From 8ae057a2e6862e4312ed4fa2fc635ce92b22d7ca Mon Sep 17 00:00:00 2001 From: Jiaqing Zhao Date: Mon, 10 Oct 2022 17:19:15 +0800 Subject: openldap: Upgrade 2.5.12 -> 2.5.13 Signed-off-by: Jiaqing Zhao Signed-off-by: Khem Raj --- ...01-ldif-filter-fix-parallel-build-failure.patch | 32 --- ...aries-Makefile.in-ignore-the-mkdir-errors.patch | 33 --- ...include-ldap_pvt_thread.h-before-redefini.patch | 54 ----- .../recipes-support/openldap/openldap_2.5.12.bb | 241 --------------------- .../recipes-support/openldap/openldap_2.5.13.bb | 238 ++++++++++++++++++++ 5 files changed, 238 insertions(+), 360 deletions(-) delete mode 100644 meta-oe/recipes-support/openldap/openldap/0001-ldif-filter-fix-parallel-build-failure.patch delete mode 100644 meta-oe/recipes-support/openldap/openldap/0001-libraries-Makefile.in-ignore-the-mkdir-errors.patch delete mode 100644 meta-oe/recipes-support/openldap/openldap/0001-librewrite-include-ldap_pvt_thread.h-before-redefini.patch delete mode 100644 meta-oe/recipes-support/openldap/openldap_2.5.12.bb create mode 100644 meta-oe/recipes-support/openldap/openldap_2.5.13.bb diff --git a/meta-oe/recipes-support/openldap/openldap/0001-ldif-filter-fix-parallel-build-failure.patch b/meta-oe/recipes-support/openldap/openldap/0001-ldif-filter-fix-parallel-build-failure.patch deleted file mode 100644 index b42bd9764f..0000000000 --- a/meta-oe/recipes-support/openldap/openldap/0001-ldif-filter-fix-parallel-build-failure.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 9e4ccd1e78ceac8de1ab66ee62ee216f1fbd4956 Mon Sep 17 00:00:00 2001 -From: Yi Zhao -Date: Thu, 2 Dec 2021 11:38:15 +0800 -Subject: [PATCH] ldif-filter: fix parallel build failure - -Add slapd-common.o as dependency for ldif-filter to fix the parallel -build failure: - ld: cannot find slapd-common.o: No such file or directory - -Upstream-Status: Pending - -Signed-off-by: Yi Zhao ---- - tests/progs/Makefile.in | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tests/progs/Makefile.in b/tests/progs/Makefile.in -index 13f1e8be2..e4f4ccf98 100644 ---- a/tests/progs/Makefile.in -+++ b/tests/progs/Makefile.in -@@ -56,7 +56,7 @@ slapd-modify: slapd-modify.o $(OBJS) $(XLIBS) - slapd-bind: slapd-bind.o $(OBJS) $(XLIBS) - $(LTLINK) -o $@ slapd-bind.o $(OBJS) $(LIBS) - --ldif-filter: ldif-filter.o $(XLIBS) -+ldif-filter: ldif-filter.o $(OBJS) $(XLIBS) - $(LTLINK) -o $@ ldif-filter.o $(OBJS) $(LIBS) - - slapd-mtread: slapd-mtread.o $(OBJS) $(XLIBS) --- -2.25.1 - diff --git a/meta-oe/recipes-support/openldap/openldap/0001-libraries-Makefile.in-ignore-the-mkdir-errors.patch b/meta-oe/recipes-support/openldap/openldap/0001-libraries-Makefile.in-ignore-the-mkdir-errors.patch deleted file mode 100644 index 552726bb0a..0000000000 --- a/meta-oe/recipes-support/openldap/openldap/0001-libraries-Makefile.in-ignore-the-mkdir-errors.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 690f69791eb6cd0d7e94b4d73219ee864de27f62 Mon Sep 17 00:00:00 2001 -From: Yi Zhao -Date: Mon, 10 Jan 2022 10:13:51 +0800 -Subject: [PATCH] libraries/Makefile.in: ignore the mkdir errors - -Ignore the mkdir errors to fix the parallel build failure: - -../../build/shtool mkdir -p TOPDIR/tmp-glibc/work/cortexa15t2hf-neon-wrs-linux-gnueabi/openldap/2.5.9-r0/image/usr/lib -mkdir: cannot create directory 'TOPDIR/tmp-glibc/work/cortexa15t2hf-neon-wrs-linux-gnueabi/openldap/2.5.9-r0/image/usr/lib': File exists - -Upstream-Status: Pending - -Signed-off-by: Yi Zhao ---- - libraries/Makefile.in | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/libraries/Makefile.in b/libraries/Makefile.in -index d9cb2ff..c6b251f 100644 ---- a/libraries/Makefile.in -+++ b/libraries/Makefile.in -@@ -24,7 +24,7 @@ PKGCONFIG_DIR=$(DESTDIR)$(libdir)/pkgconfig - PKGCONFIG_SRCDIRS=liblber libldap - - install-local: -- @$(MKDIR) $(PKGCONFIG_DIR) -+ @-$(MKDIR) $(PKGCONFIG_DIR) - @for i in $(PKGCONFIG_SRCDIRS); do \ - $(INSTALL_DATA) $$i/*.pc $(PKGCONFIG_DIR); \ - done --- -2.17.1 - diff --git a/meta-oe/recipes-support/openldap/openldap/0001-librewrite-include-ldap_pvt_thread.h-before-redefini.patch b/meta-oe/recipes-support/openldap/openldap/0001-librewrite-include-ldap_pvt_thread.h-before-redefini.patch deleted file mode 100644 index bcd1525b67..0000000000 --- a/meta-oe/recipes-support/openldap/openldap/0001-librewrite-include-ldap_pvt_thread.h-before-redefini.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 79381ab335898c9184e22dd25b544adefa9bf6c5 Mon Sep 17 00:00:00 2001 -From: Khem Raj -Date: Mon, 7 Feb 2022 16:26:57 -0800 -Subject: [PATCH] librewrite: include ldap_pvt_thread.h before redefining - calloc - -This helps compiling with musl, where sched.h is included by -ldap_pvt_thread.h which provides prototype for calloc() and conflicts - -/usr/include/sched.h:84:7: error: conflicting types for 'ber_memcalloc' -| void *calloc(size_t, size_t); -| ^1 -| warning and 1 error generated. -| ./rewrite-int.h:44:21: note: expanded from macro 'calloc' -| #define calloc(x,y) ber_memcalloc(x,y) -| ^ - -Upstream-Status: Pending -Signed-off-by: Khem Raj ---- - libraries/librewrite/rewrite-int.h | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -diff --git a/libraries/librewrite/rewrite-int.h b/libraries/librewrite/rewrite-int.h -index 4481dd3..5ec226d 100644 ---- a/libraries/librewrite/rewrite-int.h -+++ b/libraries/librewrite/rewrite-int.h -@@ -40,6 +40,11 @@ - - #include - -+#ifndef NO_THREADS -+#define USE_REWRITE_LDAP_PVT_THREADS -+#include -+#endif -+ - #define malloc(x) ber_memalloc(x) - #define calloc(x,y) ber_memcalloc(x,y) - #define realloc(x,y) ber_memrealloc(x,y) -@@ -47,11 +52,6 @@ - #undef strdup - #define strdup(x) ber_strdup(x) - --#ifndef NO_THREADS --#define USE_REWRITE_LDAP_PVT_THREADS --#include --#endif -- - /* - * For details, see RATIONALE. - */ --- -2.35.1 - diff --git a/meta-oe/recipes-support/openldap/openldap_2.5.12.bb b/meta-oe/recipes-support/openldap/openldap_2.5.12.bb deleted file mode 100644 index a8ea84d70f..0000000000 --- a/meta-oe/recipes-support/openldap/openldap_2.5.12.bb +++ /dev/null @@ -1,241 +0,0 @@ -SUMMARY = "OpenLDAP Directory Service" -DESCRIPTION = "OpenLDAP Software is an open source implementation of the Lightweight Directory Access Protocol." -HOMEPAGE = "http://www.OpenLDAP.org/license.html" -# The OpenLDAP Public License - see the HOMEPAGE - defines -# the license. www.openldap.org claims this is Open Source -# (see http://www.openldap.org), the license appears to be -# basically BSD. opensource.org does not record this license -# at present (so it is apparently not OSI certified). -LICENSE = "OpenLDAP" -LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=beceb5ac7100b6430640c61655b25c1f \ - file://LICENSE;md5=153d07ef052c4a37a8fac23bc6031972 \ - " -SECTION = "libs" - -LDAP_VER = "${@'.'.join(d.getVar('PV').split('.')