diff options
author | Robin H. Johnson <robbat2@gentoo.org> | 2010-02-19 19:24:15 +0000 |
---|---|---|
committer | Robin H. Johnson <robbat2@gentoo.org> | 2010-02-19 19:24:15 +0000 |
commit | f2c287de4357eecdf9248e2f02ad73bac8365212 (patch) | |
tree | 1c5a29052ec4487428cf8606ddfb720c7ec6e189 /sys-auth | |
parent | Add ~ia64/~sparc (diff) | |
download | gentoo-2-f2c287de4357eecdf9248e2f02ad73bac8365212.tar.gz gentoo-2-f2c287de4357eecdf9248e2f02ad73bac8365212.tar.bz2 gentoo-2-f2c287de4357eecdf9248e2f02ad73bac8365212.zip |
Bug #161195, add an SONAME: Added to 264-r1 as stable candidate. Bug #302914: Version bump to 265.
(Portage version: 2.2_rc61/cvs/Linux x86_64)
Diffstat (limited to 'sys-auth')
-rw-r--r-- | sys-auth/nss_ldap/ChangeLog | 13 | ||||
-rw-r--r-- | sys-auth/nss_ldap/files/nss_ldap-254-soname.patch | 12 | ||||
-rw-r--r-- | sys-auth/nss_ldap/files/nss_ldap-265-reconnect-timeouts.patch | 57 | ||||
-rw-r--r-- | sys-auth/nss_ldap/nss_ldap-264-r1.ebuild | 104 | ||||
-rw-r--r-- | sys-auth/nss_ldap/nss_ldap-265.ebuild | 108 |
5 files changed, 292 insertions, 2 deletions
diff --git a/sys-auth/nss_ldap/ChangeLog b/sys-auth/nss_ldap/ChangeLog index d3372f01a581..cbac8ebffd05 100644 --- a/sys-auth/nss_ldap/ChangeLog +++ b/sys-auth/nss_ldap/ChangeLog @@ -1,6 +1,15 @@ # ChangeLog for sys-auth/nss_ldap -# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-auth/nss_ldap/ChangeLog,v 1.58 2009/07/28 18:45:51 robbat2 Exp $ +# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sys-auth/nss_ldap/ChangeLog,v 1.59 2010/02/19 19:24:14 robbat2 Exp $ + +*nss_ldap-265 (19 Feb 2010) +*nss_ldap-264-r1 (19 Feb 2010) + + 19 Feb 2010; Robin H. Johnson <robbat2@gentoo.org> + +files/nss_ldap-254-soname.patch, +nss_ldap-264-r1.ebuild, + +nss_ldap-265.ebuild, +files/nss_ldap-265-reconnect-timeouts.patch: + Bug #161195, add an SONAME: Added to 264-r1 as stable candidate. Bug + #302914: Version bump to 265. *nss_ldap-264 (28 Jul 2009) diff --git a/sys-auth/nss_ldap/files/nss_ldap-254-soname.patch b/sys-auth/nss_ldap/files/nss_ldap-254-soname.patch new file mode 100644 index 000000000000..e832c2f0d218 --- /dev/null +++ b/sys-auth/nss_ldap/files/nss_ldap-254-soname.patch @@ -0,0 +1,12 @@ +Set the soname which glibc expects us to have. +--- nss_ldap-254/configure.in 2007-02-26 16:40:53.000000000 -0500 ++++ nss_ldap-254/configure.in 2007-02-26 16:40:47.000000000 -0500 +@@ -92,7 +92,7 @@ + nss_ldap_so_LDFLAGS="-b -dynamic -G `cat exports.hpux`" + CPPFLAGS="$CPPFLAGS -I. -DHPUX" + TARGET_OS=HPUX ;; +-linux*) nss_ldap_so_LDFLAGS="-shared -Wl,-Bdynamic -Wl,--version-script,\$(srcdir)/exports.linux" ;; ++linux*) nss_ldap_so_LDFLAGS="-shared -Wl,-Bdynamic -Wl,--version-script,\$(srcdir)/exports.linux -Wl,-soname=libnss_ldap.so.2" ;; + *) nss_ldap_so_LDFLAGS="-shared -Wl,-Bdynamic" ;; + esac + diff --git a/sys-auth/nss_ldap/files/nss_ldap-265-reconnect-timeouts.patch b/sys-auth/nss_ldap/files/nss_ldap-265-reconnect-timeouts.patch new file mode 100644 index 