diff --git a/openldap.spec b/openldap.spec index 0357c45..b53ddb3 100644 --- a/openldap.spec +++ b/openldap.spec @@ -11,7 +11,7 @@ Summary: LDAP support libraries Name: openldap Version: %{version} -Release: 2%{?dist} +Release: 5%{?dist} License: OpenLDAP Group: System Environment/Daemons Source0: ftp://ftp.OpenLDAP.org/pub/OpenLDAP/openldap-release/openldap-%{version}.tgz @@ -36,6 +36,8 @@ Patch9: openldap-2.3.37-smbk5pwd.patch Patch10: openldap-2.4.6-multilib.patch Patch11: openldap-2.4.16-doc-cacertdir.patch Patch12: openldap-2.4.21-dn2id-segfault.patch +Patch13: openldap-2.4.22-ldif_h.patch +Patch14: openldap-2.4.22-libldif.patch # Patches for the evolution library Patch200: openldap-2.4.6-evolution-ntlm.patch @@ -45,6 +47,7 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-root BuildRequires: cyrus-sasl-devel >= 2.1, gdbm-devel, libtool >= 1.5.6-2, krb5-devel BuildRequires: openssl-devel, pam-devel, perl, pkgconfig, tcp_wrappers-devel, BuildRequires: unixODBC-devel, libtool-ltdl-devel, groff +BuildRequires: nss-devel Requires: glibc >= 2.2.3-48, mktemp Obsoletes: compat-openldap < 2.4 @@ -132,6 +135,8 @@ pushd openldap-%{version} %patch10 -p1 -b .multilib %patch11 -p1 -b .cacertdir %patch12 -p1 -b .segfault +%patch13 -p1 -b .ldif_h +%patch14 -p1 -b .libldif cp %{_datadir}/libtool/config/config.{sub,guess} build/ popd @@ -191,10 +196,12 @@ make install libdb_base=libslapd_db libso_base=libslapd_db strip="false" ln -sf libslapd_db.so ${dbdir}/%{_lib}/${subdir}/libdb.so popd -export CPPFLAGS="-I${dbdir}/include" -export CFLAGS="$CPPFLAGS $RPM_OPT_FLAGS -D_REENTRANT -DLDAP_CONNECTIONLESS -fPIC -D_GNU_SOURCE" +export CPPFLAGS="-I${dbdir}/include -I%_includedir/nss3 -I%_includedir/nspr4" +export CFLAGS="$CPPFLAGS $RPM_OPT_FLAGS -D_REENTRANT -DLDAP_CONNECTIONLESS -fPIC -D_GNU_SOURCE -DHAVE_TLS -DHAVE_MOZNSS -DSLAPD_LMHASH" export LDFLAGS="-L${dbdir}/%{_lib}" export LD_LIBRARY_PATH=${dbdir}/%{_lib}${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}} +MOZNSS_TLS_LIBS="-lssl3 -lsmime3 -lnss3 -lnssutil3 -lplds4 -lplc4 -lnspr4" +export LIBS="$MOZNSS_TLS_LIBS" build() { %configure \ @@ -202,7 +209,7 @@ build() { \ --enable-local --enable-rlookups \ \ - --with-tls \ + --with-tls=no \ --with-cyrus-sasl \ \ --enable-wrappers \ @@ -212,17 +219,29 @@ build() { --enable-cleartext \ --enable-crypt \ --enable-spasswd \ - --enable-lmpasswd \ + --disable-lmpasswd \ --enable-modules \ --disable-sql \ \ --libexecdir=%{_libdir} \ $@ +# HACK HACK HACK +# openldap uses #include +# this doesn't work on fedora and similar which uses /usr/include/nss3 +# so we have to fake it out +pushd include +if [ ! -d nss ] ; then + ln -s %_includedir/nss3 nss +fi +if [ ! -d nspr ] ; then + ln -s %_includedir/nspr4 nspr +fi +popd make %{_smp_mflags} LIBTOOL="$libtool" } # Build the servers with Kerberos support (for password checking, mainly). -LIBS=-lpthread; export LIBS +LIBS="$LIBS -lpthread"; export LIBS LD_LIBRARY_PATH=${dbdir}/%{_lib}${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}}; export LD_LIBRARY_PATH pushd openldap-%{version}/build-servers build \ @@ -253,6 +272,7 @@ popd # Build clients without Kerberos password-checking support, which is only # useful in the server anyway, to avoid stray dependencies. +export LIBS="$MOZNSS_TLS_LIBS" pushd openldap-%{version}/build-clients build \ --disable-slapd \ @@ -485,7 +505,9 @@ fi # If there's a /var/lib/ldap/need_db_upgrade file, run db_upgrade and delete it. # It was created by the % pre above. if [ -f /var/lib/ldap/need_db_upgrade ]; then - /sbin/runuser -m -s /usr/sbin/slapd_db_upgrade -- "ldap" -h /var/lib/ldap /var/lib/ldap/*.bdb + if ls /var/lib/ldap/*.bdb > /dev/null 2>&1; then + /sbin/runuser -m -s /usr/sbin/slapd_db_upgrade -- "ldap" -h /var/lib/ldap /var/lib/ldap/*.bdb + fi /sbin/runuser -m -s /usr/sbin/slapd_db_checkpoint -- "ldap" -h /var/lib/ldap -1 rm -f /var/lib/ldap/need_db_upgrade fi @@ -527,6 +549,7 @@ EOF chmod -R 000 %{_sysconfdir}/openldap/slapd.d chmod -R u+rwX %{_sysconfdir}/openldap/slapd.d rm -f %{_sysconfdir}/openldap/slapd.conf + rm -f %{_sharedstatedir}/ldap/__db* %{_sharedstatedir}/ldap/alock fi @@ -569,6 +592,7 @@ fi %attr(0755,root,root) %dir %{_sysconfdir}/openldap %attr(0755,root,root) %dir %{_sysconfdir}/openldap/cacerts %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/openldap/ldap*.conf +%attr(0755,root,root) %{_libdir}/libldif-2.4*.so.* %attr(0755,root,root) %{_libdir}/liblber-2.4*.so.* %attr(0755,root,root) %{_libdir}/libldap-2.4*.so.* %attr(0755,root,root) %{_libdir}/libldap_r-2.4*.so.* @@ -631,6 +655,17 @@ fi %attr(0644,root,root) %{evolution_connector_libdir}/*.a %changelog +* Thu Jul 01 2010 Jan Zeleny - 2.4.22-5 +- another shot at previous fix + +* Thu Jul 01 2010 Jan Zeleny - 2.4.22-4 +- fixed issue with owner of /usr/lib/ldap/__db.* (#609523) + +* Thu Jun 3 2010 Rich Megginson - 2.4.22-3 +- added ldif.h to the public api in the devel package +- added -lldif to the public api +- added HAVE_MOZNSS and other flags to use Mozilla NSS for crypto + * Tue May 18 2010 Jan Zeleny - 2.4.22-2 - rebuild with connectionless support (#587722) - updated autofs schema (#584808)