Merge "CentOS 8: Upgrade openldap to version 2.4.46" into f/centos8

ldap/openldap/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 1.1
 Name: openldap
-Version: 2.4.40
+Version: 2.4.46
 Summary: OpenLDAP Directory Service
 Home-page: 
 Author:

ldap/openldap/centos/build_srpm.data

@@ -1,2 +1,2 @@
-TIS_PATCH_VER=9
+TIS_PATCH_VER=1
 BUILD_IS_SLOW=3

ldap/openldap/centos/meta_patches/Update-package-versioning-for-TIS-format.patch

@@ -1,10 +1,12 @@
 From 935686ff5e53cec008f129cc5d17146bd9365eb0 Mon Sep 17 00:00:00 2001
 From: Scott Little <scott.little@windriver.com>
 Date: Mon, 2 Oct 2017 17:11:22 -0400
-Subject: [PATCH] WRS: 0001-Update-package-versioning-for-TIS-format.patch
+Subject: [PATCH] 0001-Update-package-versioning-for-TIS-format.patch
 
 Conflicts:
 	SPECS/openldap.spec
+
+Signed-off-by: Dongqi Chen <chen.dq@neusoft.com>
 ---
  SPECS/openldap.spec | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
@@ -16,12 +18,12 @@ index c38f1bd..d35d73f 100644
 @@ -5,7 +5,7 @@
  
  Name: openldap
- Version: 2.4.44
+ Version: 2.4.46
--Release: 20%{?dist}
+-Release: 9%{?dist}
-+Release: 20.el7%{?_tis_dist}.%{tis_patch_ver}
++Release: 9.el8%{?_tis_dist}.%{tis_patch_ver}
  Summary: LDAP support libraries
- Group: System Environment/Daemons
  License: OpenLDAP
+ URL: http://www.openldap.org/
 -- 
-2.7.4
+1.8.3.1
 

ldap/openldap/centos/meta_patches/openldap-enable-password-policy.patch

@@ -1,37 +1,37 @@
 From 9fcb15e18f21acf3fef0fb59dccc3fa0dd37efd4 Mon Sep 17 00:00:00 2001
 From: Scott Little <scott.little@windriver.com>
 Date: Mon, 2 Oct 2017 17:11:22 -0400
-Subject: [PATCH] WRS: openldap-enable-password-policy.patch
+Subject: [PATCH] openldap-enable-password-policy.patch
 
+Signed-off-by: Dongqi Chen <chen.dq@neusoft.com>
 ---
- SPECS/openldap.spec | 18 ++++++++++++------
+ SPECS/openldap.spec | 17 +++++++++++------
- 1 file changed, 12 insertions(+), 6 deletions(-)
+ 1 file changed, 11 insertions(+), 6 deletions(-)
 
 diff --git a/SPECS/openldap.spec b/SPECS/openldap.spec
 index 66a1377..468ca0e 100644
 --- a/SPECS/openldap.spec
 +++ b/SPECS/openldap.spec
-@@ -71,6 +71,9 @@ Patch101: openldap-tlsmc.patch
+@@ -42,6 +42,9 @@ Patch24: openldap-openssl-manpage-defaultCA.patch
- # Fedora specific patches
+ Patch90: check-password-makefile.patch
- Patch102: openldap-fedora-systemd.patch
+ Patch91: check-password.patch
  
-+# WRS specific patches
++# specific patches
 +Patch200: rootdn-should-not-bypass-ppolicy.patch
 +
- BuildRequires: cyrus-sasl-devel, nss-devel, openssl-devel, krb5-devel, tcp_wrappers-devel, unixODBC-devel
+ BuildRequires: cyrus-sasl-devel, openssl-devel, krb5-devel, unixODBC-devel
- BuildRequires: glibc-devel, libtool, libtool-ltdl-devel, groff, perl, perl-devel, perl(ExtUtils::Embed)
+ BuildRequires: glibc-devel, libtool, libtool-ltdl-devel, groff, perl-interpreter, perl-devel, perl-generators, perl(ExtUtils::Embed)
- Requires: nss-tools
-@@ -190,6 +193,9 @@ AUTOMAKE=%{_bindir}/true autoreconf -fi
  
- %patch102 -p1
+@@ -116,6 +119,8 @@ AUTOMAKE=%{_bindir}/true autoreconf -fi
- 
+ %patch22 -p1
-+# WRS
+ %patch23 -p1
-+%patch200 -p1
+ %patch24 -p1
 +
++%patch200 -p1
+ 
  # build smbk5pwd with other overlays
  ln -s ../../../contrib/slapd-modules/smbk5pwd/smbk5pwd.c servers/slapd/overlays
- mv contrib/slapd-modules/smbk5pwd/README contrib/slapd-modules/smbk5pwd/README.smbk5pwd
+@@ -209,12 +214,12 @@ install -d -m 740 %{buildroot}%{_sysconfdir}/openldap
-@@ -312,12 +318,12 @@ install -d -m 740 %{buildroot}%{_sysconfdir}/openldap
  cat > %{buildroot}%{_sysconfdir}/openldap/check_password.conf <<EOF
  # OpenLDAP pwdChecker library configuration
  
