From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1204750-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by finch.gentoo.org (Postfix) with ESMTPS id 8566D138359
for <garchives@archives.gentoo.org>; Fri, 11 Sep 2020 08:52:12 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
by pigeon.gentoo.org (Postfix) with SMTP id 8FE10E092F;
Fri, 11 Sep 2020 08:52:11 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by pigeon.gentoo.org (Postfix) with ESMTPS id 5F5A9E092F
for <gentoo-commits@lists.gentoo.org>; Fri, 11 Sep 2020 08:52:11 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by smtp.gentoo.org (Postfix) with ESMTPS id A67BE340D69
for <gentoo-commits@lists.gentoo.org>; Fri, 11 Sep 2020 08:52:09 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
by oystercatcher.gentoo.org (Postfix) with ESMTP id 19F4D2E1
for <gentoo-commits@lists.gentoo.org>; Fri, 11 Sep 2020 08:52:08 +0000 (UTC)
From: "Mikle Kolyada" <zlogene@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Mikle Kolyada" <zlogene@gentoo.org>
Message-ID: <1599814324.208b69438db95d3f23b86c052a45dac02c184570.zlogene@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: net-nds/openldap/
X-VCS-Repository: repo/gentoo
X-VCS-Files: net-nds/openldap/Manifest net-nds/openldap/openldap-2.4.53.ebuild
X-VCS-Directories: net-nds/openldap/
X-VCS-Committer: zlogene
X-VCS-Committer-Name: Mikle Kolyada
X-VCS-Revision: 208b69438db95d3f23b86c052a45dac02c184570
X-VCS-Branch: master
Date: Fri, 11 Sep 2020 08:52:08 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: 0f4c0e86-d7f6-426d-b2d3-b6a2f76aa114
X-Archives-Hash: 64e9972fdd8c60349787a71ef4676381
commit: 208b69438db95d3f23b86c052a45dac02c184570
Author: Mikle Kolyada <zlogene <AT> gentoo <DOT> org>
AuthorDate: Fri Sep 11 08:50:48 2020 +0000
Commit: Mikle Kolyada <zlogene <AT> gentoo <DOT> org>
CommitDate: Fri Sep 11 08:52:04 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=208b6943
net-nds/openldap: Version bump (v2.5.53)
Package-Manager: Portage-3.0.4, Repoman-3.0.1
Signed-off-by: Mikle Kolyada <zlogene <AT> gentoo.org>
net-nds/openldap/Manifest | 1 +
net-nds/openldap/openldap-2.4.53.ebuild | 907 ++++++++++++++++++++++++++++++++
2 files changed, 908 insertions(+)
diff --git a/net-nds/openldap/Manifest b/net-nds/openldap/Manifest
index b2582fe8395..bf08d5e73c6 100644
--- a/net-nds/openldap/Manifest
+++ b/net-nds/openldap/Manifest
@@ -1,3 +1,4 @@
DIST openldap-2.4.50.tgz 5712635 BLAKE2B 6a7d864a44c411b82cf703585c4a81954a02497e8510c84e29070dd120da0181e8425fd2b8bb7616e42e6e26d0f06db5ffdf50fb1cd97943d23f9914eb4f1260 SHA512 f528043ff9de36f7b65d8816c9a9c24f0ac400041b2969965178ee6eae62c92a11af33a0a883e4954e5fff98a0738a9f9aa2faf5b385d21974754e045aab31ae
DIST openldap-2.4.51.tgz 5876819 BLAKE2B 4d2459e79ad5f297d8f8be0d633f5e3f7ae93395f2f83ee0da055315b59d053892303b717b56a9e90cd32b7391b4178db13d0c93aec8cdc68543553d3cd8f930 SHA512 169483ec4f2b2728ab4b75e608f72dfa9cadfa524c477f9258c9580eb22d6c34e4c4422b58f222b6bf66a93fc713cb7b0682d12ecd4e6f95a3a7887e93347f1f
+DIST openldap-2.4.53.tgz 5883013 BLAKE2B 09d17d2a5438b09a4aa7f4a815e858d8b17ae7873580e5b3bc81d9569e97174703600472b9ecf79a28b7df561ba8214dfb6d08b467c823feeeae7d0cbdd37c6b SHA512 32dcbf18ffa53b3c2c5399f726c7a8970154d40fb88de85896d18ea2abd79c55ebe28fcf5fbfd52771f95561d70ab364db5f667fe2ec0e67b21e281f5112ec99
DIST rfc2307bis.schema-20140524 12262 BLAKE2B 98031f49e9bde1e4821e637af3382364d8344ed7017649686a088070d96a632dffa6c661552352656b1b159c0fd962965580069a64c7f3d5bb6a3ed75f60fd99 SHA512 83b89a1deeefc8566b97e7e865b9b6d04541099cbdf719e24538a7d27d61b6209e87ab9003a9f140bd9afd018ec569e71721e3a24090e1902c8b6659d2ba103e
diff --git a/net-nds/openldap/openldap-2.4.53.ebuild b/net-nds/openldap/openldap-2.4.53.ebuild
new file mode 100644
index 00000000000..89a4da0e820
--- /dev/null
+++ b/net-nds/openldap/openldap-2.4.53.ebuild
