summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'net-nds/openldap')
-rw-r--r--net-nds/openldap/ChangeLog11
-rw-r--r--net-nds/openldap/Manifest53
-rw-r--r--net-nds/openldap/files/digest-openldap-2.2.272
-rw-r--r--net-nds/openldap/files/gencert.sh-2.2.27118
-rw-r--r--net-nds/openldap/openldap-2.2.27.ebuild365
5 files changed, 523 insertions, 26 deletions
diff --git a/net-nds/openldap/ChangeLog b/net-nds/openldap/ChangeLog
index 576e96de2737..2fb84e549df6 100644
--- a/net-nds/openldap/ChangeLog
+++ b/net-nds/openldap/ChangeLog
@@ -1,6 +1,15 @@
# ChangeLog for net-nds/openldap
# Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/ChangeLog,v 1.117 2005/06/06 11:28:44 corsair Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/ChangeLog,v 1.118 2005/07/03 18:00:00 robbat2 Exp $
+
+*openldap-2.2.27 (03 Jul 2005)
+
+ 03 Jul 2005; Robin H. Johnson <robbat2@gentoo.org>
+ +files/gencert.sh-2.2.27, +openldap-2.2.27.ebuild:
+ Fixed bugs #93074, #97782, #87591. This means that the nasty double-build
+ problem is now solved! New gencert.sh thanks to xmerlin. USE=minimal support
+ to skip building the servers. This is a strong candidate for going stable
+ after the 30 day period.
06 Jun 2005; Markus Rothe <corsair@gentoo.org> openldap-2.1.30-r4.ebuild:
Stable on ppc64
diff --git a/net-nds/openldap/Manifest b/net-nds/openldap/Manifest
index 9d9253cb96e5..b601bd69f8a7 100644
--- a/net-nds/openldap/Manifest
+++ b/net-nds/openldap/Manifest
@@ -1,45 +1,48 @@
-MD5 b5e394f172ed2fc1606160277b714dcd ChangeLog 21812
-MD5 b0d485ea1a51fb83c70daedef2599272 metadata.xml 279
-MD5 c11fbc4ba7824ae4f171eee66dc52e85 openldap-2.1.26.ebuild 7096
-MD5 7901f04890caac3b418942143b60b284 openldap-2.1.27-r1.ebuild 7452
+MD5 f0f6d95bb459a68e1af47d41c03698e0 openldap-2.1.30-r3.ebuild 7217
+MD5 eccf7065578fd1850586d204d1037294 openldap-2.2.27.ebuild 12433
+MD5 5bd89548fb8de6b4f0fdca12617e4e0c openldap-2.2.24.ebuild 9516
MD5 7147b6711fd08405e22461185a531b7e openldap-2.1.27.ebuild 7058
-MD5 d03b4b8965dada31e3357108cce8e0a2 openldap-2.1.30-r1.ebuild 7382
MD5 652065b4b1af04d11846fcdab7807ff8 openldap-2.1.30-r2.ebuild 7491
-MD5 f0f6d95bb459a68e1af47d41c03698e0 openldap-2.1.30-r3.ebuild 7217
+MD5 8ca33d2e9e42040d47ae4119384c34fe openldap-2.2.26-r2.ebuild 11641
+MD5 47247dbac20cbf48c08404fca5b51b7f openldap-2.2.26.ebuild 9741
MD5 2adaddb98fafad5e590a07c8e96cf5a8 openldap-2.1.30-r4.ebuild 7316
-MD5 89c1b232c5c53b96513eaf580cc4f5c2 openldap-2.1.30.ebuild 7368
-MD5 231a7a229c627e9ce2bdccb29c1a55e9 openldap-2.2.14.ebuild 7255
-MD5 b33684a7371eb8e18a8cc35c381cd469 openldap-2.2.19.ebuild 7963
MD5 bda33bb3429f18d3078dd9a642021ab2 openldap-2.2.23-r1.ebuild 8792
MD5 90ad9b62db369bad1f15a4401267e438 openldap-2.2.23.ebuild 7820
-MD5 5bd89548fb8de6b4f0fdca12617e4e0c openldap-2.2.24.ebuild 9516
+MD5 b33684a7371eb8e18a8cc35c381cd469 openldap-2.2.19.ebuild 7963
