diff options
Diffstat (limited to 'net-nds/openldap')
-rw-r--r-- | net-nds/openldap/ChangeLog | 11 | ||||
-rw-r--r-- | net-nds/openldap/Manifest | 11 | ||||
-rw-r--r-- | net-nds/openldap/files/digest-openldap-2.1.20 | 1 | ||||
-rw-r--r-- | net-nds/openldap/files/gencert.sh | 139 | ||||
-rw-r--r-- | net-nds/openldap/openldap-2.1.20.ebuild | 182 |
5 files changed, 335 insertions, 9 deletions
diff --git a/net-nds/openldap/ChangeLog b/net-nds/openldap/ChangeLog index 30fca4349fb7..ae4e94b41de6 100644 --- a/net-nds/openldap/ChangeLog +++ b/net-nds/openldap/ChangeLog @@ -1,6 +1,15 @@ # ChangeLog for net-nds/openldap # Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/ChangeLog,v 1.31 2003/05/12 04:02:28 weeve Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/ChangeLog,v 1.32 2003/05/27 21:43:34 g2boojum Exp $ + +*openldap-2.1.20 (27 May 2003) + + 27 May 2003; Grant Goodyear <g2boojum@gentoo.org> openldap-2.1.20.ebuild, + files/gencert.sh: + New version w/ a number of changes: + * self-signed ssl cert created at install time + * order of linking changed so that passwd + ldap works properly + # if "berkdb" and "gdbm" in USE then berkdb used in the ebuild. 12 May 2003; Jason Wever <weeve@gentoo.org> openldap-2.0.27-r3.ebuild: Added ~sparc to keywords. diff --git a/net-nds/openldap/Manifest b/net-nds/openldap/Manifest index 0a20e9d14a27..0f7ed460e01d 100644 --- a/net-nds/openldap/Manifest +++ b/net-nds/openldap/Manifest @@ -1,30 +1,25 @@ MD5 56353b208cd2f1c14f17700e5a4d74af openldap-2.1.19.ebuild 4266 -MD5 b9be1ccafaff941e8884642c0ec05d32 openldap-2.1.20.ebuild 4429 -MD5 b9be1ccafaff941e8884642c0ec05d32 openldap-2.1.19-r1.ebuild 4429 +MD5 9c250d09e4430aff6b6b3e50575428c6 openldap-2.1.20.ebuild 5273 MD5 c2c34f94c7826e325e1d114aaf17cd1e openldap-2.0.25-r2.ebuild 2583 MD5 330df16ec5d030f7589969be555d7b0a openldap-2.0.27-r3.ebuild 3899 -MD5 9612bc55b66f8ccf465562326bc933ba .openldap-2.1.19-r1.ebuild.swp 16384 MD5 a4010ca341fd815df8a6875a8fe289ef openldap-2.0.27.ebuild 2306 MD5 7e223bf5e395fd7b935ed34f7833724a openldap-2.0.25-r1.ebuild 2420 MD5 fff1c376523766e56dcb20916ee25919 openldap-2.0.27-r2.ebuild 3025 -MD5 de92d3727491202f89c11427e2caf6ae openldap-2.1.17.ebuild 3360 MD5 293bb36ba16124176601d1d57beb92da openldap-2.1.12.ebuild 3335 -MD5 5080f61e0d6db3473603f5e4be1d5704 ChangeLog 7434 +MD5 e183eef621045cfd1b13b6581254e310 ChangeLog 7791 MD5 44c7dbcfe29bc1df9e576e5010c4674f files/slapd-2.1.conf 251 MD5 32822e9d47a48af3b1da7e5a3c5c6229 files/digest-openldap-2.0.25-r1 65 MD5 32822e9d47a48af3b1da7e5a3c5c6229 files/digest-openldap-2.0.25-r2 65 MD5 bc676758f2d1726b75e1d04fd936d029 files/digest-openldap-2.0.27-r2 65 MD5 bc676758f2d1726b75e1d04fd936d029 files/digest-openldap-2.0.27-r3 65 MD5 2f3032e2a972520d1a5d428e11a6eb82 files/openldap-2.0.27-db3-gentoo.patch 5995 -MD5 cc41a12a9b455803861b9919a0b86d55 files/digest-openldap-2.1.19-r1 65 +MD5 8da86adedbe551c680dd6e102dfc303d files/gencert.sh 3505 MD5 460d3869f98a805e246ce497ac7f5dc5 files/slapd-2.1.rc6 614 MD5 a10c9fd548df5774f91a6a10ed604041 files/slurpd-2.1.rc6 508 -MD5 be9c91a924b54d60921d7ef1b7633527 files/slapd-2.1.rc 821 MD5 b6dfea76b039b194c4f403d9e7cebde0 files/slapd-2.1-r1.rc6 709 MD5 8a8a025bf2de63f76d33f244624c3851 files/kerberos-2.0.diff.bz2 