[0:2])}" - -SRC_URI = "http://www.openldap.org/software/download/OpenLDAP/openldap-release/${BP}.tgz \ - file://initscript \ - file://slapd.service \ - file://remove-user-host-pwd-from-version.patch \ - file://0001-ldif-filter-fix-parallel-build-failure.patch \ - file://0001-build-top.mk-unset-STRIP_OPTS.patch \ - file://0001-libraries-Makefile.in-ignore-the-mkdir-errors.patch \ - file://0001-librewrite-include-ldap_pvt_thread.h-before-redefini.patch \ - file://0001-configure-Pass-pthread_t-to-pthread_detach.patch \ -" - -SRC_URI[sha256sum] = "d5086cbfc49597fa7d0670a429a9054552d441b16ee8b2435412797ab0e37b96" - -DEPENDS = "util-linux groff-native" - -inherit autotools-brokensep update-rc.d systemd pkgconfig - -# CV SETTINGS -# Required to work round AC_FUNC_MEMCMP which gets the wrong answer -# when cross compiling (should be in site?) -EXTRA_OECONF += "ac_cv_func_memcmp_working=yes" - -# CONFIG DEFINITIONS -# The following is necessary because it cannot be determined for a -# cross compile automagically. Select should yield fine on all OE -# systems... -EXTRA_OECONF += "--with-yielding-select=yes" -# Shared libraries are nice... -EXTRA_OECONF += "--enable-dynamic" - -PACKAGECONFIG ??= "asyncmeta gnutls modules \ - mdb ldap meta null passwd proxycache dnssrv \ - ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} \ -" -#--with-tls with TLS/SSL support auto|openssl|gnutls [auto] -PACKAGECONFIG[gnutls] = "--with-tls=gnutls,,gnutls" -PACKAGECONFIG[openssl] = "--with-tls=openssl,,openssl" - -PACKAGECONFIG[sasl] = "--with-cyrus-sasl,--without-cyrus-sasl,cyrus-sasl" -PACKAGECONFIG[modules] = "lt_cv_dlopen_self=yes --enable-modules,--disable-modules,libtool" -PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6" - -# SLAPD options -# -# UNIX crypt(3) passwd support: -EXTRA_OECONF += "--enable-crypt" - -# SLAPD BACKEND -# -# The backend must be set by the configuration. This controls the -# required database. -# -# Backends="asyncmeta dnssrv ldap mdb meta ndb null passwd perl relay sock sql wt" -# -# Note that multiple backends can be built. The ldbm backend requires a -# build-time choice of database API. To use the gdbm (or other) API the -# Berkely database module must be removed from the build. -md = "${libexecdir}/openldap" -# - -#--enable-asyncmeta enable asyncmeta backend no|yes|mod no -PACKAGECONFIG[asyncmeta] = "--enable-asyncmeta=mod,--enable-asyncmeta=no" - -#--enable-dnssrv enable dnssrv backend no|yes|mod no -PACKAGECONFIG[dnssrv] = "--enable-dnssrv=mod,--enable-dnssrv=no" - -#--enable-ldap enable ldap backend no|yes|mod no -PACKAGECONFIG[ldap] = "--enable-ldap=mod,--enable-ldap=no," - -#--enable-mdb enable mdb database backend no|yes|mod [yes] -PACKAGECONFIG[mdb] = "--enable-mdb=yes,--enable-mdb=no," - -#--enable-meta enable metadirectory backend no|yes|mod no -PACKAGECONFIG[meta] = "--enable-meta=mod,--enable-meta=no," - -#--enable-ndb enable MySQL NDB Cluster backend no|yes|mod [no] -PACKAGECONFIG[ndb] = "--enable-ndb=mod,--enable-ndb=no," - -#--enable-null enable null backend no|yes|mod no -PACKAGECONFIG[null] = "--enable-null=mod,--enable-null=no," - -#--enable-passwd enable passwd backend no|yes|mod no -PACKAGECONFIG[passwd] = "--enable-passwd=mod,--enable-passwd=no," - -#--enable-perl enable perl backend no|yes|mod no -# This requires a loadable perl dynamic library, if enabled without -# doing something appropriate (building perl?) the build will pick -# up the build machine perl - not good (inherit