rpms/openldap
7
0
Fork 0
Code Issues Pull Requests Releases Activity
512 Commits 7 Branches 35 Tags 2 MiB
01bd7adabb
Commit Graph

459 Commits

Author SHA1 Message Date
Jan Synacek
7a8ba10b72 remove unneeded configure flags, disable sql backend and aci 
Both SQL backend and ACI are experimental. SQL is unsupported.
 2015-01-19 09:45:07 +01:00
Jan Synacek
41c84187a9 remove old F17 hack 2015-01-16 12:23:49 +01:00
Jan Synacek
c3de3dd938 remove openldap-syncrepl-unset-tls-options.patch 
Unaccepted upstream, not an issue, documented in the man pages.
 2015-01-16 10:28:54 +01:00
Jan Synacek
2594744e83 remove openldap-userconfig-setgid.patch 
Pointless Fedora specific patch.
 2015-01-16 10:27:49 +01:00
Jan Synacek
c1bd7d8503 remove openldap-ldaprc-currentdir.patch 
The upstream ITS has been fixed a long time ago and this patch is Fedora
specific and pointless.
 2015-01-16 10:08:38 +01:00
Jan Synacek
f1bc6682b9 remove openldap-fedora-systemd.patch 
We don't use env variables anymore.
 2015-01-16 09:08:08 +01:00
Jan Synacek
0625d0e501 provide an unversioned symlink to check_password.so.1.1 
So the users don't have to specify the exact version in their configuration.
 2014-12-17 15:32:22 +01:00
Jan Synacek
4840f8de8e improve check_password 
Fix Makefile to accept provided CFLAGS and LDFLAGS. Patch the code a bit.
 2014-12-17 15:27:30 +01:00
Jan Synacek
098f3b5fe6 harden the build 2014-12-17 09:21:38 +01:00
Jan Synacek
40aff41da5 fix changelog after the revert 2014-12-17 09:21:02 +01:00
Jan Synacek
48c6d060f6 Revert "enhancement: generate openldap.pc (#1171493)" 
This reverts commit 79a0b58108.
 2014-12-16 09:52:29 +01:00
Jan Synacek
79a0b58108 enhancement: generate openldap.pc (#1171493) 2014-12-09 12:34:25 +01:00
Jan Synacek
4b2abac9db enhancement: support TLSv1 and later (#1160466) 2014-11-14 09:54:11 +01:00
Jan Synacek
90f2044e56 Merge branch 'master' into f21 
Let's keep the history linear...

Conflicts:
	openldap.spec
 2014-10-06 10:24:40 +02:00
Jan Synacek
2c331b7581 new upstream release (2.4.40) 
Resolves: #1147877
 2014-09-30 13:44:19 +02:00
Jitka Plesnikova
3363e7a6da Perl 5.20 rebuild 2014-08-27 11:12:00 +02:00
Peter Robinson
29e31a847d - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild 2014-08-17 13:55:33 +00:00
Peter Robinson
330a8ceaa7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild 2014-08-17 13:55:22 +00:00
Tom Callaway
c64abcbb2f fix license handling 2014-07-18 19:24:48 -04:00
Tom Callaway
cda7221c9b fix license handling 2014-07-18 19:24:30 -04:00
Jan Synacek
826b3eb9d7 fix: fix typo in generate-server-cert.sh 
Resolves: #1117229
 2014-07-14 11:36:29 +02:00
Jan Synacek
abc96f87d2 fix: make default service configuration listen on ldaps:/// as well 
Resolves: #1105634
 2014-06-09 09:37:51 +02:00
Dennis Gilmore
45966edea7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild 2014-06-07 11:42:07 -05:00
Jan Synacek
b15ffab696 fix: remove correct tmp file when generating server cert (#1103102) 2014-05-30 11:12:59 +02:00
Jan Synacek
079ea99963 re-symlink unversioned libraries, so ldconfig is not confused 
Resolves: #1028557
 2014-03-24 11:41:00 +01:00
Jan Synacek
ca7444dd1a don't automatically convert slapd.conf to slapd-config 
It is not possible to convert every possible slapd.conf to slapd-config
and expect it to work. Also, it is bad to force conversion like that.