@@ -0,0 +1,907 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools db-use flag-o-matic multilib-minimal preserve-libs ssl-cert toolchain-funcs user systemd
+
+BIS_PN=rfc2307bis.schema
+BIS_PV=20140524
+BIS_P="${BIS_PN}-${BIS_PV}"
+
+DESCRIPTION="LDAP suite of application and development tools"
+HOMEPAGE="https://www.OpenLDAP.org/"
+
+# upstream mirrors are mostly not working, using canonical URI
+SRC_URI="
+ https://openldap.org/software/download/OpenLDAP/openldap-release/${P}.tgz
+ http://gpl.savoirfairelinux.net/pub/mirrors/openldap/openldap-release/${P}.tgz
+ http://repository.linagora.org/OpenLDAP/openldap-release/${P}.tgz
+ http://mirror.eu.oneandone.net/software/openldap/openldap-release/${P}.tgz
+ mirror://gentoo/${BIS_P}"
+
+LICENSE="OPENLDAP GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~ppc-aix ~amd64-linux ~x86-linux ~x86-solaris"
+
+IUSE_DAEMON="crypt samba tcpd experimental minimal"
+IUSE_BACKEND="+berkdb"
+IUSE_OVERLAY="overlays perl"
+IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 libressl +syslog selinux static-libs test"
+IUSE_CONTRIB="smbkrb5passwd kerberos kinit pbkdf2 sha2"
+IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
+IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
+
+RESTRICT="!test? ( test )"
+REQUIRED_USE="cxx? ( sasl )
+ pbkdf2? ( ssl )
+ test? ( berkdb )
+ ?? ( test minimal )"
+
+# always list newer first
+# Do not add any AGPL-3 BDB here!
+# See bug 525110, comment 15.
+# Advanced usage: OPENLDAP_BDB_SLOTS in the environment can be used to force a slot during build.
+BDB_SLOTS="${OPENLDAP_BDB_SLOTS:=5.3 5.1 4.8 4.7 4.6 4.5 4.4}"
+BDB_PKGS=''
+for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done
+
+# openssl is needed to generate lanman-passwords required by samba
+COMMON_DEPEND="
+ ssl? (
+ !gnutls? (
+ !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] )
+ libressl? ( dev-libs/libressl:0=[${MULTILIB_USEDEP}] )
+ )
+ gnutls? (
+ >=net-libs/gnutls-2.12.23-r6:=[${MULTILIB_USEDEP}]
+ >=dev-libs/libgcrypt-1.5.3:0=[${MULTILIB_USEDEP}]
+ )
+ )
+ sasl? ( dev-libs/cyrus-sasl:= )
+ !minimal? (
+ sys-devel/libtool
+ sys-libs/e2fsprogs-libs
+ >=dev-db/lmdb-0.9.18:=
+ tcpd? ( sys-apps/tcp-wrappers )
+ odbc? ( !iodbc? ( dev-db/unixODBC )
+ iodbc? ( dev-db/libiodbc ) )
+ perl? ( dev-lang/perl:=[-build(-)] )
+ samba? (
+ !libressl? ( dev-libs/openssl:0= )
+ libressl? ( dev-libs/libressl:0= )
+ )
+ berkdb? (
+ <sys-libs/db-6.0:=
+ || ( ${BDB_PKGS} )
+ )
+ smbkrb5passwd? (
+ !libressl? ( dev-libs/openssl:0= )
+ libressl? ( dev-libs/libressl:0= )
+ kerberos? ( app-crypt/heimdal )
+ )
+ kerberos? (
+ virtual/krb5
+ kinit? ( !app-crypt/heimdal )
+ )
+ cxx? ( dev-libs/cyrus-sasl:= )
+ )
+"
+DEPEND="${COMMON_DEPEND}
+ sys-apps/groff
+"
+RDEPEND="${COMMON_DEPEND}
+ selinux? ( sec-policy/selinux-ldap )
+"
+# for tracking versions
+OPENLDAP_VERSIONTAG=".version-tag"
+OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
+
+MULTILIB_WRAPPED_HEADERS=(
+ # USE=cxx
+ /usr/include/LDAPAsynConnection.h
+ /usr/include/LDAPAttrType.h
+ /usr/include/LDAPAttribute.h
+ /usr/include/LDAPAttributeList.h
+ /usr/include/LDAPConnection.h
+ /usr/include/LDAPConstraints.h
+ /usr/include/LDAPControl.h
+ /usr/include/LDAPControlSet.h
+ /usr/include/LDAPEntry.h
+ /usr/include/LDAPEntryList.h
+ /usr/include/LDAPException.h
+ /usr/include/LDAPExtResult.h
+ /usr/include/LDAPMessage.h
+ /usr/include/LDAPMessageQueue.h
+ /usr/include/LDAPModList.h
+ /usr/include/LDAPModification.h
+ /usr/include/LDAPObjClass.h
+ /usr/include/LDAPRebind.h
+ /usr/include/LDAPRebindAuth.h
+ /usr/include/LDAPReferenceList.h
+ /usr/include/LDAPResult.h
+ /usr/include/LDAPSaslBindResult.h
+ /usr/include/LDAPSchema.h
+ /usr/include/LDAPSearchReference.h
+ /usr/include/LDAPSearchResult.h
+ /usr/include/LDAPSearchResults.h
+ /usr/include/LDAPUrl.h
+ /usr/include/LDAPUrlList.h
+ /usr/include/LdifReader.h
