Commit graph

73 commits

Author SHA1 Message Date
rillig
b4f1862849 databases: align variable assignments
pkglint -Wall -F --only aligned -r

No manual corrections.
2019-11-02 15:37:59 +00:00
adam
f623986980 openldap-server: put DB_CONFIG where is should be 2019-09-28 08:07:51 +00:00
triaxx
98dc4ac006 openldap-server: fix PR pkg/50679
pkgsrc changes:
---------------
* Make the configuration file DB_CONFIG installed only if 'bdb' option is
  enabled
2019-09-27 07:14:02 +00:00
adam
794895f7cb openldap: updated to 2.4.47
OpenLDAP 2.4.47:
Added slapd-sock DN qualifier for subtrees to be processed
Added slapd-sock ability to send extended operations to external listeners
Fixed liblber to avoid incremental access to user-supplied bv in dupbv
Fixed libldap dn to domain parsing with bad input
Fixed slapd slapcat to correctly honor -g option
Fixed slapd to correctly handle NO_SUCH_OBJECT with dynamic groups
Fixed slapd to check status of rdnNormalize
Fixed slapd cn=config when modifying slapo-syncprov config
Fixed slapd sasl authz-policy "all" behavior
Fixed slapd sasl minor typo
Fixed slapd to correctly hide hidden DBs in the rootDSE
Fixed slapd domainScope control to match Microsoft specification
Fixed slapd-bdb/hdb/mdb to not convert certain IDLs to ranges
Fixed slapo-accesslog deadlock during cleanup
Fixed slapo-memberof cn=config modifications
Fixed slapo-ppolicy with multimaster replication
Fixed slapo-syncprov with NULL modlist
Build Environment
	Added slapd reproducible build support
	Fixed missing includes with OpenSSL 1.0.2
Contrib
	Fixed slapo-pbkdf2 hash generation
Documentation
	admin24 fixed minor typo
2018-12-20 17:54:09 +00:00
jperkin
cacdbd1f11 SunOS requires -D_POSIX_PTHREAD_SEMANTICS for sigwait() 2017-06-28 09:11:39 +00:00
adam
efb3ecd7bc OpenLDAP 2.4.45 Release (2017/06/01)
Added slapd support for OpenSSL 1.1.0 series (ITS-8353, ITS-8533, ITS-8634)
	Fixed libldap to fail ldap_result if the handle is already bad (ITS-8585)
	Fixed libldap to expose error if user specified CA doesn't exist (ITS-8529)
	Fixed libldap handling of Diffie-Hellman parameters (ITS-7506)
	Fixed libldap GnuTLS use after free (ITS-8385)
	Fixed libldap SASL initialization (ITS-8648)
	Fixed slapd bconfig rDN escape handling (ITS-8574)
	Fixed slapd segfault with invalid hostname (ITS-8631)
	Fixed slapd sasl SEGV rebind in same session (ITS-8568)
	Fixed slapd syncrepl filter handling (ITS-8413)
	Fixed slapd syncrepl infinite looping mods with delta-sync MMR (ITS-8432)
	Fixed slapd callback struct so older modules without writewait should function.
                    Custom modules may need to be updated for sc_writewait callback (ITS-8435)
	Fixed slapd-ldap/meta broken LDAP_TAILQ macro (ITS-8576)
	Fixed slapd-mdb so it passes ITS6794 regression test (ITS-6794)
	Fixed slapd-mdb double free with size zero paged result (ITS-8655)
	Fixed slapd-meta uninitialized diagnostic message (ITS-8442)
	Fixed slapo-accesslog to honor pauses during purge for cn=config update (ITS-8423)
	Fixed slapo-accesslog with multiple modifications to the same attribute (ITS-6545)
	Fixed slapo-relay to correctly initialize sc_writewait (ITS-8428)
	Fixed slapo-sssvlv double free (ITS-8592)
	Fixed slapo-unique with empty modifications (ITS-8266)
	Build Environment
		Added test065 for proxyauthz (ITS-8571)
		Fix test008 to be portable (ITS-8414)
		Fix test064 to wait for slapd to start (ITS-8644)
		Fix its4336 regression test (ITS-8534)
		Fix its4337 regression test (ITS-8535)
		Fix regression tests to execute on all backends (ITS-8539)
	Contrib
		Added slapo-autogroup(5) man page (ITS-8569)
		Added passwd missing conversion scripts for apr1 (ITS-6826)
		Fixed contrib modules where the writewait callback was not correctly initialized (ITS-8435)
		Fixed smbk5pwd to build with newer OpenSSL releases (ITS-8525)
	Documentation
		admin24 fixed tls_cipher_suite bindconf option (ITS-8099)
		admin24 fixed typo cn=config to be slapd.d (ITS-8449)
		admin24 fixed slapo-syncprov information to be curent (ITS-8253)
		admin24 fixed typo in access control docs (ITS-7341, ITS-8391)
		admin24 fixed minor typo in tuning guide (ITS-8499)
		admin24 fixed information about the limits option (ITS-7700)
		admin24 fixed missing options for syncrepl configuration (ITS-7700)
		admin24 fixed accesslog documentation to note it should not be replicated (ITS-8344)
		Fixed ldap.conf(5) missing information on SASL_NOCANON option (ITS-7177)
		Fixed ldapsearch(1) information on the V[V] flag behavior (ITS-7177, ITS-6339)
		Fixed slapd-config(5), slapd.conf(5) clarification on interval keyword for refreshAndPersist (ITS-8538)
		Fixed slapd-config(5), slapd.conf(5) clarify serverID requirements (ITS-8635)
		Fixed slapd-config(5), slapd.conf(5) clarification on loglevel settings (ITS-8123)
		Fixed slapo-ppolicy(5) to clearly note rootdn requirement (ITS-8565)
		Fixed slapo-memberof(5) to note it is not safe to use with replication (ITS-8613)
		Fixed slapo-syncprov(5) documentation to be current (ITS-8253)
		Fixed slapadd(8) manpage to note slapd-mdb (ITS-8215)
		Fixed various minor grammar issues in the man pages (ITS-8544)
		Fixed various typos (ITS-8587)
2017-06-02 08:29:56 +00:00
he
2b59f84fa6 Apply fix from https://bugzilla.redhat.com/show_bug.cgi?id=1238322
Incorrect multi-keyword mode cipherstring parsing.
Fixes CVE-2015-3276.
Submitted upstream as ITS#8543, it apparently wasn't already(!)
http://www.openldap.org/its/index.cgi/Incoming?id=8543

