Commit Graph

480 Commits

Author SHA1 Message Date
Jan Vcelak
54e357771f multilib fix: move libslapi from openldap-servers to openldap package 2012-07-20 16:59:28 +02:00
Jan Vcelak
9e7cf6735d fix: smbk5pwd module computes invalid LM hashes
Resolves: #841560
2012-07-19 14:27:10 +02:00
Jan Vcelak
20875f4fb9 fix: querying for IPv6 DNS records when IPv6 is disabled on the host
Resolves: #835013
2012-07-19 11:00:43 +02:00
Jan Vcelak
824671e8d7 clean the package build process 2012-07-18 19:02:28 +02:00
Jan Vcelak
9eda95bba4 fix: remove isa macro from BuildRequires 2012-07-18 09:37:59 +02:00
Jan Vcelak
50ed49760b fix: less influence between individual TLS contexts
Resolves: #795763 (and possibly others)
2012-06-27 14:40:59 +02:00
Jan Vcelak
397ce0c946 fix: default cipher suite is always selected
Resolves: #828790
2012-06-27 14:10:28 +02:00
Jan Vcelak
916cbca281 fix: slapd fails to start on reboot
Resolves: #829272
2012-06-27 14:05:10 +02:00
Jan Vcelak
904778f620 CVE-2012-2668: cipher suite selection by name can be ignored
Resolves: #825875
2012-06-27 13:55:02 +02:00
Jan Vcelak
fe1c1e0eeb fix: reading pin from file can make all TLS connections hang
Resolves: #829317
2012-06-27 13:48:40 +02:00
Jan Vcelak
0cda8087e0 fix: TLS error messages overwriting in tlsm_verify_cert()
Resolves: #810462
2012-06-27 13:36:51 +02:00
Jan Vcelak
ac8a31ed53 fix: invalid order of TLS shutdown operations
Resolves: #808465
2012-06-27 13:31:05 +02:00
Jan Vcelak
5172ff7830 update fix: count constraint broken when using multiple modifications
Resolves: #795766
2012-06-27 13:26:24 +02:00
Jan Vcelak
60d09d71cf fix: MozNSS CA certdir does not work together with PEM CA cert file
Resolves: #819536
2012-05-18 12:47:45 +02:00
Jan Vcelak
61feb71485 changelog: nss-tools has to be required by base package 2012-05-18 12:47:41 +02:00
Jan Vcelak
f8f3a2b33f nss-tools has to be required by base package 2012-05-02 11:25:36 +02:00
Jan Vcelak
05bc41c858 remove upstream merged patches 2012-04-24 10:44:16 +02:00
Jan Vcelak
6e16cb7901 new upstream release (2.4.31) 2012-04-24 10:35:02 +02:00
Jan Vcelak
440b96e85c rebuild due to libdb rebase 2012-04-05 20:41:25 +02:00
Jan Synacek
0992cf19a9 fix: Re-binding to a failed connection can segfault
Resolves: #784989
2012-03-26 13:41:40 +02:00
Jan Vcelak
a4d33565bb new upstream release (2.4.30)
Resolves: #798958
2012-03-01 14:24:19 +01:00
Jan Vcelak
862f73dffa fix: SASL_NOCANON option missing in ldap.conf manual page
Resolves: #732915
2012-02-22 15:46:23 +01:00
Jan Vcelak
c2db986060 fix: missing options in manual pages of client tools
Resolves: #796232
2012-02-22 15:41:53 +01:00
Jan Vcelak
b2b2825914 fix: count constraint broken when using multiple modifications
Resolves: #795766
2012-02-21 15:44:56 +01:00
Jan Vcelak
20125eca06 fix: ldap_result does not succeed for sssd
Resolves: #771484
2012-02-21 15:37:51 +01:00
Jan Vcelak
558f709787 fix update provide ldif2ldbm, not ldib2ldbm
Resolves: #437104
2012-02-20 15:31:58 +01:00
Jan Synacek
f25689a388 unify systemctl binary paths throughout the specfile and make them usrmove compliant
make path to chkconfig binary usrmove compliant
2012-02-20 15:14:53 +01:00
Jan Vcelak
d5cbb774ed fix: check-config.sh get stuck when executing command as a ldap user 2012-02-15 14:26:49 +01:00
Jan Vcelak
dc2b490d64 temporarily disable certificates checking in check-config.sh
MozNSS support is missing yet.