+ /usr/include/LdifWriter.h
+ /usr/include/SaslInteraction.h
+ /usr/include/SaslInteractionHandler.h
+ /usr/include/StringList.h
+ /usr/include/TlsOptions.h
+)
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
+
+ "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch
+ "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
+
+ # bug #116045 - still present in 2.4.28
+ "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch
+ # bug #408077 - samba4
+ "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch
+
+ # bug #189817
+ "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
+
+ # bug #233633
+ "${FILESDIR}"/${PN}-2.4.45-fix-lmpasswd-gnutls-symbols.patch
+
+ # bug #281495
+ "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch
+
+ # bug #294350
+ "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch
+
+ # unbreak /bin/sh -> dash
+ "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch
+
+ # bug #420959
+ "${FILESDIR}"/${PN}-2.4.31-gcc47.patch
+
+ # unbundle lmdb
+ "${FILESDIR}"/${PN}-2.4.42-mdb-unbundle.patch
+
+ # bug #622464
+ "${FILESDIR}"/${PN}-2.4.47-libressl.patch
+
+ # fix some compiler warnings
+ "${FILESDIR}"/${PN}-2.4.47-warnings.patch
+)
+
+openldap_filecount() {
+ local dir="$1"
+ find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l
+}
+
+openldap_find_versiontags() {
+ # scan for all datadirs
+ local openldap_datadirs=()
+ if [[ -f "${EROOT}"/etc/openldap/slapd.conf ]]; then
+ openldap_datadirs=( $(awk '{if($1 == "directory") print $2 }' "${EROOT}"/etc/openldap/slapd.conf) )
+ fi
+ openldap_datadirs+=( ${OPENLDAP_DEFAULTDIR_VERSIONTAG} )
+
+ einfo
+ einfo "Scanning datadir(s) from slapd.conf and"
+ einfo "the default installdir for Versiontags"
+ einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
+ einfo
+
+ # scan datadirs if we have a version tag
+ openldap_found_tag=0
+ have_files=0
+ for each in ${openldap_datadirs[@]} ; do
+ CURRENT_TAGDIR="${ROOT}$(sed "s:\/::" <<< ${each})"
+ CURRENT_TAG="${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}"
+ if [[ -d "${CURRENT_TAGDIR}" ]] && [[ "${openldap_found_tag}" == 0 ]] ; then
+ einfo "- Checking ${each}..."
+ if [[ -r "${CURRENT_TAG}" ]] ; then
+ # yey, we have one :)
+ einfo " Found Versiontag in ${each}"
+ source "${CURRENT_TAG}"
+ if [[ "${OLDPF}" == "" ]] ; then
+ eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
+ eerror "Please delete it"
+ eerror
+ die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
+ fi
+
+ OLD_MAJOR=$(ver_cut 2-3 ${OLDPF})
+
+ [[ "$(openldap_filecount ${CURRENT_TAGDIR})" -gt 0 ]] && have_files=1
+
+ # are we on the same branch?
+ if [[ "${OLD_MAJOR}" != "${PV:0:3}" ]] ; then
+ ewarn " Versiontag doesn't match current major release!"
+ if [[ "${have_files}" == "1" ]] ; then
+ eerror " Versiontag says other major and you (probably) have datafiles!"
+ echo
+ openldap_upgrade_howto
+ else
+ einfo " No real problem, seems there's no database."
+ fi
+ else
+ einfo " Versiontag is fine here :)"
+ fi
+ else
+ einfo " Non-tagged dir ${each}"
+ [[ "$(openldap_filecount ${each})" -gt 0 ]] && have_files=1
+ if [[ "${have_files}" == "1" ]] ; then
+ einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
+ echo
+
+ eerror
+ eerror "Your OpenLDAP Installation has a non tagged datadir that"
+ eerror "possibly contains a database at ${CURRENT_TAGDIR}"
+ eerror
+ eerror "Please export data if any entered and empty or remove"
+ eerror "the directory, installation has been stopped so you"
+ eerror "can take required action"
+ eerror
+ eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
+ eerror
+ openldap_upgrade_howto
+ die "Please move the datadir ${CURRENT_TAGDIR} away"
+ fi
+ fi
+ einfo
+ fi
+ done
+ [[ "${have_files}" == "1" ]] && einfo "DB files present" || einfo "No DB files present"
+
+ # Now we must check for the major version of sys-libs/db linked against.