 2014-03-04 10:10:57 +01:00
Jan Synacek
b3805b0a4c alias slapd.service as openldap.service 2014-02-20 08:43:54 +01:00
Jan Synacek
b8fb685084 add documentation reference to service file 2014-02-20 08:41:48 +01:00
Jan Synacek
cb0643e628 remove redundant sysconfig-related stuff 2014-02-20 08:38:44 +01:00
Jan Synacek
8a6f427a71 CVE-2013-4449: segfault on certain queries with rwm overlay 
Resolves: #1060851
 2014-02-04 09:40:28 +01:00
Jan Synacek
5dba8cc33f new upstream release (2.4.39) 
Resolves: #1059186
 2014-01-29 13:03:05 +01:00
Jan Synacek
6a944922ab new upstream release (2.4.38) 
Resolves: #1031608
 2013-11-18 12:52:27 +01:00
Jan Synacek
3589b29979 fix: slaptest incorrectly handles 'include' directives containing a custom file 
Resolves: #1028935
 2013-11-11 11:14:20 +01:00
Jan Synacek
59d41b9111 fix: missing a linefeed at the end of file /etc/openldap/ldap.conf 
Resolves: #1019836
 2013-10-30 11:35:50 +01:00
Jan Synacek
f646d734cc new upstream release (2.4.37) 
Resolves: #1023916
 2013-10-30 11:35:38 +01:00
Jan Synacek
4f8940365c fix: slapd daemon fails to start with segmentation fault on s390x 
Resolves: #1020661
 2013-10-21 12:40:42 +02:00
Jan Synacek
7bbf8dc1d7 rebuilt for libdb-5.3.28 2013-10-15 15:33:16 +02:00
Jan Synacek
6de15ed197 fix: CLDAP is broken for IPv6 
Resolves: #1018688
 2013-10-14 10:08:45 +02:00
Jan Synacek
0734516c42 fix: typos in manpages 2013-09-04 12:13:16 +02:00
Jan Synacek
1524b1e957 new upstream release (2.4.36) 2013-08-20 10:35:34 +02:00
Dennis Gilmore
2999a96836 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild 2013-08-03 10:40:12 -05:00
Petr Písař
98466f316a Perl 5.18 rebuild 2013-07-17 23:33:37 +02:00
Jan Vcelak
c86ed52b94 fix typos in previous commit 2013-06-26 20:28:42 +02:00
Jan Vcelak
5265f0d549 move tmpfiles config to correct location 
- move from /etc/tmpfiles.d to /usr/lib/tmpfiles.d
  http://fedoraproject.org/wiki/Packaging:Tmpfiles.d
 2013-06-24 13:22:37 +02:00
Jan Synacek
19dea679fe fix: using slaptest to convert slapd.conf to LDIF format ignores "loglevel 0" 2013-06-14 14:32:16 +02:00
Jan Synacek
ff5c1adb2a fix: LDAPI with GSSAPI does not work if SASL_NOCANON=on 
Resolves: #960222
 2013-05-09 09:32:52 +02:00
Jan Synacek
05278cd506 fix: lt_dlopen() with back_perl 
Resolves: #960048
 2013-05-09 09:29:28 +02:00
Jan Synacek
6e08d10adf do not needlessly run ldconfig after installing openldap-devel 2013-05-09 09:24:02 +02:00
Jan Synacek
7516346478 remove trailing spaces 2013-04-09 13:45:32 +02:00
Jan Synacek
50ba1f03e9 set SASL_NOCANON to on by default 
Resolves: #949864
 2013-04-09 13:43:45 +02:00
Jan Synacek
a5ba090a01 fix: minor documentation fixes 2013-04-09 13:42:53 +02:00
Jan Synacek
44107bb150 drop the evolution patch 2013-04-05 09:39:17 +02:00
Jan Synacek