Bump PKGREVISION for both openldap, openldap-server and openldap-client
(to be on the safe side...)
2016-12-13 10:38:06 +00:00
jperkin
b4a3129764 Expand more variables for SMF manifest. Bump PKGREVISION. 2016-07-02 21:03:08 +00:00
jperkin
10f4f7f7e0 Apply upstream patch to fix pthread mutex initialisation on SunOS. Bump
PKGREVISION for client and server.
2016-06-17 14:01:58 +00:00
jperkin
a6282513e0 Add SMF manifest. Move rc.d script to openldap-server files directory
for consistency and avoid redundant FILESDIR shared between packages.
2016-06-17 13:56:53 +00:00
jperkin
17661ff9a5 Bump PKGREVISION for security/openssl ABI bump. 2016-03-05 11:27:40 +00:00
adam
f1d8051950 OpenLDAP 2.4.43 Release (2015/11/30)
Fixed liblber remove obsolete assert (ITS-8240, ITS-8301)
	Fixed libldap file URLs on windows (ITS-8273)
	Fixed libldap microsecond timer for windows (ITS-8295)
	Fixed slap tools minor one time memory leak (ITS-8082)
	Fixed slapd to avoid redundant processing of abandon ops (ITS-8232)
	Fixed slapd syncrepl segv when present list is NULL (ITS-8231, ITS-8042)
	Fixed slapd segfault with invalid SASL URI (ITS-8218)
	Fixed slapd configuration parser with unbalanced quotes (ITS-8233)
	Fixed slapd syncrepl check with config db on windows (ITS-8277)
	Fixed slapd with mod Increment and inherited attribute type (ITS-8289)
	Fixed slapd-ldap SEGV after failed retry (ITS-8173)
	Fixed slapd-ldap to skip client controls in ldap_back_entry_get (ITS-8244)
	Fixed slapd-null to have an option to return a search entry (ITS-8249)
	Fixed slapd-relay to correctly handle quoted options (ITS-8284)
	Fixed slapo-accesslog delta-sync MMR with interrupted refresh phase (ITS-8281)
	Fixed slapo-dds segfault when using slapo-memberof (ITS-8133)
	Fixed slapo-ppolicy to allow purging of stale pwdFailureTime attributes (ITS-8185)
	Fixed slapo-ppolicy to release entry on failure (ITS-7537)
	Fixed slapo-ppolicy to fall back to default policy if there is a parsing error (ITS-8234)
	Fixed slapo-syncprov with interrupted refresh phase (ITS-8281)
	Fixed slapo-refint with subtree renames (ITS-8220)
	Fixed slapo-rwm missing olcDropUnrequested attribute (ITS-7889)
	Fixed slapo-rwm parsing to avoid double-escaping rewrite rules (ITS-7964)
	Build Environment
		Fixed ldif-filter option parsing (ITS-8292)
		Fixed slapd-tester EOL handling in test output for windows (ITS-8280)
		Fixed slapd-tester executable suffix for windows (ITS-8216)
		Fixed test061 timing issues (ITS-8297)
	Contrib
		Added libnettle support to pw-pbkdf2 (ITS-8198)
		Fixed smbk5pwd compiler warnings with libnettle (ITS-8235)
		Fixed passwd symbol collisions with other crypto libraries (ITS-8294)
	Documentation
		Updated guide to reflect changes to how TLS is handled with syncrepl
2015-12-02 17:04:56 +00:00
manu
a3141bf547 Add support for ECDH, from upstream
After the recent logjam attack, longer DH parameter size have been advised.
Unfortunately, this comes with a high computational cost. ECDH is a good
alternative to acheive forward secrecy with lower CPU Loads.

This patch is a backport from upstream ECDH umplementation. ECDH is
enabled by speciying a curve name through the TLSECName directive.
Valid curve names can be obtaines by openssl ecparam -list_curves

Advised usage for a forward-secrecy only setup wiht only ECDH:
TLSCipherSuite EECDH:!RC4:!SHA:!MD5:!DES:!aNULL:!eNULL
TLSECName      prime256v1

If backward compatibility with older clients is required:
TLSCipherSuite EECDH:HIGH:!RC4:!SHA:!MD5:!DES:!aNULL:!eNULL
TLSECName      prime256v1