385 MD5 bc676758f2d1726b75e1d04fd936d029 files/digest-openldap-2.0.27 65 MD5 bd86dfd482d437884ca6305acc3aa2a1 files/digest-openldap-2.1.12 65 -MD5 252c44e3cf10efa83290c193ed0eb0c2 files/digest-openldap-2.1.17 65 MD5 cc41a12a9b455803861b9919a0b86d55 files/digest-openldap-2.1.19 65 MD5 d2c6433b373280aa1ad949d7626986cc files/digest-openldap-2.1.20 65 MD5 b7f252f92c11c2041e7bc864c344ecf1 files/slapd.rc6 591 diff --git a/net-nds/openldap/files/digest-openldap-2.1.20 b/net-nds/openldap/files/digest-openldap-2.1.20 new file mode 100644 index 000000000000..b8819076cec8 --- /dev/null +++ b/net-nds/openldap/files/digest-openldap-2.1.20 @@ -0,0 +1 @@ +MD5 fe6d5f8571672e3107b42299a03e92ce openldap-2.1.20.tgz 2033727 diff --git a/net-nds/openldap/files/gencert.sh b/net-nds/openldap/files/gencert.sh new file mode 100644 index 000000000000..5282ac464550 --- /dev/null +++ b/net-nds/openldap/files/gencert.sh @@ -0,0 +1,139 @@ +#!/bin/sh +## +## gencert.sh -- Create self-signed test certificate +## Christian Zoffoli <czoffoli@linux-mandrake.com> +## Version 0.2 - 20010501 +## +## + + +### external tools +openssl="/usr/bin/openssl" + +### some optional terminal sequences +case $TERM in + xterm|xterm*|vt220|vt220*) + T_MD=`echo dummy | awk '{ printf("%c%c%c%c", 27, 91, 49, 109); }'` + T_ME=`echo dummy | awk '{ printf("%c%c%c", 27, 91, 109); }'` + ;; + vt100|vt100*) + T_MD=`echo dummy | awk '{ printf("%c%c%c%c%c%c", 27, 91, 49, 109, 0, 0); }'` + T_ME=`echo dummy | awk '{ printf("%c%c%c%c%c", 27, 91, 109, 0, 0); }'` + ;; + default) + T_MD='' + T_ME='' + ;; +esac + +# find some random files +# (do not use /dev/random here, because this device +# doesn't work as expected on all platforms) +randfiles='' +for file in /var/log/messages /var/adm/messages \ + /kernel /vmunix /vmlinuz \ + /etc/hosts /etc/resolv.conf; do + if [ -f $file ]; then + if [ ".$randfiles" = . ]; then + randfiles="$file" + else + randfiles="${randfiles}:$file" + fi + fi +done + + +echo "" +echo "${T_MD}" +echo "----------------------------------------------------------------------" +echo "Create self-signed test certificate" +echo "" +echo "Christian Zoffoli <czoffoli@linux-mandrake.com> " +echo "Version 0.2 - 20010501" +echo "" +echo "" +echo "______________________________________________________________________${T_ME}" +echo "" +echo "" + + +if [ ! -e ./ldap.pem ];then + echo "Will create ldap.pem in `pwd`" +else + echo "ldap.pem already exist, dying" + exit +fi + + +mkdir -p /tmp/tmpssl-$$ +pushd /tmp/tmpssl-$$ > /dev/null + +echo "" +echo "" +echo "${T_MD}Generating Certificate " +echo "______________________________________________________________________${T_ME}" +echo "" + + +COMMONNAME=`hostname` + +if [ ! -n "$COMMONNAME" ] + then + COMMONNAME="www.openldap.org" +fi +#. /etc/sysconfig/i18n +if [ -n "$COUNTRY" ] + then + COUNTRY=`echo $LANG | sed -e "s/.*_//;s/@.*//;s/\..*//;s/_.