b/sys-auth/nss_ldap/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for sys-auth/nss_ldap
 # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-auth/nss_ldap/ChangeLog,v 1.57 2009/07/28 16:49:56 robbat2 Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-auth/nss_ldap/ChangeLog,v 1.58 2009/07/28 18:45:51 robbat2 Exp $
+
+*nss_ldap-264 (28 Jul 2009)
+
+  28 Jul 2009; Robin H. Johnson <robbat2@gentoo.org> +nss_ldap-264.ebuild,
+  +files/nss_ldap-264-disable-automagic.patch:
+  Version bump. Bug #214750 - fix automagic deps on kerberos, ssl, sasl.
 
   28 Jul 2009; Robin H. Johnson <robbat2@gentoo.org>
   -nss_ldap-239-r1.ebuild, -nss_ldap-249.ebuild, -nss_ldap-250.ebuild,
diff --git a/sys-auth/nss_ldap/files/nss_ldap-264-disable-automagic.patch b/sys-auth/nss_ldap/files/nss_ldap-264-disable-automagic.patch
new file mode 100644
index 000000000000..7671574da4da
--- /dev/null
+++ b/sys-auth/nss_ldap/files/nss_ldap-264-disable-automagic.patch
@@ -0,0 +1,109 @@
+Explicitly provide a way to disable Kerberos/SASL/SSL usage in nss_ldap, so
+that you can build non-kerberos versions on systems with Kerberos installed
+WITHOUT it linking due to presence.
+
+Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
+
+diff -Nuar nss_ldap-264.orig/configure.in nss_ldap-264/configure.in
+--- nss_ldap-264.orig/configure.in	2009-07-28 10:35:27.599965878 -0700
++++ nss_ldap-264/configure.in	2009-07-28 10:36:00.620375469 -0700
+@@ -10,6 +10,21 @@
+ AC_PROG_INSTALL
+ 
+ dnl
++dnl Turn on/off SSL
++dnl
++AC_ARG_ENABLE(ssl, [  --enable-ssl        enable SSL code ], [AC_DEFINE([WANT_SSL], [1], [Define if SSL is wanted])])
++
++dnl
++dnl Turn on/off Kerberos
++dnl
++AC_ARG_ENABLE(krb, [  --enable-krb        enable Kerberos code ], [AC_DEFINE([WANT_KRB], [1], [Define if Kerberos is wanted])])
++
++dnl
++dnl Turn on/off SASL
++dnl
++AC_ARG_ENABLE(sasl, [  --enable-sasl        enable Kerberos code ], [AC_DEFINE([WANT_SASL], [1], [Define if SASL is wanted])])
++
++dnl
+ dnl --enable-rfc2307bis is now deprecated; if this option is set,
+ dnl then RFC2307bis support will be enabled by default. However
+ dnl it can now always be enabled at runtime with the nss_schema
+@@ -178,12 +193,18 @@
+ AC_CHECK_HEADERS(sys/un.h)
+ AC_CHECK_HEADERS(libc-lock.h)
+ AC_CHECK_HEADERS(bits/libc-lock.h)
+-AC_CHECK_HEADERS(sasl.h sasl/sasl.h)
++if test "$enable_sasl" \!= "no"; then
++  AC_CHECK_HEADERS(sasl.h sasl/sasl.h)
++fi
+ AC_CHECK_HEADERS(strings.h)
+-AC_CHECK_HEADERS(gssldap.h)
+-AC_CHECK_HEADERS(gsssasl.h)
+-AC_CHECK_HEADERS(gssapi/gssapi_krb5.h gssapi/gssapi.h gssapi.h)
+-AC_CHECK_HEADERS(krb5.h)
++if test "$enable_krb" \!= "no"; then
++  AC_CHECK_HEADERS(gssldap.h)
++  if test "$enable_sasl" \!= "no"; then
++    AC_CHECK_HEADERS(gsssasl.h)
++  fi
++  AC_CHECK_HEADERS(gssapi/gssapi_krb5.h gssapi/gssapi.h gssapi.h)
