Bump version to 2.0.11-1

Resolves: Bug 2024693 - Rebase RHEL 9.0 with 389-ds-base Resolves: Bug 2015996 - Log the Auto Member invalid regex rules in the LDAP errors log Resolves: Bug 2020554 - ipa user-add fails with "gecos: value invalid per syntax: Invalid syntax" Resolves: Bug 1779685 - PBKDF2 hashing does not work in FIPS mode
2021-11-18 14:11:32 -05:00 · 2021-11-18 14:11:32 -05:00 · 89db14fae4
commit 89db14fae4
parent 8cdec9a6ec
6 changed files with 59 additions and 430 deletions
--- a/.gitignore
+++ b/.gitignore
@ -206,3 +206,4 @@
 /389-ds-base-2.0.6.tar.bz2
 /389-ds-base-2.0.7.tar.bz2
 /389-ds-base-2.0.8.tar.bz2
 /389-ds-base-2.0.11.tar.bz2
--- a/0001-Issue-4884-server-crashes-when-dnaInterval-attribute.patch
+++ b/0001-Issue-4884-server-crashes-when-dnaInterval-attribute.patch
@ -1,44 +0,0 @@
 From 6e21d41f5d9f6437c00dd0150654415b172e391a Mon Sep 17 00:00:00 2001
 From: Mark Reynolds <mreynolds@redhat.com>
 Date: Wed, 25 Aug 2021 16:54:57 -0400
 Subject: [PATCH 1/3] Issue 4884 - server crashes when dnaInterval attribute is
 set to zero
 Bug Description:
 A division by zero crash occurs if the dnaInterval is set to zero
 Fix Description:
 Validate the config value of dnaInterval and adjust it to the
 default/safe value of "1" if needed.
 relates: https://github.com/389ds/389-ds-base/issues/4884
 Reviewed by: tbordaz(Thanks!)
 ---
 ldap/servers/plugins/dna/dna.c | 7 +++++++
 1 file changed, 7 insertions(+)
 diff --git a/ldap/servers/plugins/dna/dna.c b/ldap/servers/plugins/dna/dna.c
 index 928a3f54a..c983ebdd0 100644
 --- a/ldap/servers/plugins/dna/dna.c
 +++ b/ldap/servers/plugins/dna/dna.c
@@ -1025,7 +1025,14 @@ dna_parse_config_entry(Slapi_PBlock *pb, Slapi_Entry *e, int apply)
     value = slapi_entry_attr_get_charptr(e, DNA_INTERVAL);
     if (value) {
 +        errno = 0;
         entry->interval = strtoull(value, 0, 0);
 +        if (entry->interval == 0 || errno == ERANGE) {
 +            slapi_log_err(SLAPI_LOG_WARNING, DNA_PLUGIN_SUBSYSTEM,
 +                          "dna_parse_config_entry - Invalid value for dnaInterval (%s), "
 +                          "Using default value of 1\n", value);
 +            entry->interval = 1;
 +        }
         slapi_ch_free_string(&value);
     }
 -- 
 2.31.1
--- a/0002-Issue-4894-IPA-failure-in-ipa-user-del-preserve-4907.patch
+++ b/0002-Issue-4894-IPA-failure-in-ipa-user-del-preserve-4907.patch
@ -1,296 +0,0 @@
 From faab51b0d14bdf7af013abdd7937f47cc0eb5cdc Mon Sep 17 00:00:00 2001
 From: Simon Pichugin <spichugi@redhat.com>
 Date: Fri, 10 Sep 2021 14:17:41 -0700
 Subject: [PATCH] Issue 4894 - IPA failure in ipa user-del --preserve (#4907)
 Bug Description: Starting with 389-ds 2.0.8 on rawhide,
 any call to ipa user-del --preserve fails with
 This entry already exists.
 Fix Description: We should split 'dn' parameter in searchAllSubtrees
 into parent and target. As one of them is used for excluding the
 subtree checks and another one for searching.
 Improve 'superior' processing when we don't change the parent.
 Rename variables in a more sane way.
 Fixes: https://github.com/389ds/389-ds-base/issues/4894
 Reviewed by: @Firstyear, @tbordaz, @progier389 (Thanks!)