2f8c754907 fix: NSS related resource leak 
Resolves: #929357
 2013-04-02 13:44:32 +02:00
Jan Synacek
645d16ca61 fix: slapd.service should ensure that network is up before starting 
Resolves: #946921
 2013-04-02 13:39:38 +02:00
Jan Synacek
8e640ac8d6 new upstream release 
Resolves: #947235
 2013-04-02 13:31:35 +02:00
Jan Synacek
024749b3fb include forgotten specfile changes 
Related: #926280
 2013-03-25 13:15:42 +01:00
Jan Synacek
4eaab344d9 fix: syncrepl push DELETE operation does not recover 
Resolves: #920482
 2013-03-18 12:20:21 +01:00
Jan Synacek
311ab5b026 fix bogus dates 2013-03-11 13:48:34 +01:00
Jan Synacek
c5d84d7192 add perl specific BuildRequires 2013-03-11 13:48:29 +01:00
Jan Synacek
b5dda86c35 package ppolicy-check-password 
Resolves: #829749
 2013-03-11 11:25:12 +01:00
Jan Synacek
3b721d68c7 enable perl backend 
Resolves: #820547
 2013-03-11 07:52:23 +01:00
Jan Vcelak
51d38be75b use systemd-rpm macros in spec file 
Resolves: #850247
 2013-03-06 23:09:13 +01:00
Jan Vcelak
705b2a5032 new upstream release (2.4.34) 
Resolves: #917603 #872784
 2013-03-06 23:09:06 +01:00
Jan Synacek
cbf8229049 rebuild against new cyrus-sasl 2013-01-31 14:26:21 +01:00
Jan Vcelak
4b460cc8c8 fix update: libldap does not load PEM certificate if certdb is used as TLS_CACERTDIR 
Resolves: #857455
 2012-10-31 12:50:15 +01:00
Jan Vcelak
17508fb68c fix: slapd with rwm overlay segfault following ldapmodify 
Resolves: #865685
 2012-10-12 08:58:01 +02:00
Jan Vcelak
8dc41a3295 fix: slapd.service should not use /tmp 
Resolves: #859019
 2012-10-11 11:56:59 +02:00
Jan Vcelak
587944c9e6 new upstream release (2.4.33) 2012-10-11 11:47:24 +02:00
Jan Vcelak
5568103a57 Workaround for bug #858274 in m4 (autoreconf fails on i686) 2012-09-19 10:30:03 +02:00
Jan Vcelak
749896483d fix bug number in recent patch 2012-09-14 16:56:03 +02:00
Jan Vcelak
331465716f fix: libldap does not load PEM certificate if certdb is used as TLS_CACERTDIR 
Resolves: #857455
 2012-09-14 16:14:43 +02:00
Jan Vcelak
557bf01306 fix: MozNSS certificate database in SQL format cannot be used 
Resolves: #857390
 2012-09-14 16:14:21 +02:00
Jan Vcelak
060a306e1e fix: not all certificates in OpenSSL compatible CA certificate directory format are loaded 
Resolves: #852786
 2012-09-14 16:13:59 +02:00
Jan Vcelak
1f24c419dd fix: connection hangs after fallback to second server when certificate hostname verification fails 
Resolves: #852476
 2012-09-14 16:13:39 +02:00
Jan Vcelak
9627ad75ef fix: some TLS ciphers cannot be enabled 
Resolves: #852338
 2012-09-14 16:13:12 +02:00
Jan Vcelak
ad070fca8d prefer key from authenticated slot, allow certificate name with token 
Resolves TLS failures in replication in 389 Directory Server introduced
by recent Mozilla NSS backend fixes.