+MD5 231a7a229c627e9ce2bdccb29c1a55e9 openldap-2.2.14.ebuild 7255
+MD5 89c1b232c5c53b96513eaf580cc4f5c2 openldap-2.1.30.ebuild 7368
+MD5 c11fbc4ba7824ae4f171eee66dc52e85 openldap-2.1.26.ebuild 7096
+MD5 d03b4b8965dada31e3357108cce8e0a2 openldap-2.1.30-r1.ebuild 7382
+MD5 8207b5af41a71f4927b42ffd66bc5f10 ChangeLog 22209
+MD5 b0d485ea1a51fb83c70daedef2599272 metadata.xml 279
+MD5 7901f04890caac3b418942143b60b284 openldap-2.1.27-r1.ebuild 7452
MD5 b230f9445ab2e9b4ae10beb130d329db openldap-2.2.26-r1.ebuild 10639
-MD5 8ca33d2e9e42040d47ae4119384c34fe openldap-2.2.26-r2.ebuild 11641
-MD5 47247dbac20cbf48c08404fca5b51b7f openldap-2.2.26.ebuild 9741
-MD5 30ef1dc504563809f990b72ffe2be6c0 files/digest-openldap-2.1.26 65
-MD5 f829d2ebaab2e3e020a6b25522734331 files/digest-openldap-2.1.27 65
+MD5 c16eada85fafe1c17bf0089d0ef90ae3 files/gencert.sh-2.2.27 2939
+MD5 c8d6f4ebeb92ef1085b1bb77d7b4db5f files/gencert.sh 3505
+MD5 c58db81c8d7084a9abf48747134da0a8 files/openldap-2.1.30-db40.patch 718
MD5 f829d2ebaab2e3e020a6b25522734331 files/digest-openldap-2.1.27-r1 65
-MD5 6da89687536a5ec9a422938e997a8a04 files/digest-openldap-2.1.30 65
MD5 6da89687536a5ec9a422938e997a8a04 files/digest-openldap-2.1.30-r1 65
MD5 6da89687536a5ec9a422938e997a8a04 files/digest-openldap-2.1.30-r2 65
MD5 6da89687536a5ec9a422938e997a8a04 files/digest-openldap-2.1.30-r3 65
MD5 6da89687536a5ec9a422938e997a8a04 files/digest-openldap-2.1.30-r4 65
+MD5 1afdae6ce6fa709abed41ce45f41f5e8 files/openldap-2.1.30-tls-activedirectory-hang-fix.patch 1122
+MD5 4c6ef684996786b3a7cc2dc15c4ae7a4 files/openldap-2.2.14-db40.patch 773
+MD5 fa0a0dfbb9f3984fb2907c020e02ec73 files/digest-openldap-2.2.23-r1 65
+MD5 f1e72154e299a0b90a1157c7ed171daf files/digest-openldap-2.2.26-r1 130
+MD5 f1e72154e299a0b90a1157c7ed171daf files/digest-openldap-2.2.26-r2 130
+MD5 95a998755d69f0f30cb64b9cb8eeab15 files/openldap-2.2.14-perlthreadsfix.patch 614
+MD5 ca2c43219df88502aafeab9db9eda4d5 files/openldap-2.1.27-perlthreadsfix.patch 967
+MD5 30ef1dc504563809f990b72ffe2be6c0 files/digest-openldap-2.1.26 65
+MD5 f829d2ebaab2e3e020a6b25522734331 files/digest-openldap-2.1.27 65
+MD5 6da89687536a5ec9a422938e997a8a04 files/digest-openldap-2.1.30 65
MD5 27d2ee25b32bf4a429ae80149508ff34 files/digest-openldap-2.2.14 65
MD5 d1db1a9bf4afc66b26e33beef17f07f4 files/digest-openldap-2.2.19 65
MD5 fa0a0dfbb9f3984fb2907c020e02ec73 files/digest-openldap-2.2.23 65
-MD5 fa0a0dfbb9f3984fb2907c020e02ec73 files/digest-openldap-2.2.23-r1 65
MD5 f5d06782a157396faab1a04efa2c9305 files/digest-openldap-2.2.24 65
MD5 66eae9c51565619904da420475ec9ae6 files/digest-openldap-2.2.26 65
-MD5 f1e72154e299a0b90a1157c7ed171daf files/digest-openldap-2.2.26-r1 130
-MD5 f1e72154e299a0b90a1157c7ed171daf files/digest-openldap-2.2.26-r2 130
-MD5 c8d6f4ebeb92ef1085b1bb77d7b4db5f files/gencert.sh 3505