2012-02-15 13:15:07 +01:00
Jan Synacek
b95104a6a1 fix: correct path to check-config.sh in service file 2012-02-15 09:10:16 +01:00
Jan Vcelak
b5e66b7ea2 remove obsoleted slapd.conf 2012-02-14 17:22:53 +01:00
Jan Vcelak
a7572065e5 certificates management improvements
Resolves: #772890
2012-02-14 17:22:50 +01:00
Jan Vcelak
934ba146a8 move maintainance scripts from libexec/slapd to libexec/openldap 2012-02-14 13:42:07 +01:00
Jan Vcelak
78a563b273 openldap-servers: provide ldib2ldbm for migrationtools
References: #437104
2012-02-14 13:40:58 +01:00
Jan Vcelak
5e3dba33db clean requirements: remove explicit versions, add %{_isa} macro 2012-02-14 13:40:42 +01:00
Jan Vcelak
31026088da new upstream release (2.4.29) 2012-02-13 13:07:11 +01:00
Jan Vcelak
65b981d99e fix: slapd segfaults when PEM certificate is used and key is not set
Resolves: #772890
2012-01-31 18:11:36 +01:00
Jan Vcelak
f47de25361 fix: replication (syncrepl) with TLS causes segfault
Resolves: #783431
2012-01-31 18:10:55 +01:00
Dennis Gilmore
328c8e208b - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild 2012-01-13 05:40:42 -06:00
Jan Vcelak
c60a3191a5 fix: reload systemd daemon after installation 2011-11-30 18:58:19 +01:00
Jan Vcelak
8bd37126ac configuration initialization from LDIF file 2011-11-30 18:40:25 +01:00
Jan Vcelak
1cd7d29c02 compile backends as modules (except BDB, HDB, and monitor) 2011-11-30 16:51:14 +01:00
Jan Vcelak
ad3da8cc04 new upstream release (2.4.28)
- upstream changes:
  - server: support for delta-syncrepl in multi master replication
  - server: add experimental backend - MDB
  - server: dynamic configuration for passwd, perl, shell, sock,
    and sql backends
  - server: support passwords in APR1
  - library: support for Wahl (draft)
  - a lot of bugfixes
- remove patches which were merged upstream
2011-11-30 16:51:05 +01:00
Jan Vcelak
0fcc2f2eb2 release bump (2.4.26-6) 2011-11-01 15:25:46 +01:00
Jan Vcelak
356af46ea6 CVE-2011-4079 one-byte buffer overflow in slapd
Resolves: #749324
2011-11-01 15:25:46 +01:00
Jan Vcelak
25e27999de servers: add libdb-utils to Requires 2011-11-01 13:34:30 +01:00
Jan Vcelak
a0c545d1a7 patch slapd to skip empty arguments
This is required by systemd, as variable expansion works there different
than in shell. Empty SLAPD_OPTIONS in environment file would not work.

(The patch is Fedora specific.)
2011-11-01 13:34:30 +01:00
Jan Vcelak
33514c3f00 scriptlet: convert sysconfig/ldap to sysconfig/slapd 2011-11-01 13:34:17 +01:00
Jan Vcelak
62f9c65cff rpmlint warnings: doc in non utf-8 encoding 2011-11-01 13:34:17 +01:00
Jan Vcelak
8f315f552e rpmlint warnings: macro in comment/changelog 2011-11-01 13:34:17 +01:00
Jan Vcelak
b6085c259f specfile: clean %files, drop defattr macros
- %defattr is not needed since Fedora 14
- permissions are taken from installed files
  (removed chmod and added install where possible)
- %attr was left only on places, where non-root owner is needed
- removed slashes between: %{buildroot}%{_somedir}
- files reordered by type
- merged "%dir dir" and "dir/files*"
2011-11-01 13:34:17 +01:00
Jan Vcelak
05cb2507b0 specfile: handle upgrades with new maintainance scripts 2011-11-01 13:34:08 +01:00
Jan Vcelak
2d2d8a4c8a specfile: migrate initscript to systemd service 2011-10-27 17:27:43 +02:00
Jan Vcelak
0a9b211e8c specfile: reorder sources 2011-10-27 17:27:43 +02:00
Jan Vcelak
10e4a847f6 remove old provides/obsoletes 2011-10-27 15:00:20 +02:00
Jan Vcelak
9a8ced65aa hardened build: remove LDFLAGS, enable macro 2011-10-27 14:45:10 +02:00
Jan Vcelak
8d476e4dbd rebuild: openldap does not work after libdb rebase
Resolves: #743824
2011-10-06 10:22:14 +02:00
Jan Vcelak
b4a9bf4dad regression fix: enable TCP wrappers
Resolves: #743213
2011-10-06 10:19:51 +02:00
Jan Vcelak
81680b05fb new feature update: honor priority/weight with ldap_domain2hostlist
There was a typo in the patch. "weight" of the SRV records was not
taken correctly.