perlnative?) -PACKAGECONFIG[perl] = "--enable-perl=mod,--enable-perl=no,perl" - -#--enable-relay enable relay backend no|yes|mod [yes] -PACKAGECONFIG[relay] = "--enable-relay=mod,--enable-relay=no," - -#--enable-sock enable sock backend no|yes|mod [no] -PACKAGECONFIG[sock] = "--enable-sock=mod,--enable-sock=no," - -#--enable-sql enable sql backend no|yes|mod no -# sql requires some sql backend which provides sql.h, sqlite* provides -# sqlite.h (which may be compatible but hasn't been tried.) -PACKAGECONFIG[sql] = "--enable-sql=mod,--enable-sql=no,sqlite3" - -#--enable-wt enable wt backend no|yes|mod no -# back-wt is marked currently as experimental -PACKAGECONFIG[wt] = "--enable-wt=mod,--enable-wt=no" - -#--enable-dyngroup Dynamic Group overlay no|yes|mod no -# This is a demo, Proxy Cache defines init_module which conflicts with the -# same symbol in dyngroup -PACKAGECONFIG[dyngroup] = "--enable-dyngroup=mod,--enable-dyngroup=no," - -#--enable-proxycache Proxy Cache overlay no|yes|mod no -PACKAGECONFIG[proxycache] = "--enable-proxycache=mod,--enable-proxycache=no," -FILES:${PN}-overlay-proxycache = "${md}/pcache-*.so.*" -PACKAGES += "${PN}-overlay-proxycache" - -# Append URANDOM_DEVICE='/dev/urandom' to CPPFLAGS: -# This allows tls to obtain random bits from /dev/urandom, by default -# it was disabled for cross-compiling. -CPPFLAGS:append = " -D_GNU_SOURCE -DURANDOM_DEVICE=\\"/dev/urandom\\" -fPIC" - -LDFLAGS:append = " -pthread" - -do_configure() { - rm -f ${S}/libtool - aclocal - libtoolize --force --copy - gnu-configize - cp ${STAGING_DATADIR_NATIVE}/libtool/build-aux/ltmain.sh ${S}/build - cp ${STAGING_DATADIR_NATIVE}/libtool/build-aux/missing ${S}/build - cp ${STAGING_DATADIR_NATIVE}/libtool/build-aux/compile ${S}/build - autoconf - oe_runconf -} - -LEAD_SONAME = "libldap-${LDAP_VER}.so.*" - -# The executables go in a separate package. This allows the -# installation of the libraries with no daemon support. -# Each module also has its own package - see above. -PACKAGES += "${PN}-slapd ${PN}-slurpd ${PN}-bin" - -# Package contents - shift most standard contents to -bin -FILES:${PN} = "${libdir}/lib*.so.* ${sysconfdir}/openldap/ldap.* ${localstatedir}/${BPN}/data" -FILES:${PN}-slapd = "${sysconfdir}/init.d ${libexecdir}/slapd ${sbindir} ${localstatedir}/run ${localstatedir}/volatile/run \ - ${sysconfdir}/openldap/slapd.* ${sysconfdir}/openldap/schema \ - ${sysconfdir}/openldap/DB_CONFIG.example ${systemd_unitdir}/system/*" -FILES:${PN}-slurpd = "${libexecdir}/slurpd ${localstatedir}/openldap-slurp" -FILES:${PN}-bin = "${bindir}" -FILES:${PN}-dev = "${includedir} ${libdir}/lib*.so ${libdir}/*.la ${libexecdir}/openldap/*.a ${libexecdir}/openldap/*.la ${libexecdir}/openldap/*.so ${libdir}/pkgconfig/*.pc" -FILES:${PN}-dbg += "${libexecdir}/openldap/.debug" - -do_install:append() { - install -d ${D}${sysconfdir}/init.d - cat ${WORKDIR}/initscript > ${D}${sysconfdir}/init.d/openldap - chmod 755 ${D}${sysconfdir}/init.d/openldap - # This is duplicated in /etc/openldap and is for slapd - rm -f ${D}${localstatedir}/openldap-data/DB_CONFIG.example - - # Installing slapd under ${sbin} is more FHS and LSB compliance - mv ${D}${libexecdir}/slapd ${D}/${sbindir}/slapd - rmdir --ignore-fail-on-non-empty ${D}${libexecdir} - SLAPTOOLS="slapadd slapcat slapdn slapindex slappasswd slaptest slapauth slapacl slapschema slapmodify" - cd ${D}/${sbindir}/ - rm -f ${SLAPTOOLS} - for i in ${SLAPTOOLS}; do ln -sf slapd $i; done - - rmdir "${D}${localstatedir}/run" - rmdir --ignore-fail-on-non-empty "${D}${localstatedir}" - - install -d ${D}${systemd_unitdir}/system/ - install -m 0644 ${WORKDIR}/slapd.service ${D}${systemd_unitdir}/system/ - sed -i -e 's,@SBINDIR@,${sbindir},g' ${D}${systemd_unitdir}/system/*.service - - # Uses mdm as the database - # and localstatedir as data directory ... - sed -e 's/# modulepath/modulepath/' \ - -e 's/# moduleload\s*back_bdb.