+ SLAPD_PATH="${EROOT}/usr/$(get_libdir)/openldap/slapd"
+ if [[ "${have_files}" == "1" ]] && [[ -f "${SLAPD_PATH}" ]]; then
+ OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
+ | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
+ if use berkdb; then
+ # find which one would be used
+ for bdb_slot in ${BDB_SLOTS} ; do
+ NEWVER="$(db_findver "=sys-libs/db-${bdb_slot}*")"
+ [[ -n "${NEWVER}" ]] && break
+ done
+ fi
+ local fail=0
+ if [[ -z "${OLDVER}" ]] && [[ -z "${NEWVER}" ]]; then
+ :
+ # Nothing wrong here.
+ elif [[ -z "${OLDVER}" ]] && [[ -n "${NEWVER}" ]]; then
+ eerror " Your existing version of OpenLDAP was not built against"
+ eerror " any version of sys-libs/db, but the new one will build"
+ eerror " against ${NEWVER} and your database may be inaccessible."
+ echo
+ fail=1
+ elif [[ -n "${OLDVER}" ]] && [[ -z "${NEWVER}" ]]; then
+ eerror " Your existing version of OpenLDAP was built against"
+ eerror " sys-libs/db:${OLDVER}, but the new one will not be"
+ eerror " built against any version and your database may be"
+ eerror " inaccessible."
+ echo
+ fail=1
+ elif [[ "${OLDVER}" != "${NEWVER}" ]]; then
+ eerror " Your existing version of OpenLDAP was built against"
+ eerror " sys-libs/db:${OLDVER}, but the new one will build against"
+ eerror " ${NEWVER} and your database would be inaccessible."
+ echo
+ fail=1
+ fi
+ [[ "${fail}" == "1" ]] && openldap_upgrade_howto
+ fi
+
+ echo
+ einfo
+ einfo "All datadirs are fine, proceeding with merge now..."
+ einfo
+}
+
+openldap_upgrade_howto() {
+ local d l i
+ eerror
+ eerror "A (possible old) installation of OpenLDAP was detected,"
+ eerror "installation will not proceed for now."
+ eerror
+ eerror "As major version upgrades can corrupt your database,"
+ eerror "you need to dump your database and re-create it afterwards."
+ eerror
+ eerror "Additionally, rebuilding against different major versions of the"
+ eerror "sys-libs/db libraries will cause your database to be inaccessible."
+ eerror ""
+ d="$(date -u +%s)"
+ l="/root/ldapdump.${d}"
+ i="${l}.raw"
+ eerror " 1. /etc/init.d/slapd stop"
+ eerror " 2. slapcat -l ${i}"
+ eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}"
+ eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
+ eerror " 5. emerge --update \=net-nds/${PF}"
+ eerror " 6. etc-update, and ensure that you apply the changes"
+ eerror " 7. slapadd -l ${l}"
+ eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
+ eerror " 9. /etc/init.d/slapd start"
+ eerror "10. check that your data is intact."
+ eerror "11. set up the new replication system."
+ eerror
+ if [[ "${FORCE_UPGRADE}" != "1" ]]; then
+ die "You need to upgrade your database first"
+ else
+ eerror "You have the magical FORCE_UPGRADE=1 in place."
+ eerror "Don't say you weren't warned about data loss."
+ fi
+}
+
+pkg_setup() {
+ if ! use sasl && use cxx ; then
+ die "To build the ldapc++ library you must emerge openldap with sasl support"
+ fi
+ # Bug #322787
+ if use minimal && ! has_version "net-nds/openldap" ; then
+ einfo "No datadir scan needed, openldap not installed"
+ elif use minimal && has_version 'net-nds/openldap[minimal]' ; then
+ einfo "Skipping scan for previous datadirs as requested by minimal useflag"
+ else
+ openldap_find_versiontags
+ fi
+
+ # The user/group are only used for running daemons which are
+ # disabled in minimal builds, so elide the accounts too.