Resolves: #733078
2011-09-21 11:05:39 +02:00
Jan Vcelak
9c0ef47ce4 fix: allow unsetting of tls_* syncrepl options
Resolves: #734187
2011-09-12 18:42:53 +02:00
Jan Vcelak
af7e905857 fix: SSL_ForceHandshake function is not thread safe
Resolves: #701678
2011-09-12 15:35:09 +02:00
Jan Vcelak
9ee41aa9a4 manpage fix: wrong ldap_sync_destroy() prototype in ldap_sync(3) manpage
Resolves: #717722
2011-08-24 19:24:49 +02:00
Jan Vcelak
a551ec94d3 new feature: honor priority/weight with ldap_domain2hostlist
Resolves: #733078
2011-08-24 19:17:27 +02:00
Jan Vcelak
3e083e8b93 fix: matching wildcard hostnames in certificate Subject field does not work
Resolves: #733073
2011-08-24 19:12:30 +02:00
Jan Vcelak
482a20080c manpage fix: errors in manual page slapo-unique
Resolves: #733070
2011-08-24 19:05:49 +02:00
Jan Vcelak
c6479d1199 fix: DDS overlay tolerance parametr doesn't function and breakes default TTL
Resolves: #733069
2011-08-24 19:01:05 +02:00
Jan Vcelak
a35a381613 fix: conversion of constraint overlay settings to cn=config is incorrect
Resolves: #733067
2011-08-24 18:58:45 +02:00
Jan Vcelak
8ac21093cd fix: memleak - free the return of tlsm_find_and_verify_cert_key
Resolves: #725818
2011-08-24 18:48:35 +02:00
Jan Vcelak
49f6078a21 incorrect behavior of allow/try options of VerifyCert and TLS_REQCERT
Resolves: #725819
2011-08-24 18:40:37 +02:00
Jan Vcelak
67c9630d50 fix: NSS_Init* functions are not thread safe
Resolves: #731112
2011-08-24 18:18:33 +02:00
Jan Vcelak
924b91284d add partial RELRO support
Resolves: #733071
2011-08-24 18:12:01 +02:00
Rex Dieter
a27bcf4338 Rebuilt for rpm (#728707) 2011-08-14 14:09:44 -05:00
Jan Vcelak
c90fe38088 fix: memleak in tlsm_auth_cert_handler
Resolves: #717730
2011-07-20 16:44:40 +02:00
Jan Vcelak
583cde50ed rebase to 2.4.26
- remove upstream included patches
2011-07-20 16:44:30 +02:00
Jan Vcelak
b35dfa8417 fix typo in patch name 2011-06-28 11:26:47 +02:00
Jan Vcelak
fd3f90103e allow build against DB 5.2
Resolves: #715827
2011-06-27 18:53:29 +02:00
Jan Vcelak
2aeb38e146 fix: segfault when LDIF input is not terminated by newline
Resolves: #716858
2011-06-27 18:53:29 +02:00
Jan Vcelak
4098fcd663 fix: segfault when input line in LDIF file is indented incorrectly
Resolves: #716855
2011-06-27 18:53:29 +02:00
Jan Vcelak
9925959a7d fix: segmentation fault caused by double-free in ldapexop
Resolves: #699683
2011-06-27 18:53:29 +02:00
Jan Vcelak
865ea62898 fix: connection failure if TLS_CACERTDIR doesn't exist but TLS_REQCERT is set to 'never'
Resolves: #716854
2011-06-27 18:53:28 +02:00
Jan Vcelak
cea83df834 openldap-servers scriptlets require initscripts package
Resolves: #716857
2011-06-27 18:53:28 +02:00
Jan Vcelak
2ce75ca315 root user management ACLs on cn=config
Resolves: #712495
2011-06-27 18:53:28 +02:00
Jan Vcelak
356967b885 default database type BDB -> HDB 2011-06-27 18:53:28 +02:00
Jan Vcelak
bf7ea0e4df slapd.conf as separate source, not patch 2011-06-27 18:53:28 +02:00
Jan Vcelak
31a7816a3a add ldif.h interface into -devel subpackage 2011-06-27 18:53:28 +02:00
Jan Vcelak
b2338c38f5 remove obsolete configure options 2011-06-27 18:53:28 +02:00
Jan Vcelak
a40d05ac93 rebase to 2.4.25
- remove upstream included patches
2011-06-27 18:11:38 +02:00
Jan Vcelak
d1578e311f release bump (2.4.24-2) 2011-03-18 23:15:56 +01:00
Jan Vcelak
1db8d2e348 server upgrade hangs or do not upgrade the database
Resolves: #664433
2011-03-18 23:15:49 +01:00
Jan Vcelak
86c082e423 fix: possible null pointer dereference in NSS implementation
Resolves: #684035 (RHEL)
2011-03-18 20:09:39 +01:00
Jan Vcelak
1f856268f5 fix update: openldap can't use TLS after fork()
Resolves: #636956
2011-03-18 19:50:00 +01:00
Jan Vcelak
89eb4eb56b version bump (2.4.24-1) 2011-02-14 14:33:45 +01:00
Jan Vcelak
d433ca0255 BDB backend switch from DB4 to DB5 2011-02-14 14:33:18 +01:00
Jan Vcelak
202278bcf4 new sources (2.4.24), remove old patches 2011-02-14 13:06:31 +01:00
Dennis Gilmore
84e21763c3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild 2011-02-08 21:15:56 -06:00
Jan Vcelak
8e5df252b6 fix update: restart NSS modules after fork