+MD5 919632051f7ddeeed29b011f163d17f0 files/digest-openldap-2.2.27 130
MD5 b10517f0e7be829d47bb8096d86fb519 files/openldap-2.1.27-db40.patch 718
-MD5 ca2c43219df88502aafeab9db9eda4d5 files/openldap-2.1.27-perlthreadsfix.patch 967
-MD5 c58db81c8d7084a9abf48747134da0a8 files/openldap-2.1.30-db40.patch 718
-MD5 1afdae6ce6fa709abed41ce45f41f5e8 files/openldap-2.1.30-tls-activedirectory-hang-fix.patch 1122
MD5 2e6d3f7cf49a1d85468befdff2bfc1d8 files/openldap-2.1.30-ximian_connector.patch 6435
-MD5 4c6ef684996786b3a7cc2dc15c4ae7a4 files/openldap-2.2.14-db40.patch 773
-MD5 95a998755d69f0f30cb64b9cb8eeab15 files/openldap-2.2.14-perlthreadsfix.patch 614
-MD5 50257f7d6b63c8e9778b6407c7d2dddb files/2.0/slapd.conf 277
MD5 1a7084c17a74e59db33578c0833e4099 files/2.0/slapd 584
+MD5 50257f7d6b63c8e9778b6407c7d2dddb files/2.0/slapd.conf 277
MD5 d68ba97d9f54b8455c1e2d93c352d24a files/2.0/slurpd 495
diff --git a/net-nds/openldap/files/digest-openldap-2.2.27 b/net-nds/openldap/files/digest-openldap-2.2.27
new file mode 100644
index 000000000000..3f10c4ded588
--- /dev/null
+++ b/net-nds/openldap/files/digest-openldap-2.2.27
@@ -0,0 +1,2 @@
+MD5 51c053cc0ec82ff20b453f49ce78bb89 openldap-2.2.27.tgz 2628140
+MD5 e2ae8148c4bed07d7a70edd930bdc403 openldap-2.1.30.tgz 2044673
diff --git a/net-nds/openldap/files/gencert.sh-2.2.27 b/net-nds/openldap/files/gencert.sh-2.2.27
new file mode 100644
index 000000000000..a06c53345d17
--- /dev/null
+++ b/net-nds/openldap/files/gencert.sh-2.2.27
@@ -0,0 +1,118 @@
+#!/bin/sh
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+#
+# Originally written by me for the mdk distro
+# On the old header you can find my old email <czoffoli@linux-mandrake.com>
+#
+# Last update 20050401 - Christian Zoffoli <xmerlin@gentoo.org>
+#
+
+VERSION="0.3"
+openssl="/usr/bin/openssl"
+opensslopts=""
+ldapconfdir="/etc/openldap/ssl"
+pemfile="${ldapconfdir}/ldap.pem"
+randfile="${ldapconfdir}/ldap.rand"
+cfgfile="${ldapconfdir}/ldap.cfg"
+
+function fixperms {
+ chown root:ldap ${ldapconfdir} -R
+ find ${ldapconfdir} -type f -exec chmod 640 \{\} \;
+ chmod 750 ${ldapconfdir}
+}
+
+
+if [ ! -x ${openssl} ]; then
+ exit 0
+fi
+
+if [ ! -d ${ldapconfdir} ]; then
+ mkdir -p ${ldapconfdir}
+fi
+
+fixperms
+
+if [ -f ${pemfile} ]; then
+ echo "${pemfile} already exist, dying"
+ exit 0
+fi
+
+
+dd if=/dev/urandom of=$randfile count=1 2>/dev/null
+
+echo ""
+echo "______________________________________________________________________${T_ME}"
+echo ""
+echo "Creating self-signed certificate -- Version ${VERSION}"
+echo ""
+echo "______________________________________________________________________${T_ME}"
+echo ""
+
+
+COMMONNAME=`hostname`
+if [ ! -n "$COMMONNAME" ]; then
+ COMMONNAME="www.openldap.org"
+fi
+
+
+if [ -f ${cfgfile} ]; then
+ echo "${cfgfile} found, would you like to use it ? (y/n)"
