Merge "CentOS 8: Upgrade openldap to version 2.4.46" into f/centos8

2019-12-18 21:45:56 +00:00 · 2019-12-18 21:45:56 +00:00 · f9a93747b6
commit f9a93747b6
parent 6f98c0a388 bc5a889435
7 changed files with 48 additions and 52 deletions
--- a/ldap/openldap/PKG-INFO
+++ b/ldap/openldap/PKG-INFO
@ -1,6 +1,6 @@
 Metadata-Version: 1.1
 Name: openldap
-Version: 2.4.40
+Version: 2.4.46
 Summary: OpenLDAP Directory Service
 Home-page: 
 Author:
--- a/ldap/openldap/centos/build_srpm.data
+++ b/ldap/openldap/centos/build_srpm.data
@ -1,2 +1,2 @@
-TIS_PATCH_VER=9
+TIS_PATCH_VER=1
 BUILD_IS_SLOW=3
--- a/ldap/openldap/centos/meta_patches/Update-package-versioning-for-TIS-format.patch
+++ b/ldap/openldap/centos/meta_patches/Update-package-versioning-for-TIS-format.patch
@ -1,10 +1,12 @@
 From 935686ff5e53cec008f129cc5d17146bd9365eb0 Mon Sep 17 00:00:00 2001
 From: Scott Little <scott.little@windriver.com>
 Date: Mon, 2 Oct 2017 17:11:22 -0400
-Subject: [PATCH] WRS: 0001-Update-package-versioning-for-TIS-format.patch
+Subject: [PATCH] 0001-Update-package-versioning-for-TIS-format.patch

 Conflicts:
 	SPECS/openldap.spec
+
+Signed-off-by: Dongqi Chen <chen.dq@neusoft.com>
 ---
 SPECS/openldap.spec | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
@ -16,12 +18,12 @@ index c38f1bd..d35d73f 100644
@@ -5,7 +5,7 @@
 
 Name: openldap
- Version: 2.4.44
-Release: 20%{?dist}
-+Release: 20.el7%{?_tis_dist}.%{tis_patch_ver}
+ Version: 2.4.46
+-Release: 9%{?dist}
+Release: 9.el8%{?_tis_dist}.%{tis_patch_ver}
 Summary: LDAP support libraries
- Group: System Environment/Daemons
 License: OpenLDAP
+ URL: http://www.openldap.org/
 -- 
-2.7.4
+1.8.3.1

--- a/ldap/openldap/centos/meta_patches/openldap-enable-password-policy.patch
+++ b/ldap/openldap/centos/meta_patches/openldap-enable-password-policy.patch
@ -1,37 +1,37 @@
 From 9fcb15e18f21acf3fef0fb59dccc3fa0dd37efd4 Mon Sep 17 00:00:00 2001
 From: Scott Little <scott.little@windriver.com>
 Date: Mon, 2 Oct 2017 17:11:22 -0400
-Subject: [PATCH] WRS: openldap-enable-password-policy.patch
+Subject: [PATCH] openldap-enable-password-policy.patch

+Signed-off-by: Dongqi Chen <chen.dq@neusoft.com>
 ---
- SPECS/openldap.spec | 18 ++++++++++++------
- 1 file changed, 12 insertions(+), 6 deletions(-)
+ SPECS/openldap.spec | 17 +++++++++++------
+ 1 file changed, 11 insertions(+), 6 deletions(-)

 diff --git a/SPECS/openldap.spec b/SPECS/openldap.spec
 index 66a1377..468ca0e 100644
 --- a/SPECS/openldap.spec
 +++ b/SPECS/openldap.spec
-@@ -71,6 +71,9 @@ Patch101: openldap-tlsmc.patch
- # Fedora specific patches
- Patch102: openldap-fedora-systemd.patch
+@@ -42,6 +42,9 @@ Patch24: openldap-openssl-manpage-defaultCA.patch
+ Patch90: check-password-makefile.patch
+ Patch91: check-password.patch
 
-+# WRS specific patches
+# specific patches
 +Patch200: rootdn-should-not-bypass-ppolicy.patch
 +
- BuildRequires: cyrus-sasl-devel, nss-devel, openssl-devel, krb5-devel, tcp_wrappers-devel, unixODBC-devel
- BuildRequires: glibc-devel, libtool, libtool-ltdl-devel, groff, perl, perl-devel, perl(ExtUtils::Embed)
- Requires: nss-tools
-@@ -190,6 +193,9 @@ AUTOMAKE=%{_bindir}/true autoreconf -fi
+ BuildRequires: cyrus-sasl-devel, openssl-devel, krb5-devel, unixODBC-devel
+ BuildRequires: glibc-devel, libtool, libtool-ltdl-devel, groff, perl-interpreter, perl-devel, perl-generators, perl(ExtUtils::Embed)
 
- %patch102 -p1
- 
-+# WRS
-+%patch200 -p1
+@@ -116,6 +119,8 @@ AUTOMAKE=%{_bindir}/true autoreconf -fi
+ %patch22 -p1
+ %patch23 -p1
+ %patch24 -p1
 +
+%patch200 -p1
+ 
 # build smbk5pwd with other overlays
 ln -s ../../../contrib/slapd-modules/smbk5pwd/smbk5pwd.c servers/slapd/overlays
- mv contrib/slapd-modules/smbk5pwd/README contrib/slapd-modules/smbk5pwd/README.smbk5pwd
-@@ -312,12 +318,12 @@ install -d -m 740 %{buildroot}%{_sysconfdir}/openldap
+@@ -209,12 +214,12 @@ install -d -m 740 %{buildroot}%{_sysconfdir}/openldap
 cat > %{buildroot}%{_sysconfdir}/openldap/check_password.conf <<EOF
 # OpenLDAP pwdChecker library configuration
 
