another shot at previous fix

2010-07-01 08:57:32 +00:00 · 2010-07-01 08:57:32 +00:00 · 2acd98790b
commit 2acd98790b
parent ecf9ab4483
1 changed files with 42 additions and 7 deletions
--- a/openldap.spec
+++ b/openldap.spec
@ -11,7 +11,7 @@
 Summary: LDAP support libraries
 Name: openldap
 Version: %{version}
-Release: 2%{?dist}
+Release: 5%{?dist}
 License: OpenLDAP
 Group: System Environment/Daemons
 Source0: ftp://ftp.OpenLDAP.org/pub/OpenLDAP/openldap-release/openldap-%{version}.tgz
@ -36,6 +36,8 @@ Patch9: openldap-2.3.37-smbk5pwd.patch
 Patch10: openldap-2.4.6-multilib.patch
 Patch11: openldap-2.4.16-doc-cacertdir.patch
 Patch12: openldap-2.4.21-dn2id-segfault.patch
+Patch13: openldap-2.4.22-ldif_h.patch
+Patch14: openldap-2.4.22-libldif.patch

 # Patches for the evolution library
 Patch200: openldap-2.4.6-evolution-ntlm.patch
@ -45,6 +47,7 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-root
 BuildRequires: cyrus-sasl-devel >= 2.1, gdbm-devel, libtool >= 1.5.6-2, krb5-devel
 BuildRequires: openssl-devel, pam-devel, perl, pkgconfig, tcp_wrappers-devel,
 BuildRequires: unixODBC-devel, libtool-ltdl-devel, groff
+BuildRequires: nss-devel
 Requires: glibc >= 2.2.3-48, mktemp
 Obsoletes: compat-openldap < 2.4

@ -132,6 +135,8 @@ pushd openldap-%{version}
 %patch10 -p1 -b .multilib
 %patch11 -p1 -b .cacertdir
 %patch12 -p1 -b .segfault
+%patch13 -p1 -b .ldif_h
+%patch14 -p1 -b .libldif

 cp %{_datadir}/libtool/config/config.{sub,guess} build/
 popd
@ -191,10 +196,12 @@ make install libdb_base=libslapd_db libso_base=libslapd_db strip="false"
 ln -sf libslapd_db.so ${dbdir}/%{_lib}/${subdir}/libdb.so
 popd

-export CPPFLAGS="-I${dbdir}/include"
-export CFLAGS="$CPPFLAGS $RPM_OPT_FLAGS -D_REENTRANT -DLDAP_CONNECTIONLESS -fPIC -D_GNU_SOURCE"
+export CPPFLAGS="-I${dbdir}/include -I%_includedir/nss3 -I%_includedir/nspr4"
+export CFLAGS="$CPPFLAGS $RPM_OPT_FLAGS -D_REENTRANT -DLDAP_CONNECTIONLESS -fPIC -D_GNU_SOURCE -DHAVE_TLS -DHAVE_MOZNSS -DSLAPD_LMHASH"
 export LDFLAGS="-L${dbdir}/%{_lib}"
 export LD_LIBRARY_PATH=${dbdir}/%{_lib}${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}}
+MOZNSS_TLS_LIBS="-lssl3 -lsmime3 -lnss3 -lnssutil3 -lplds4 -lplc4 -lnspr4"
+export LIBS="$MOZNSS_TLS_LIBS"

 build() {
 %configure \
@ -202,7 +209,7 @@ build() {
    \
    --enable-local --enable-rlookups \
    \
-    --with-tls \
+    --with-tls=no \
    --with-cyrus-sasl \
    \
    --enable-wrappers \
@ -212,17 +219,29 @@ build() {
    --enable-cleartext \
    --enable-crypt \
    --enable-spasswd \
-    --enable-lmpasswd \
+    --disable-lmpasswd \
    --enable-modules \
    --disable-sql \
    \
    --libexecdir=%{_libdir} \
    $@
+# HACK HACK HACK
+# openldap uses #include <nss/somemoznssfile.h>
+# this doesn't work on fedora and similar which uses /usr/include/nss3
+# so we have to fake it out
+pushd include
+if [ ! -d nss ] ; then
+    ln -s %_includedir/nss3 nss
+fi
+if [ ! -d nspr ] ; then
+    ln -s %_includedir/nspr4 nspr
+fi
+popd
 make %{_smp_mflags} LIBTOOL="$libtool"
 }