version bump 2.4.23-8

Resolves: #636956
2011-02-02 12:55:23 +01:00
Jan Vcelak
b791235bfc release bump 2.4.23-7 2011-01-25 14:12:34 +01:00
Jan Vcelak
a56681c41a fix: upgrade gets stuck when the database is damaged
Resolves: #664433
2011-01-25 14:11:40 +01:00
Jan Vcelak
2ace38858b fix: invalid path to db_recover 2011-01-25 14:10:47 +01:00
Jan Vcelak
2bfd76d18f fix: restart NSS modules after fork
Resolves: #636956
2011-01-25 11:36:54 +01:00
Jan Vcelak
2098ace56c release bump 2.4.23-6 2011-01-20 17:38:36 +01:00
Jan Vcelak
d70540ff1d setup tempfiles.d to create runtime directory when using tmpfs 2011-01-20 17:38:36 +01:00
Jan Vcelak
a44fb64495 fix: default encryption strength dropped in switch to using NSS
Resolves: #669446
2011-01-20 16:35:38 +01:00
Jan Vcelak
660d07ac75 release bump 2.4.23-5 2011-01-06 21:00:53 +01:00
Jan Vcelak
5ae2484fb8 fix: verification of self issued certificates
Resolves: #657984
2011-01-06 20:59:33 +01:00
Jan Vcelak
40bc33f600 fix database upgrade process
Resolves: #656257
2010-11-23 17:45:47 +01:00
Jan Vcelak
82b8ccaded update list of overlays in slapd.conf
Resolves: #655899
2010-11-22 18:49:05 +01:00
Jan Vcelak
bff7316e6d MozNSS - implement full non-blocking semantics
fix: ldapsearch -Z hangs server if starttls fails (#652822)

Resolves: #652822
2010-11-22 18:49:05 +01:00
Jan Vcelak
ce2de9613d various TLS bugfixes
- reject non-file keyfiles in TLS_CACERTDIR (#652315)
- TLS_CACERTDIR precedence over TLS_CACERT (#652304)
- accept only files in hash.0 format in TLS_CACERTDIR (#650288)
- improve SSL/TLS trace messages (#652818)
- add support for multiple prefixed Mozilla NSS database files in TLS_CACERTDIR

Resolves: #652315 #652304 #650288 #652818
2010-11-18 11:28:30 +01:00
Jan Vcelak
ffc47c51f8 spec: forgot to remove autofs schema from %files 2010-11-01 14:16:53 +01:00
Jan Vcelak
b7ea9f6802 initscript: fix possible infinite loop
Resolves: #641946
2010-11-01 13:21:43 +01:00
Jan Vcelak
60cf0d9290 removed outdated autofs.schema and old readmes
resolves: #643045
2010-11-01 10:19:07 +01:00
Jan Vcelak
86a180f019 fixed buildrequires for db4 2010-08-27 15:18:09 +02:00
Jan Vcelak
95d8d32fc5 rebase to 2.4.23
- package rebased
- removed embeded db4
- removed patches merged by upstream
- removed no longer required patches
- merged patches doing manpage changes
- merged patches exporting ldif API
- reapplied patches and added description to each one
- removed unnecessary BuildRequires
- cleaned %config, %build and %install sections
- updated database upgrade process:
  - database is exported (slapcat) and reimported (slapadd) when minor
	version of openldap changes (safe and recomended way)
  - database is upgraded (db4) when minor version of db4 package changes
	(this is not done in %post anymore, as the database is not embeded,
	but using triggers)

Resolved: #624616 Bogus links in "SEE ALSO" part of several man-pages
Resolved: #625740 openldap-2.4.23 is available
2010-08-27 14:45:25 +02:00
jvcelak
6468aa6a54 Mozilla NSS - delay token auth until needed (#616552)
Mozilla NSS - support use of self signed CA certs as server certs (#614545)
2010-07-22 08:11:30 +00:00
jvcelak
13c47e0e20 CVE-2010-0211 openldap: modrdn processing uninitialized pointer free (#605448)
CVE-2010-0212 openldap: modrdn processing IA5StringNormalize NULL pointer dereference (#605452)
obsolete configuration file moved to /usr/share/openldap-servers (#612602)
2010-07-20 14:58:07 +00:00
Jan Zeleny
2acd98790b another shot at previous fix 2010-07-01 08:57:32 +00:00
Jan Zeleny
4d56125efa Rebuild with connectionless support (#587722)
Updated autofs schema (#584808)
2010-05-28 12:34:21 +00:00
Jan Zeleny
dee30b1bcb rebased to 2.4.22, reverted changes in init script from last update 2010-05-04 09:03:13 +00:00
Jan Zeleny
4f47cf029b moved slapd to start earlier during boot sequence 2010-03-19 09:58:01 +00:00
Jan Zeleny
eae98e4691 minor corrections of init script (#571235, #570057, #573804) 2010-03-16 14:47:34 +00:00
Jan Zeleny
9afd56665a fixed SIGSEGV when deleting data using hdb (#562227) 2010-02-24 09:15:05 +00:00
Jan Zeleny