*//" |tr a-z A-Z` +else + COUNTRY="US" +fi + +cat >.cfg <<EOT +[ req ] +default_bits = 1024 +distinguished_name = req_DN +RANDFILE = ca.rnd +[ req_DN ] +countryName = "1. Country Name (2 letter code)" +countryName_default = "$COUNTRY" +countryName_min = 2 +countryName_max = 2 +stateOrProvinceName = "2. State or Province Name (full name) " +stateOrProvinceName_default = "" +localityName = "3. Locality Name (eg, city) " +localityName_default = "" +0.organizationName = "4. Organization Name (eg, company) " +0.organizationName_default = "LDAP Server" +organizationalUnitName = "5. Organizational Unit Name (eg, section) " +organizationalUnitName_default = "For testing purposes only" +commonName = "6. Common Name (eg, CA name) " +commonName_max = 64 +commonName_default = "$COMMONNAME" +emailAddress = "7. Email Address (eg, name@FQDN)" +emailAddress_max = 40 +emailAddress_default = "" +EOT + +$openssl req -config .cfg -new -rand $randfiles -x509 -nodes -out ldap.pem -keyout ldap.pem -days 999999 + +if [ $? -ne 0 ]; then + echo "cca:Error: Failed to generate certificate " 1>&2 + exit 1 +fi + + +popd >/dev/null + + +rm -f /tmp/tmpssl-$$/*.csr +rm -f /tmp/tmpssl-$$/ca.* +chmod 400 /tmp/tmpssl-$$/* + +echo "Certificate creation done!" +cp /tmp/tmpssl-$$/ldap.* . +chown ldap.ldap ldap.* + +rm -rf /tmp/tmpssl-$$ + + diff --git a/net-nds/openldap/openldap-2.1.20.ebuild b/net-nds/openldap/openldap-2.1.20.ebuild new file mode 100644 index 000000000000..d3725cbcda73 --- /dev/null +++ b/net-nds/openldap/openldap-2.1.20.ebuild @@ -0,0 +1,182 @@ +# Copyright 1999-2003 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/openldap-2.1.20.ebuild,v 1.1 2003/05/27 21:43:34 g2boojum Exp $ + +IUSE="ssl tcpd readline ipv6 gdbm sasl kerberos odbc perl slp" + +inherit eutils + +DESCRIPTION="LDAP suite of application and development tools" +SRC_URI="ftp://ftp.OpenLDAP.org/pub/OpenLDAP/openldap-release/${P}.tgz" +HOMEPAGE="http://www.OpenLDAP.org/" + +SLOT="0" +KEYWORDS="-x86 -ppc" +LICENSE="OPENLDAP" + +DEPEND=">=sys-libs/ncurses-5.1 + berkdb? ( >=sys-libs/db-4.0.14 ) + tcpd? ( >=sys-apps/tcp-wrappers-7.6 ) + ssl? ( >=dev-libs/openssl-0.9.6 ) + readline? ( >=sys-libs/readline-4.1 ) + gdbm? ( >=sys-libs/gdbm-1.8.0 ) + sasl? ( >=dev-libs/cyrus-sasl-2.1.7-r3 ) + kerberos? ( >=app-crypt/krb5-1.2.6 ) + odbc? ( dev-db/unixODBC ) + slp? ( >=net-libs/openslp-1.0 ) + perl? ( >=dev-lang/perl-5.6 )" + +pkg_preinst() { + if ! grep -q ^ldap: /etc/group + then + groupadd -g 439 ldap || die "problem adding group ldap" + fi + if ! grep -q ^ldap: /etc/passwd + then + useradd -u 439 -d /usr/lib/openldap -g ldap -s /dev/null ldap \ + || die "problem adding user ldap" + fi +} + +src_unpack() { + unpack ${A} + # According to MDK, the link order needs to be changed so that + # on systems w/ MD5 passwords the system crypt library is used + # (the net result is that "passwd" can be used to change ldap passwords w/ + # proper pam support) + sed -ie 's/$(SECURITY_LIBS) $(LDIF_LIBS) $(LUTIL_LIBS)/$(LUTIL_LIBS) $(SECURITY_LIBS) $(LDIF_LIBS)/' ${S}/servers/slapd/Makefile.in +} + +src_compile() { + + local myconf + + # enable debugging to syslog + myconf="--enable-debug --enable-syslog" + # enable slapd/slurpd servers + myconf="${myconf} --enable-ldap" + myconf="${myconf} --enable-slapd --enable-slurpd" + + use crypt \ + && myconf="${myconf} --enable-crypt" \ + || myconf="${myconf} --disable-crypt" + + use ipv6 \ + && myconf="${myconf} --enable-ipv6" \ + || myconf="${myconf} --disable-ipv6" + + use sasl \ + && myconf="${myconf} --with-cyrus-sasl --enable-spasswd" \ + || myconf="${myconf} --without-cyrus-sasl --disable-spasswd" + + use kerberos \ + && myconf="${myconf} --with-kerberos --enable-kpasswd" \ + || myconf="${myconf} --without-kerberos --disable-kpasswd" + + use readline \ + && myconf="${myconf} --with-readline" \ + || myconf="${myconf} --without-readline" + + use ssl \ + && myconf="${myconf} --with-tls" \ + || myconf="${myconf} --without-tls" + + # slapd options + + use tcpd \ + && myconf="${myconf} --enable-wrappers" \ + || myconf="${myconf} --disable-wrappers" + + use odbc \ + && myconf="${myconf} --enable-sql" \ + || myconf="${myconf} --disable-sql" + + use berkdb \ + && myconf="${myconf} --enable-ldbm --enable-bdb --with-ldbm-api=berkeley" + + # only turn off bdb if berkdb is not in USE + use gdbm && [ ! `use berkdb` ] \ + && myconf="${myconf} --enable-ldbm --disable-bdb --with-ldbm-api=gdbm" \ + || myconf="${myconf} --enable-ldbm --enable-bdb --with-ldbm-api=berkeley" + + use perl \ + && myconf="${myconf} --enable-perl" \ + || myconf="${myconf} --disable-perl" + + use slp \ + && myconf="${myconf} --enable-slp" \ + || myconf="${myconf} --disable-slp" + + myconf="${myconf} --enable-dynamic --enable-modules" + myconf="${myconf} --enable-rewrite --enable-rlookups" + myconf="${myconf} --enable-meta --enable-monitor" + myconf="${myconf} --enable-null --enable-shell" + + # disabled options + # --enable-bdb --with-bdb-module=dynamic + # --enable-dnsserv --with-dnsserv-module=dynamic + + econf \ + --libexecdir=/usr/lib/openldap \ + ${myconf} || die "configure failed" + + make depend || die "make depend failed" + make || die "make failed" + #cd tests ; make || die "make tests failed" + +} + +src_install() { + make DESTDIR=${D} install || die "make install failed" + + dodoc ANNOUNCEMENT CHANGES COPYRIGHT README LICENSE + docinto rfc ; dodoc doc/rfc/*.txt + + # make state directories + for x in data slurp ldbm; do + keepdir /var/lib/openldap-${x} + fowners ldap:ldap /var/lib/openldap-${x} + fperms 0700 /var/lib/openldap-${x} + done + + # manually remove /var/tmp references in .la + # because it is packaged with an ancient libtool + for x in ${D}/usr/lib/lib*.la; do + sed -i -e "s:-L${S}[/]*libraries::" ${x} + done + + # change slapd.pid location in configuration file + keepdir /var/run/openldap + fowners ldap:ldap /var/run/openldap + fperms 0755 /var/run/openldap + sed -i -e "s:/var/lib/slapd.pid:/var/run/openldap/slapd.pid:" ${D}/etc/openldap/slapd.conf + sed -i -e "s:/var/lib/slapd.pid:/var/run/openldap/slapd.pid:" ${D}/etc/openldap/slapd.conf.default + fowners root:ldap /etc/openldap/slapd.conf + fperms 0640 /etc/openldap/slapd.conf + fowners root:ldap /etc/openldap/slapd.conf.default + fperms 0640 /etc/openldap/slapd.conf.default + + # install our own init scripts + exeinto /etc/init.d + newexe ${FILESDIR}/2.0/slapd slapd + newexe ${FILESDIR}/2.0/slurpd slurpd + insinto /etc/conf.d + newins ${FILESDIR}/2.0/slapd.conf slapd.conf + + # install MDK's ssl cert script + dodir /etc/openldap/ssl + exeinto /etc/openldap/ssl + doexe ${FILESDIR}/gencert.sh + +} + +pkg_postinst() { + # make a self-signed ssl cert (if there isn't one there already) + if [ ! -e /etc/openldap/ssl/ldap.pem ] + then + cd /etc/openldap/ssl + yes "" | sh gencert.sh + chmod 640 ldap.pem + chown root.ldap ldap.pem + fi +} |