000000000000..b377ad7bb326 --- /dev/null +++ b/sys-auth/nss_ldap/files/nss_ldap-265-reconnect-timeouts.patch @@ -0,0 +1,57 @@ +diff -Nuar --exclude '*.orig' nss_ldap-265.orig/ldap.conf nss_ldap-265/ldap.conf +--- nss_ldap-265.orig/ldap.conf 2009-11-06 10:28:08.000000000 +0000 ++++ nss_ldap-265/ldap.conf 2010-02-19 18:36:58.272236290 +0000 +@@ -279,7 +279,8 @@ + # OpenLDAP SSL mechanism + # start_tls mechanism uses the normal LDAP port, LDAPS typically 636 + #ssl start_tls +-#ssl on ++###ssl on ++# Gentoo note: Don't use 'ssl on' in 249/250. They are broken in some cases! Use start_tls instead. + + # OpenLDAP SSL options + # Require and verify server certificate (yes/no) +@@ -311,3 +312,27 @@ + # Override the default Kerberos ticket cache location. + #krb5_ccname FILE:/etc/.ldapcache + ++# Timeout behavior ++# Upstream nss_ldap hard-codes these values: ++#nss_reconnect_tries 5 # number of times to double the sleep time ++#nss_reconnect_sleeptime 4 # initial sleep value ++#nss_reconnect_maxsleeptime 64 # max sleep value to cap at ++#nss_reconnect_maxconntries 2 # how many tries before sleeping ++# This leads to a delay of 124 seconds (4+8+16+32+64=124) per lookup if the ++# server is not available. ++ ++# For Gentoo's distribution of nss_ldap, as of 250-r1, we use these values ++# (The hardwired constants in the code are changed to them as well): ++nss_reconnect_tries 4 # number of times to double the sleep time ++nss_reconnect_sleeptime 1 # initial sleep value ++nss_reconnect_maxsleeptime 16 # max sleep value to cap at ++nss_reconnect_maxconntries 2 # how many tries before sleeping ++# This leads to a delay of 15 seconds (1+2+4+8=15) ++ ++# If you are impatient, and know your LDAP server is reliable, fast or local, ++# you may wish to use these values instead: ++#nss_reconnect_tries 1 # number of times to double the sleep time ++#nss_reconnect_sleeptime 1 # initial sleep value ++#nss_reconnect_maxsleeptime 1 # max sleep value to cap at ++#nss_reconnect_maxconntries 3 # how many tries before sleeping ++# This leads to a delay of 1 second. +diff -Nuar --exclude '*.orig' nss_ldap-265.orig/ldap-nss.h nss_ldap-265/ldap-nss.h +--- nss_ldap-265.orig/ldap-nss.h 2009-11-06 10:28:08.000000000 +0000 ++++ nss_ldap-265/ldap-nss.h 2010-02-19 18:37:49.278474888 +0000 +@@ -96,9 +96,9 @@ + * unacceptable, in which case you may wish to adjust + * the constants below. + */ +-#define LDAP_NSS_TRIES 5 /* number of sleeping reconnect attempts */ +-#define LDAP_NSS_SLEEPTIME 4 /* seconds to sleep; doubled until max */ +-#define LDAP_NSS_MAXSLEEPTIME 64 /* maximum seconds to sleep */ ++#define LDAP_NSS_TRIES 4 /* number of sleeping reconnect attempts */ ++#define LDAP_NSS_SLEEPTIME 1 /* seconds to sleep; doubled until max */ ++#define LDAP_NSS_MAXSLEEPTIME 16 /* maximum seconds to sleep */ + #define LDAP_NSS_MAXCONNTRIES 2 /* reconnect attempts before sleeping */ + + #if defined(HAVE_NSSWITCH_H) || defined(HAVE_IRS_H) diff --git a/sys-auth/nss_ldap/nss_ldap-264-r1.ebuild