 ---
 ldap/servers/plugins/uiduniq/uid.c | 78 +++++++++++++++---------------
 1 file changed, 39 insertions(+), 39 deletions(-)
 diff --git a/ldap/servers/plugins/uiduniq/uid.c b/ldap/servers/plugins/uiduniq/uid.c
 index 9924623a7..5b763b551 100644
 --- a/ldap/servers/plugins/uiduniq/uid.c
 +++ b/ldap/servers/plugins/uiduniq/uid.c
@@ -770,13 +770,13 @@ search_one_berval(Slapi_DN *baseDN, const char **attrNames, const struct berval
  *
  * Return:
  *   LDAP_SUCCESS - no matches, or the attribute matches the
 - *     target dn.
 + *     source (target) dn.
  *   LDAP_CONSTRAINT_VIOLATION - an entry was found that already
  *     contains the attribute value.
  *   LDAP_OPERATIONS_ERROR - a server failure.
  */
 static int
 -searchAllSubtrees(Slapi_DN **subtrees, Slapi_DN **exclude_subtrees, const char **attrNames, Slapi_Attr *attr, struct berval **values, const char *requiredObjectClass, Slapi_DN *dn, PRBool unique_in_all_subtrees)
 +searchAllSubtrees(Slapi_DN **subtrees, Slapi_DN **exclude_subtrees, const char **attrNames, Slapi_Attr *attr, struct berval **values, const char *requiredObjectClass, Slapi_DN *destinationSDN, Slapi_DN *sourceSDN, PRBool unique_in_all_subtrees)
 {
     int result = LDAP_SUCCESS;
     int i;
@@ -788,12 +788,12 @@ searchAllSubtrees(Slapi_DN **subtrees, Slapi_DN **exclude_subtrees, const char *
            * are unique in all the monitored subtrees
            */
 -        /* First check the target entry is in one of
 +        /* First check the destination entry is in one of
            * the monitored subtree, so adding 'values' would
            * violate constraint
            */
         for (i = 0; subtrees && subtrees[i]; i++) {
 -            if (slapi_sdn_issuffix(dn, subtrees[i])) {
 +            if (slapi_sdn_issuffix(destinationSDN, subtrees[i])) {
                 in_a_subtree = PR_TRUE;
                 break;
             }
@@ -808,7 +808,7 @@ searchAllSubtrees(Slapi_DN **subtrees, Slapi_DN **exclude_subtrees, const char *
     if (exclude_subtrees != NULL) {
         PRBool in_a_subtree = PR_FALSE;
         for (i = 0; exclude_subtrees && exclude_subtrees[i]; i++) {
 -            if (slapi_sdn_issuffix(dn, exclude_subtrees[i])) {
 +            if (slapi_sdn_issuffix(destinationSDN, exclude_subtrees[i])) {
                 in_a_subtree = PR_TRUE;
                 break;
             }
@@ -820,7 +820,7 @@ searchAllSubtrees(Slapi_DN **subtrees, Slapi_DN **exclude_subtrees, const char *
     /*
    * For each DN in the managed list, do uniqueness checking if
 -   * the target DN is a subnode in the tree.
 +   * the destination (target) DN is a subnode in the tree.
    */
     for (i = 0; subtrees && subtrees[i]; i++) {
         Slapi_DN *sufdn = subtrees[i];
@@ -828,8 +828,8 @@ searchAllSubtrees(Slapi_DN **subtrees, Slapi_DN **exclude_subtrees, const char *
      * The DN should already be normalized, so we don't have to
      * worry about that here.
      */
 -        if (unique_in_all_subtrees || slapi_sdn_issuffix(dn, sufdn)) {
 -            result = search(sufdn, attrNames, attr, values, requiredObjectClass, dn, exclude_subtrees);
 +        if (unique_in_all_subtrees || slapi_sdn_issuffix(destinationSDN, sufdn)) {
 +            result = search(sufdn, attrNames, attr, values, requiredObjectClass, sourceSDN, exclude_subtrees);
             if (result)
                 break;
         }
@@ -903,20 +903,20 @@ getArguments(Slapi_PBlock *pb, char **attrName, char **markerObjectClass, char *
  *
  * Return:
  *   LDAP_SUCCESS - no matches, or the attribute matches the
 - *     target dn.