+ if ! use minimal ; then
+ enewgroup ldap 439
+ enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
+ fi
+}
+
+src_prepare() {
+ # ensure correct SLAPI path by default
+ sed -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \
+ -i include/ldap_defaults.h || die
+
+ default
+ rm -r libraries/liblmdb || die
+
+ pushd build &>/dev/null || die "pushd build"
+ einfo "Making sure upstream build strip does not do stripping too early"
+ sed -i.orig \
+ -e '/^STRIP/s,-s,,g' \
+ top.mk || die "Failed to block stripping"
+ popd &>/dev/null || die
+
+ # wrong assumption that /bin/sh is /bin/bash
+ sed \
+ -e 's|/bin/sh|/bin/bash|g' \
+ -i tests/scripts/* || die "sed failed"
+
+ AT_NOEAUTOMAKE=yes eautoreconf
+}
+
+build_contrib_module() {
+ # <dir> <sources> <outputname>
+ pushd "${S}/contrib/slapd-modules/$1" &>/dev/null || die "pushd contrib/slapd-modules/$1"
+ einfo "Compiling contrib-module: $3"
+ # Make sure it's uppercase
+ local define_name="$(LC_ALL=C tr '[:lower:]' '[:upper:]' <<< "SLAPD_OVER_${1}")"
+ "${lt}" --mode=compile --tag=CC \
+ "${CC}" \
+ -D${define_name}=SLAPD_MOD_DYNAMIC \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include -I../../../servers/slapd ${CFLAGS} \
+ -o ${2%.c}.lo -c $2 || die "compiling $3 failed"
+ einfo "Linking contrib-module: $3"
+ "${lt}" --mode=link --tag=CC \
+ "${CC}" -module \
+ ${CFLAGS} \
+ ${LDFLAGS} \
+ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
+ -o $3.la ${2%.c}.lo || die "linking $3 failed"
+ popd &>/dev/null || die
+}
+
+src_configure() {
+ # Bug 408001
+ use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync
+
+ # connectionless ldap per bug #342439
+ append-cppflags -DLDAP_CONNECTIONLESS
+
+ multilib-minimal_src_configure
+}
+
+multilib_src_configure() {
+ local myconf=()
+
+ use debug && myconf+=( $(use_enable debug) )
+
+ # ICU exists only in the configure, nowhere in the codebase, bug #510858
+ export ac_cv_header_unicode_utypes_h=no ol_cv_lib_icu=no
+
+ if ! use minimal && multilib_is_native_abi; then
+ local CPPFLAGS=${CPPFLAGS}
+
+ # re-enable serverside overlay chains per bug #296567
+ # see ldap docs chaper 12.3.1 for details
+ myconf+=( --enable-ldap )
+
+ # backends
+ myconf+=( --enable-slapd )
+ if use berkdb ; then
+ einfo "Using Berkeley DB for local backend"
+ myconf+=( --enable-bdb --enable-hdb )
+ DBINCLUDE=$(db_includedir ${BDB_SLOTS})
+ einfo "Using ${DBINCLUDE} for sys-libs/db version"
+ # We need to include the slotted db.h dir for FreeBSD
+ append-cppflags -I${DBINCLUDE}
+ else
+ myconf+=( --disable-bdb --disable-hdb )
+ fi
+ for backend in dnssrv ldap mdb meta monitor null passwd relay shell sock; do
+ myconf+=( --enable-${backend}=mod )
+ done
+
+ myconf+=( $(use_enable perl perl mod) )
+
+ myconf+=( $(use_enable odbc sql mod) )
+ if use odbc ; then
+ local odbc_lib="unixodbc"
+ if use iodbc ; then
+ odbc_lib="iodbc"
+ append-cppflags -I"${EPREFIX}"/usr/include/iodbc
+ fi
+ myconf+=( --with-odbc=${odbc_lib} )
+ fi
+
+ # slapd options
+ myconf+=(
+ $(use_enable crypt)
+ --disable-slp
+ $(use_enable samba lmpasswd)
+ $(use_enable syslog)
+ )
+ if use experimental ; then
+ myconf+=(
+ --enable-dynacl
+ --enable-aci=mod
+ )
+ fi
+ for option in aci cleartext modules rewrite rlookups slapi; do
+ myconf+=( --enable-${option} )
+ done
+
+ # slapd overlay options
+ # Compile-in the syncprov, the others as module
+ myconf+=( --enable-syncprov=yes )
+ use overlays && myconf+=( --enable-overlays=mod )
+
+ else
+ myconf+=(
+ --disable-backends
+ --disable-slapd
+ --disable-bdb
+ --disable-hdb
+ --disable-mdb
+ --disable-overlays
+ --disable-syslog
+ )
+ fi
+
+ # basic functionality stuff
+ myconf+=(
+ $(use_enable ipv6)
+ $(multilib_native_use_with sasl cyrus-sasl)
+ $(multilib_native_use_enable sasl spasswd)
+ $(use_enable tcpd wrappers)
+ )
+
+ # Some cross-compiling tests don't pan out well.
+ tc-is-cross-compiler && myconf+=(
+ --with-yielding-select=yes
+ )
+
+ local ssl_lib="no"
+ if use ssl || ( ! use minimal && use samba ) ; then
+ ssl_lib="openssl"
+ use gnutls && ssl_lib="gnutls"
+ fi
+
+ myconf+=( --with-tls=${ssl_lib} )
+
+ for basicflag in dynamic local proctitle shared; do
+ myconf+=( --enable-${basicflag} )
+ done
+
+ tc-export AR CC CXX
+ CONFIG_SHELL="/bin/bash" \
+ ECONF_SOURCE="${S}" \
+ STRIP=/bin/true \
+ econf \
+ --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \
+ $(use_enable static-libs static) \
+ "${myconf[@]}"
+ emake depend
+}
+
+src_configure_cxx() {
+ # This needs the libraries built by the first build run.
+ # So we have to run it AFTER the main build, not just after the main
+ # configure.