db838e465f fixed broken link (slapschema) #559873 2010-02-01 11:13:07 +00:00
Jan Zeleny
8375d885af removed some static libraries from openldap-devel 2010-01-19 14:16:46 +00:00
Jan Zeleny
13d1c21d4e rebased both openldap and bdb 2010-01-11 15:47:11 +00:00
Jan Zeleny
37a7ed74cb minor corrections of init script 2009-11-23 12:51:49 +00:00
Jan Zeleny
4333efc198 - fixed tls connection accepting when TLSVerifyClient = allow
- /etc/openldap/ldap.conf removed from files owned by openldap-servers
- minor changes in spec file to supress warnings
- some changes in init script, so it would be possible to use it when
  using old configuration style
2009-11-16 13:06:35 +00:00
Jan Zeleny
e5c21d4af6 rebase of both openldap and bdb 2009-11-06 09:27:11 +00:00
Jan Zeleny
bc5ba6fb26 - updated smbk5pwd patch to be linked with libldap (#526500)
- the last buffer overflow patch replaced with the one from upstream
- added /etc/openldap/slapd.d and /etc/openldap/slapd.conf.bak
  to files owned by openldap-servers
2009-10-07 13:43:58 +00:00
Jan Zeleny
9828bb7d06 Cleanup of previous patch 2009-09-24 13:23:53 +00:00
Jan Zeleny
45f722d160 - new configuration schema - directory instead of file
- fixed buffer overflow issue pointed out by new glibc
- fixed behaviour during installation / upgrade caused
  by renamed init script
2009-09-24 11:30:24 +00:00
Jan Zeleny
a629500293 Rebase to 2.4.18, minor update of documentation 2009-09-18 10:01:45 +00:00
Jan Zeleny
5dec44106b updated init script to be LSB-compliant (#523434) 2009-09-16 14:06:36 +00:00
Tomáš Mráz
f076e6e7ed * Thu Aug 27 2009 Tomas Mraz <tmraz@redhat.com> - 2.4.16-5
- rebuilt with new openssl
2009-08-27 07:46:45 +00:00
Jan Zeleny
8c235c0be7 Updated spec file - correct installation of openldap group 2009-08-25 08:58:12 +00:00
Tomáš Mráz
a9ea3bd019 - rebuilt with new openssl 2009-08-21 14:54:10 +00:00
Jesse Keating
de0b01f69c - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild 2009-07-25 20:49:05 +00:00
Jan Zeleny
aeaf12790e Rebase to 2.4.16, minor change in spec file 2009-07-01 12:56:24 +00:00
Jan Zeleny
2f397636b2 Added $SLAPD_URLS variable to init script and config file (#504504) 2009-06-09 11:43:35 +00:00
Jan Zeleny
da8543f19e Correction of setugid patch, removed c,M and P options from some client utilities 2009-04-09 14:03:02 +00:00
Jan Zeleny
885dc35884 Removed -f option from help of client applications which didn't support it. 2009-03-26 09:43:22 +00:00
Jan Šafránek
4f6f40b34c new upstream release 2009-02-25 08:08:13 +00:00
Jan Šafránek
ac27aa70d7 new upstream release
upgraded to db-4.7.25
2009-02-17 11:20:45 +00:00
Tomáš Mráz
3301d7410a * Sat Jan 17 2009 Tomas Mraz <tmraz@redhat.com> 2.4.11-3
- rebuild with new openssl
2009-01-17 16:19:07 +00:00
Caolan McNamara
8acdfe0fa6 rebuild for libltdl, i.e. copy config.sub|guess from new location 2008-12-15 16:57:17 +00:00
Jan Šafránek
3134f223d5 Update package summaries 2008-11-24 09:29:51 +00:00
Jan Šafránek
381aba6d21 New upstream release 2008-10-15 14:11:35 +00:00
Jan Šafránek
4c8f60bfd0 - add SLAPD_SHUTDOWN_TIMEOUT to /etc/sysconfig/ldap, allowing admins to set non-default slapd shutdown timeout
- add checkpoint to default slapd.conf file
Resolves: #458679
2008-10-13 10:16:30 +00:00
Jan Šafránek
2ba84591e1 rediff all patches 2008-09-01 08:09:50 +00:00
Jan Šafránek
b37b0e9be9 provide ldif2dbm functionality for migrationtools 2008-09-01 07:03:55 +00:00
Jan Šafránek
c283082258 rediff all patches to get rid of fuzz=2 2008-07-25 11:15:20 +00:00
Jan Šafránek
537c3cff38 set patch fuzz to build with new rpm 2008-07-21 08:17:30 +00:00
Jan Šafránek
c3337e2059 new upstream release
apply official bdb-4.6.21 patches
2008-07-21 08:05:44 +00:00
Jan Šafránek
62f1c6f935 fix CVE-2008-2952
Resolves: #453728
2008-07-02 10:04:30 +00:00
Jan Šafránek
eae5b16c69 new upstream release 2008-06-12 07:42:29 +00:00
Jan Šafránek
09dfa0a79a use /sbin/nologin as shell of ldap user
Resolves: #447919
2008-05-28 12:16:03 +00:00
Jan Šafránek
bbf6d2ca84 forgot to reset release number, 2.4.9 will start from release 4 2008-05-13 15:35:50 +00:00
Jan Šafránek