 2012-08-20 20:34:34 +02:00
Jan Vcelak
6304a48a54 new upstream release (2.4.32) 2012-08-01 13:39:25 +02:00
Jan Vcelak
c736adad77 use tabs consistently 2012-08-01 10:21:44 +02:00
Jan Vcelak
2d64625e78 fix: slapd refuses to set up TLS with self-signed PEM certificate 
Resolves: #842022
 2012-07-21 17:59:04 +02:00
Jan Vcelak
54e357771f multilib fix: move libslapi from openldap-servers to openldap package 2012-07-20 16:59:28 +02:00
Jan Vcelak
9e7cf6735d fix: smbk5pwd module computes invalid LM hashes 
Resolves: #841560
 2012-07-19 14:27:10 +02:00
Jan Vcelak
20875f4fb9 fix: querying for IPv6 DNS records when IPv6 is disabled on the host 
Resolves: #835013
 2012-07-19 11:00:43 +02:00
Jan Vcelak
824671e8d7 clean the package build process 2012-07-18 19:02:28 +02:00
Jan Vcelak
9eda95bba4 fix: remove isa macro from BuildRequires 2012-07-18 09:37:59 +02:00
Jan Vcelak
50ed49760b fix: less influence between individual TLS contexts 
Resolves: #795763 (and possibly others)
 2012-06-27 14:40:59 +02:00
Jan Vcelak
397ce0c946 fix: default cipher suite is always selected 
Resolves: #828790
 2012-06-27 14:10:28 +02:00
Jan Vcelak
916cbca281 fix: slapd fails to start on reboot 
Resolves: #829272
 2012-06-27 14:05:10 +02:00
Jan Vcelak
904778f620 CVE-2012-2668: cipher suite selection by name can be ignored 
Resolves: #825875
 2012-06-27 13:55:02 +02:00
Jan Vcelak
fe1c1e0eeb fix: reading pin from file can make all TLS connections hang 
Resolves: #829317
 2012-06-27 13:48:40 +02:00
Jan Vcelak
0cda8087e0 fix: TLS error messages overwriting in tlsm_verify_cert() 
Resolves: #810462
 2012-06-27 13:36:51 +02:00
Jan Vcelak
ac8a31ed53 fix: invalid order of TLS shutdown operations 
Resolves: #808465
 2012-06-27 13:31:05 +02:00
Jan Vcelak
5172ff7830 update fix: count constraint broken when using multiple modifications 
Resolves: #795766
 2012-06-27 13:26:24 +02:00
Jan Vcelak
60d09d71cf fix: MozNSS CA certdir does not work together with PEM CA cert file 
Resolves: #819536
 2012-05-18 12:47:45 +02:00
Jan Vcelak
61feb71485 changelog: nss-tools has to be required by base package 2012-05-18 12:47:41 +02:00
Jan Vcelak
f8f3a2b33f nss-tools has to be required by base package 2012-05-02 11:25:36 +02:00
Jan Vcelak
05bc41c858 remove upstream merged patches 2012-04-24 10:44:16 +02:00
Jan Vcelak
6e16cb7901 new upstream release (2.4.31) 2012-04-24 10:35:02 +02:00
Jan Vcelak
440b96e85c rebuild due to libdb rebase 2012-04-05 20:41:25 +02:00
Jan Synacek
0992cf19a9 fix: Re-binding to a failed connection can segfault 
Resolves: #784989
 2012-03-26 13:41:40 +02:00
Jan Vcelak
a4d33565bb new upstream release (2.4.30) 
Resolves: #798958
 2012-03-01 14:24:19 +01:00
Jan Vcelak
862f73dffa fix: SASL_NOCANON option missing in ldap.conf manual page 
Resolves: #732915
 2012-02-22 15:46:23 +01:00
Jan Vcelak
c2db986060 fix: missing options in manual pages of client tools 
Resolves: #796232
 2012-02-22 15:41:53 +01:00
Jan Vcelak
b2b2825914 fix: count constraint broken when using multiple modifications 
Resolves: #795766
 2012-02-21 15:44:56 +01:00
Jan Vcelak
20125eca06 fix: ldap_result does not succeed for sssd 
Resolves: #771484
 2012-02-21 15:37:51 +01:00
Jan Vcelak
558f709787 fix update provide ldif2ldbm, not ldib2ldbm 
Resolves: #437104
 2012-02-20 15:31:58 +01:00
Jan Synacek
f25689a388 unify systemctl binary paths throughout the specfile and make them usrmove compliant 
make path to chkconfig binary usrmove compliant
 2012-02-20 15:14:53 +01:00
Jan Vcelak
d5cbb774ed fix: check-config.sh get stuck when executing command as a ldap user 2012-02-15 14:26:49 +01:00
Jan Vcelak
dc2b490d64 temporarily disable certificates checking in check-config.sh 
MozNSS support is missing yet.