+ local myconf_ldapcpp=(
+ --with-ldap-includes="${S}"/include
+ )
+
+ mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die
+ pushd "${BUILD_DIR}/contrib/ldapc++" &>/dev/null || die "pushd contrib/ldapc++"
+
+ local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS}
+ append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \
+ -L"${BUILD_DIR}"/libraries/libldap/.libs
+ append-cppflags -I"${BUILD_DIR}"/include
+ ECONF_SOURCE=${S}/contrib/ldapc++ \
+ econf "${myconf_ldapcpp[@]}" \
+ CC="${CC}" \
+ CXX="${CXX}"
+ popd &>/dev/null || die
+}
+
+multilib_src_compile() {
+ tc-export AR CC CXX
+ emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash
+ local lt="${BUILD_DIR}/libtool"
+ export echo="echo"
+
+ if ! use minimal && multilib_is_native_abi ; then
+ if use cxx ; then
+ einfo "Building contrib library: ldapc++"
+ src_configure_cxx
+ pushd "${BUILD_DIR}/contrib/ldapc++" &>/dev/null || die "pushd contrib/ldapc++"
+ emake CC="${CC}" CXX="${CXX}"
+ popd &>/dev/null || die
+ fi
+
+ if use smbkrb5passwd ; then
+ einfo "Building contrib-module: smbk5pwd"
+ pushd "${S}/contrib/slapd-modules/smbk5pwd" &>/dev/null || die "pushd contrib/slapd-modules/smbk5pwd"
+
+ MY_DEFS="-DDO_SHADOW"
+ if use samba ; then
+ MY_DEFS="${MY_DEFS} -DDO_SAMBA"
+ MY_KRB5_INC=""
+ fi
+ if use kerberos ; then
+ MY_DEFS="${MY_DEFS} -DDO_KRB5"
+ MY_KRB5_INC="$(krb5-config --cflags)"
+ fi
+
+ emake \
+ DEFS="${MY_DEFS}" \
+ KRB5_INC="${MY_KRB5_INC}" \
+ LDAP_BUILD="${BUILD_DIR}" \
+ CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap"
+ popd &>/dev/null || die
+ fi
+
+ if use overlays ; then
+ einfo "Building contrib-module: samba4"
+ pushd "${S}/contrib/slapd-modules/samba4" &>/dev/null || die "pushd contrib/slapd-modules/samba4"
+
+ emake \
+ LDAP_BUILD="${BUILD_DIR}" \
+ CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap"
+ popd &>/dev/null || die
+ fi
+
+ if use kerberos ; then
+ if use kinit ; then
+ build_contrib_module "kinit" "kinit.c" "kinit"
+ fi
+ pushd "${S}/contrib/slapd-modules/passwd" &>/dev/null || die "pushd contrib/slapd-modules/passwd"
+ einfo "Compiling contrib-module: pw-kerberos"
+ "${lt}" --mode=compile --tag=CC \
+ "${CC}" \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include \
+ ${CFLAGS} \
+ $(krb5-config --cflags) \
+ -DHAVE_KRB5 \
+ -o kerberos.lo \
+ -c kerberos.c || die "compiling pw-kerberos failed"
+ einfo "Linking contrib-module: pw-kerberos"
+ "${lt}" --mode=link --tag=CC \
+ "${CC}" -module \
+ ${CFLAGS} \
+ ${LDFLAGS} \
+ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
+ -o pw-kerberos.la \
+ kerberos.lo || die "linking pw-kerberos failed"
+ popd &>/dev/null || die
+ fi
+
+ if use pbkdf2; then
+ pushd "${S}/contrib/slapd-modules/passwd/pbkdf2" &>/dev/null || die "pushd contrib/slapd-modules/passwd/pbkdf2"
+ einfo "Compiling contrib-module: pw-pbkdf2"
+ "${lt}" --mode=compile --tag=CC \
+ "${CC}" \
+ -I"${BUILD_DIR}"/include \
+ -I../../../../include \
+ ${CFLAGS} \
+ -o pbkdf2.lo \
+ -c pw-pbkdf2.c || die "compiling pw-pbkdf2 failed"
+ einfo "Linking contrib-module: pw-pbkdf2"
+ "${lt}" --mode=link --tag=CC \
+ "${CC}" -module \
+ ${CFLAGS} \
+ ${LDFLAGS} \
+ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
+ -o pw-pbkdf2.la \
+ pbkdf2.lo || die "linking pw-pbkdf2 failed"
+ popd &>/dev/null || die
+ fi
+
+ if use sha2 ; then
+ pushd "${S}/contrib/slapd-modules/passwd/sha2" &>/dev/null || die "pushd contrib/slapd-modules/passwd/sha2"
+ einfo "Compiling contrib-module: pw-sha2"
+ "${lt}" --mode=compile --tag=CC \
+ "${CC}" \
+ -I"${BUILD_DIR}"/include \
+ -I../../../../include \
+ ${CFLAGS} \
+ -o sha2.lo \
+ -c sha2.c || die "compiling pw-sha2 failed"
+ "${lt}" --mode=compile --tag=CC \
+ "${CC}" \
+ -I"${BUILD_DIR}"/include \
+ -I../../../../include \
+ ${CFLAGS} \
+ -o slapd-sha2.lo \
+ -c slapd-sha2.c || die "compiling pw-sha2 failed"
+ einfo "Linking contrib-module: pw-sha2"
+ "${lt}" --mode=link --tag=CC \
+ "${CC}" -module \
+ ${CFLAGS} \
+ ${LDFLAGS} \
+ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
+ -o pw-sha2.la \
+ sha2.lo slapd-sha2.lo || die "linking pw-sha2 failed"
+ popd &>/dev/null || die
+ fi
+
+ # We could build pw-radius if GNURadius would install radlib.h
+ pushd "${S}/contrib/slapd-modules/passwd" &>/dev/null || die "pushd contrib/slapd-modules/passwd"