b98d016af3 Use admin guide from source tar.gz 2008-05-13 11:40:32 +00:00
Jan Šafránek
3c0bde55f7 - new upstream release
- removed unnecessary MigrationTools patches
2008-05-13 09:46:54 +00:00
Jan Šafránek
bb50ce36bc - bdb upgraded to 4.6.21
- reworked upgrade logic again to run db_upgrade when bdb version changes
2008-04-23 10:02:32 +00:00
Jan Šafránek
68c2fe40b8 - reworked the upgrade logic, slapcat/slapadd of the whole database is needed only if minor version changes (2.3.x -> 2.4.y)
- do not try to save database in LDIF format, if openldap-servers package is  being removed (it's up to the admin to do so manually)
2008-03-05 12:41:56 +00:00
Jan Šafránek
1c0049626b migration tools carved out to standalone package "migrationtools"
Resolves: #236697
2008-02-29 08:40:16 +00:00
Jan Šafránek
83e55b87c5 new upstream release 2008-02-22 10:59:07 +00:00
Jan Šafránek
cabd0dd26c fix version 2008-02-08 16:04:33 +00:00
Jan Šafránek
0f47a79534 Define _GNU_SOURCE to fix compilation with new glibc/gcc 2008-02-08 16:02:56 +00:00
Jan Šafránek
97ea1d6494 fix CVE-2008-0658
Resolves: #432014
2008-02-08 14:13:27 +00:00
Jan Šafránek
001a81b9f4 init script fixes 2008-01-28 12:12:02 +00:00
Jan Šafránek
1447738ac4 init script made LSB-compliant
Resolves: #247012
2008-01-28 11:45:46 +00:00
Jan Šafránek
c5a2eb938e fixed rpmlint warnings and errors 2008-01-25 14:26:47 +00:00
Jan Šafránek
3ddaa5aaa5 few rpmlint errors fixed 2008-01-24 16:21:26 +00:00
Jan Šafránek
d6a9e79666 obsoleting compat-openldap properly - allowing future compat- packages >= 2.4 2008-01-22 12:09:47 +00:00
Jan Šafránek
2ec6a4381c obsoleting compat-openldap properly
Resolves: #429591
2008-01-22 11:36:39 +00:00
Jan Šafránek
3979dd0e82 new upstream version 2008-01-14 13:21:58 +00:00
Jan Šafránek
01e94086a8 updated date in changelog 2007-12-03 14:33:00 +00:00
Jan Šafránek
1be28ec33a Reverting previous patch, Obsoletes: version should be correct now :) 2007-12-03 08:44:02 +00:00
Jan Šafránek
52aa157adb Obsoletes: version updated 2007-12-03 08:18:06 +00:00
Jan Šafránek
a0fa4fd9e2 version added to Obsoletes: 2007-12-03 08:09:26 +00:00
Jan Šafránek
da308676ae deprecating compat- package 2007-12-03 08:07:08 +00:00
Jan Šafránek
223a8c8dc8 fixed changelog 2007-11-21 12:16:27 +00:00
Jan Šafránek
d5ef856e1c Upgrade to openldap-2.4 2007-11-21 12:12:15 +00:00
Jan Šafránek
a94f82a469 version++ 2007-11-05 09:51:42 +00:00
Jan Šafránek
7631639f35 new upstream release
Resolves: #360091
2007-11-05 09:49:33 +00:00
Jan Šafránek
b1c8583981 fixed multilib issues - all platform independent files have the same content now
Resolves: #342791
2007-10-24 12:21:36 +00:00
Jan Šafránek
fd01cdc8b1 BDB 4.4.20 patched added, 4.6.18 removed 2007-10-04 07:32:36 +00:00
Jan Šafránek
49621d94a5 BDB downgraded back to 4.4.20 because 4.6.18 is not supported byopenldap
Resolves: #314821
2007-10-04 07:16:11 +00:00
Jan Šafránek
15f1bc8699 version++ 2007-09-18 10:41:47 +00:00
Jan Šafránek
05dc6ea44e fixed upgrade with empty database
fixed /etc/sysconfig/ldap handling
2007-09-18 10:41:07 +00:00
Jan Šafránek
ba2e4625b7 skeleton /etc/sysconfig/ldap added
new SLAPD_LDAP option to turn off listening on ldap:///
fixed checking of SSL
Resolves: #292591, #273581
2007-09-17 12:26:02 +00:00
Jan Šafránek
d384c93bc3 new upstream version 2007-09-06 10:19:28 +00:00
Jan Šafránek
517c868cbd added images to the guide.html
Resolves: #273581
2007-09-06 09:38:38 +00:00
Jan Šafránek
a0f3002a12 rebuild with new bunutils and to get new buildid 2007-08-22 07:17:45 +00:00
Jan Šafránek
eab1b48bc4 db 4.6.18 integrated
License: updated
Compilation with new glibc fixed
2007-08-07 07:08:43 +00:00
Jan Šafránek
504c502ae3 db-4.6.18 integrated 2007-08-02 14:08:28 +00:00
Jan Šafránek
8e812e14ad do not distinguish between NPTL and non-NPTL platforms, we have NPTL everywhere 2007-08-02 12:49:45 +00:00
Jan Šafránek
5b29ccb9b6 Use generic automake and autoconf, do not use openldap-specific ones 2007-08-01 09:00:39 +00:00
Jan Šafránek
ed33aae062 patch cleanup 2007-08-01 08:00:06 +00:00
Jan Šafránek
c00068d9a7 new upstream version 2007-07-31 15:35:51 +00:00
Jan Šafránek