*/moduleload back_mdb/' \ - -e 's/database\s*bdb/database mdb/' \ - -e 's%^directory\s*.*%directory ${localstatedir}/${BPN}/data/%' \ - -i ${D}${sysconfdir}/openldap/slapd.conf - - mkdir -p ${D}${localstatedir}/${BPN}/data -} - -INITSCRIPT_PACKAGES = "${PN}-slapd" -INITSCRIPT_NAME:${PN}-slapd = "openldap" -INITSCRIPT_PARAMS:${PN}-slapd = "defaults" -SYSTEMD_PACKAGES = "${PN}-slapd" -SYSTEMD_SERVICE:${PN}-slapd = "slapd.service" -SYSTEMD_AUTO_ENABLE:${PN}-slapd ?= "disable" - -PACKAGES_DYNAMIC += "^${PN}-backends.* ^${PN}-backend-.*" - -# The modules require their .so to be dynamicaly loaded -INSANE_SKIP:${PN}-backend-asyncmeta += "dev-so" -INSANE_SKIP:${PN}-backend-dnssrv += "dev-so" -INSANE_SKIP:${PN}-backend-ldap += "dev-so" -INSANE_SKIP:${PN}-backend-meta += "dev-so" -INSANE_SKIP:${PN}-backend-mdb += "dev-so" -INSANE_SKIP:${PN}-backend-null += "dev-so" -INSANE_SKIP:${PN}-backend-passwd += "dev-so" - -python populate_packages:prepend () { - backend_dir = d.expand('${libexecdir}/openldap') - do_split_packages(d, backend_dir, r'back_([a-z]*)\.so$', 'openldap-backend-%s', 'OpenLDAP %s backend', prepend=True, extra_depends='', allow_links=True) - do_split_packages(d, backend_dir, r'back_([a-z]*)\-.*\.so\..*$', 'openldap-backend-%s', 'OpenLDAP %s backend', extra_depends='', allow_links=True) - - metapkg = "${PN}-backends" - d.setVar('ALLOW_EMPTY:' + metapkg, "1") - d.setVar('FILES:' + metapkg, "") - metapkg_rdepends = [] - packages = d.getVar('PACKAGES').split() - for pkg in packages[1:]: - if pkg.count("openldap-backend-") and not pkg in metapkg_rdepends and not pkg.count("-dev") and not pkg.count("-dbg") and not pkg.count("static") and not pkg.count("locale"): - metapkg_rdepends.append(pkg) - d.setVar('RDEPENDS:' + metapkg, ' '.join(metapkg_rdepends)) - d.setVar('DESCRIPTION:' + metapkg, 'OpenLDAP backends meta package') - packages.append(metapkg) - d.setVar('PACKAGES', ' '.join(packages)) -} - -BBCLASSEXTEND = "native" - -# CVE-2015-3276 has no target code. -CVE_CHECK_IGNORE += "CVE-2015-3276" diff --git a/meta-oe/recipes-support/openldap/openldap_2.5.13.bb b/meta-oe/recipes-support/openldap/openldap_2.5.13.bb new file mode 100644 index 0000000000..b117677f9b --- /dev/null +++ b/meta-oe/recipes-support/openldap/openldap_2.5.13.bb @@ -0,0 +1,238 @@ +SUMMARY = "OpenLDAP Directory Service" +DESCRIPTION = "OpenLDAP Software is an open source implementation of the Lightweight Directory Access Protocol." +HOMEPAGE = "http://www.OpenLDAP.org/license.html" +# The OpenLDAP Public License - see the HOMEPAGE - defines +# the license. www.openldap.org claims this is Open Source +# (see http://www.openldap.org), the license appears to be +# basically BSD. opensource.org does not record this license +# at present (so it is apparently not OSI certified). +LICENSE = "OpenLDAP" +LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=beceb5ac7100b6430640c61655b25c1f \ + file://LICENSE;md5=153d07ef052c4a37a8fac23bc6031972 \ + " +SECTION = "libs" + +LDAP_VER = "${@'.'