 2012-02-15 13:15:07 +01:00
Jan Synacek
b95104a6a1 fix: correct path to check-config.sh in service file 2012-02-15 09:10:16 +01:00
Jan Vcelak
b5e66b7ea2 remove obsoleted slapd.conf 2012-02-14 17:22:53 +01:00
Jan Vcelak
a7572065e5 certificates management improvements 
Resolves: #772890
 2012-02-14 17:22:50 +01:00
Jan Vcelak
934ba146a8 move maintainance scripts from libexec/slapd to libexec/openldap 2012-02-14 13:42:07 +01:00
Jan Vcelak
78a563b273 openldap-servers: provide ldib2ldbm for migrationtools 
References: #437104
 2012-02-14 13:40:58 +01:00
Jan Vcelak
5e3dba33db clean requirements: remove explicit versions, add %{_isa} macro 2012-02-14 13:40:42 +01:00
Jan Vcelak
31026088da new upstream release (2.4.29) 2012-02-13 13:07:11 +01:00
Jan Vcelak
65b981d99e fix: slapd segfaults when PEM certificate is used and key is not set 
Resolves: #772890
 2012-01-31 18:11:36 +01:00
Jan Vcelak
f47de25361 fix: replication (syncrepl) with TLS causes segfault 
Resolves: #783431
 2012-01-31 18:10:55 +01:00
Dennis Gilmore
328c8e208b - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild 2012-01-13 05:40:42 -06:00
Jan Vcelak
c60a3191a5 fix: reload systemd daemon after installation 2011-11-30 18:58:19 +01:00
Jan Vcelak
8bd37126ac configuration initialization from LDIF file 2011-11-30 18:40:25 +01:00
Jan Vcelak
1cd7d29c02 compile backends as modules (except BDB, HDB, and monitor) 2011-11-30 16:51:14 +01:00
Jan Vcelak
ad3da8cc04 new upstream release (2.4.28) 
- upstream changes:
  - server: support for delta-syncrepl in multi master replication
  - server: add experimental backend - MDB
  - server: dynamic configuration for passwd, perl, shell, sock,
    and sql backends
  - server: support passwords in APR1
  - library: support for Wahl (draft)
  - a lot of bugfixes
- remove patches which were merged upstream
 2011-11-30 16:51:05 +01:00
Jan Vcelak
0fcc2f2eb2 release bump (2.4.26-6) 2011-11-01 15:25:46 +01:00
Jan Vcelak
356af46ea6 CVE-2011-4079 one-byte buffer overflow in slapd 
Resolves: #749324
 2011-11-01 15:25:46 +01:00
Jan Vcelak
25e27999de servers: add libdb-utils to Requires 2011-11-01 13:34:30 +01:00
Jan Vcelak
a0c545d1a7 patch slapd to skip empty arguments 
This is required by systemd, as variable expansion works there different
than in shell. Empty SLAPD_OPTIONS in environment file would not work.

(The patch is Fedora specific.)