+ read answer
+
+ case "$answer" in
+ y|Y)
+ opensslopts="-batch"
+ ;;
+ n|N)
+ cat >${cfgfile} <<EOT
+ [ req ]
+ default_bits = 1024
+ distinguished_name = req_DN
+ RANDFILE = ${randfile}
+ [ req_DN ]
+ countryName = "1. Country Name (2 letter code)"
+ countryName_default = "US"
+ countryName_min = 2
+ countryName_max = 2
+ stateOrProvinceName = "2. State or Province Name (full name) "
+ stateOrProvinceName_default = ""
+ localityName = "3. Locality Name (eg, city) "
+ localityName_default = ""
+ 0.organizationName = "4. Organization Name (eg, company) "
+ 0.organizationName_default = "LDAP Server"
+ organizationalUnitName = "5. Organizational Unit Name (eg, section) "
+ organizationalUnitName_default = "For testing purposes only"
+ commonName = "6. Common Name (eg, CA name) "
+ commonName_max = 64
+ commonName_default = "${COMMONNAME}"
+ emailAddress = "7. Email Address (eg, name@FQDN)"
+ emailAddress_max = 40
+ emailAddress_default = ""
+EOT
+ ;;
+ *)
+ echo "Wrong answer, retry!"
+ exit 1
+ ;;
+ esac
+fi
+
+echo ""
+
+${openssl} req -config ${cfgfile} ${opensslopts} -new -rand ${randfile} -x509 -nodes -out ${pemfile} -keyout ${pemfile} -days 999999
+
+if [ $? -ne 0 ]; then
+ echo "cca:Error: Failed to generate certificate " 1>&2
+ exit 1
+else
+ echo -e "\nCertificate creation done!"
+fi
+
+if [ -f ${randfile} ]; then
+ rm -f ${randfile}
+fi
+
+if [ -f ${pemfile} ]; then
+ fixperms
+fi
diff --git a/net-nds/openldap/openldap-2.2.27.ebuild b/net-nds/openldap/openldap-2.2.27.ebuild
new file mode 100644
index 000000000000..c29b07d6ba7e
--- /dev/null
+++ b/net-nds/openldap/openldap-2.2.27.ebuild
@@ -0,0 +1,365 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/openldap-2.2.27.ebuild,v 1.1 2005/07/03 18:00:00 robbat2 Exp $
+
+inherit flag-o-matic toolchain-funcs eutils multilib
+
+OLD_PV="2.1.30"
+OLD_P="${PN}-${OLD_PV}"
+OLD_S="${WORKDIR}/${OLD_P}"
+
+DESCRIPTION="LDAP suite of application and development tools"
+HOMEPAGE="http://www.OpenLDAP.org/"
+SRC_URI="mirror://openldap/openldap-release/${P}.tgz
+ mirror://openldap/openldap-release/${OLD_P}.tgz"
+
+LICENSE="OPENLDAP"
+SLOT="0"
+IUSE="berkdb crypt debug gdbm ipv6 kerberos minimal odbc perl readline samba sasl slp ssl tcpd"
+KEYWORDS="~alpha ~amd64 ~ia64 ~ppc ~ppc64 ~sparc ~x86"
+
+RDEPEND=">=sys-libs/ncurses-5.1
+ tcpd? ( >=sys-apps/tcp-wrappers-7.6 )
+ ssl? ( >=dev-libs/openssl-0.9.6 )
+ readline? ( >=sys-libs/readline-4.1 )
+ sasl? ( >=dev-libs/cyrus-sasl-2.1.7-r3 )
+ odbc? ( dev-db/unixODBC )
+ slp? ( >=net-libs/openslp-1.0 )
+ perl? ( >=dev-lang/perl-5.6 )
+ samba? ( >=dev-libs/openssl-0.9.6 )
+ kerberos? ( virtual/krb5 )"
+
+# note that the 'samba' USE flag pulling in OpenSSL is NOT an error. OpenLDAP
+# uses OpenSSL for LanMan/NTLM hashing (which is used in some enviroments, like
+# mine at work)!