@ -51,5 +51,5 @@ index 66a1377..468ca0e 100644
 mv README{,.check_pwd}
 popd
 -- 
-2.7.4
+1.8.3.1

--- a/ldap/openldap/centos/meta_patches/openldap-spec-file.patch
+++ b/ldap/openldap/centos/meta_patches/openldap-spec-file.patch
@ -1,17 +1,18 @@
 From 31cec68ea9c887b363dc31255fb96e88c67c4b63 Mon Sep 17 00:00:00 2001
 From: Scott Little <scott.little@windriver.com>
 Date: Mon, 2 Oct 2017 17:11:21 -0400
-Subject: [PATCH] WRS: openldap-spec-file.patch
+Subject: [PATCH] openldap-spec-file.patch

+Signed-off-by: Dongqi Chen <chen.dq@neusoft.com>
 ---
- SPECS/openldap.spec | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
+ SPECS/openldap.spec | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)

 diff --git a/SPECS/openldap.spec b/SPECS/openldap.spec
 index 85abac9..66a1377 100644
 --- a/SPECS/openldap.spec
 +++ b/SPECS/openldap.spec
-@@ -308,7 +308,7 @@ mv check_password.so check_password.so.%{check_password_version}
+@@ -205,7 +205,7 @@ mv check_password.so check_password.so.%{check_password_version}
 ln -s check_password.so.%{check_password_version} %{buildroot}%{_libdir}/openldap/check_password.so
 install -m 755 check_password.so.%{check_password_version} %{buildroot}%{_libdir}/openldap/
 # install -m 644 README %{buildroot}%{_libdir}/openldap
@ -20,33 +21,25 @@ index 85abac9..66a1377 100644
 cat > %{buildroot}%{_sysconfdir}/openldap/check_password.conf <<EOF
 # OpenLDAP pwdChecker library configuration
 
-@@ -444,6 +444,7 @@ exit 0
+@@ -320,6 +320,9 @@ exit 0
+ 
+ 
 %post servers
- 
- /sbin/ldconfig -n %{_libdir}/openldap
+
 +mkdir -p /var/lib/openldap-data
- 
+
 %systemd_post slapd.service
 
-@@ -454,7 +455,6 @@ exit 0
- if [ ! -f %{_sysconfdir}/openldap/slapd.d/cn=config.ldif ]; then
- 	if [ -f %{_sysconfdir}/openldap/slapd.conf ]; then
- 		%{_libexecdir}/openldap/convert-config.sh &>/dev/null
-		mv %{_sysconfdir}/openldap/slapd.conf %{_sysconfdir}/openldap/slapd.conf.bak
- 	else
- 		%{_libexecdir}/openldap/convert-config.sh -f %{_datadir}/openldap-servers/slapd.ldif &>/dev/null
- 	fi
-@@ -653,8 +653,8 @@ exit 0
+ # generate configuration if necessary
+@@ -472,7 +475,7 @@ exit 0
 %{_mandir}/man5/slapd*.5*
 %{_mandir}/man5/slapo-*.5*
 # obsolete configuration
 -%ghost %config(noreplace,missingok) %attr(0640,ldap,ldap) %{_sysconfdir}/openldap/slapd.conf
-%ghost %config(noreplace,missingok) %attr(0640,ldap,ldap) %{_sysconfdir}/openldap/slapd.conf.bak
-+# %ghost %config(noreplace,missingok) %attr(0640,ldap,ldap) %{_sysconfdir}/openldap/slapd.conf
-+# %ghost %config(noreplace,missingok) %attr(0640,ldap,ldap) %{_sysconfdir}/openldap/slapd.conf.bak
+#%ghost %config(noreplace,missingok) %attr(0640,ldap,ldap) %{_sysconfdir}/openldap/slapd.conf
 
- %files servers-sql
- %doc openldap-%{version}/servers/slapd/back-sql/docs/*
+ %files clients
+ %{_bindir}/*
 -- 
-2.7.4
+1.8.3.1

--- a/ldap/openldap/centos/patches/rootdn-should-not-bypass-ppolicy.patch
+++ b/ldap/openldap/centos/patches/rootdn-should-not-bypass-ppolicy.patch
@ -3,6 +3,7 @@ From: Kam Nasim <kam.nasim@windriver.com>
 Date: Tue, 11 Apr 2017 17:23:03 -0400
 Subject: [PATCH] rootdn should not bypass ppolicy

+Signed-off-by: Dongqi Chen <chen.dq@neusoft.com>
 ---
 servers/slapd/overlays/ppolicy.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)
@ -16,7 +17,7 @@ index b446deb..fa79872 100644
 	}

 -	if (be_isroot( op )) goto do_modify;
-+	/* WRS UPDATE: Run ppolicy for all user password modify ops */
+	/* UPDATE: Run ppolicy for all user password modify ops */
 +	//if (be_isroot( op )) goto do_modify;

 	/* NOTE: according to draft-behera-ldap-password-policy
@ -27,7 +28,7 @@ index b446deb..fa79872 100644
 	bv = newpw.bv_val ? &newpw : &addmod->sml_values[0];
 -	if (pp.pwdCheckQuality > 0) {
 +
-+	/* WRS UPDATE:
+	/* UPDATE:
 +	 * If this is a rootDN op and this is the first password
 +	 * then bypass password policies as this is a new account
 +	 * creation
--- a/ldap/openldap/centos/srpm_path
+++ b/ldap/openldap/centos/srpm_path
@ -1 +1 @@
-mirror:Source/openldap-2.4.44-20.el7.src.rpm
+mirror:Source/openldap-2.4.46-9.el8.src.rpm