 + *     source (target) dn.
  *   LDAP_CONSTRAINT_VIOLATION - an entry was found that already
  *     contains the attribute value.
  *   LDAP_OPERATIONS_ERROR - a server failure.
  */
 static int
 -findSubtreeAndSearch(Slapi_DN *parentDN, const char **attrNames, Slapi_Attr *attr, struct berval **values, const char *requiredObjectClass, Slapi_DN *target, const char *markerObjectClass, Slapi_DN **excludes)
 +findSubtreeAndSearch(Slapi_DN *destinationSDN, const char **attrNames, Slapi_Attr *attr, struct berval **values, const char *requiredObjectClass, Slapi_DN *sourceSDN, const char *markerObjectClass, Slapi_DN **excludes)
 {
     int result = LDAP_SUCCESS;
     Slapi_PBlock *spb = NULL;
     Slapi_DN *curpar = slapi_sdn_new();
     Slapi_DN *newpar = NULL;
 -    slapi_sdn_get_parent(parentDN, curpar);
 +    slapi_sdn_get_parent(destinationSDN, curpar);
     while (slapi_sdn_get_dn(curpar) != NULL) {
         if ((spb = dnHasObjectClass(curpar, markerObjectClass))) {
             freePblock(spb);
@@ -925,7 +925,7 @@ findSubtreeAndSearch(Slapi_DN *parentDN, const char **attrNames, Slapi_Attr *att
            * to have the attribute already.
            */
             result = search(curpar, attrNames, attr, values, requiredObjectClass,
 -                            target, excludes);
 +                            sourceSDN, excludes);
             break;
         }
         newpar = slapi_sdn_new();
@@ -964,7 +964,7 @@ preop_add(Slapi_PBlock *pb)
     int err;
     char *markerObjectClass = NULL;
     char *requiredObjectClass = NULL;
 -    Slapi_DN *sdn = NULL;
 +    Slapi_DN *targetSDN = NULL;
     int isupdatedn;
     Slapi_Entry *e;
     Slapi_Attr *attr;
@@ -998,16 +998,16 @@ preop_add(Slapi_PBlock *pb)
     attr_friendly = config->attr_friendly;
     /*
 -     * Get the target DN for this add operation
 +     * Get the target SDN for this add operation
      */
 -    err = slapi_pblock_get(pb, SLAPI_ADD_TARGET_SDN, &sdn);
 +    err = slapi_pblock_get(pb, SLAPI_ADD_TARGET_SDN, &targetSDN);
     if (err) {
         result = uid_op_error(51);
         break;
     }
 #ifdef DEBUG
 -    slapi_log_err(SLAPI_LOG_PLUGIN, plugin_name, "preop_add - ADD target=%s\n", slapi_sdn_get_dn(sdn));
 +    slapi_log_err(SLAPI_LOG_PLUGIN, plugin_name, "preop_add - ADD target=%s\n", slapi_sdn_get_dn(targetSDN));
 #endif
     /*
@@ -1040,13 +1040,13 @@ preop_add(Slapi_PBlock *pb)
                  */
             if (NULL != markerObjectClass) {
                 /* Subtree defined by location of marker object class */
 -                result = findSubtreeAndSearch(sdn, attrNames, attr, NULL,
 -                                              requiredObjectClass, sdn,
 +                result = findSubtreeAndSearch(targetSDN, attrNames, attr, NULL,
 +                                              requiredObjectClass, targetSDN,
                                               markerObjectClass, config->exclude_subtrees);
             } else {
                 /* Subtrees listed on invocation line */
                 result = searchAllSubtrees(config->subtrees, config->exclude_subtrees, attrNames, attr, NULL,
 -                                           requiredObjectClass, sdn, config->unique_in_all_subtrees);
 +                                           requiredObjectClass, targetSDN, targetSDN, config->unique_in_all_subtrees);
             }
             if (result != LDAP_SUCCESS) {
                 break;
@@ -1120,7 +1120,7 @@ preop_modify(Slapi_PBlock *pb)