+ einfo "Compiling contrib-module: pw-netscape"
+ "${lt}" --mode=compile --tag=CC \
+ "${CC}" \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include \
+ ${CFLAGS} \
+ -o netscape.lo \
+ -c netscape.c || die "compiling pw-netscape failed"
+ einfo "Linking contrib-module: pw-netscape"
+ "${lt}" --mode=link --tag=CC \
+ "${CC}" -module \
+ ${CFLAGS} \
+ ${LDFLAGS} \
+ -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \
+ -o pw-netscape.la \
+ netscape.lo || die "linking pw-netscape failed"
+
+ #build_contrib_module "acl" "posixgroup.c" "posixGroup" # example code only
+ #build_contrib_module "acl" "gssacl.c" "gss" # example code only, also needs kerberos
+ build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
+ build_contrib_module "allop" "allop.c" "overlay-allop"
+ build_contrib_module "allowed" "allowed.c" "allowed"
+ build_contrib_module "autogroup" "autogroup.c" "autogroup"
+ build_contrib_module "cloak" "cloak.c" "cloak"
+ # build_contrib_module "comp_match" "comp_match.c" "comp_match" # really complex, adds new external deps, questionable demand
+ build_contrib_module "denyop" "denyop.c" "denyop-overlay"
+ build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
+ build_contrib_module "dupent" "dupent.c" "dupent"
+ build_contrib_module "lastbind" "lastbind.c" "lastbind"
+ # lastmod may not play well with other overlays
+ build_contrib_module "lastmod" "lastmod.c" "lastmod"
+ build_contrib_module "noopsrch" "noopsrch.c" "noopsrch"
+ #build_contrib_module "nops" "nops.c" "nops-overlay" https://bugs.gentoo.org/641576
+ #build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER
+ build_contrib_module "trace" "trace.c" "trace"
+ popd &>/dev/null || die
+ # build slapi-plugins
+ pushd "${S}/contrib/slapi-plugins/addrdnvalues" &>/dev/null || die "pushd contrib/slapi-plugins/addrdnvalues"
+ einfo "Building contrib-module: addrdnvalues plugin"
+ "${CC}" -shared \
+ -I"${BUILD_DIR}"/include \
+ -I../../../include \
+ ${CFLAGS} \
+ -fPIC \
+ ${LDFLAGS} \
+ -o libaddrdnvalues-plugin.so \
+ addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
+ popd &>/dev/null || die
+ fi
+}
+
+multilib_src_test() {
+ if multilib_is_native_abi; then
+ cd tests || die
+ emake tests
+ fi
+}
+
+multilib_src_install() {
+ local lt="${BUILD_DIR}/libtool"
+ emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install
+
+ if ! use minimal && multilib_is_native_abi; then
+ # openldap modules go here
+ # TODO: write some code to populate slapd.conf with moduleload statements
+ keepdir /usr/$(get_libdir)/openldap/openldap/
+
+ # initial data storage dir
+ keepdir /var/lib/openldap-data
+ use prefix || fowners ldap:ldap /var/lib/openldap-data
+ fperms 0700 /var/lib/openldap-data
+
+ echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+ echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+ echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
+
+ # use our config
+ rm "${ED}"/etc/openldap/slapd.conf
+ insinto /etc/openldap
+ newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf
+ configfile="${ED}"/etc/openldap/slapd.conf
+
+ # populate with built backends
+ ebegin "populate config with built backends"
+ for x in "${ED}"/usr/$(get_libdir)/openldap/openldap/back_*.so; do
+ einfo "Adding $(basename ${x})"
+ sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}" || die
+ done
+ sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
+ use prefix || fowners root:ldap /etc/openldap/slapd.conf
+ fperms 0640 /etc/openldap/slapd.conf
+ cp "${configfile}" "${configfile}".default || die
+ eend
+
+ # install our own init scripts and systemd unit files
+ einfo "Install init scripts"
+ sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd-initd-2.4.40-r2 > "${T}"/slapd || die
+ doinitd "${T}"/slapd
+ newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd
+
+ einfo "Install systemd service"
+ sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd.service > "${T}"/slapd.service || die
+ systemd_dounit "${T}"/slapd.service
+ systemd_install_serviced "${FILESDIR}"/slapd.service.conf
+ systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf
+
+ # If built without SLP, we don't need to be before avahi
+ sed -i \
+ -e '/before/{s/avahi-daemon//g}' \
+ "${ED}"/etc/init.d/slapd \
+ || die
+
+ if use cxx ; then
+ einfo "Install the ldapc++ library"