+# Robin H. Johnson <robbat2@gentoo.org> March 8, 2004
+
+# if USE=berkdb
+# pull in sys-libs/db
+# else if USE=gdbm
+# pull in sys-libs/gdbm
+# else
+# pull in sys-libs/db
+RDEPEND_BERKDB=">=sys-libs/db-4.2.52_p1"
+RDEPEND_GDBM=">=sys-libs/gdbm-1.8.0"
+RDEPEND="${RDEPEND}
+ berkdb? ( ${RDEPEND_BERKDB} )
+ !berkdb? (
+ gdbm? ( ${RDEPEND_GDBM} )
+ !gdbm? ( ${RDEPEND_BERKDB} )
+ )"
+
+DEPEND="${RDEPEND}
+ sys-devel/libtool
+ >=sys-apps/sed-4"
+
+# for tracking versions
+OPENLDAP_VERSIONTAG="/var/lib/openldap-data/.version-tag"
+
+#DEPEND="${DEPEND} !<net-nds/openldap-2.2"
+
+openldap_upgrade_warning() {
+ ewarn "If you are upgrading from OpenLDAP-2.1, and run slapd on this"
+ ewarn "machine please see the ebuild for upgrade instructions, otherwise"
+ ewarn "you may corrupt your database!"
+ echo
+ ewarn "Part of the configuration file syntax has changed:"
+ ewarn "'access to attribute=' is now 'access to attrs='"
+ echo
+ ewarn "You must also run revdep-rebuild after upgrading from 2.1 to 2.2:"
+ ewarn "# revdep-rebuild --soname liblber.so.2"
+ ewarn "# revdep-rebuild --soname libldap.so.2"
+ ewarn "# revdep-rebuild --soname libldap_r.so.2"
+}
+
+pkg_setup() {
+ # grab lines
+ openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' /etc/openldap/slapd.conf)"
+ datafiles=""
+ for d in $openldap_datadirs; do
+ datafiles="${datafiles} $(ls $d/*db*} 2>/dev/null)"
+ done
+ # remove extra spaces
+ datafiles="$(echo ${datafiles// })"
+ # TODO: read OPENLDAP_VERSIONTAG instead in future
+ if has_version '<net-nds/openldap-2.2' && [ -n "$datafiles" ]; then
+ eerror "A possible old installation of OpenLDAP was detected"
+ eerror "As major version upgrades to 2.2 can corrupt your database"
+ eerror "You need to dump your database and re-create it afterwards."
+ eerror ""
+ d="$(date -u +%s)"
+ l="/root/ldapdump.${d}"
+ i="${l}.raw"
+ eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
+ eerror " 2. slapcat -l ${i}"
+ eerror " 3. egrep -v '^entryCSN:' <${i} >${l}"
+ eerror " 4. emerge unmerge '<=net-nds/openldap-2.1*'"
+ eerror " 5. mv /var/lib/openldap-data/ /var/lib/openldap-data,2.1/"
+ eerror " 6. emerge '>=net-nds/openldap-2.2'"
+ eerror " 7. etc-update, and ensure that you apply the changes"
+ eerror " 8. slapadd -l ${l}"
+ eerror " 9. chown ldap:ldap /var/lib/openldap-data/*"
+ eerror "10. /etc/init.d/slapd start"
+ eerror "11. check that your data is intact."
