diff --git a/ldap/openldap/PKG-INFO b/ldap/openldap/PKG-INFO index a2c07107c..88f0e1199 100644 --- a/ldap/openldap/PKG-INFO +++ b/ldap/openldap/PKG-INFO @@ -1,6 +1,6 @@ Metadata-Version: 1.1 Name: openldap -Version: 2.4.40 +Version: 2.4.46 Summary: OpenLDAP Directory Service Home-page: Author: diff --git a/ldap/openldap/centos/build_srpm.data b/ldap/openldap/centos/build_srpm.data index 1c4dae2b7..0a1cce723 100644 --- a/ldap/openldap/centos/build_srpm.data +++ b/ldap/openldap/centos/build_srpm.data @@ -1,2 +1,2 @@ -TIS_PATCH_VER=9 +TIS_PATCH_VER=1 BUILD_IS_SLOW=3 diff --git a/ldap/openldap/centos/meta_patches/Update-package-versioning-for-TIS-format.patch b/ldap/openldap/centos/meta_patches/Update-package-versioning-for-TIS-format.patch index 09f2e10f9..96d44455b 100644 --- a/ldap/openldap/centos/meta_patches/Update-package-versioning-for-TIS-format.patch +++ b/ldap/openldap/centos/meta_patches/Update-package-versioning-for-TIS-format.patch @@ -1,10 +1,12 @@ From 935686ff5e53cec008f129cc5d17146bd9365eb0 Mon Sep 17 00:00:00 2001 From: Scott Little Date: Mon, 2 Oct 2017 17:11:22 -0400 -Subject: [PATCH] WRS: 0001-Update-package-versioning-for-TIS-format.patch +Subject: [PATCH] 0001-Update-package-versioning-for-TIS-format.patch Conflicts: SPECS/openldap.spec + +Signed-off-by: Dongqi Chen --- SPECS/openldap.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) @@ -16,12 +18,12 @@ index c38f1bd..d35d73f 100644 @@ -5,7 +5,7 @@ Name: openldap - Version: 2.4.44 --Release: 20%{?dist} -+Release: 20.el7%{?_tis_dist}.%{tis_patch_ver} + Version: 2.4.46 +-Release: 9%{?dist} ++Release: 9.el8%{?_tis_dist}.%{tis_patch_ver} Summary: LDAP support libraries - Group: System Environment/Daemons License: OpenLDAP + URL: http://www.openldap.org/ -- -2.7.4 +1.8.3.1 diff --git a/ldap/openldap/centos/meta_patches/openldap-enable-password-policy.patch b/ldap/openldap/centos/meta_patches/openldap-enable-password-policy.patch index 0163f23b3..0008aecac 100644 --- a/ldap/openldap/centos/meta_patches/openldap-enable-password-policy.patch +++ b/ldap/openldap/centos/meta_patches/openldap-enable-password-policy.patch @@ -1,37 +1,37 @@ From 9fcb15e18f21acf3fef0fb59dccc3fa0dd37efd4 Mon Sep 17 00:00:00 2001 From: Scott Little Date: Mon, 2 Oct 2017 17:11:22 -0400 -Subject: [PATCH] WRS: openldap-enable-password-policy.patch +Subject: [PATCH] openldap-enable-password-policy.patch +Signed-off-by: Dongqi Chen --- - SPECS/openldap.spec | 18 ++++++++++++------ - 1 file changed, 12 insertions(+), 6 deletions(-) + SPECS/openldap.spec | 17 +++++++++++------ + 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/SPECS/openldap.spec b/SPECS/openldap.spec index 66a1377..468ca0e 100644 --- a/SPECS/openldap.spec +++ b/SPECS/openldap.spec -@@ -71,6 +71,9 @@ Patch101: openldap-tlsmc.patch - # Fedora specific patches - Patch102: openldap-fedora-systemd.patch +@@ -42,6 +42,9 @@ Patch24: openldap-openssl-manpage-defaultCA.patch + Patch90: check-password-makefile.patch + Patch91: check-password.patch -+# WRS specific patches ++# specific patches +Patch200: rootdn-should-not-bypass-ppolicy.patch + - BuildRequires: cyrus-sasl-devel, nss-devel, openssl-devel, krb5-devel, tcp_wrappers-devel, unixODBC-devel - BuildRequires: glibc-devel, libtool, libtool-ltdl-devel, groff, perl, perl-devel, perl(ExtUtils::Embed) - Requires: nss-tools -@@ -190,6 +193,9 @@ AUTOMAKE=%{_bindir}/true autoreconf -fi + BuildRequires: cyrus-sasl-devel, openssl-devel, krb5-devel, unixODBC-devel + BuildRequires: glibc-devel, libtool, libtool-ltdl-devel, groff, perl-interpreter, perl-devel, perl-generators, perl(ExtUtils::Embed) - %patch102 -p1 - -+# WRS -+%patch200 -p1 +@@ -116,6 +119,8 @@ AUTOMAKE=%{_bindir}/true autoreconf -fi + %patch22 -p1 + %patch23 -p1 + %patch24 -p1 + ++%patch200 -p1 + # build smbk5pwd with other overlays ln -s ../../../contrib/slapd-modules/smbk5pwd/smbk5pwd.c servers/slapd/overlays - mv contrib/slapd-modules/smbk5pwd/README contrib/slapd-modules/smbk5pwd/README.smbk5pwd -@@ -312,12 +318,12 @@ install -d -m 740 %{buildroot}%{_sysconfdir}/openldap +@@ -209,12 +214,12 @@ install -d -m 740 %{buildroot}%{_sysconfdir}/openldap cat > %{buildroot}%{_sysconfdir}/openldap/check_password.conf < Date: Mon, 2 Oct 2017 17:11:21 -0400 -Subject: [PATCH] WRS: openldap-spec-file.patch +Subject: [PATCH] openldap-spec-file.patch +Signed-off-by: Dongqi Chen --- - SPECS/openldap.spec | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) + SPECS/openldap.spec | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/SPECS/openldap.spec b/SPECS/openldap.spec index 85abac9..66a1377 100644 --- a/SPECS/openldap.spec +++ b/SPECS/openldap.spec -@@ -308,7 +308,7 @@ mv check_password.so check_password.so.%{check_password_version} +@@ -205,7 +205,7 @@ mv check_password.so check_password.so.%{check_password_version} ln -s check_password.so.%{check_password_version} %{buildroot}%{_libdir}/openldap/check_password.so install -m 755 check_password.so.%{check_password_version} %{buildroot}%{_libdir}/openldap/ # install -m 644 README %{buildroot}%{_libdir}/openldap @@ -20,33 +21,25 @@ index 85abac9..66a1377 100644 cat > %{buildroot}%{_sysconfdir}/openldap/check_password.conf </dev/null -- mv %{_sysconfdir}/openldap/slapd.conf %{_sysconfdir}/openldap/slapd.conf.bak - else - %{_libexecdir}/openldap/convert-config.sh -f %{_datadir}/openldap-servers/slapd.ldif &>/dev/null - fi -@@ -653,8 +653,8 @@ exit 0 + # generate configuration if necessary +@@ -472,7 +475,7 @@ exit 0 %{_mandir}/man5/slapd*.5* %{_mandir}/man5/slapo-*.5* # obsolete configuration -%ghost %config(noreplace,missingok) %attr(0640,ldap,ldap) %{_sysconfdir}/openldap/slapd.conf --%ghost %config(noreplace,missingok) %attr(0640,ldap,ldap) %{_sysconfdir}/openldap/slapd.conf.bak -+# %ghost %config(noreplace,missingok) %attr(0640,ldap,ldap) %{_sysconfdir}/openldap/slapd.conf -+# %ghost %config(noreplace,missingok) %attr(0640,ldap,ldap) %{_sysconfdir}/openldap/slapd.conf.bak ++#%ghost %config(noreplace,missingok) %attr(0640,ldap,ldap) %{_sysconfdir}/openldap/slapd.conf - %files servers-sql - %doc openldap-%{version}/servers/slapd/back-sql/docs/* + %files clients + %{_bindir}/* -- -2.7.4 +1.8.3.1 diff --git a/ldap/openldap/centos/patches/rootdn-should-not-bypass-ppolicy.patch b/ldap/openldap/centos/patches/rootdn-should-not-bypass-ppolicy.patch index 797c8ad1f..4902b266b 100644 --- a/ldap/openldap/centos/patches/rootdn-should-not-bypass-ppolicy.patch +++ b/ldap/openldap/centos/patches/rootdn-should-not-bypass-ppolicy.patch @@ -3,6 +3,7 @@ From: Kam Nasim Date: Tue, 11 Apr 2017 17:23:03 -0400 Subject: [PATCH] rootdn should not bypass ppolicy +Signed-off-by: Dongqi Chen --- servers/slapd/overlays/ppolicy.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) @@ -16,7 +17,7 @@ index b446deb..fa79872 100644 } - if (be_isroot( op )) goto do_modify; -+ /* WRS UPDATE: Run ppolicy for all user password modify ops */ ++ /* UPDATE: Run ppolicy for all user password modify ops */ + //if (be_isroot( op )) goto do_modify; /* NOTE: according to draft-behera-ldap-password-policy @@ -27,7 +28,7 @@ index b446deb..fa79872 100644 bv = newpw.bv_val ? &newpw : &addmod->sml_values[0]; - if (pp.pwdCheckQuality > 0) { + -+ /* WRS UPDATE: ++ /* UPDATE: + * If this is a rootDN op and this is the first password + * then bypass password policies as this is a new account + * creation diff --git a/ldap/openldap/centos/srpm_path b/ldap/openldap/centos/srpm_path index 76892ba0e..7e2cb692d 100644 --- a/ldap/openldap/centos/srpm_path +++ b/ldap/openldap/centos/srpm_path @@ -1 +1 @@ -mirror:Source/openldap-2.4.44-20.el7.src.rpm +mirror:Source/openldap-2.4.46-9.el8.src.rpm