diff --git a/openldap/PKGBUILD b/openldap/PKGBUILD index d42da61f3..e43220399 100644 --- a/openldap/PKGBUILD +++ b/openldap/PKGBUILD @@ -1,20 +1,26 @@ # # Core packages for Chakra, part of chakra-project.org # -# maintainer abveritas[at]chakra-project[dot]org> +# maintainer inkane@chakra-project.org +# contributor abveritas[at]chakra-project[dot]org> pkgbase=openldap pkgname=('libldap' 'openldap') -pkgver=2.4.33 -pkgrel=2 +pkgver=2.4.35 +pkgrel=1 arch=('x86_64') url="http://www.openldap.org/" license=('custom') +depends=('db') makedepends=('libltdl' 'libsasl' 'e2fsprogs' 'util-linux' 'groff') options=('!makeflags') source=("ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${pkgbase}-${pkgver}.tgz" + "symbol_versions.patch" + "openldap-nssov.patch" 'slapd.default' 'slapd.service' 'slapd.tmpfiles' 'ntlm.patch') -md5sums=('5adae44897647c15ce5abbff313bc85a' +md5sums=('cd75d82ca89fb0280cba66ca6bd97448' + '4f2117eb1975ea52a5a4cfcfda804d95' + '2f0dfe1f114275d3b8b2e9d88edfa7b0' '6be69f6b7e522cb64cce8703da81ed32' 'cbe2bd85be8d98851f640d20930ca9ea' '13e622d1b6ce9ecc1c5c429b724c0cc2' @@ -22,7 +28,17 @@ md5sums=('5adae44897647c15ce5abbff313bc85a' build() { cd "${srcdir}"/${pkgbase}-${pkgver} + # From LFS: + # Without the following patch, the Evolution Exchange addressbook integration uses simple + # binds with cleartext password + # This is not that critical, as we don't provide the evolution server in our servers, + # but it's in CCR, therefore this should be included patch -p1 -i "${srcdir}"/ntlm.patch + # Patch from arch + patch -p0 -i "${srcdir}"/openldap-nssov.patch + # Patch from debian/LFS. Results in proper symbol versioning + # patch -Np1 -i "${srcdir}"/symbol_versions.patch + sed -i 's|-m 644 $(LIBRARY)|-m 755 $(LIBRARY)|' libraries/{liblber,libldap,libldap_r}/Makefile.in sed -i 's|#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "ldapi"|#define LDAPI_SOCK LDAP_DIRSEP "run" LDAP_DIRSEP "openldap" LDAP_DIRSEP "ldapi"|' include/ldap_defaults.h diff --git a/openldap/openldap-nssov.patch b/openldap/openldap-nssov.patch new file mode 100644 index 000000000..5ec2c36f3 --- /dev/null +++ b/openldap/openldap-nssov.patch @@ -0,0 +1,30 @@ +--- contrib/slapd-modules/nssov/nss-pam-ldapd/nslcd.h 2013-03-28 11:41:51.000000000 -0400 ++++ contrib/slapd-modules/nssov/nss-pam-ldapd/nslcd.h 2012-07-08 04:34:12.000000000 -0400 +@@ -71,6 +71,16 @@ + 1.0 release of nss-pam-ldapd is made. */ + #define NSLCD_VERSION 1 + ++/* Get a NSLCD configuration option. There is one request parameter: ++ INT32 NSLCD_CONFIG_* ++ the result value is: ++ STRING value, interpretation depending on request */ ++#define NSLCD_ACTION_CONFIG_GET 20006 ++ ++/* return the message, if any, that is presented to the user when password ++ modification through PAM is prohibited */ ++#define NSLCD_CONFIG_PAM_PASSWORD_PROHIBIT_MESSAGE 852 ++ + /* Email alias (/etc/aliases) NSS requests. The result values for a + single entry are: + STRING alias name +@@ -249,8 +262,10 @@ + #define NSLCD_PAM_NEW_AUTHTOK_REQD 12 /* Password expired */ + #define NSLCD_PAM_ACCT_EXPIRED 13 /* Account expired */ + #define NSLCD_PAM_SESSION_ERR 14 /* Cannot make/remove session record */ ++#define NSLCD_PAM_AUTHTOK_ERR 20 /* Authentication token manipulation error */ + #define NSLCD_PAM_AUTHTOK_DISABLE_AGING 23 /* Password aging disabled */ + #define NSLCD_PAM_IGNORE 25 /* Ignore module */ + #define NSLCD_PAM_ABORT 26 /* Fatal error */ ++#define NSLCD_PAM_AUTHTOK_EXPIRED 27 /* authentication token has expired */ + + #endif /* not _NSLCD_H */