+ eerror "12. set up the new replication system."
+ eerror ""
+ eerror "This install will not proceed until your old data directory"
+ eerror "is at least moved out of the way."
+ exit 1
+ fi
+ openldap_upgrade_warning
+}
+
+pkg_preinst() {
+ openldap_upgrade_warning
+ enewgroup ldap 439
+ enewuser ldap 439 /bin/false /usr/$(get_libdir)/openldap ldap
+}
+
+src_unpack() {
+ unpack ${A}
+
+ # According to MDK, the link order needs to be changed so that
+ # on systems w/ MD5 passwords the system crypt library is used
+ # (the net result is that "passwd" can be used to change ldap passwords w/
+ # proper pam support)
+ sed -i -e 's/$(SECURITY_LIBS) $(LDIF_LIBS) $(LUTIL_LIBS)/$(LUTIL_LIBS) $(SECURITY_LIBS) $(LDIF_LIBS)/' \
+ ${S}/servers/slapd/Makefile.in
+
+ # Fix up DB-4.0 linking problem
+ # remember to autoconf! this expands configure by 500 lines (4 lines to m4
+ # stuff).
+ EPATCH_OPTS="-p1 -d ${S}" epatch ${FILESDIR}/${PN}-2.2.14-db40.patch
+
+ # supersedes old fix for bug #31202
+ EPATCH_OPTS="-p1 -d ${S}" epatch ${FILESDIR}/${PN}-2.2.14-perlthreadsfix.patch
+
+ # ensure correct SLAPI path by default
+ sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "/var/run/openldap/slapd.sock",' \
+ ${S}/include/ldap_defaults.h
+
+ # fix up some automake stuff
+ #sed -i -e 's,^AC_CONFIG_HEADER,AM_CONFIG_HEADER,' ${S}/configure.in
+
+ # fix up stuff for newer autoconf that simulates autoconf-2.13, but doesn't
+ # do it perfectly.
+ cd ${S}/build
+ ln -s shtool install
+ ln -s shtool install.sh
+
+ # reconf for db40 fixes.
+ cd ${S}
+ export WANT_AUTOMAKE="1.4"
+ export WANT_AUTOCONF="2.1"
+ einfo "Running libtoolize"
+ libtoolize --copy --force
+ #einfo "Running automake"
+ #automake --add-missing || die "automake failed"
+ #einfo "Running aclocal"
+ #aclocal || die "aclocal failed"
+ einfo "Running autoconf"
+ autoconf || die "autoconf failed"
+}
+
+src_compile() {
+ local myconf
+
+ # HDB is only available with BerkDB
+ myconf_berkdb='--enable-bdb --with-ldbm-api=berkeley --enable-hdb=mod'
+ myconf_gdbm='--disable-bdb --with-ldbm-api=gdbm --disable-hdb'
+
+ use debug && myconf="${myconf} --enable-debug" # there is no disable-debug
+
+ # enable slapd/slurpd servers if not doing a minimal build
+ if ! use minimal; then
+ myconf="${myconf} --enable-slapd --enable-slurpd"
+ # base backend stuff
+ myconf="${myconf} --enable-ldbm"
+ if use berkdb; then
+ einfo "Using Berkeley DB for local backend"
+ myconf="${myconf} ${myconf_berkdb}"
+ elif use gdbm; then
+ einfo "Using GDBM for local backend"
+ myconf="${myconf} ${myconf_gdbm}"
+ else
+ ewarn "Neither gdbm or berkdb USE flags present, falling back to"
+ ewarn "Berkeley DB for local backend"
+ myconf="${myconf} ${myconf_berkdb}"
+ fi
+ # extra backend stuff
+ myconf="${myconf} --enable-passwd=mod --enable-phonetic=mod"
+ myconf="${myconf} --enable-dnssrv=mod --enable-ldap"
+ myconf="${myconf} --enable-meta=mod --enable-monitor=mod"
+ myconf="${myconf} --enable-null=mod --enable-shell=mod"