     int modcount = 0;
     int ii;
     LDAPMod *mod;
 -    Slapi_DN *sdn = NULL;
 +    Slapi_DN *targetSDN = NULL;
     int isupdatedn;
     int i = 0;
@@ -1186,8 +1186,8 @@ preop_modify(Slapi_PBlock *pb)
         break; /* no mods to check, we are done */
     }
 -    /* Get the target DN */
 -    err = slapi_pblock_get(pb, SLAPI_MODIFY_TARGET_SDN, &sdn);
 +    /* Get the target SDN */
 +    err = slapi_pblock_get(pb, SLAPI_MODIFY_TARGET_SDN, &targetSDN);
     if (err) {
         result = uid_op_error(11);
         break;
@@ -1197,7 +1197,7 @@ preop_modify(Slapi_PBlock *pb)
      * Check if it has the required object class
      */
     if (requiredObjectClass &&
 -        !(spb = dnHasObjectClass(sdn, requiredObjectClass))) {
 +        !(spb = dnHasObjectClass(targetSDN, requiredObjectClass))) {
         break;
     }
@@ -1213,13 +1213,13 @@ preop_modify(Slapi_PBlock *pb)
         mod = checkmods[ii];
         if (NULL != markerObjectClass) {
             /* Subtree defined by location of marker object class */
 -            result = findSubtreeAndSearch(sdn, attrNames, NULL,
 +            result = findSubtreeAndSearch(targetSDN, attrNames, NULL,
                                           mod->mod_bvalues, requiredObjectClass,
 -                                          sdn, markerObjectClass, config->exclude_subtrees);
 +                                          targetSDN, markerObjectClass, config->exclude_subtrees);
         } else {
             /* Subtrees listed on invocation line */
             result = searchAllSubtrees(config->subtrees, config->exclude_subtrees, attrNames, NULL,
 -                                       mod->mod_bvalues, requiredObjectClass, sdn, config->unique_in_all_subtrees);
 +                                       mod->mod_bvalues, requiredObjectClass, targetSDN, targetSDN, config->unique_in_all_subtrees);
         }
     }
     END
@@ -1271,8 +1271,8 @@ preop_modrdn(Slapi_PBlock *pb)
     int err;
     char *markerObjectClass = NULL;
     char *requiredObjectClass = NULL;
 -    Slapi_DN *sdn = NULL;
 -    Slapi_DN *superior;
 +    Slapi_DN *sourceSDN = NULL;
 +    Slapi_DN *destinationSDN;
     char *rdn;
     int deloldrdn = 0;
     int isupdatedn;
@@ -1311,14 +1311,14 @@ preop_modrdn(Slapi_PBlock *pb)
     }
     /* Get the DN of the entry being renamed */
 -    err = slapi_pblock_get(pb, SLAPI_MODRDN_TARGET_SDN, &sdn);
 +    err = slapi_pblock_get(pb, SLAPI_MODRDN_TARGET_SDN, &sourceSDN);
     if (err) {
         result = uid_op_error(31);
         break;
     }
     /* Get superior value - unimplemented in 3.0/4.0/5.0 DS */
 -    err = slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, &superior);
 +    err = slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, &destinationSDN);
     if (err) {
         result = uid_op_error(32);
         break;
@@ -1326,11 +1326,11 @@ preop_modrdn(Slapi_PBlock *pb)
     /*
      * No superior means the entry is just renamed at
 -     * its current level in the tree.  Use the target DN for
 +     * its current level in the tree.  Use the source SDN for
      * determining which managed tree this belongs to
      */
 -    if (!superior)
 -        superior = sdn;
 +    if (!destinationSDN)
 +        slapi_sdn_get_parent(sourceSDN, destinationSDN);
     /* Get the new RDN - this has the attribute values */
     err = slapi_pblock_get(pb, SLAPI_MODRDN_NEWRDN, &rdn);
@@ -1352,10 +1352,10 @@ preop_modrdn(Slapi_PBlock *pb)