d56ab707db MigrationTools-47 integrated 2007-07-20 14:03:59 +00:00
Jan Šafránek
6ecf74d102 fix compat-slapcat compilation
Resolves:246581
2007-07-04 17:10:13 +00:00
Jan Šafránek
0f89c7c360 Fixing smbk5pwd compilation 2007-07-01 19:58:38 +00:00
Jan Šafránek
426105f2fc fix accidentaly checked in buildrequires 2007-06-29 16:07:39 +00:00
Jan Šafránek
2cbb78fda7 - smbk5pwd added
- correctly distribute modules between servers and servers-sql packages
Resolves: #220895
2007-06-29 16:05:59 +00:00
Jan Šafránek
0c553281bf Release++ 2007-06-29 10:14:51 +00:00
Jan Šafránek
8b784d5a4e Provide overlays (as modules)
Resolves: #246036 #245896
2007-06-29 10:03:52 +00:00
Jan Šafránek
233b801a46 Fix initscript return codes
Resolves: #242667
2007-06-25 09:18:53 +00:00
Jan Šafránek
5a8e87dd10 Fix x86_64 compilation problem 2007-06-08 11:18:52 +00:00
Jan Šafránek
ae9bca9048 version ++ 2007-06-08 11:03:38 +00:00
Jan Šafránek
f57e7a849d include misc.schema in default slapd.conf
Resolves: 147805
2007-05-24 13:40:09 +00:00
Jan Šafránek
7f79555a60 add ldconfig to devel post/postun
Resolves: #240253
2007-05-24 10:26:36 +00:00
Jan Šafránek
7d73bcb03c start slupd for each replicated database
Resolves: #210155
2007-05-24 10:10:05 +00:00
Jan Šafránek
cdb3b7b46b sort the hosts by adders, preventing duplicities in migrate*nis*.pl
Resolves: #201540
2007-05-24 09:32:33 +00:00
Jan Šafránek
a9c5392188 - do not import ddp services with migrate_services.pl
- minor cleanup of prev. bugfix
Resolves: #201183
2007-05-23 13:09:09 +00:00
Jan Šafránek
9e63293ae6 - do not create script in /tmp on startup
- add compat-slapcat to openldap-compat
Resolves: #188298, #179378
2007-05-22 15:48:20 +00:00
Jan Šafránek
07918c935e do not strip binaries to produce correct .debuginfo packages (bz#152516) 2007-04-24 11:24:28 +00:00
Jan Šafránek
3dbb0a0bce -changelog update
link libldap_r with pthread (bz#198226)
2007-04-24 09:12:34 +00:00
Jan Šafránek
f1a4d4b4ce bind-devel removed from BuildRequires (bz#216851)
use %_localstatedir instead of var/ (bz#220970)
minor fixes in openldap.spec (rpmlint)
2007-04-23 07:45:55 +00:00
fenlason
1e07f06a3a - New upstream release
- Upgrade the scripts for migrating the database so that they might
  actually work.
- change bind-libbind-devel to bind-devel in BuildPreReq
2007-02-19 20:44:22 +00:00
Thomas Woerner
6f66379eff [tw]
- tcp_wrappers has a new devel and libs sub package, therefore changing build
  requirement for tcp_wrappers to tcp_wrappers-devel
2006-12-04 16:34:17 +00:00
fenlason
85bf9434a2 OpenLDAP 2.3.30 2006-11-15 20:36:09 +00:00
fenlason
cbbe4494ac 2.3.28 2006-10-26 00:38:06 +00:00
Jesse Keating
276dd2a667 bump for gcc bug 2006-10-01 20:20:42 +00:00
fenlason
7a7a22e3de - Include --enable-multimaster to close
bz#185821: adding slapd_multimaster to the configure options
- Upgade guide.html to the correct one for openladp-2.3.27, closing
  bz#190383: openldap 2.3 packages contain the administrator's guide for 2.2
- Remove the quotes from around the slaptestflags in ldap.init
  This closes one part of
  bz#204593: service ldap fails after having added entries to ldap
- include __db.* in the list of files to check ownership of in
  ldap.init, as suggested in
  bz#199322: RFE: perform cleanup in ldap.init
2006-09-22 18:32:00 +00:00
fenlason
6b086ceaf1 2.3.27 2006-08-28 20:51:47 +00:00
Jesse Keating
c4097ada81 bumped for rebuild 2006-07-12 07:34:47 +00:00
fenlason
f890ea9393 2.3.24 is now stable. 2006-06-07 17:17:21 +00:00
fenlason
f3f93459e3 2.3.21 2006-04-27 20:28:17 +00:00
fenlason
282cf62c22 Re fix ldap.init 2006-02-13 16:11:17 +00:00
Jesse Keating
14d75957c4 bump for bug in double-long on ppc(64) 2006-02-11 04:50:05 +00:00
fenlason
91b0de0a1c Modify the ldap.init script to call runuser correctly. 2006-02-09 20:10:40 +00:00
Jesse Keating
a0c2819ce6 bump for new gcc/glibc 2006-02-07 13:18:56 +00:00
fenlason
d8aedf8bed - Upgrade to 2.3.19, which upstream now considers stable
- Modify the -config.patch, ldap.init, and this spec file to put the
  pid file and args file in an ldap-owned openldap subdirectory under
  /var/run.