@@ -51,5 +51,5 @@ index 66a1377..468ca0e 100644
  mv README{,.check_pwd}
  popd
 -- 
-2.7.4
+1.8.3.1
 

ldap/openldap/centos/meta_patches/openldap-spec-file.patch

@@ -1,17 +1,18 @@
 From 31cec68ea9c887b363dc31255fb96e88c67c4b63 Mon Sep 17 00:00:00 2001
 From: Scott Little <scott.little@windriver.com>
 Date: Mon, 2 Oct 2017 17:11:21 -0400
-Subject: [PATCH] WRS: openldap-spec-file.patch
+Subject: [PATCH] openldap-spec-file.patch
 
+Signed-off-by: Dongqi Chen <chen.dq@neusoft.com>
 ---
- SPECS/openldap.spec | 8 ++++----
+ SPECS/openldap.spec | 7 +++++--
- 1 file changed, 4 insertions(+), 4 deletions(-)
+ 1 file changed, 5 insertions(+), 2 deletions(-)
 
 diff --git a/SPECS/openldap.spec b/SPECS/openldap.spec
 index 85abac9..66a1377 100644
 --- a/SPECS/openldap.spec
 +++ b/SPECS/openldap.spec
-@@ -308,7 +308,7 @@ mv check_password.so check_password.so.%{check_password_version}
+@@ -205,7 +205,7 @@ mv check_password.so check_password.so.%{check_password_version}
  ln -s check_password.so.%{check_password_version} %{buildroot}%{_libdir}/openldap/check_password.so
  install -m 755 check_password.so.%{check_password_version} %{buildroot}%{_libdir}/openldap/
  # install -m 644 README %{buildroot}%{_libdir}/openldap
@@ -20,33 +21,25 @@ index 85abac9..66a1377 100644
  cat > %{buildroot}%{_sysconfdir}/openldap/check_password.conf <<EOF
  # OpenLDAP pwdChecker library configuration
  
-@@ -444,6 +444,7 @@ exit 0
+@@ -320,6 +320,9 @@ exit 0
+ 
+ 
  %post servers
- 
++
- /sbin/ldconfig -n %{_libdir}/openldap
 +mkdir -p /var/lib/openldap-data
- 
++
  %systemd_post slapd.service
  
-@@ -454,7 +455,6 @@ exit 0
+ # generate configuration if necessary
- if [ ! -f %{_sysconfdir}/openldap/slapd.d/cn=config.ldif ]; then
+@@ -472,7 +475,7 @@ exit 0
- 	if [ -f %{_sysconfdir}/openldap/slapd.conf ]; then
- 		%{_libexecdir}/openldap/convert-config.sh &>/dev/null
--		mv %{_sysconfdir}/openldap/slapd.conf %{_sysconfdir}/openldap/slapd.conf.bak
- 	else
- 		%{_libexecdir}/openldap/convert-config.sh -f %{_datadir}/openldap-servers/slapd.ldif &>/dev/null
- 	fi
-@@ -653,8 +653,8 @@ exit 0
  %{_mandir}/man5/slapd*.5*
  %{_mandir}/man5/slapo-*.5*
  # obsolete configuration
 -%ghost %config(noreplace,missingok) %attr(0640,ldap,ldap) %{_sysconfdir}/openldap/slapd.conf
--%ghost %config(noreplace,missingok) %attr(0640,ldap,ldap) %{_sysconfdir}/openldap/slapd.conf.bak
++#%ghost %config(noreplace,missingok) %attr(0640,ldap,ldap) %{_sysconfdir}/openldap/slapd.conf
-+# %ghost %config(noreplace,missingok) %attr(0640,ldap,ldap) %{_sysconfdir}/openldap/slapd.conf
-+# %ghost %config(noreplace,missingok) %attr(0640,ldap,ldap) %{_sysconfdir}/openldap/slapd.conf.bak
  
- %files servers-sql
+ %files clients
- %doc openldap-%{version}/servers/slapd/back-sql/docs/*
+ %{_bindir}/*
 -- 
-2.7.4
+1.8.3.1
 

ldap/openldap/centos/patches/rootdn-should-not-bypass-ppolicy.patch

@@ -3,6 +3,7 @@ From: Kam Nasim <kam.nasim@windriver.com>
 Date: Tue, 11 Apr 2017 17:23:03 -0400
 Subject: [PATCH] rootdn should not bypass ppolicy
 
+Signed-off-by: Dongqi Chen <chen.dq@neusoft.com>
 ---
  servers/slapd/overlays/ppolicy.c | 11 +++++++++--
  1 file changed, 9 insertions(+), 2 deletions(-)
@@ -16,7 +17,7 @@ index b446deb..fa79872 100644
  	}
 
 -	if (be_isroot( op )) goto do_modify;
-+	/* WRS UPDATE: Run ppolicy for all user password modify ops */
++	/* UPDATE: Run ppolicy for all user password modify ops */
 +	//if (be_isroot( op )) goto do_modify;
 
  	/* NOTE: according to draft-behera-ldap-password-policy
@@ -27,7 +28,7 @@ index b446deb..fa79872 100644
  	bv = newpw.bv_val ? &newpw : &addmod->sml_values[0];
 -	if (pp.pwdCheckQuality > 0) {
 +
-+	/* WRS UPDATE:
++	/* UPDATE:
 +	 * If this is a rootDN op and this is the first password
 +	 * then bypass password policies as this is a new account
 +	 * creation

ldap/openldap/centos/srpm_path

@@ -1 +1 @@
-mirror:Source/openldap-2.4.44-20.el7.src.rpm
+mirror:Source/openldap-2.4.46-9.el8.src.rpm