     /* Get the entry that is being renamed so we can make a dummy copy
      * of what it will look like after the rename. */
 -    err = slapi_search_get_entry(&entry_pb, sdn, NULL, &e, plugin_identity);
 +    err = slapi_search_get_entry(&entry_pb, sourceSDN, NULL, &e, plugin_identity);
     if (err != LDAP_SUCCESS) {
         result = uid_op_error(35);
 -        /* We want to return a no such object error if the target doesn't exist. */
 +        /* We want to return a no such object error if the source SDN doesn't exist. */
         if (err == LDAP_NO_SUCH_OBJECT) {
             result = err;
         }
@@ -1364,7 +1364,7 @@ preop_modrdn(Slapi_PBlock *pb)
     /* Apply the rename operation to the dummy entry. */
     /* slapi_entry_rename does not expect rdn normalized */
 -    err = slapi_entry_rename(e, rdn, deloldrdn, superior);
 +    err = slapi_entry_rename(e, rdn, deloldrdn, destinationSDN);
     if (err != LDAP_SUCCESS) {
         result = uid_op_error(36);
         break;
@@ -1392,13 +1392,13 @@ preop_modrdn(Slapi_PBlock *pb)
              */
             if (NULL != markerObjectClass) {
                 /* Subtree defined by location of marker object class */
 -                result = findSubtreeAndSearch(slapi_entry_get_sdn(e), attrNames, attr, NULL,
 -                                              requiredObjectClass, superior,
 +                result = findSubtreeAndSearch(destinationSDN, attrNames, attr, NULL,
 +                                              requiredObjectClass, sourceSDN,
                                               markerObjectClass, config->exclude_subtrees);
             } else {
                 /* Subtrees listed on invocation line */
                 result = searchAllSubtrees(config->subtrees, config->exclude_subtrees, attrNames, attr, NULL,
 -                                           requiredObjectClass, superior, config->unique_in_all_subtrees);
 +                                           requiredObjectClass, destinationSDN, sourceSDN, config->unique_in_all_subtrees);
             }
             if (result != LDAP_SUCCESS) {
                 break;
 -- 
 2.31.1
--- a/0003-Issue-4169-backport-lib389-cert-list-fix.patch
+++ b/0003-Issue-4169-backport-lib389-cert-list-fix.patch
@ -1,40 +0,0 @@
 From 91b90f583bf4046325438954523c78ea4f33d607 Mon Sep 17 00:00:00 2001
 From: Mark Reynolds <mreynolds@redhat.com>
 Date: Fri, 10 Sep 2021 09:39:57 -0400
 Subject: [PATCH] Issue 4169 - backport lib389 cert list fix
 Description:  We didn't call ensure_str() on the output from certutil
 commands
 relates:  https://github.com/389ds/389-ds-base/issues/4169
 Reviewed by: mreynolds(one line commit rule)
 ---
 src/lib389/lib389/nss_ssl.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 diff --git a/src/lib389/lib389/nss_ssl.py b/src/lib389/lib389/nss_ssl.py
 index 1cd2768f1..6dc0c26d3 100644
 --- a/src/lib389/lib389/nss_ssl.py
 +++ b/src/lib389/lib389/nss_ssl.py
@@ -325,7 +325,7 @@ only.
         ]
         self.log.debug("nss cmd: %s", format_cmd_list(cmd))
         try:
 -            certdetails = check_output(cmd, stderr=subprocess.STDOUT, encoding='utf-8')
 +            certdetails = ensure_str(check_output(cmd, stderr=subprocess.STDOUT, encoding='utf-8'))
         except subprocess.CalledProcessError as e:
             raise ValueError(e.output.decode('utf-8').rstrip())
         end_date_str = certdetails.split("Not After : ")[1].split("\n")[0]
@@ -905,7 +905,7 @@ only.