++  AC_CHECK_HEADERS(krb5.h)
++fi
+ 
+ AC_CHECK_LIB(resolv, main)
+ AC_CHECK_LIB(nsl, main)
+@@ -286,19 +307,25 @@
+ AC_CHECK_LIB(dl, dlopen,[LIBS="-ldl $LIBS"],,$LIBS)
+ dnl AC_CHECK_LIB(db, main,[LIBS="-ldb $LIBS"],,$LIBS)
+ 
+-AC_CHECK_LIB(gssapi, gss_krb5_ccache_name,[LIBS="-lgssapi $LIBS" found_gssapi_lib=yes],,$LIBS)
+-if test -z "$found_gssapi_lib"; then
+-  AC_CHECK_LIB(gssapi_krb5, gss_krb5_ccache_name,[LIBS="-lgssapi_krb5 $LIBS"],,$LIBS)
++if test "$enable_krb" \!= "no"; then
++  AC_CHECK_LIB(gssapi, gss_krb5_ccache_name,[LIBS="-lgssapi $LIBS" found_gssapi_lib=yes],,$LIBS)
++  if test -z "$found_gssapi_lib"; then
++    AC_CHECK_LIB(gssapi_krb5, gss_krb5_ccache_name,[LIBS="-lgssapi_krb5 $LIBS"],,$LIBS)
++  fi
+ fi
+ 
+ dnl Following checks probably not strictly necessary.
+ dnl AC_CHECK_LIB(crypto, main,[LIBS="-lcrypto $LIBS"],,$LIBS)
+ dnl AC_CHECK_LIB(ssl, main,[LIBS="-lssl $LIBS"],,$LIBS)
+ AC_CHECK_LIB(com_err, main,[LIBS="-lcom_err $LIBS"],,$LIBS)
+-dnl AC_CHECK_LIB(k5crypto, main,[LIBS="-lk5crypto $LIBS"],,$LIBS)
+-AC_CHECK_LIB(krb5, main,[LIBS="-lkrb5 $LIBS"],,$LIBS)
+-dnl AC_CHECK_LIB(krb4, main,[LIBS="-lkrb4 $LIBS"],,$LIBS)
+-AC_CHECK_LIB(sasl2, sasl_client_init)
++if test "$enable_krb" \!= "no"; then
++  dnl AC_CHECK_LIB(k5crypto, main,[LIBS="-lk5crypto $LIBS"],,$LIBS)
++  AC_CHECK_LIB(krb5, main,[LIBS="-lkrb5 $LIBS"],,$LIBS)
++  dnl AC_CHECK_LIB(krb4, main,[LIBS="-lkrb4 $LIBS"],,$LIBS)
++fi
++if test "$enable_sasl" \!= "no"; then
++  AC_CHECK_LIB(sasl2, sasl_client_init)
++fi
+ 
+ if test -z "$found_ldap_lib" -a \( $with_ldap_lib = auto -o $with_ldap_lib = umich -o $with_ldap_lib = openldap \); then
+   AC_CHECK_LIB(lber, main)
+@@ -331,13 +358,17 @@
+   AC_CHECK_LIB(pthread, main)
+ fi
+ 
+-AC_CHECK_LIB(gssldap, ldap_gss_bind,[LIBS="-lgssldap $LIBS"],,$LIBS)
++if test "$enable_krb" \!= "no"; then
++  AC_CHECK_LIB(gssldap, ldap_gss_bind,[LIBS="-lgssldap $LIBS"],,$LIBS)
++fi
+ 
+-AC_CHECK_FUNCS(sasl_auxprop_request)
+ AC_CHECK_FUNCS(ldap_init ldap_get_lderrno ldap_parse_result ldap_memfree ldap_controls_free)
+ AC_CHECK_FUNCS(ldap_ld_free ldap_explode_rdn ldap_set_option ldap_get_option)
+-AC_CHECK_FUNCS(ldap_sasl_interactive_bind_s ldap_initialize ldap_search_ext)
++AC_CHECK_FUNCS(ldap_initialize ldap_search_ext)
+ AC_CHECK_FUNCS(ldap_create_control ldap_create_page_control ldap_parse_page_control)
++if test "$enable_sasl" \!= "no"; then
++  AC_CHECK_FUNCS(sasl_auxprop_request ldap_sasl_interactive_bind_s)
++fi
+ if test "$enable_ssl" \!= "no"; then
+   AC_CHECK_FUNCS(ldapssl_client_init ldap_start_tls_s ldap_pvt_tls_set_option ldap_start_tls)
+ fi
diff --git a/sys-auth/nss_ldap/nss_ldap-264.ebuild b/sys-auth/nss_ldap/nss_ldap-264.ebuild
new file mode 100644
index 000000000000..ebbbd1eb7228