- Move back_sql* out of %{_sbindir}/openldap , which requires
  hand-moving slapd and slurpd to _sbindir, and recreating symlinks
  by hand.
- Retire openldap-2.3.11-ads.patch, which went upstream.
- Update the ldap.init script to run slaptest as the ldap user rather
  than as root.  This solves
  bz#150172 Startup failure after database problem
- Add to the servers post and preun scriptlets so that on preun, the
  database is slapcatted to /var/lib/ldap/upgrade.ldif and the
  database files are saved to /var/lib/ldap/rpmorig.  On post, if
  /var/lib/ldap/upgrade.ldif exists, it is slapadded.  This means that
  on upgrades from 2.3.16-2 to higher versions, the database files may
  be automatically upgraded.  Unfortunatly, because of the changes to
  the preun scriptlet, users have to do the slapcat, etc by hand when
  upgrading to 2.3.16-2.  Also note that the /var/lib/ldap/rpmorig
  files need to be removed by hand because automatically removing your
  emergency fallback files is a bad idea.
- Upgrade internal bdb to db-4.4.20.  For a clean upgrade, this will
  require that users slapcat their databases into a temp file, move
  /var/lib/ldap someplace safe, upgrade the openldap rpms, then
  slapadd the temp file.
2006-01-31 21:47:36 +00:00
fenlason
da14c392c0 2.3.16 2006-01-10 20:10:08 +00:00
Jesse Keating
42e418757a gcc update bump 2005-12-09 22:42:34 +00:00
fenlason
bd0fe4087c bz#173313 Remove exlicit 'Requires: cyrus-sasl" + 'Requires: cyrus-sasl-md5' 2005-11-21 22:20:45 +00:00
fenlason
ec92466728 Upgrade to 2.3.11, with much fanfare. 2005-11-11 03:39:40 +00:00
Tomáš Mráz
4477cc9775 * Thu Nov 10 2005 Tomas Mraz <tmraz@redhat.com> 2.2.29-3
- rebuilt against new openssl
2005-11-10 13:08:01 +00:00
fenlason
38ee81bfc9 Upgrade to 2.2.29 2005-10-10 20:32:00 +00:00
fenlason
9c00c400a1 Get the release number right 2005-09-30 19:31:55 +00:00
fenlason
1ba07db975 * Thu Sep 29 2005 Jay Fenlason <fenlason@redhat.com> 2.2.28-2
- Upgrade to nev upstream version.  This makes the 2.2.*-hop patch obsolete.

* Mon Aug 22 2005 Jay Fenlason <fenlason@redhat.com> 2.2.26-2
- Move the slapd.pem file to /etc/pki/tls/certs
  and edit the -config patch to match to close
  bz#143393  Creates certificates + keys at an insecure/bad place
- also use _sysconfdir instead of hard-coding /etc

* Thu Aug 11 2005 Jay Fenlason <fenlason@redhat.com>
- Add the tls-fix-connection-test patch to close
  bz#161991 openldap password disclosure issue
- add the hop patches to prevent infinite looping when chasing referrals.
  OpenLDAP ITS #3578
2005-09-30 19:29:43 +00:00
Nalin Dahyabhai
4898dbd579 - fix typo in ldap.init (call $klist instead of klist, from Charles Lopes) 2005-08-05 17:51:39 +00:00
Nalin Dahyabhai
35187137d2 add VR to the latest changelog 2005-05-19 21:51:47 +00:00
Nalin Dahyabhai
bffa98ad03 add but don't apply a testing patch for ITS#3578 2005-05-19 21:26:50 +00:00
Nalin Dahyabhai
0a5bb3ae9b - add %{_sysconfdir}/openldap/cacerts, which authconfig sets as the
TLS_CACERTDIR path in /etc/openldap/ldap.conf now
- use a temporary wrapper script to launch slapd, in case we have arguments
  with embedded whitespace (#158111)
2005-05-19 21:23:17 +00:00
Nalin Dahyabhai
704e3ceec0 - run slaptest with the -u flag if no id2entry db files are found, because
you can't read-write access a non-existent database (#156787)
2005-05-19 17:22:14 +00:00
Nalin Dahyabhai
e466757d0d - print a warning if slaptest fails, slaptest -u succeeds, and one of the
directories listed as the storage location for a given suffix in slapd.conf
  contains a readable file named __db.001 (#118678)
2005-05-04 23:37:57 +00:00
Nalin Dahyabhai
a61fe9e659 update to 2.2.26 2005-05-04 23:13:09 +00:00
Nalin Dahyabhai
b8c3dc430a - update to 2.2.24 (stable 20050318)
- export KRB5_KTNAME in the init script, in case it was set in the sysconfig
  file but not exported
2005-04-27 00:07:44 +00:00
Nalin Dahyabhai
b7830305e6 bump and rebuild 2005-03-02 01:23:33 +00:00
Nalin Dahyabhai
01084b3059 - search for __res_query in libresolv before checking libbind 2005-03-02 01:21:23 +00:00
Nalin Dahyabhai
1a0d6b505a add missing source file 2005-03-01 23:25:29 +00:00