Backward compatible flavor with more forward secrecy, at
the expense of using costly DH. dh2048.pem is obtained using openssl
dhparam 2048 > /etc/openssl/certs/dh2048.pem
TLSCipherSuite EECDH:EDH:HIGH:!RC4:!SHA:!MD5:!DES:!aNULL:!eNULL
TLSDHParamFile /etc/openssl/certs/dh2048.pem
TLSECName      prime256v1
2015-09-14 16:32:26 +00:00
jperkin
8091aee373 Now that _STRIPFLAG_INSTALL is disabled by default on Darwin, remove manual
settings of INSTALL_UNSTRIPPED=yes for Darwin in individual packages.
2015-09-07 12:02:05 +00:00
adam
3f03bcd668 OpenLDAP 2.4.41 Release (2015/06/21)
Fixed ldapsearch to explicitly flush its buffer (ITS-8118)
	Fixed libldap async connections (ITS-8090)
	Fixed libldap double free of request during abandon (ITS-7967)
	Fixed libldap error string for LDAP_X_CONNECTING (ITS-8093)
	Fixed libldap segfault in ldap_sync_initialize (ITS-8001)
	Fixed libldap ldif-wrap off by one error (ITS-8003)
	Fixed libldap handling of TLS in async mode (ITS-8022)
	Fixed libldap null pointer dereference (ITS-8028)
	Fixed libldap mutex handling with LDAP_OPT_SESSION_REFCNT (ITS-8050)
	Fixed slapd slapadd config db import of minimal frontend entry (ITS-8150)
	Fixed slapd slapadd onetime leak with -w (ITS-8014)
	Fixed slapd sasl auxprop crash with invalid config (ITS-8092)
	Fixed slapd syncrepl delta-mmr issue with overlays and slapd.conf (ITS-7976)
	Fixed slapd syncrepl mutex for cookie state (ITS-7968)
	Fixed slapd syncrepl memory leaks (ITS-8035)
	Fixed slapd syncrepl to free presentlist at end of refresh mode (ITS-8038)
	Fixed slapd syncrepl to streamline presentlist (ITS-8042)
	Fixed slapd syncrepl concurrency when CHECK_CSN is enabled (ITS-8120)
	Fixed slapd rootdn checks for hidden backends (ITS-8108)
	Fixed slapd segfault when using matched values control (ITS-8046)
	Fixed slapd-ldap reconnection behavior on remote failure (ITS-8142)
	Fixed slapd-mdb minor case typo (ITS-8049)
	Fixed slapd-mdb one-level search (ITS-7975)
	Fixed slapd-mdb heap corruption (ITS-7965)
	Fixed slapd-mdb crash after deleting in-use schema (ITS-7995)
	Fixed slapd-mdb minor code cleanup (ITS-8011)
	Fixed slapd-mdb to return errors when using incorrect env flags (ITS-8016)
	Fixed slapd-mdb to correctly update search candidates (ITS-8036, ITS-7904)
	Fixed slapd-mdb when there were more than 65535 aliases in scope (ITS-8103)
	Fixed slapd-mdb alias deref when objectClass is not indexed (ITS-8146)
	Fixed slapd-meta TLS initialization with ldaps URIs (ITS-8022)
	Fixed slapd-meta to have better error logging (ITS-8131)
	Fixed slapd-perl conversion to cn=config (ITS-8105)
	Fixed slapd-sql autocommit config variable (ITS-8129,ITS-6613)
	Fixed slapo-collect segfault (ITS-7797)
	Fixed slapo-constraint with 0 count constraint (ITS-7780,ITS-7781)
	Fixed slapo-deref with empty attribute list (ITS-8027)
	Fixed slapo-memberof to correctly reject invalid members (ITS-8107)
	Fixed slapo-sock result parser for CONTINUE (ITS-8048)
	Fixed slapo-syncprov synprov_matchops usage of test_filter (ITS-8013)
	Fixed slapo-syncprov segfault on disconnect/abandon (ITS-5452,ITS-8012)
	Fixed slapo-syncprov memory leak (ITS-8039)
	Fixed slapo-syncprov segfault on disconnect/abandon (ITS-8043)
	Fixed slapo-syncprov deadlock when autogroup is in use (ITS-8063)
	Fixed slapo-syncprov potential loss of changes when under load (ITS-8081)
	Fixed slapo-unique enforcement of uniqueness with manageDSAit control (ITS-8057)
	Build Environment
		Fixed libdb detection with gcc 5.x (ITS-8056)
		Fixed ftello reference for Win32 (ITS-8127)
		Enhanced contrib modules build paths (ITS-7782)
		Fixed contrib/autogroup internal operation identity (ITS-8006)
		Fixed contrib/autogroup to skip internal ops with accesslog (ITS-8065)
		Fixed contrib/passwd/sha2 compiler warning (ITS-8000)
		Fixed contrib/noopsrch compiler warning (ITS-7998)
		Fixed contrib/dupent compiler warnings (ITS-7997)
		Test suite: Added vrFilter test (ITS-8046)
	Contrib
		Added pbkdf2 sha256 and sha512 schemes (ITS-7977)
		Fixed autogroup modification callback responses (ITS-6970)
		Fixed nssov compare with usergroup (ITS-8079)
		Fixed nssov password change behavior (ITS-8080)
		Fixed nssov updated to 0.9.4 (ITS-8097)
	Documentation
		Added ldap_get_option(3) LDAP_FEATURE_INFO_VERSION information (ITS-8032)
		Added ldap_get_option(3) LDAP_OPT_API_INFO_VERSION information (ITS-8032)
		Fixed slapd-config(5), slapd.conf(5) tls_cipher_suite option (ITS-8099)
		Fixed slapd-meta(5), slapd-ldap(5) tls_cipher_suite option (ITS-8099)
		Fixed slapd-meta(5) fix minor typo (ITS-7769)
2015-07-17 14:49:05 +00:00
ryoon
22bee7a3c3 Recursive revbump from databases/unixodbc. 2015-04-26 11:52:18 +00:00
adam
7046ce0a8c db4 hack is no longer needed 2014-10-06 14:31:33 +00:00
adam
1720391df0 Changes 2.4.40:
Fixed libldap DNS SRV priority handling (ITS-7027)
Fixed libldap don't leak libldap err codes (ITS-7676)
Fixed libldap CR/LF handling (ITS-4635)
Fixed libldap ldif-wrap length (ITS-7871)
Fixed libldap GnuTLS ciphersuite parsing (ITS-7500)
Fixed libldap GnuTLS with newer versions (ITS-7430,ITS-6359)
Fixed libldif to correctly handle 4096 character lines (ITS-7859)
Fixed librewrite reference counting (ITS-7723)
Fixed slapacl with back-mdb reader transactions (ITS-7920)
Fixed slapd syncrepl to send cookie on fallback (ITS-7849)
Fixed slapd syncrepl SEGV when abandoning a connection (ITS-7928)
Fixed slapd slapcat with external schema (ITS-7895)
Fixed slapd schema RDN normalization (ITS-7935)
Fixed slapd with repeated language tags (ITS-7941)
Fixed slapd modrdn crash on naming attr with no matching rule (ITS-7850)
Fixed slapd memory leak in control handling (ITS-7942)
Fixed slapd-ldap removed dead code (ITS-7922)
Fixed slapd-mdb to work concurrently with slapadd (ITS-7798)
Fixed slapd-mdb with paged results (ITS-7705, ITS-7800)
Fixed slapd-mdb slapcat with nonexistent indices (ITS-7870)
Fixed slapd-mdb long lived reader transactions (ITS-7904)
Fixed slapd-mdb memory leak on matchedDN (ITS-7872)
Fixed slapd-mdb sorting of attribute values (ITS-7902)
Fixed slapd-mdb to flag attribute values as sorted (ITS-7903)
Fixed slapd-mdb index config handling (ITS-7912)
Fixed slapd-mdb entry release handling (ITS-7915)
Fixed slapd-mdb with aliases and referrals (ITS-7927)
Fixed slapd-mdb alias dereferencing (ITS-7702)
Fixed slapd-sock socket flushing (ITS-7937)
Fixed slapo-accesslog attribute normalization (ITS-7934)
Fixed slapo-accesslog internal search logging (ITS-7929)
Fixed slapo-auditlog connection destroy logic (ITS-7906,ITS-7923)
Fixed slapo-chain interaction with slapo-rwm (ITS-7930)
Fixed slapo-constraint connection destroy logic (ITS-7906,ITS-7923)
Fixed slapo-dds connection destroy logic (ITS-7906,ITS-7923)
Fixed slapo-dyngroup connection destroy logic (ITS-7906,ITS-7923)
Fixed slapo-memberof attr count (ITS-7893)
Fixed slapo-memberof frontendDB handling (ITS-7249)
Fixed slapo-memberof internal search logging (ITS-7929)
Fixed slapo-pcache config processing (ITS-7919)
Fixed slapo-pcache connection destroy logic (ITS-7906,ITS-7923)
Added slapo-ppolicy ORDERING rules (ITS-7838)
Fixed slapo-ppolicy timestamp resolution to use microseconds (ITS-7161)
Fixed slapo-ppolicy connection destroy logic (ITS-7906,ITS-7923)
Fixed slapo-refint to check for pauses in cn=config (ITS-7873)
Fixed slapo-refint internal search logging (ITS-7929)
Fixed slapo-refint connection destroy logic (ITS-7906,ITS-7923)
Fixed slapo-seqmod connection destroy logic (ITS-7906,ITS-7923)
Fixed slapo-slapover connection destroy logic (ITS-7906,ITS-7923)
Fixed slapo-sock db_init (ITS-7868)
Fixed slapo-sssvlv fix olcSssVlvMaxPerConn (ITS-7908)
Fixed slapo-translucent double free (ITS-7587)
Fixed slapo-translucent to work with manageDSAit (ITS-7864)
Fixed slapo-translucent to use local backend with local entries (ITS-7915)
Fixed slapo-unique connection destroy logic (ITS-7906,ITS-7923)
Fixed slapcacl with invalid suffix
2014-10-01 08:32:31 +00:00
tron
8ae3d3727f Add patch from OpenLDAP GIT repository to fix CVE-2013-4449 (SA55238). 2014-05-09 08:12:00 +00:00
asau
4c5255b0ed Use O_SYNC instead of O_DSYNC on FreeBSD. This fixes build on FreeBSD 9-10. 2014-03-25 22:36:58 +00:00
jperkin
45bc40abb4 Remove example rc.d scripts from PLISTs.
These are now handled dynamically if INIT_SYSTEM is set to "rc.d", or
ignored otherwise.
2014-03-11 14:04:57 +00:00
tron
73d05e2276 Recursive PKGREVISION bump for OpenSSL API version bump. 2014-02-12 23:17:32 +00:00
adam
39dd4452c0 Changes 2.4.36:
Added back-meta target filter patterns (ITS 7609)
Added liblmdb mdb_txn_env to API (ITS 7660)
Fixed libldap CLDAP with uninit'd memory (ITS 7582)
Fixed libldap with UDP (ITS 7583)
Fixed libldap OpenSSL TLS versions (ITS 7645)
Fixed liblmdb MDB_PREV behavior (ITS 7556)
Fixed liblmdb transaction issues (ITS 7515)
Fixed liblmdb mdb_drop overflow page return (ITS 7561)
Fixed liblmdb nested split (ITS 7592)
Fixed liblmdb overflow page behavior (ITS 7620)
Fixed liblmdb race condition with read and write txns (ITS 7635)
Fixed liblmdb mdb_del behavior with MDB_DUPSORT and mdb_del (ITS 7658)
Fixed slapd cn=config with unknown schema elements (ITS 7608)
Fixed slapd cn=config with loglevel 0 (ITS 7611)
Fixed slapd slapi filterlist free behavior (ITS 7636)
Fixed slapd slapi control free behavior (ITS 7641)
Fixed slapd schema countryString as directoryString (ITS 7659)
Fixed slapd schema telephoneNumber as directoryString (ITS 7659)
Fixed slapd-bdb/hdb to wait for read locks in tool mode (ITS 6365)
Fixed slapd-mdb behavior with alias dereferencing (ITS 7577)
Fixed slapd-mdb modrdn and base-scoped searches (ITS 7604)
Fixed slapd-mdb refcount behavior (ITS 7628)
Fixed slapd-meta binding flag is set (ITS 7524)
Fixed slapd-meta with minimal config (ITS 7581)
Fixed slapd-meta missing results messages (ITS 7591)
Added slapd-meta TCP keepalive support (ITS 7513)
Fixed slapo-sssvlv double free (ITS 7588)
Fixed slaptest to list -Q option (ITS 7568)
Build Environment
	Fixed slapd-meta declaration warnings (ITS 7654)
Contrib
	Fixed nssov group enumeration bug (ITS 7569)
	Fixed autogroup when URI has no attrs (ITS 7580)
Documentation
	admin24 Update database backend notes (ITS 7590)
	ldap.conf(5) fixed typos (ITS 7568)
	ldapmodify(1) remove replog reference (ITS 7562)
	ldif(5) remove replog reference (ITS 7562)
	slapd-config(5) remove replog reference (ITS 7562)
	slapd.conf(5) remove replog reference (ITS 7562)
	slapd-config(5) document TLSProtocolMin (ITS 5655,ITS 7645)
	slapd.conf(5) document TLSProtocolMin
2013-08-20 15:26:27 +00:00
jperkin
b091c2f172 Bump PKGREVISION of all packages which create users, to pick up change of
sysutils/user_* packages.
2013-07-12 10:44:52 +00:00
adam
d37eac99ef Added slapi support as an option 2013-05-04 18:16:37 +00:00
adam
9e610cf0b7 OpenLDAP 2.4.34 Release (2013/03/03)
Fixed libldap connections with EINTR (ITS7476)
	Fixed libldap lineno overflow in ldif_read_record (ITS7497)
	Fixed liblmdb mdb_env_open flag handling (ITS7453)
	Fixed liblmdb mdb_midl_sort array optimization (ITS7432)
	Fixed liblmdb freelist with large entries (ITS7455)
	Fixed liblmdb to check for filled dirty page list (ITS7491)
	Fixed liblmdb to validate data limits (ITS7485)
	Fixed liblmdb mdb_update_key for large keys (ITS7505)
	Fixed ldapmodify to not core dump with invalid LDIF (ITS7477)
	Fixed slapd syncrepl for old entries in MMR setup (ITS7427)
	Fixed slapd signedness for index_substr_any_* (ITS7449)
	Fixed slapd enforce SLAPD_MAX_DAEMON_THREADS (ITS7450)
	Fixed slapd mutex in send_ldap_ber (ITS6164)
	Added slapd-ldap onerr option (ITS7492)
	Added slapd-ldap keepalive support (ITS7501)
	Fixed slapd-ldif with empty dir (ITS7451)
	Fixed slapd-mdb to reopen attr DBs after env reopen (ITS7416)
	Fixed slapd-mdb handling of missing entries (ITS7483,7496)
	Fixed slapd-mdb environment flag setting (ITS7452)
	Fixed slapd-mdb with sub db slapcat (ITS7469)
	Fixed slapd-mdb to correctly work with toolthreads > 2 (ITS7488,ITS7527)
	Fixed slapd-mdb subtree search speed (ITS7473)
	Fixed slapd-meta conversion to cn=config (ITS7525)
	Fixed slapd-meta segfault when modifying olcDbUri (ITS7526)
	Fixed slapd-sql back-config support (ITS7499)
	Fixed slapo-constraint handle uri and restrict correctly (ITS7418)
	Fixed slapo-constraint with multi-master replication (ITS7426)
	Fixed slapo-constraint segfault (ITS7431)
	Fixed slapo-deref control initialization (ITS7436)
	Fixed slapo-deref control exposure (ITS7445)
	Fixed slapo-memberof with internal ops (ITS7487)
	Fixed slapo-pcache matching rules for config db (ITS7459)
	Fixed slapo-rwm modrdn cleanup (ITS7414)
	Fixed slapo-sssvlv maxperconn parameter (ITS7484)
	Build Environment
		Fixed slapo-constraint test suite (ITS7423)
	Contrib
		Added nssov nssov_config support (ITS7518)
		Added nssov password_prohibit_message (ITS7518)
		Fixed ldapc++ with gcc-4.7 (ITS7281,ITS7304)
		Fixed nssov olcNssPamSession handling (ITS7481)
		Fixed nssov connection DN (ITS7518)
		Add missing Makefile for various modules (ITS7308)
		Unify Makefile structure for modules (ITS7309)
		Fixed slapo-allowed attribute replication (ITS7493)
		Fixed slapo-passwd SHA2 to correctly zero buffer (ITS7490)
	Documentation
		ldapurl(1) fix example usage (ITS7454)
		ldap_get_option(3) fixed trailing whitespace (ITS7411)
		slapd-config(5) olcExtraAttrs is per db (ITS7421)
		slapd-overlays(5) update manpage index (ITS7489)
		slapo-dynlist(5) Search behavior notes (ITS7486)
		slapo-valsort(5) Document valsort control syntax (ITS7523)
2013-03-16 12:49:54 +00:00
obache
64deda1dc9 recursive bump from cyrus-sasl libsasl2 shlib major bump. 2012-12-16 01:51:57 +00:00
asau
354ee694fd Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-02 21:25:15 +00:00
wiz
f98e8b0585 Add inet6 to default suggested options. It's 2012. 2012-06-12 15:45:54 +00:00
marino
d4dad1f9f1 databases/openldap-server: define CFLAGS.DragonFly
O_DSYNC and fdatasync don't exist on DragonFly, so define these as
O_SYNC and fsync as recommended in the libmdb/mdb.c comments for
DragonFly only.
2012-03-26 21:30:09 +00:00
adam
63d3d2de02 Changes 2.4.30:
Fixed libldap socket polling for writes
Fixed liblutil string modifications
Fixed slapd crash when attrsOnly is true
Fixed slapd syncrepl delete handling
Fixed slapd-mdb slapadd with -q
Fixed slapd-mdb slapadd with -w
Fixed slapd-mdb slapindex with -q and -t
Fixed slapo-pcache time-to-refesh handling
Fixed slapo-syncprov loop detection
Build Environment
	Fixed POSIX make support
	Fixed slapd-mdb build on POSIX
Documentation
	Added option "-o" to ldap*(1) pages
	Fixed ldap*(1) page cleanup
	Fixed ldap_modify(3) prototypes
2012-03-13 19:57:10 +00:00
sbd
d160c07f03 Add devel/libuuid buildlink on Linux and SunOS only.
Bump PKGREVISION
2011-12-02 08:53:08 +00:00
drochner
4c5037c2d0 Fix an off-by-one error in the UTF8StringNormalize function that allows
remote attackers to cause a denial of service (slapd crash) via a
zero-length string that triggers a heap-based buffer overflow
bump PKGREV
2011-10-30 18:05:28 +00:00
drochner
c1d713a9e4 update to 2.4.24
changes:
-Added LDIF line wrapping setting
-Added libldap cert x500UniqueIdentifier handling
-Added libldap_r,libldap formal concurrency API
-Added slapadd attribute value checking
-Added slapcat continue mode for problematic DBs
-Added slapd syncrepl suffixmassage support
-Added slapd multiple listener threads
-Added slapd extensible match for ordering rules
-Added slapd-meta paged results control forwarding
-Added slapd-meta subtree-include support
-Added slapd-null back-config support
-Added slapd-sql autocommit support
-Added slapd-sql support for long long keys
-Added slapo-sssvlv multiple sorts per connection
-many bugfixes
-documentation improvements