+ myconf="${myconf} `use_enable perl perl mod`"
+ myconf="${myconf} `use_enable odbc sql mod`"
+ # slapd options
+ myconf="${myconf} `use_enable crypt` `use_enable slp`"
+ myconf="${myconf} --enable-rewrite --enable-rlookups"
+ myconf="${myconf} --enable-aci --enable-modules"
+ myconf="${myconf} --enable-cleartext --enable-slapi"
+ myconf="${myconf} `use_with samba lmpasswd`"
+ # disabled options:
+ # --with-bdb-module=dynamic
+ # alas, for BSD only:
+ # --with-fetch
+ # slapd overlay options
+ myconf="${myconf} --enable-dyngroup --enable-proxycache"
+ else
+ myconf="${myconf} --disable-slapd --disable-slurpd"
+ myconf="${myconf} --disable-bdb --disable-monitor"
+ myconf="${myconf} --disable-slurpd"
+ fi
+ # basic functionality stuff
+ myconf="${myconf} --enable-syslog --enable-dynamic"
+ myconf="${myconf} --enable-local --enable-proctitle"
+
+ myconf="${myconf} `use_enable ipv6` `use_enable readline`"
+ myconf="${myconf} `use_with sasl cyrus-sasl` `use_enable sasl spasswd`"
+ myconf="${myconf} `use_enable tcpd wrappers` `use_with ssl tls`"
+
+ if [ $(get_libdir) != "lib" ] ; then
+ append-ldflags -L/usr/$(get_libdir)
+ fi
+
+ econf \
+ --enable-static \
+ --enable-shared \
+ --libexecdir=/usr/$(get_libdir)/openldap \
+ ${myconf} || die "configure failed"
+
+ make depend || die "make depend failed"
+ make || die "make failed"
+
+ # special kerberos stuff
+ tc-export CC
+ if ! use minimal && use kerberos ; then
+ cd ${S}/contrib/slapd-modules/passwd/ && \
+ ${CC} -shared -I../../../include ${CFLAGS} -fPIC \
+ -DHAVE_KRB5 -o pw-kerberos.so kerberos.c || \
+ die "failed to compile kerberos module"
+ fi
+
+ # now build old compat lib
+ cd ${OLD_S} && \
+ econf \
+ --enable-static --enable-shared \
+ --libexecdir=/usr/$(get_libdir)/openldap \
+ --disable-slapd --disable-aci --disable-cleartext --disable-crypt \
+ --disable-lmpasswd --disable-spasswd --enable-modules \
+ --disable-phonetic --disable-rewrite --disable-rlookups --disable-slp \
+ --disable-wrappers --disable-bdb --disable-dnssrv --disable-ldap \
+ --disable-ldbm --disable-meta --disable-monitor --disable-null \
+ --disable-passwd --disable-perl --disable-shell --disable-sql \
+ --disable-slurpd || die "configure-2.1 failed"
+ make depend || die "make-2.1 depend failed"
+ cd ${OLD_S}/libraries/liblber && make liblber.la || die "make-2.1 liblber.la failed"
+ cd ${OLD_S}/libraries/libldap && make libldap.la || die "make-2.1 libldap.la failed"
+ cd ${OLD_S}/libraries/libldap_r && make libldap_r.la || die "make-2.1 libldap_r.la failed"
+}
+
+src_test() {
+ einfo "Doing tests"
+ cd tests ; make tests || die "make tests failed"
+}
+
+src_install() {
+ make DESTDIR=${D} install || die "make install failed"
+
+ dodoc ANNOUNCEMENT CHANGES COPYRIGHT README LICENSE
+ docinto rfc ; dodoc doc/rfc/*.txt
+
+ # openldap modules go here
+ # TODO: write some code to populate slapd.conf with moduleload statements
+ keepdir /usr/$(get_libdir)/openldap/openldap/
+
+ # make state directories