b/sys-auth/nss_ldap/nss_ldap-264-r1.ebuild new file mode 100644 index 000000000000..7c4c554be870 --- /dev/null +++ b/sys-auth/nss_ldap/nss_ldap-264-r1.ebuild @@ -0,0 +1,104 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-auth/nss_ldap/nss_ldap-264-r1.ebuild,v 1.1 2010/02/19 19:24:14 robbat2 Exp $ + +EAPI=2 +inherit fixheadtails eutils multilib autotools + +IUSE="debug ssl sasl kerberos" + +DESCRIPTION="NSS LDAP Module" +HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html" +SRC_URI="http://www.padl.com/download/${P}.tar.gz" + +SLOT="0" +LICENSE="LGPL-2" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86" + +DEPEND=">=net-nds/openldap-2.1.30-r5 + sasl? ( dev-libs/cyrus-sasl ) + kerberos? ( virtual/krb5 ) + ssl? ( dev-libs/openssl )" +RDEPEND="${DEPEND} + !<net-fs/autofs-4.1.3" + +src_prepare() { + cd "${S}" + + epatch "${FILESDIR}"/nsswitch.ldap.diff + + # Applied by upstream + #epatch "${FILESDIR}"/${PN}-239-tls-security-bug.patch + + epatch "${FILESDIR}"/${PN}-249-sasl-compile.patch + + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-252-reconnect-timeouts.patch + + # Applied by upstream + #EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-254-nss_getgrent_skipmembers.patch + + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-257-nss_max_group_depth.patch + + sed -i.orig \ + -e '/^ @(#)\$Id: ldap.conf,v/s,^,#,' \ + "${S}"/ldap.conf || die "failed to clean up initial version marker" + + # fix head/tail stuff + ht_fix_file "${S}"/Makefile.am "${S}"/Makefile.in "${S}"/depcomp + + # fix build borkage + for i in Makefile.{in,am}; do + sed -i.orig \ + -e '/^install-exec-local: nss_ldap.so/s,nss_ldap.so,,g' \ + "${S}"/$i + done + + epatch "${FILESDIR}"/${PN}-257.2-gssapi-headers.patch + + # Bug #214750, no automagic deps + epatch "${FILESDIR}"/${PN}-264-disable-automagic.patch + + # Upstream forgets the version number sometimes + #sed -i \ + # -e "/^AM_INIT_AUTOMAKE/s~2..~$PV~" \ + # "${S}"/configure.in + + # Include an SONAME + epatch "${FILESDIR}"/${PN}-254-soname.patch + + eautoreconf +} + +src_configure() { + local myconf="" + use debug && myconf="${myconf} --enable-debugging" + use kerberos && myconf="${myconf} --enable-configurable-krb5-ccname-gssapi" + # --enable-schema-mapping \ + econf \ + --with-ldap-lib=openldap \ + --libdir=/$(get_libdir) \ + --enable-paged-results \ + --enable-rfc2307bis \ + $(use_enable ssl) \ + $(use_enable sasl) \ + $(use_enable kerberos krb) \ + ${myconf} || die "configure failed" +} + +src_install() { + dodir /$(get_libdir) + + emake -j1 DESTDIR="${D}" install || die "make install failed" + + insinto /etc + doins ldap.conf + + dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \ + COPYING CVSVersionInfo.txt README nsswitch.ldap certutil + docinto docs; dodoc doc/* +} + +pkg_postinst() { + elog "If you use a ldaps:// string in the 'uri' setting of" + elog "your /etc/ldap.conf, you must set 'ssl on'!" +} diff --git a/sys-auth/nss_ldap/nss_ldap-265.ebuild