         except subprocess.CalledProcessError as e:
             raise ValueError(e.output.decode('utf-8').rstrip())
 -        return result
 +        return ensure_str(result)
     def get_cert_details(self, nickname):
 -- 
 2.31.1
--- a/389-ds-base.spec
+++ b/389-ds-base.spec
@ -46,8 +46,8 @@ ExcludeArch: i686
 Summary:          389 Directory Server (base)
 Name:             389-ds-base
-Version:          2.0.8
+Version:          2.0.11
-Release:          6%{?dist}
+Release:          1%{?dist}
 License:          GPLv3+ and ASL 2.0 and MPLv2.0 and Boost
 URL:              https://www.port389.org
 Conflicts:        selinux-policy-base < 3.9.8
@ -58,86 +58,91 @@ Obsoletes:        %{name}-legacy-tools-debuginfo < 1.4.4.6
 Provides:         ldif2ldbm >= 0
 ##### Bundled cargo crates list - START #####
-Provides:  bundled(crate(ahash)) = 0.7.2
+Provides:  bundled(crate(ahash)) = 0.7.6
 Provides:  bundled(crate(ansi_term)) = 0.11.0
 Provides:  bundled(crate(atty)) = 0.2.14
 Provides:  bundled(crate(autocfg)) = 1.0.1
 Provides:  bundled(crate(base64)) = 0.13.0
-Provides:  bundled(crate(bitflags)) = 1.2.1
+Provides:  bundled(crate(bitflags)) = 1.3.2
 Provides:  bundled(crate(byteorder)) = 1.4.3
 Provides:  bundled(crate(cbindgen)) = 0.9.1
-Provides:  bundled(crate(cc)) = 1.0.67
+Provides:  bundled(crate(cc)) = 1.0.72
 Provides:  bundled(crate(cfg-if)) = 1.0.0
 Provides:  bundled(crate(clap)) = 2.33.3
-Provides:  bundled(crate(concread)) = 0.2.9
+Provides:  bundled(crate(concread)) = 0.2.19
-Provides:  bundled(crate(crossbeam)) = 0.8.0
+Provides:  bundled(crate(crossbeam)) = 0.8.1
 Provides:  bundled(crate(crossbeam-channel)) = 0.5.1
-Provides:  bundled(crate(crossbeam-deque)) = 0.8.0
+Provides:  bundled(crate(crossbeam-deque)) = 0.8.1
-Provides:  bundled(crate(crossbeam-epoch)) = 0.9.3
+Provides:  bundled(crate(crossbeam-epoch)) = 0.9.5
-Provides:  bundled(crate(crossbeam-queue)) = 0.3.1
+Provides:  bundled(crate(crossbeam-queue)) = 0.3.2
-Provides:  bundled(crate(crossbeam-utils)) = 0.8.3
+Provides:  bundled(crate(crossbeam-utils)) = 0.8.5
 Provides:  bundled(crate(entryuuid)) = 0.1.0
 Provides:  bundled(crate(entryuuid_syntax)) = 0.1.0
 Provides:  bundled(crate(fernet)) = 0.1.4
 Provides:  bundled(crate(foreign-types)) = 0.3.2
 Provides:  bundled(crate(foreign-types-shared)) = 0.1.1
-Provides:  bundled(crate(getrandom)) = 0.2.2
+Provides:  bundled(crate(getrandom)) = 0.2.3
-Provides:  bundled(crate(hermit-abi)) = 0.1.18
+Provides:  bundled(crate(hashbrown)) = 0.11.2
-Provides:  bundled(crate(instant)) = 0.1.9
+Provides:  bundled(crate(hermit-abi)) = 0.1.19
-Provides:  bundled(crate(itoa)) = 0.4.7
+Provides:  bundled(crate(instant)) = 0.1.12
-Provides:  bundled(crate(jobserver)) = 0.1.21
+Provides:  bundled(crate(itoa)) = 0.4.8
 Provides:  bundled(crate(jobserver)) = 0.1.24
 Provides:  bundled(crate(lazy_static)) = 1.4.0
-Provides:  bundled(crate(libc)) = 0.2.93
+Provides:  bundled(crate(libc)) = 0.2.107