approved by Geert Hendrickx (the MAINTAINER)
2011-03-17 14:09:20 +00:00
adam
8229da7db1 dynamic linking won't work on Darwin when slapd gets stripped 2010-12-17 14:13:02 +00:00
adam
6109aa350c Revbump after updating databases/db5 2010-09-16 08:04:14 +00:00
ghen
d3d7c5854b Update to OpenLDAP 2.4.23, now the "stable" release.
OpenLDAP 2.4.23 Release (2010/06/30)
	Fixed libldap to return server's error code (ITS#6569)
	Fixed libldap memleaks (ITS#6568)
	Fixed liblutil off-by-one with delta (ITS#6541)
	Fixed slapd acls with glued databases (ITS#6468)
	Fixed slapd syncrepl rid logging (ITS#6533)
	Fixed slapd modrdn handling of invalid values (ITS#6570)
	Fixed slapd-bdb hasSubordinates computation (ITS#6549)
	Fixed slapd-bdb to use memcpy instead for strcpy (ITS#6474)
	Fixed slapd-bdb entry cache delete failure (ITS#6577)
	Fixed slapd-ldap to return control responses (ITS#6530)
	Fixed slapo-ppolicy to use Debug (ITS#6566)
	Fixed slapo-refint to zero out freed DN vals (ITS#6572)
	Fixed slapo-rwm to use Debug (ITS#6566)
	Fixed slapo-sssvlv to use Debug (ITS#6566)
	Fixed slapo-syncprov lost deletes in refresh phase (ITS#6555)
	Fixed slapo-valsort to use Debug (ITS#6566)
 	Fixed contrib/nssov network.c missing patch (ITS#6562)
	Build Environment
		Fixed test043 attribute sorting (ITS#6553)
	Documentation
	        slapd-config(5) note default rootdn (ITS#6546)

