diff --git a/nss-pam-ldapd-0.7.x-dnssrv.patch b/nss-pam-ldapd-0.7.x-dnssrv.patch new file mode 100644 index 0000000..939ecf0 --- /dev/null +++ b/nss-pam-ldapd-0.7.x-dnssrv.patch @@ -0,0 +1,68 @@ +Parts of the upstream patch, adapted, plus a fix for a typo. + +commit e36a4270122f690927d17f06259ce5a9308cd1eb +Author: arthur +Date: Wed Aug 24 18:51:55 2011 +0000 + + support querying DNS SRV records from a different domain than the current one (based on a patch by James M. Leddy) + + git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1513 ef36b2f9-881f-0410-afb5-c4e39611909c + +diff --git a/man/nslcd.conf.5.xml b/man/nslcd.conf.5.xml +index 6c0f9e3..51869f4 100644 +--- a/man/nslcd.conf.5.xml ++++ b/man/nslcd.conf.5.xml +@@ -127,9 +127,14 @@ + LDAP over TCP, + ICP or SSL respectively (if + supported by the LDAP library). ++ ++ + Alternatively, the value DNS may be + used to try to lookup the server using DNS + SRV records. ++ By default the current domain is used but another domain can ++ be queried by using the ++ DNS:DOMAIN syntax. + + + When using the ldapi scheme, %2f should be used to escape slashes +diff --git a/nslcd/cfg.c b/nslcd/cfg.c +index fee3286..ac354c0 100644 +--- a/nslcd/cfg.c ++++ b/nslcd/cfg.c +@@ -184,13 +184,13 @@ static const char *cfg_getdomainname(const char *filename,int lnr) + + /* add URIs by doing DNS queries for SRV records */ + static void add_uris_from_dns(const char *filename,int lnr, +- struct ldap_config *cfg) ++ struct ldap_config *cfg, ++ const char *domain) + { + int ret=0; +- char *domain; + char *hostlist=NULL,*nxt; + char buf[HOST_NAME_MAX+sizeof("ldap://")]; +- domain=cfg_getdomainname(filename,lnr); ++ log_log(LOG_DEBUG,"query %s for SRV records",domain); + ret=ldap_domain2hostlist(domain,&hostlist); + /* FIXME: have better error handling */ + if ((hostlist==NULL)||(*hostlist=='\0')) +@@ -856,7 +856,16 @@ static void cfg_read(const char *filename,struct ldap_config *cfg) + if (strcasecmp(token,"dns")==0) + { + #ifdef HAVE_LDAP_DOMAIN2HOSTLIST +- add_uris_from_dns(filename,lnr,cfg); ++ add_uris_from_dns(filename,lnr,cfg,cfg_getdomainname(filename,lnr)); ++#else /* not HAVE_LDAP_DOMAIN2HOSTLIST */ ++ log_log(LOG_ERR,"%s:%d: value %s not supported on platform",filename,lnr,token); ++ exit(EXIT_FAILURE); ++#endif /* not HAVE_LDAP_DOMAIN2HOSTLIST */ ++ } ++ else if (strncasecmp(token,"dns:",4)==0) ++ { ++#ifdef HAVE_LDAP_DOMAIN2HOSTLIST ++ add_uris_from_dns(filename,lnr,cfg,strdup(token+sizeof("dns"))); + #else /* not HAVE_LDAP_DOMAIN2HOSTLIST */ + log_log(LOG_ERR,"%s:%d: value %s not supported on platform",filename,lnr,token); + exit(EXIT_FAILURE); diff --git a/nss-pam-ldapd.spec b/nss-pam-ldapd.spec index 483eb70..f62d4da 100644 --- a/nss-pam-ldapd.spec +++ b/nss-pam-ldapd.spec @@ -14,7 +14,7 @@ Name: nss-pam-ldapd Version: 0.7.13 -Release: 7%{?dist} +Release: 8%{?dist} Summary: An nsswitch module which uses directory servers Group: System Environment/Base License: LGPLv2+ @@ -26,6 +26,7 @@ Source3: nslcd.tmpfiles Source4: nslcd.service Patch0: nss-pam-ldapd-0.7.x-buffers.patch Patch1: nss-pam-ldapd-0.7.13-validname.patch +Patch2: nss-pam-ldapd-0.7.x-dnssrv.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: openldap-devel, krb5-devel BuildRequires: autoconf, automake @@ -60,6 +61,7 @@ nsswitch module. %setup -q %patch0 -p1 -b .buffers %patch1 -p0 -b .validname +%patch2 -p1 -b .dnssrv autoreconf -f -i %build @@ -256,6 +258,10 @@ exit 0 %endif %changelog +* Wed Aug 24 2011 Nalin Dahyabhai 0.7.13-8 +- include backported enhancement to take URIs in the form "dns:DOMAIN" in + addition to the already-implemented "dns" (#730309) + * Thu Jul 14 2011 Nalin Dahyabhai 0.7.13-7 - switch to only munging the contents of /etc/nslcd.conf on the very first install (#706454)