--- /dev/null
+++ b/sys-auth/nss_ldap/nss_ldap-264.ebuild
@@ -0,0 +1,101 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-auth/nss_ldap/nss_ldap-264.ebuild,v 1.1 2009/07/28 18:45:51 robbat2 Exp $
+
+EAPI=2
+inherit fixheadtails eutils multilib autotools
+
+IUSE="debug ssl sasl kerberos"
+
+DESCRIPTION="NSS LDAP Module"
+HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html"
+SRC_URI="http://www.padl.com/download/${P}.tar.gz"
+
+SLOT="0"
+LICENSE="LGPL-2"
+KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86"
+
+DEPEND=">=net-nds/openldap-2.1.30-r5
+		sasl? ( dev-libs/cyrus-sasl )
+		kerberos? ( virtual/krb5 )
+		ssl? ( dev-libs/openssl )"
+RDEPEND="${DEPEND}
+		!<net-fs/autofs-4.1.3"
+
+src_prepare() {
+	cd "${S}"
+
+	epatch "${FILESDIR}"/nsswitch.ldap.diff
+
+	# Applied by upstream
+	#epatch "${FILESDIR}"/${PN}-239-tls-security-bug.patch
+
+	epatch "${FILESDIR}"/${PN}-249-sasl-compile.patch
+
+	EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-252-reconnect-timeouts.patch
+
+	# Applied by upstream
+	#EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-254-nss_getgrent_skipmembers.patch
+
+	EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-257-nss_max_group_depth.patch
+
+	sed -i.orig \
+		-e '/^ @(#)\$Id: ldap.conf,v/s,^,#,' \
+		"${S}"/ldap.conf || die "failed to clean up initial version marker"
+
+	# fix head/tail stuff
+	ht_fix_file "${S}"/Makefile.am "${S}"/Makefile.in "${S}"/depcomp
+
+	# fix build borkage
+	for i in Makefile.{in,am}; do
+	  sed -i.orig \
+	    -e '/^install-exec-local: nss_ldap.so/s,nss_ldap.so,,g' \
+	    "${S}"/$i
+	done
+
+	epatch "${FILESDIR}"/${PN}-257.2-gssapi-headers.patch
+
+	# Bug #214750, no automagic deps
+	epatch "${FILESDIR}"/${PN}-264-disable-automagic.patch
+
+	# Upstream forgets the version number sometimes
+	#sed -i \
+	#	-e "/^AM_INIT_AUTOMAKE/s~2..~$PV~" \
+	#	"${S}"/configure.in
+
+	eautoreconf
+}
+
+src_configure() {
+	local myconf=""
+	use debug && myconf="${myconf} --enable-debugging"
+	use kerberos && myconf="${myconf} --enable-configurable-krb5-ccname-gssapi"
+	# --enable-schema-mapping \
+	econf \
+		--with-ldap-lib=openldap \
+		--libdir=/$(get_libdir) \
+		--enable-paged-results \
+		--enable-rfc2307bis \
+		$(use_enable ssl) \
+		$(use_enable sasl) \
+		$(use_enable kerberos krb) \
+		${myconf} || die "configure failed"
+}
+
+src_install() {
+	dodir /$(get_libdir)
+
+	emake -j1 DESTDIR="${D}" install || die "make install failed"
+
+	insinto /etc
+	doins ldap.conf
+
+	dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \
+		COPYING CVSVersionInfo.txt README nsswitch.ldap certutil
+	docinto docs; dodoc doc/*
+}
+
+pkg_postinst() {
+	elog "If you use a ldaps:// string in the 'uri' setting of"
+	elog "your /etc/ldap.conf, you must set 'ssl on'!"
+}
-- 
cgit v1.2.3-65-gdbad