+ cd "${BUILD_DIR}/contrib/ldapc++" || die
+ emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
+ cd "${S}"/contrib/ldapc++ || die
+ newdoc README ldapc++-README
+ fi
+
+ if use smbkrb5passwd ; then
+ einfo "Install the smbk5pwd module"
+ cd "${S}/contrib/slapd-modules/smbk5pwd" || die
+ emake DESTDIR="${D}" \
+ LDAP_BUILD="${BUILD_DIR}" \
+ libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install
+ newdoc README smbk5pwd-README
+ fi
+
+ if use overlays ; then
+ einfo "Install the samba4 module"
+ cd "${S}/contrib/slapd-modules/samba4" || die
+ emake DESTDIR="${D}" \
+ LDAP_BUILD="${BUILD_DIR}" \
+ libexecdir="/usr/$(get_libdir)/openldap" install
+ newdoc README samba4-README
+ fi
+
+ einfo "Installing contrib modules"
+ cd "${S}/contrib/slapd-modules" || die
+ for l in */*.la */*/*.la; do
+ [[ -e ${l} ]] || continue
+ "${lt}" --mode=install cp ${l} \
+ "${ED}"/usr/$(get_libdir)/openldap/openldap || \
+ die "installing ${l} failed"
+ done
+
+ dodoc "${FILESDIR}"/DB_CONFIG.fast.example
+ docinto contrib
+ doman */*.5
+ #newdoc acl/README*
+ newdoc addpartial/README addpartial-README
+ newdoc allop/README allop-README
+ newdoc allowed/README allowed-README
+ newdoc autogroup/README autogroup-README
+ newdoc dsaschema/README dsaschema-README
+ newdoc passwd/README passwd-README
+ cd "${S}/contrib/slapi-plugins" || die
+ insinto /usr/$(get_libdir)/openldap/openldap
+ doins */*.so
+ docinto contrib
+ newdoc addrdnvalues/README addrdnvalues-README
+
+ insinto /etc/openldap/schema
+ newins "${DISTDIR}"/${BIS_P} ${BIS_PN}
+
+ docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample*
+ docinto back-shell ; dodoc "${S}"/servers/slapd/back-shell/searchexample*
+ docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm
+
+ dosbin "${S}"/contrib/slapd-tools/statslog
+ newdoc "${S}"/contrib/slapd-tools/README README.statslog
+ fi
+
+ if ! use static-libs ; then
+ find "${ED}" \( -name '*.a' -o -name '*.la' \) -delete || die
+ fi
+}
+
+multilib_src_install_all() {
+ dodoc ANNOUNCEMENT CHANGES COPYRIGHT README
+ docinto rfc ; dodoc doc/rfc/*.txt
+}
+
+pkg_preinst() {
+ # keep old libs if any
+ preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0)
+ # bug 440470, only display the getting started help there was no openldap before,
+ # or we are going to a non-minimal build
+ ! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]'
+ OPENLDAP_PRINT_MESSAGES=$((! $?))
+}
+
+pkg_postinst() {
+ if ! use minimal ; then
+ # You cannot build SSL certificates during src_install that will make
+ # binary packages containing your SSL key, which is both a security risk
+ # and a misconfiguration if multiple machines use the same key and cert.
+ if use ssl; then
+ install_cert /etc/openldap/ssl/ldap
+ use prefix || chown ldap:ldap "${EROOT}"/etc/openldap/ssl/ldap.*
+ ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
+ ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
+ ewarn "add 'TLS_REQCERT allow' if you want to use them."
+ fi
+
+ if use prefix; then
+ # Warn about prefix issues with slapd
+ eerror "slapd might NOT be usable on Prefix systems as it requires root privileges"
+ eerror "to start up, and requires that certain files directories be owned by"
+ eerror "ldap:ldap. As Prefix does not support changing ownership of files and"
+ eerror "directories, you will have to manually fix this yourself."
+ fi
+
+ # These lines force the permissions of various content to be correct
+ if [[ -d "${EROOT}"/var/run/openldap ]]; then
+ use prefix || { chown ldap:ldap "${EROOT}"/var/run/openldap || die; }
+ chmod 0755 "${EROOT}"/var/run/openldap || die
+ fi
+ use prefix || chown root:ldap "${EROOT}"/etc/openldap/slapd.conf{,.default}
+ chmod 0640 "${EROOT}"/etc/openldap/slapd.conf{,.default} || die
+ use prefix || chown ldap:ldap "${EROOT}"/var/lib/openldap-data
+ fi
+
+ if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then
+ elog "Getting started using OpenLDAP? There is some documentation available:"
+ elog "Gentoo Guide to OpenLDAP Authentication"
+ elog "(https://wiki.gentoo.org/wiki/Centralized_authentication_using_OpenLDAP)"
+ elog "---"
+ elog "An example file for tuning BDB backends with openldap is"
+ elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
+ fi
+
+ preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0)
+}