OpenLDAP 2.4.22 Release (2010/04/24)
	Added slapd SLAP_SCHEMA_EXPOSE flag for hidden schema elements (ITS#6435)
	Added slapd tools selective iterations (ITS#6442)
	Added slapd syncrepl TCP keepalive (ITS#6389)
	Added slapo-ldap idassert-passthru (ITS#6456)
	Added slapo-pbind
	Fixed libldap gmtime re-entrancy (ITS#6262)
	Fixed libldap gssapi off by one error (ITS#6223)
	Fixed libldap GnuTLS serial length (ITS#6460)
	Fixed libldap MozNSS context and PEM support (ITS#6432)
	Fixed libldap referral on bind behavior(ITS#6510)
	Fixed slapd acl non-entry internal searches (ITS#6481)
	Fixed slapd acl attrval style initialization (ITS#6520)
	Fixed slapd certificateListValidate (ITS#6466)
	Fixed slapd empty URI parsing (ITS#6465)
	Fixed slapd glued misplaced entries (ITS#6506)
	Fixed slapd glued paged cookies (ITS#6507)
	Fixed slapd glued paged results (ITS#6504)
	Fixed slapd gmtime re-entrancy (ITS#6262)
	Fixed slapd to ignore controls with unrecognized flags (ITS#6480)
	Fixed slapd entry ownership (ITS#5340)
	Fixed slapd sasl auxprop_lookup (ITS#6441)
	Fixed slapd sasl auxprop ssf (ITS#5195)
	Fixed slapd syncrepl for attributes with no matching rule (ITS#6458)
	Fixed slapd syncrepl for unknown attrs and delta-sync (ITS#6473)
	Fixed slapd syncrepl loop with moddn (ITS#6472)
	Fixed slapo-accesslog to not replicate internal purges (ITS#6519)
	Fixed slapd-bdb contextCSN updates from updatedn (ITS#6469)
	Fixed slapd-bdb lockobj zeroing (ITS#6501)
	Fixed slapd-ldap/meta control criticality (ITS#6523)
	Fixed slapd-ldap/meta with ordered values (ITS#6516)
	Fixed slapo-collect entry ownership (ITS#5340,ITS#6423)
	Fixed slapo-dds with NULL backend (ITS#6490)
	Fixed slapo-dynlist entry ownership (ITS#5340,ITS#6423)
	Fixed slapo-memberof attr count (ITS#6508)
	Fixed slapo-pcache to release its own entries (ITS#6484)
	Fixed slapo-pcache with NULL backend (ITS#6490)
	Fixed slapo-rwm entry release handling (ITS#6484)
	Fixed slapo-rwm memory handling with rewrites (ITS#6526)
	Fixed slapo-rwm olcRwmMap handling (ITS#6436)
	Fixed slapo-rwm entry ownership (ITS#5340,ITS#6423)
	Fixed slapo-syncprov memory leak (ITS#6459)
	Fixed slapo-translucent counter increment (ITS#6497)
	Fixed slapo-valsort entry ownership (ITS#5340,ITS#6423)
	Fixed contrib/sha2 adds mechs for more hashes (ITS#6433)
	Fixed contrib/nssov to use nss-pam-ldapd (ITS#6488)
	Build Environment
		Added back-ldif, back-null test support (ITS#5810)
	Documentation
		admin24 avoid explicit moduleload statements (ITS#6486)
		admin24 broken link fixes (ITS#6493,ITS#6515)
	        slapd.access(5) val.regex explanation (ITS#5804)
2010-07-24 11:15:16 +00:00
adam
65b56157a7 Fix buildling with db5; revbump for db4 update 2010-06-02 12:15:29 +00:00
ghen
8d4f43dbe7 Update to OpenLDAP 2.4.21, now the "stable" release.
OpenLDAP 2.4.21 Release (2009/12/20)
	Fixed liblutil for negative microsecond offsets (ITS#6405)
	Fixed slapd global settings to work without restart (ITS#6428)
	Fixed slapd looping with SSL/TLS connections (ITS#6412)
	Fixed slapd syncrepl freeing tasks from queue (ITS#6413)
	Fixed slapd syncrepl parsing of tls defaults (ITS#6419)
	Fixed slapd syncrepl uninitialized variables (ITS#6425)
	Fixed slapd-config Adds with Abstract classes (ITS#6408)
	Fixed slapo-dynlist behavior with simple filters (ITS#6421)
	Fixed slapd-ldif access outside database directory (ITS#6414)
	Fixed slapd-null extraneous assert (ITS#6403)
	Fixed slapo-translucent with back-null (ITS#6403)
	Fixed slapo-unique criteria checking (ITS#6270)
	Build Environment
		Deleted broken LBER_INVALID macro (ITS#6402)
		Fixed test058 kill usage (ITS#6420)
		Fixed meta regression test (ITS#6418)
	Documentation
		slapd-meta(5) Note deprecated functions (ITS#6424)
		admin24 fix set example for group of groups (ITS#6382)
		admin24 fix dynamic group documentation (ITS#6290)

OpenLDAP 2.4.20 Release (2009/11/27)
	Fixed client tools with LDAP options (ITS#6283)
	Fixed liblber embedded NUL values in BerValues (ITS#6353)
	Fixed liblber inverted LBER_USE_DER test (ITS#6348)
	Fixed liblber to return failure on certain failures (ITS#6344)
	Fixed libldap connection initialization (ITS#6386)
	Fixed libldap sasl buffer sizing (ITS#6327,ITS#6334)
	Fixed libldap uninitialized return value (ITS#6355)
	Fixed libldap unlimited timeout (ITS#6388)
	Added slapd handling of hex server IDs (ITS#6297)
	Added slapd syncrepl contextCSN storing in subentry (ITS#6373)
	Fixed slapd asserts in minimal environment (ITS#6361)
	Fixed slapd authid-rewrite parsing (ITS#6392)
	Fixed slapd checks of str2filter (ITS#6391)
	Fixed slapd configArgs initialization (ITS#6363)
	Fixed slapd debug handling of LDAP_DEBUG_ANY (ITS#6324)
	Fixed slapd db_open with connection_fake_init (ITS#6381)
	Fixed slapd with embedded \0 in bervals (ITS#6378,ITS#6379)
	Fixed slapd inclusion of ac/unistd.h (ITS#6342)
	Fixed slapd invalid dn log message (ITS#6309)
	Fixed slapd lockup on shutdown (ITS#6372)
	Fixed slapd onetime leak (ITS#6398)
	Fixed slapd RID range to be decimal only (ITS#6394)
	Fixed slapd sl_free to better reclaim memory (ITS#6380)
	Fixed slapd syncrepl deletes in MirrorMode (ITS#6368)
	Fixed slapd syncrepl to use correct SID (ITS#6367)
	Fixed slapd termination for one level DNs (ITS#6338)
	Fixed slapd tls_accept to retry in certain cases (ITS#6304)
	Fixed slapd-bdb/hdb cache corruption (ITS#6341)
	Fixed slapd-bdb/hdb entry cache (ITS#6360)
	Fixed slapd-ldap leak (ITS#6326)
	Fixed slapd-relay bind segfault (ITS#6337)
	Fixed slapo-accesslog ensure CSNs are normalized (ITS#6400)
	Fixed slapo-memberof operational attr updates (ITS#6329)
	Fixed slapo-pcache entry dupe (ITS#6310)
	Fixed slapo-syncprov checkpoint conversion (ITS#6370)
	Fixed slapo-syncprov deadlock (ITS#6335)
	Fixed slapo-syncprov memory leak (ITS#6376)
	Fixed slapo-syncprov out of order changes (ITS#6346)
	Fixed slapo-syncprov psearch with stale cookie (ITS#6397)
	Build Environment
		Added additional operations for ITS#6332
		Fixed memrchr define (ITS#6351)
		Fixed slapd MAXPATHLEN handling (ITS#6342)
		Added test050 rapid add/mod/del sequence (ITS#6368)
		Fixed test057 handling of memberof/refint (ITS#6343)
		Fixed slapd test error ignoring (ITS#6345)
		Fixed liblutil constant (ITS#5909)
	Documentation
		admin24 fix RFC4511 and other references (ITS#6399)
		ldap_get_dn(3) typos (ITS#5366)
		ldap.conf(5) clarify comment usage (ITS#6384)
		slapd.conf(5) note hex server IDs (ITS#6297)
		slapd-config(5) note hex server IDs (ITS#6297)
2010-02-19 20:49:29 +00:00
joerg
d0278d538d Recursive bump for libltdl 2009-12-15 21:30:51 +00:00
ghen
06ee8a46d0 Fix new config file path. 2009-10-29 15:50:17 +00:00
ghen
7431b869be Update OpenLDAP packages to 2.4.19, which is now the "stable release".
OpenLDAP 2.4.19 Release (2009/10/06)
	Fixed client tools with null timeouts (ITS#6282)
	Fixed slapadd to warn about missing attrs for replicas (ITS#6281)
	Fixed slapd acl cache (ITS#6287)
	Fixed slapd tools to allow -n for conversion (ITS#6258)
	Fixed slapd-ldap with null timeouts (ITS#6282)
	Fixed slapd-ldap with strong binds with relay/translucent (ITS#6296)
	Fixed slapd-ldif buffer overflow (ITS#6303)
	Fixed slapo-auditlog comments when modifying (ITS#6286)
	Fixed slapo-dynlist lock leak (ITS#6308)
	Fixed slapo-pcache cache corruption (ITS#6242)
	Fixed slapo-sssvlv sort control dereferencing (ITS#6288)
	Fixed contrib/autogroup segfaults (ITS#6279)
	Fixed contrib/nssov getgroupbymembers (ITS#6291)
	Fixed contrib/smbk5pwd rpath linking (ITS#6323)
	Build Environment
		Fixed --enable-deref support (ITS#6311)
		Fixed contrib/autogroup default libtool path (ITS#6284)
		Deleted nadf.schema (ITS#6140)