 Provides:  bundled(crate(librnsslapd)) = 0.1.0
 Provides:  bundled(crate(librslapd)) = 0.1.0
-Provides:  bundled(crate(lock_api)) = 0.4.3
+Provides:  bundled(crate(lock_api)) = 0.4.5
 Provides:  bundled(crate(log)) = 0.4.14
-Provides:  bundled(crate(memoffset)) = 0.6.3
+Provides:  bundled(crate(lru)) = 0.6.6
-Provides:  bundled(crate(once_cell)) = 1.7.2
+Provides:  bundled(crate(memoffset)) = 0.6.4
-Provides:  bundled(crate(openssl)) = 0.10.35
+Provides:  bundled(crate(once_cell)) = 1.8.0
-Provides:  bundled(crate(openssl-sys)) = 0.9.65
+Provides:  bundled(crate(openssl)) = 0.10.38
-Provides:  bundled(crate(parking_lot)) = 0.11.1
+Provides:  bundled(crate(openssl-sys)) = 0.9.71
-Provides:  bundled(crate(parking_lot_core)) = 0.8.3
+Provides:  bundled(crate(parking_lot)) = 0.11.2
 Provides:  bundled(crate(parking_lot_core)) = 0.8.5
 Provides:  bundled(crate(paste)) = 0.1.18
 Provides:  bundled(crate(paste-impl)) = 0.1.18
-Provides:  bundled(crate(pkg-config)) = 0.3.19
+Provides:  bundled(crate(pin-project-lite)) = 0.2.7
-Provides:  bundled(crate(ppv-lite86)) = 0.2.10
+Provides:  bundled(crate(pkg-config)) = 0.3.22
 Provides:  bundled(crate(ppv-lite86)) = 0.2.15
 Provides:  bundled(crate(proc-macro-hack)) = 0.5.19
-Provides:  bundled(crate(proc-macro2)) = 1.0.26
+Provides:  bundled(crate(proc-macro2)) = 1.0.32
 Provides:  bundled(crate(pwdchan)) = 0.1.0
-Provides:  bundled(crate(quote)) = 1.0.9
+Provides:  bundled(crate(quote)) = 1.0.10
-Provides:  bundled(crate(rand)) = 0.8.3
+Provides:  bundled(crate(rand)) = 0.8.4
-Provides:  bundled(crate(rand_chacha)) = 0.3.0
+Provides:  bundled(crate(rand_chacha)) = 0.3.1
-Provides:  bundled(crate(rand_core)) = 0.6.2
+Provides:  bundled(crate(rand_core)) = 0.6.3
-Provides:  bundled(crate(rand_hc)) = 0.3.0
+Provides:  bundled(crate(rand_hc)) = 0.3.1
-Provides:  bundled(crate(redox_syscall)) = 0.2.6
+Provides:  bundled(crate(redox_syscall)) = 0.2.10
 Provides:  bundled(crate(remove_dir_all)) = 0.5.3
 Provides:  bundled(crate(ryu)) = 1.0.5
 Provides:  bundled(crate(scopeguard)) = 1.1.0
-Provides:  bundled(crate(serde)) = 1.0.125
+Provides:  bundled(crate(serde)) = 1.0.130
-Provides:  bundled(crate(serde_derive)) = 1.0.125
+Provides:  bundled(crate(serde_derive)) = 1.0.130
-Provides:  bundled(crate(serde_json)) = 1.0.64
+Provides:  bundled(crate(serde_json)) = 1.0.71
 Provides:  bundled(crate(slapd)) = 0.1.0
 Provides:  bundled(crate(slapi_r_plugin)) = 0.1.0
-Provides:  bundled(crate(smallvec)) = 1.6.1
+Provides:  bundled(crate(smallvec)) = 1.7.0
 Provides:  bundled(crate(strsim)) = 0.8.0
-Provides:  bundled(crate(syn)) = 1.0.69
+Provides:  bundled(crate(syn)) = 1.0.81
-Provides:  bundled(crate(synstructure)) = 0.12.4
+Provides:  bundled(crate(synstructure)) = 0.12.6
 Provides:  bundled(crate(tempfile)) = 3.2.0
 Provides:  bundled(crate(textwrap)) = 0.11.0
 Provides:  bundled(crate(tokio)) = 1.14.0
 Provides:  bundled(crate(tokio-macros)) = 1.6.0
 Provides:  bundled(crate(toml)) = 0.5.8