b/sys-auth/nss_ldap/nss_ldap-265.ebuild new file mode 100644 index 000000000000..1fa6d565bca3 --- /dev/null +++ b/sys-auth/nss_ldap/nss_ldap-265.ebuild @@ -0,0 +1,108 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-auth/nss_ldap/nss_ldap-265.ebuild,v 1.1 2010/02/19 19:24:14 robbat2 Exp $ + +EAPI=2 +inherit fixheadtails eutils multilib autotools + +IUSE="debug ssl sasl kerberos" + +DESCRIPTION="NSS LDAP Module" +HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html" +SRC_URI="http://www.padl.com/download/${P}.tar.gz" + +SLOT="0" +LICENSE="LGPL-2" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86" + +DEPEND=">=net-nds/openldap-2.1.30-r5 + sasl? ( dev-libs/cyrus-sasl ) + kerberos? ( virtual/krb5 ) + ssl? ( dev-libs/openssl )" +RDEPEND="${DEPEND} + !<net-fs/autofs-4.1.3" + +src_prepare() { + cd "${S}" + + epatch "${FILESDIR}"/nsswitch.ldap.diff + + # Applied by upstream + #epatch "${FILESDIR}"/${PN}-239-tls-security-bug.patch + + epatch "${FILESDIR}"/${PN}-249-sasl-compile.patch + + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-265-reconnect-timeouts.patch + + # Applied by upstream + #EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-254-nss_getgrent_skipmembers.patch + + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-257-nss_max_group_depth.patch + + sed -i.orig \ + -e '/^ @(#)\$Id: ldap.conf,v/s,^,#,' \ + "${S}"/ldap.conf || die "failed to clean up initial version marker" + + # fix head/tail stuff + ht_fix_file "${S}"/Makefile.am "${S}"/Makefile.in "${S}"/depcomp + + # fix build borkage + for i in Makefile.{in,am}; do + sed -i.orig \ + -e '/^install-exec-local: nss_ldap.so/s,nss_ldap.so,,g' \ + "${S}"/$i + done + + epatch "${FILESDIR}"/${PN}-257.2-gssapi-headers.patch + + # Bug #214750, no automagic deps + epatch "${FILESDIR}"/${PN}-264-disable-automagic.patch + + # Upstream forgets the version number sometimes + #sed -i \ + # -e "/^AM_INIT_AUTOMAKE/s~2..~$PV~" \ + # "${S}"/configure.in + + # Include an SONAME + epatch "${FILESDIR}"/${PN}-254-soname.patch + + sed -i \ + -e 's, vers_string , ./vers_string ,g' \ + "${S}"/Makefile.am + + eautoreconf +} + +src_configure() { + local myconf="" + use debug && myconf="${myconf} --enable-debugging" + use kerberos && myconf="${myconf} --enable-configurable-krb5-ccname-gssapi" + # --enable-schema-mapping \ + econf \ + --with-ldap-lib=openldap \ + --libdir=/$(get_libdir) \ + --enable-paged-results \ + --enable-rfc2307bis \ + $(use_enable ssl) \ + $(use_enable sasl) \ + $(use_enable kerberos krb) \ + ${myconf} || die "configure failed" +} + +src_install() { + dodir /$(get_libdir) + + emake -j1 DESTDIR="${D}" install || die "make install failed" + + insinto /etc + doins ldap.conf + + dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \ + COPYING CVSVersionInfo.txt README nsswitch.ldap certutil + docinto docs; dodoc doc/* +} + +pkg_postinst() { + elog "If you use a ldaps:// string in the 'uri' setting of" + elog "your /etc/ldap.conf, you must set 'ssl on'!" +} |