OpenLDAP 2.4.18 Release (2009/09/06)
	Fixed client tools common options (ITS#6049)
	Fixed liblber speed and other problems (ITS#6215)
	Added libldap MozNSS PEM support (ITS#6278)
	Added libldap option for SASL_USERNAME (ITS#6257)
	Fixed libldap error parsing (ITS#6197)
	Fixed libldap native getpass usage (ITS#4643)
	Fixed libldap tls_check_hostname for OpenSSL and MozNSS (ITS#6239)
	Added slapd tcp buffers support (ITS#6234)
	Fixed slapd allow mirrormode to be set to FALSE (ITS#5946)
	Fixed slapd certificate list parsing (ITS#6241)
	Fixed slapd writers blocking (ITS#6276)
	Fixed slapd dncachesize behavior to unlimited by default (ITS#6222)
	Fixed slapd incorrectly applying writetimeout when not set (ITS#6220)
	Fixed slapd with duplicate empty lines for olcDbConfig (ITS#6240)
	Fixed slapd server URL matching (ITS#5942)
	Fixed slapd subordinate needs a suffix (ITS#6216)
	Fixed slapd syncrepl decrement on possible NULL value (ITS#6256)
	Fixed slapd tools to properly close database (ITS#6214)
	Fixed slapd uninitialized SlapReply components (ITS#6101)
	Fixed slapd-meta starttls with targets (ITS#6190)
	Fixed slapd-monitor stats with glued subordinates (ITS#6243)
	Fixed slapd-ndb startup (ITS#6203)
	Fixed slapd-relay various issues (ITS#6133)
	Fixed slapd-relay response/cleanup callback mismatch (ITS#6154)
	Fixed slapd-sql with baseObject query (ITS#6172)
	Fixed slapd-sql with empty attribute (ITS#6163)
	Fixed slapo-dynlist uninitialized var (ITS#6266)
	Fixed slapo-pcache multiple enhancements (ITS#6152,ITS#5178)
	Fixed slapo-ppolicy updating operational attributes (ITS#6265)
	Fixed slapo-translucent attribute return (ITS#6254)
	Fixed slapo-translucent filter matching (ITS#6255)
	Fixed slapo-translucent to honor sizelimit (ITS#6253)
	Fixed slapo-unique filter matching (ITS#6077)
	Fixed tools off by one error (ITS#6233)
	Fixed tools resource leaks (ITS#6145)
	Added contrib/allowed (ITS#4730)
	Fixed contrib/autogroup with RE24 (ITS#6227)
	Fixed contrib/nss symbols (ITS#6273)
	Build Environment
		Tests note which backend is being tested (ITS#5810)
		Fixed test056-monitor with custom ports (ITS#6213)
	Documentation
		admin24 fix broken link (ITS#6264)
		ldap_open(3) document URI (ITS#6261)

OpenLDAP 2.4.17 Release (2009/07/13)
	Fixed liblber to use ber_strnlen (ITS#6080)
	Fixed libldap GnuTLS private key init (ITS#6053)
	Fixed libldap openssl digest initialization (ITS#6192)
	Fixed libldap tls NULL error messages (ITS#6079)
	Fixed libldap_r missing stub (ITS#6188)
	Fixed liblutil opendir/closedir on windows (ITS#6041)
	Fixed liblutil for _GNU_SOURCE (ITS#5464,ITS#5666)
	Added slapd sasl auxprop support (ITS#6147)
	Added slapd schema checking tool (ITS#6150)
	Added slapd writetimeout keyword (ITS#5836)
	Fixed slapd abandon/cancel handling for some ops (ITS#6157)
	Fixed slapd access setstyle to expand (ITS#6179)
	Fixed slapd assert with closing connections (ITS#6111)
	Fixed slapd bind race condition (ITS#6189)
	Fixed slapd cancel behavior (ITS#6137)
	Fixed slapd cert validation (ITS#6098)
	Fixed slapd connection_destroy assert (ITS#6089)
	Fixed slapd csn normalization (ITS#6195)
	Fixed slapd errno handling (ITS#6037)
	Fixed slapd global alloc handling (ITS#6054)
	Fixed slapd hung writers (ITS#5836)
	Fixed slapd ldapi issues (ITS#6056)
	Fixed slapd moduleload with static backends and modules (ITS#6016)
	Fixed slapd normalization of updated schema attributes (ITS#5540)
	Fixed slapd olcLimits handling (ITS#6159)
	Fixed slapd olcLogLevel with hex levels (ITS#6162)
	Fixed slapd pagedresults stacked control with overlays (ITS#6056)
	Fixed slapd password-hash incorrect limit on arg length (ITS#6139)
	Fixed slapd readonly restrictions (ITS#6109)
	Fixed slapd sending cancelled operations results (ITS#6103)
	Fixed slapd slapi_entry_has_children (ITS#6132)
	Fixed slapd sockets usage on windows (ITS#6039)
	Fixed slapd some abandon and cancel race conditions (ITS#6104)
	Fixed slapd tls context after changes (ITS#6135)
	Fixed slapd-bdb/hdb adjust dncachesize if too low (ITS#6176)
	Fixed slapd-bdb/hdb crashes during delete (ITS#6177)
	Fixed slapd-bdb/hdb multiple olcIndex for same attr (ITS#6196)
	Fixed slapd-hdb freeing of already freed entries (ITS#6074)
	Fixed slapd-hdb entryinfo cleanup (ITS#6088)
	Fixed slapd-hdb dncache lockups (ITS#6095)
	Fixed slapd-ldap deadlock with non-responsive TLS URIs (ITS#6167)
	Fixed slapd-relay to return failure on failure (ITS#5328)
	Fixed slapd-sql with BACKSQL_ARBITRARY_KEY defined (ITS#6100)
	Fixed slapo-collect collectinfo ordering (ITS#6076)
	Fixed slapo-collect missing equality match rule (ITS#6075)
	Fixed slapo-dds entry expiration (ITS#6169)
	Fixed slapo-perl symbols (ITS#5658)
	Fixed slapo-ppolicy to honor pwdLockout (ITS#6168)
	Fixed slapo-ppolicy to return check modules error message (ITS#6082)
	Fixed slapo-refint refint_repair handling (ITS#6056)
	Added slapo-rwm rwm-drop-unrequested-attrs config option (ITS#6057)
	Fixed slapo-rwm dn passing (ITS#6070)
	Fixed slapo-rwm entry free (ITS#6058)
	Fixed slapo-rwm entry release (ITS#6081)
	Fixed slapo-translucent entry gathering (ITS#6156)
	Fixed tools returning ldif errors (ITS#5892)
	Fixed contrib/smbk5pwd use of private functions (ITS#5535)
	Build Environment
		Added test056-monitor (ITS#5540)
		Added test057-memberof-refint (ITS#5395)
		Fixed winsock detection for windows (ITS#6102, ITS#6078)
		Removed GSSAPI configure option (ITS#6091,ITS#6092,ITS#6093,ITS#5369)
	Documentation
		admin24 relocate configuration examples (ITS#6183)
		admin24 fixed example regex (ITS#6052)
		admin24 removed temporary back-monitor note (ITS#6130)
		admin24 slapd.conf to cn=config conversion process (ITS#6060)
		man page consistency fixes (ITS#6023)
		ldapcompare(1) note -e option (ITS#6107)
		ldapdelete(1) note -e option (ITS#6107)
		ldapmodify(1) note -e option (ITS#6107)
		ldapmodrdn(1) note -e option (ITS#6107)
		ldapsearch(1) output format description (ITS#6146)
		ldapurl(1) note -e option (ITS#6107)
		ldapwhoami(1) note -e option (ITS#6107)
		ldap_result(3) Add RETURN VALUE heading (ITS#6180)
		ldap.conf(5) improve sizelimit/timelimit limits (ITS#6127)
		slapd.access(5) Fix <setstyle> to use expand (ITS#6179)
		slapd.conf(5) document default modulepath (ITS#5829)
		slapd.conf(5) pidfile/argsfile description fix (ITS#5975)
		slapd-config(5) document default modulepath (ITS#5829)
		slapd-config(5) pidfile/argsfile description fix (ITS#5975)
		slapo-constraint(5) clarify URI example (ITS#6118)
		slapo-unique(5) explicitly note rootdn requirement (ITS#6108)
		slapadd(8) note it does indexing (ITS#6160)
2009-10-29 06:56:10 +00:00
ghen
5a967c2549 Remove kerberos option. It only implied the sasl option (hackish) and
kerberos is just one of the SASL authentication methods, which have to
be configured in cyrus-sasl, not in openldap.  Fixes PR pkg/41634.
2009-06-27 09:55:09 +00:00
joerg
0268c554bd Remove @dirrm entries from PLISTs 2009-06-14 17:38:38 +00:00
ghen
4caf652dd2 Update OpenLDAP packages to 2.4.16, the new stable release.
patch-db (for openldap-cloak module) has been included upstream.