 # Build the servers with Kerberos support (for password checking, mainly).
-LIBS=-lpthread; export LIBS
+LIBS="$LIBS -lpthread"; export LIBS
 LD_LIBRARY_PATH=${dbdir}/%{_lib}${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}}; export LD_LIBRARY_PATH
 pushd openldap-%{version}/build-servers
 build \
@ -253,6 +272,7 @@ popd

 # Build clients without Kerberos password-checking support, which is only
 # useful in the server anyway, to avoid stray dependencies.
+export LIBS="$MOZNSS_TLS_LIBS"
 pushd openldap-%{version}/build-clients
 build \
    --disable-slapd \
@ -485,7 +505,9 @@ fi
 # If there's a /var/lib/ldap/need_db_upgrade file, run db_upgrade and delete it.
 # It was created by the % pre above.
 if [ -f /var/lib/ldap/need_db_upgrade ]; then
-    /sbin/runuser -m -s /usr/sbin/slapd_db_upgrade -- "ldap"  -h /var/lib/ldap /var/lib/ldap/*.bdb
+	if ls /var/lib/ldap/*.bdb > /dev/null 2>&1; then
+		/sbin/runuser -m -s /usr/sbin/slapd_db_upgrade -- "ldap"  -h /var/lib/ldap /var/lib/ldap/*.bdb
+	fi
    /sbin/runuser -m -s /usr/sbin/slapd_db_checkpoint -- "ldap" -h /var/lib/ldap -1
    rm -f /var/lib/ldap/need_db_upgrade
 fi
@ -527,6 +549,7 @@ EOF
    chmod -R 000 %{_sysconfdir}/openldap/slapd.d
    chmod -R u+rwX %{_sysconfdir}/openldap/slapd.d
    rm -f %{_sysconfdir}/openldap/slapd.conf
+	rm -f %{_sharedstatedir}/ldap/__db* %{_sharedstatedir}/ldap/alock
 fi


@ -569,6 +592,7 @@ fi
 %attr(0755,root,root) %dir %{_sysconfdir}/openldap
 %attr(0755,root,root) %dir %{_sysconfdir}/openldap/cacerts
 %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/openldap/ldap*.conf
+%attr(0755,root,root) %{_libdir}/libldif-2.4*.so.*
 %attr(0755,root,root) %{_libdir}/liblber-2.4*.so.*
 %attr(0755,root,root) %{_libdir}/libldap-2.4*.so.*
 %attr(0755,root,root) %{_libdir}/libldap_r-2.4*.so.*
@ -631,6 +655,17 @@ fi
 %attr(0644,root,root)      %{evolution_connector_libdir}/*.a

 %changelog
+* Thu Jul 01 2010 Jan Zeleny <jzeleny@redhat.com> - 2.4.22-5
+- another shot at previous fix
+
+* Thu Jul 01 2010 Jan Zeleny <jzeleny@redhat.com> - 2.4.22-4
+- fixed issue with owner of /usr/lib/ldap/__db.* (#609523)
+
+* Thu Jun  3 2010 Rich Megginson <rmeggins@redhat.com> - 2.4.22-3
+- added ldif.h to the public api in the devel package
+- added -lldif to the public api
+- added HAVE_MOZNSS and other flags to use Mozilla NSS for crypto
+
 * Tue May 18 2010 Jan Zeleny <jzeleny@redhat.com> - 2.4.22-2
 - rebuild with connectionless support (#587722)
 - updated autofs schema (#584808)