+ for x in data slurp ldbm; do
+ keepdir /var/lib/openldap-${x}
+ fowners ldap:ldap /var/lib/openldap-${x}
+ fperms 0700 /var/lib/openldap-${x}
+ done
+
+ echo "OLDPF='${PF}'" >${D}${OPENLDAP_VERSIONTAG}
+ echo "# do NOT delete this. it is used" >>${D}${OPENLDAP_VERSIONTAG}
+ echo "# to track versions for upgrading." >>${D}${OPENLDAP_VERSIONTAG}
+
+ # manually remove /var/tmp references in .la
+ # because it is packaged with an ancient libtool
+ for x in ${D}/usr/$(get_libdir)/lib*.la; do
+ sed -i -e "s:-L${S}[/]*libraries::" ${x}
+ done
+
+ # change slapd.pid location in configuration file
+ keepdir /var/run/openldap
+ fowners ldap:ldap /var/run/openldap
+ fperms 0755 /var/run/openldap
+
+ if ! use minimal; then
+ # config modifications
+ for f in /etc/openldap/slapd.conf /etc/openldap/slapd.conf.default; do
+ sed -e "s:/var/lib/run/slapd.:/var/run/openldap/slapd.:" -i ${D}/${f}
+ sed -e "/database\tbdb$/acheckpoint 32 30 # <kbyte> <min>" -i ${D}/${f}
+ fowners root:ldap ${f}
+ fperms 0640 ${f}
+ done
+ # install our own init scripts
+ exeinto /etc/init.d
+ newexe ${FILESDIR}/2.0/slapd slapd
+ newexe ${FILESDIR}/2.0/slurpd slurpd
+ if [ $(get_libdir) != lib ]; then
+ sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i ${D}/etc/init.d/{slapd,slurpd}
+ fi
+ insinto /etc/conf.d
+ newins ${FILESDIR}/2.0/slapd.conf slapd
+ if use kerberos && [ -f ${S}/contrib/slapd-modules/passwd/pw-kerberos.so ]; then
+ insinto /usr/$(get_libdir)/openldap/openldap
+ doins ${S}/contrib/slapd-modules/passwd/pw-kerberos.so || \
+ die "failed to install kerberos passwd module"
+ fi
+ fi
+
+ # install MDK's ssl cert script
+ if use ssl || use samba; then
+ dodir /etc/openldap/ssl
+ exeinto /etc/openldap/ssl
+ newexe ${FILESDIR}/gencert.sh-2.2.27 gencert.sh
+ fi
+
+ dolib.so ${OLD_S}/libraries/liblber/.libs/liblber.so.2.0.130 || \
+ die "failed to install old liblber"
+ dolib.so ${OLD_S}/libraries/libldap/.libs/libldap.so.2.0.130 || \
+ die "failed to install old libldap"
+ dolib.so ${OLD_S}/libraries/libldap_r/.libs/libldap_r.so.2.0.130 || \
+ die "failed to install old libldap_r"
+}
+
+pkg_postinst() {
+ if use ssl; then
+ # make a self-signed ssl cert (if there isn't one there already)
+ if [ ! -e /etc/openldap/ssl/ldap.pem ]
+ then
+ cd /etc/openldap/ssl
+ yes "" | sh gencert.sh
+ chmod 640 ldap.pem
+ chown root:ldap ldap.pem
+ else
+ einfo "An LDAP cert already appears to exist, no creating"
+ fi
+ fi
+
+ # Since moving to running openldap as user ldap there are some
+ # permissions problems with directories and files.
+ # Let's make sure these permissions are correct.
+ chown ldap:ldap /var/run/openldap
+ chmod 0755 /var/run/openldap
+ chown root:ldap /etc/openldap/slapd.conf{,.default}
+ chmod 0640 /etc/openldap/slapd.conf{,.default}
+ chown ldap:ldap /var/lib/openldap-{data,ldbm,slurp}
+
+ if use ssl; then
+ ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
+ ewarn "add 'TLS_REQCERT never' if you want to use them."
+ fi
+ openldap_upgrade_warning
+}