-Provides:  bundled(crate(unicode-width)) = 0.1.8
+Provides:  bundled(crate(unicode-width)) = 0.1.9
-Provides:  bundled(crate(unicode-xid)) = 0.2.1
+Provides:  bundled(crate(unicode-xid)) = 0.2.2
 Provides:  bundled(crate(uuid)) = 0.8.2
-Provides:  bundled(crate(vcpkg)) = 0.2.11
+Provides:  bundled(crate(vcpkg)) = 0.2.15
 Provides:  bundled(crate(vec_map)) = 0.8.2
 Provides:  bundled(crate(version_check)) = 0.9.3
 Provides:  bundled(crate(wasi)) = 0.10.2+wasi_snapshot_preview1
 Provides:  bundled(crate(winapi)) = 0.3.9
 Provides:  bundled(crate(winapi-i686-pc-windows-gnu)) = 0.4.0
 Provides:  bundled(crate(winapi-x86_64-pc-windows-gnu)) = 0.4.0
-Provides:  bundled(crate(zeroize)) = 1.2.0
+Provides:  bundled(crate(zeroize)) = 1.4.3
-Provides:  bundled(crate(zeroize_derive)) = 1.0.1
+Provides:  bundled(crate(zeroize_derive)) = 1.2.2
 ##### Bundled cargo crates list - END #####
 BuildRequires:    nspr-devel
@ -256,9 +261,6 @@ Source2:          %{name}-devel.README
 %if %{bundle_jemalloc}
 Source3:          https://github.com/jemalloc/%{jemalloc_name}/releases/download/%{jemalloc_ver}/%{jemalloc_name}-%{jemalloc_ver}.tar.bz2
 %endif
 Patch01:          0001-Issue-4884-server-crashes-when-dnaInterval-attribute.patch
 Patch02:          0002-Issue-4894-IPA-failure-in-ipa-user-del-preserve-4907.patch
 Patch03:          0003-Issue-4169-backport-lib389-cert-list-fix.patch
 %description
 389 Directory Server is an LDAPv3 compliant server.  The base package includes
@ -437,8 +439,7 @@ autoreconf -fiv
           --with-systemdgroupname=%{groupname}  \
           --libexecdir=%{_libexecdir}/%{pkgname} \
           $NSSARGS $ASAN_FLAGS $RUST_FLAGS $CLANG_FLAGS $COCKPIT_FLAGS \
-           --enable-cmocka \
+           --enable-cmocka --enable-new-dtags
           --enable-perl
 # lib389
@ -708,6 +709,13 @@ exit 0
 %endif
 %changelog
 * Thu Nov 18 2021 Mark Reynolds <mreynolds@redhat.com> - 2.0.11-1
 - Bump version to 2.0.11-1
 - Resolves: Bug 2024693 - Rebase RHEL 9.0 with 389-ds-base
 - Resolves: Bug 2015996 - Log the Auto Member invalid regex rules in the LDAP errors log
 - Resolves: Bug 2020554 - ipa user-add fails with "gecos: value invalid per syntax: Invalid syntax"
 - Resolves: Bug 1779685 - PBKDF2 hashing does not work in FIPS mode
 * Fri Sep 17 2021 Mark Reynolds <mreynolds@redhat.com> - 2.0.8-6
 - Bump version to 2.0.8-6
 - Resolves: Bug 2000420 - Not able to preserve users using "ipa user-del --preserve"
--- a/2
+++ b/2
@ -1,2 +1,2 @@
 SHA512 (389-ds-base-2.0.11.tar.bz2) = 44aaf422505ec543752f79292d3fc15a49940f48035e8cfb1c4e646251aaf8f1be3fde5bcb1e3e8c7df220fda3e1af173a16ff88696761056abf59feb550578d
 SHA512 (jemalloc-5.2.1.tar.bz2) = 0bbb77564d767cef0c6fe1b97b705d368ddb360d55596945aea8c3ba5889fbce10479d85ad492c91d987caacdbbdccc706aa3688e321460069f00c05814fae02
 SHA512 (389-ds-base-2.0.8.tar.bz2) = 04f3a37da3d7f77501b0a3468b458c0da38266e56064e78ba3196a3be209bc870e6d4bde43cc39ece933bf1314453204223d34bc337cd3ede21d646fb54f1a31