OpenLDAP 2.4.16 Release (2009/04/05)
	Fixed libldap GnuTLS with x509v1 CA certs (ITS#5992)
	Fixed libldap GnuTLS with CA chains (ITS#5991)
	Fixed libldap GnuTLS TLSVerifyCilent try (ITS#5981)
	Fixed libldap segfault in checking cert/DN (ITS#5976)
	Fixed libldap peer cert double free (ITS#5849)
	Fixed libldap referral chasing (ITS#5980)
	Fixed slapd backglue with empty DBs (ITS#5986)
	Fixed slapd ctxcsn race condition (ITS#6001)
	Fixed slapd debug message (ITS#6027)
	Fixed slapd redundant module loading (ITS#6030)
	Fixed slapd schema_init freed value (ITS#6036)
	Fixed slapd syncrepl newCookie sync messages (ITS#5972)
	Fixed slapd syncrepl hang during shutdown (ITS#6011)
	Fixed slapd syncrepl too many MMR messages (ITS#6020)
	Fixed slapd syncrepl skipped entries with MMR (ITS#5988)
	Fixed slapd-bdb/hdb cachesize handling (ITS#5860)
	Fixed slapd-bdb/hdb with slapcat with empty dn (ITS#6006)
	Fixed slapd-bdb/hdb with NULL transactions (ITS#6012)
	Fixed slapd-ldap incorrect referral handling (ITS#6003,ITS#5916)
	Fixed slapd-ldap/meta with broken AD results (ITS#5977)
	Fixed slapd-ldap/meta with invalid attrs again (ITS#5959)
	Fixed slapo-accesslog interaction with ppolicy (ITS#5979)
	Fixed slapo-dynlist conversion to cn=config (ITS#6002)
	Fixed slapo-syncprov newCookie sync messages (ITS#5972)
	Fixed slapd-syncprov too many MMR messages (ITS#6020)
	Fixed slapo-syncprov replica lockout (ITS#5985)
	Fixed slapo-syncprov modtarget tracking (ITS#5999)
	Fixed slapo-syncprov multiple CSN propagation (ITS#5973)
	Fixed slapo-syncprov race condition (ITS#6045)
	Fixed slapo-syncprov sending cookies without CSN (ITS#6024)
	Fixed slapo-syncprov skipped entries with MMR (ITS#5988)
	Fixed tools passphrase free (ITS#6014)
	Build Environment
		Cleaned up alloc/free functions for Windows (ITS#6005)
		Fixed running of autosave files in testsuite (ITS#6026)
	Documentation
		admin24 clarified MMR URI requirements (ITS#5942,ITS#5987)
		Added ldapexop(1) manual page (ITS#5982)
		slapd-ldap/meta(5) added missing TLS options (ITS#5989)
2009-04-27 07:15:43 +00:00
ghen
8beb969c42 Switch OpenLDAP server and modules to use database/db4 as a backend again,
now db 4.7 is known to work.  Ok adam, manu.
2009-04-27 07:13:01 +00:00
ghen
cb3a09b1d3 @dirrm share/examples/openldap is in openldap-client (for ldap.conf). 2009-02-18 09:25:37 +00:00
manu
dc5a8a9804 - Add optionnal DSO support to slapd.
- Bump revision of openldap-server because of that
- Remove the smbk5pwd option, which will be moved to another package as module
2009-01-31 15:59:04 +00:00
manu
5e12cd756a Upgrade to 2.4.13. Initial patches from ghen@
OpenLDAP 2.4.13 Release (2008/11/24)
  Added libldap dereference control support (ITS#5768)
  Fixed libldap parameter checking (ITS#5817)
  Fixed liblutil hex conversion (ITS#5699)
  Fixed liblutil returning undefined data (ITS#5748)
  Fixed libldap error code return (ITS#5762)
  Fixed libldap interaction with GnuTLS CN IP-based matches (ITS#5789)
  Fixed libldap MAXHOSTNAMELEN typo (ITS#5815)
  Fixed libldap Ipv6 detection (ITS#5739)
  Fixed libldap setuid usage with .ldaprc (ITS#4750)
  Fixed slapacl crasher (ITS#5820)
  Fixed slapd acl checks on ADD (ITS#4556,ITS#5723)
  Fixed slapd acl application to newly created backends (ITS#5572)
  Fixed slapd #if/#elif issues in thread includes (ITS#5824)
  Added slapd keyword add_content_acl for add checks (ITS#4556,ITS#5723)
  Fixed slapd concurrent access to connections (ITS#5814)
  Fixed slapd config backend olcLogFile support (ITS#5765)
  Fixed slapd contextCSN pending list (ITS#5709)
  Fixed slapd control criticality (ITS#5785)
  Added slapd dn.this search limits (ITS#5734)
  Fixed slapd error status on shutdown (ITS#5745)
  Fixed slapd filter substring handling (ITS#5803)
  Fixed slapd nameUIDPretty bitstring parsing (ITS#5750)
  Fixed slapd null termination of password (ITS#5794)
  Fixed slapd overlay/database open with real structure (ITS#5724)
  Fixed slapd parsing of read entry control (ITS#5741)
  Added slapd PMI schema (ITS#5695)
  Added slapd private databases in global overlays (ITS#5735,ITS#5736)
  Fixed slapd rdn generation when it isn't specified (ITS#5819)
  Fixed slapd slapd.conf validation to LDIF (ITS#5755)
  Fixed slapd startup scan for CSN (ITS#5640)
  Fixed slapd statslog printing of released entry (ITS#5775)
  Added slapd support for certificateListExactMatch (ITS#5700)
  Fixed slapd syncrepl event loss (ITS#5710)
  Fixed slapd syncrepl MOD of attrs with no EQ rule (ITS#5781)
  Fixed slapd syncrepl rename handling (ITS#5809)
  Fixed slapd syncrepl schema checking (ITS#5798)
  Fixed slapd syncrepl filter leak (ITS#5826)
  Fixed slapd undef promote (ITS#5783,ITS#5795)
  Added slapd What failed? control (ITS#5784)
  Fixed slapd-bdb/hdb invalid db crash (ITS#5698)
  Added slapd-bdb/hdb dbpagesize keyword
  Added slapd-bdb/hdb checksum keyword
  Fixed slapd-bdb/hdb indexing of entryDN (ITS#5790)
  Fixed slapd-bdb/hdb lookup of entryDN with equality (ITS#5791)
  Fixed slapd-bdb/hdb uninitialized bli_flag
  Fixed slapd-ldap snprintf buffer overflow test (ITS#4467)
  Fixed slapd-ldap search stop on minor failure (ITS#5816)
  Fixed slapd-ldif file rename on windows (ITS#5774)
  Fixed slapd-null read controls support (ITS#5757)
  Fixed slapd-sql value length with right index (ITS#5779)
  Fixed slapo-chain/translucent back-config support (ITS#5736)
  Fixed slapo-chain segv with search references (ITS#5742)
  Fixed slapo-collect compile with C89 (ITS#5747)
  Added slapo-constraint support for LDAP URI constraints (ITS#5704)
  Added slapo-constraint support for constraining rename (ITS#5703)
  Added slapo-constraint support for relax control (ITS#5705)
  Added slapo-constraint "set" type (ITS#5702)
  Fixed slapo-constraint filter parsing error (ITS#5751)
  Added slapo-dynlist URI restriction ability (ITS#5761)
  Fixed slapo-ppolicy unaligned BerElement (ITS#5770)
  Fixed slapo-rwm objectClass preservation (ITS#5760)
  Fixed slapo-rwm rewriting undefined filter (ITS#5731)
  Fixed slapo-rwm rewritten DN-valued attrs (ITS#5772)
  Fixed slapo-rwm reusing freed filter (ITS#5732)
  Fixed slapo-rwm entry get (ITS#5773)
  Fixed slapo-syncprov runqueue removal (ITS#5776)
  Fixed slapo-syncprov unreplicatable ops (ITS#5709)
  Fixed slapo-syncprov psearch leak (ITS#5827)
  Added slapo-translucent try local bind when remote fails (ITS#5656)
  Added slapo-translucent support for PasswordModify exop (ITS#5656)
  Fixed tools simple bind without SASL (ITS#5753)
  Fixed tools unaligned BerElement (ITS#5770)
  Fixed contrib nssov crash on empty groups (ITS#5800)
  Fixed contrib nssov crash with nssov-map (ITS#5801)
  Fixed contrib nssov filter and search limits (ITS#5802)
  Added contrib smbk5pwd honor principal expiration (ITS#5766)
  Build Environment
    Added ldapurl command
    Added slapd GSSAPI refactoring (ITS#5369)
    Added slapo-deref overlay (ITS#5768)
  Documentation
    admin24 added olcLimits to example (ITS#5746)
    admin24 consolidated on whitespace (ITS#5759)
    slapd.conf,config(5) subordinate/olcSubordinate keyword (ITS#5788)
    slapd.conf(5) fixed disable keyword for limits (ITS#5821)
    slapo-dds(5) manageDIT to relax (ITS#5780)
    slapo-dds(5) rootdn requirement added (ITS#5811)
    slapo-syncprov(5) sessionlog clarification (ITS#5806)