 2011-11-01 13:34:30 +01:00
Jan Vcelak
33514c3f00 scriptlet: convert sysconfig/ldap to sysconfig/slapd 2011-11-01 13:34:17 +01:00
Jan Vcelak
62f9c65cff rpmlint warnings: doc in non utf-8 encoding 2011-11-01 13:34:17 +01:00
Jan Vcelak
8f315f552e rpmlint warnings: macro in comment/changelog 2011-11-01 13:34:17 +01:00
Jan Vcelak
b6085c259f specfile: clean %files, drop defattr macros 
- %defattr is not needed since Fedora 14
- permissions are taken from installed files
  (removed chmod and added install where possible)
- %attr was left only on places, where non-root owner is needed
- removed slashes between: %{buildroot}%{_somedir}
- files reordered by type
- merged "%dir dir" and "dir/files*"
 2011-11-01 13:34:17 +01:00
Jan Vcelak
05cb2507b0 specfile: handle upgrades with new maintainance scripts 2011-11-01 13:34:08 +01:00
Jan Vcelak
2d2d8a4c8a specfile: migrate initscript to systemd service 2011-10-27 17:27:43 +02:00
Jan Vcelak
0a9b211e8c specfile: reorder sources 2011-10-27 17:27:43 +02:00
Jan Vcelak
10e4a847f6 remove old provides/obsoletes 2011-10-27 15:00:20 +02:00
Jan Vcelak
9a8ced65aa hardened build: remove LDFLAGS, enable macro 2011-10-27 14:45:10 +02:00
Jan Vcelak
8d476e4dbd rebuild: openldap does not work after libdb rebase 
Resolves: #743824
 2011-10-06 10:22:14 +02:00
Jan Vcelak
b4a9bf4dad regression fix: enable TCP wrappers 
Resolves: #743213
 2011-10-06 10:19:51 +02:00
Jan Vcelak
81680b05fb new feature update: honor priority/weight with ldap_domain2hostlist 
There was a typo in the patch. "weight" of the SRV records was not
taken correctly.

Resolves: #733078
 2011-09-21 11:05:39 +02:00
Jan Vcelak
9c0ef47ce4 fix: allow unsetting of tls_* syncrepl options 
Resolves: #734187
 2011-09-12 18:42:53 +02:00
Jan Vcelak
af7e905857 fix: SSL_ForceHandshake function is not thread safe 
Resolves: #701678
 2011-09-12 15:35:09 +02:00
Jan Vcelak
9ee41aa9a4 manpage fix: wrong ldap_sync_destroy() prototype in ldap_sync(3) manpage 
Resolves: #717722
 2011-08-24 19:24:49 +02:00
Jan Vcelak
a551ec94d3 new feature: honor priority/weight with ldap_domain2hostlist 
Resolves: #733078
 2011-08-24 19:17:27 +02:00
Jan Vcelak
3e083e8b93 fix: matching wildcard hostnames in certificate Subject field does not work 
Resolves: #733073
 2011-08-24 19:12:30 +02:00
Jan Vcelak
482a20080c manpage fix: errors in manual page slapo-unique 
Resolves: #733070
 2011-08-24 19:05:49 +02:00
Jan Vcelak
c6479d1199 fix: DDS overlay tolerance parametr doesn't function and breakes default TTL 
Resolves: #733069
 2011-08-24 19:01:05 +02:00
Jan Vcelak
a35a381613 fix: conversion of constraint overlay settings to cn=config is incorrect 
Resolves: #733067
 2011-08-24 18:58:45 +02:00
Jan Vcelak
8ac21093cd fix: memleak - free the return of tlsm_find_and_verify_cert_key 
Resolves: #725818
 2011-08-24 18:48:35 +02:00
Jan Vcelak
49f6078a21 incorrect behavior of allow/try options of VerifyCert and TLS_REQCERT 
Resolves: #725819
 2011-08-24 18:40:37 +02:00
Jan Vcelak
67c9630d50 fix: NSS_Init* functions are not thread safe 
Resolves: #731112
 2011-08-24 18:18:33 +02:00
Jan Vcelak
924b91284d add partial RELRO support 
Resolves: #733071
 2011-08-24 18:12:01 +02:00