OpenLDAP 2.4.12 Release (2008/10/12)
  Fixed libldap ldap_utf8_strchar arguments (ITS#5720)
  Fixed libldap TLS_CRLFILE (ITS#5677)
  Fixed liblutil executables on Windows (ITS#5604)
  Fixed liblutil microsecond overflows on Windows (ITS#5668)
  Fixed librewrite memory handling (ITS#5691)
  Fixed slapd aci performance (ITS#5636)
  Fixed slapd aci's with sets (ITS#5627)
  Fixed slapd attribute leak (ITS#5683)
  Fixed slapd config backend with index greater than sibs (ITS#5684)
  Fixed slapd custom attribute inheritance (ITS#5642)
  Fixed slapd dynacl mask handling (ITS#5637)
  Fixed slapd firstComponentMatch normalization (ITS#5634)
  Added slapd caseIgnoreListMatch (ITS#5608)
  Fixed slapd connection events enabled twice (ITS#5725)
  Fixed slapd memory handling (ITS#5691)
  Fixed slapd objectClass canonicalization (ITS#5681)
  Fixed slapd objectClass termination (ITS#5682)
  Fixed slapd overlay control registration (ITS#5649)
  Fixed slapd runqueue checking (ITS#5726)
  Fixed slapd spurious text output (ITS#5688)
  Fixed slapd socket closing on Windows (ITS#5606)
  Fixed slapd sortvals comparison (ITS#5578)
  Added slapd substitute syntax support (ITS#5663)
  Fixed slapd syncrepl contextCSN detection (ITS#5675)
  Fixed slapd syncrepl error logging (ITS#5618)
  Fixed slapd syncrepl runqueue interval (ITS#5719)
  Fixed slapd-bdb entry return if attr not present (ITS#5650)
  Fixed slapd-bdb olcDbMode syntax (ITS#5713)
  Fixed slapd-bdb/hdb release search entries earlier (ITS#5728,ITS#5730)
  Fixed slapd-bdb/hdb subtree search with empty suffix (ITS#5729)
  Fixed slapd-dnssrv memory handling (ITS#5691)
  Fixed slapd-ldap,slapd-meta invalid filter behavior (ITS#5614)
  Fixed slapd-meta memory handling (ITS#5691)
  Fixed slapd-meta objectClass filtering (ITS#5647)
  Fixed slapd-meta quarantine behavior (ITS#5592)
  Added slapd-ndb experimental backend
  Fixed slapd-relay initialization (ITS#5643)
  Fixed slapd-sql freeing of connection (ITS#5607)
  Fixed slapd-sql fault on NULL fields (ITS#5653)
  Fixed slapo-accesslog entryCSN generation on purge (ITS#5694)
  Fixed slapo-constraint string termination (ITS#5609)
  Fixed slapo-dynlist expansion with mapped attributes (ITS#5717)
  Fixed slapo-memberof internal operations DN (ITS#5622)
  Fixed slapo-pcache attrset crash (ITS#5665)
  Fixed slapo-pcache caching with invalid schema (ITS#5680)
  Fixed slapo-ppolicy control return on password modify exop (ITS#5711)
  Fixed slapo-rwm callback cleanup (ITS#5601,ITS#5687)
  Fixed slapo-rwm attr mapping and merging (ITS#5624)
  Fixed slapo-rwm objectClass filtering (ITS#5647)
  Fixed slapo-translucent back-config support (ITS#5689)
  Fixed slapo-translucent filter usage on merged entries (ITS#5679)
  Fixed slapo-unique filter validation (ITS#5581)
  Fixed slapo-unique suffix testing (ITS#5641)
  Build Environment
    Fixed ODBC library detection (ITS#5602)
    Removed pre-BerkeleyDB 4.4 support
    Added BerkeleyDB 4.7 support (ITS#5523)
    Included patch for BerkeleyDB 4.7.25 (build/db.4.7.25.patch)
    Added slapo-collect overlay with enhancements(ITS#5659)
  Documentation
    Added slapd-ldap(5), slapd-meta(5) noundeffilter (ITS#5614)
    Fixed slapd-ldap(5), slapd-meta(5), slapo-pcache(5)
	  schema requirements (ITS#5680)
    Added slapo-collect(5) man page (ITS#5706)
    Added slapo-pcache(5) proxycheckcacheability option (ITS#5680)
    Added slapo-retcode(5) retcode.conf location (ITS#5633)
    admin24 dontusecopy control update (ITS#5718)
    admin24 guide updates (ITS#5616)
    admin24 octetString fix (ITS#5670)
2009-01-24 21:10:48 +00:00
joerg
14fc8de356 Don't leak build user in install scripts. 2008-10-09 17:48:45 +00:00