.join(d.getVar('PV').split('.')[0:2])}" + +SRC_URI = "http://www.openldap.org/software/download/OpenLDAP/openldap-release/${BP}.tgz \ + file://initscript \ + file://slapd.service \ + file://remove-user-host-pwd-from-version.patch \ + file://0001-build-top.mk-unset-STRIP_OPTS.patch \ + file://0001-configure-Pass-pthread_t-to-pthread_detach.patch \ +" + +SRC_URI[sha256sum] = "ee3c430c4ef7b87c57b622108c7339376d6c27fbbf2767770be3de1df63d008c" + +DEPENDS = "util-linux groff-native" + +inherit autotools-brokensep update-rc.d systemd pkgconfig + +# CV SETTINGS +# Required to work round AC_FUNC_MEMCMP which gets the wrong answer +# when cross compiling (should be in site?) +EXTRA_OECONF += "ac_cv_func_memcmp_working=yes" + +# CONFIG DEFINITIONS +# The following is necessary because it cannot be determined for a +# cross compile automagically. Select should yield fine on all OE +# systems... +EXTRA_OECONF += "--with-yielding-select=yes" +# Shared libraries are nice... +EXTRA_OECONF += "--enable-dynamic" + +PACKAGECONFIG ??= "asyncmeta gnutls modules \ + mdb ldap meta null passwd proxycache dnssrv \ + ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} \ +" +#--with-tls with TLS/SSL support auto|openssl|gnutls [auto] +PACKAGECONFIG[gnutls] = "--with-tls=gnutls,,gnutls" +PACKAGECONFIG[openssl] = "--with-tls=openssl,,openssl" + +PACKAGECONFIG[sasl] = "--with-cyrus-sasl,--without-cyrus-sasl,cyrus-sasl" +PACKAGECONFIG[modules] = "lt_cv_dlopen_self=yes --enable-modules,--disable-modules,libtool" +PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6" + +# SLAPD options +# +# UNIX crypt(3) passwd support: +EXTRA_OECONF += "--enable-crypt" + +# SLAPD BACKEND +# +# The backend must be set by the configuration. This controls the +# required database. +# +# Backends="asyncmeta dnssrv ldap mdb meta ndb null passwd perl relay sock sql wt" +# +# Note that multiple backends can be built. The ldbm backend requires a +# build-time choice of database API. To use the gdbm (or other) API the +# Berkely database module must be removed from the build. +md = "${libexecdir}/openldap" +# + +#--enable-asyncmeta enable asyncmeta backend no|yes|mod no +PACKAGECONFIG[asyncmeta] = "--enable-asyncmeta=mod,--enable-asyncmeta=no" + +#--enable-dnssrv enable dnssrv backend no|yes|mod no +PACKAGECONFIG[dnssrv] = "--enable-dnssrv=mod,--enable-dnssrv=no" + +#--enable-ldap enable ldap backend no|yes|mod no +PACKAGECONFIG[ldap] = "--enable-ldap=mod,--enable-ldap=no," + +#--enable-mdb enable mdb database backend no|yes|mod [yes] +PACKAGECONFIG[mdb] = "--enable-mdb=yes,--enable-mdb=no," + +#--enable-meta enable metadirectory backend no|yes|mod no +PACKAGECONFIG[meta] = "--enable-meta=mod,--enable-meta=no," + +#--enable-ndb enable MySQL NDB Cluster backend no|yes|mod [no] +PACKAGECONFIG[ndb] = "--enable-ndb=mod,--enable-ndb=no," + +#--enable-null enable null backend no|yes|mod no +PACKAGECONFIG[null] = "--enable-null=mod,--enable-null=no," + +#--enable-passwd enable passwd backend no|yes|mod no +PACKAGECONFIG[passwd] = "--enable-passwd=mod,--enable-passwd=no," + +#--enable-perl enable perl backend no|yes|mod no +# This requires a loadable perl dynamic library, if enabled without +# doing something appropriate (building perl?) the build will pick +# up the build machine perl - not good (inherit perlnative?) +PACKAGECONFIG[perl] = "--enable-perl=mod,--enable-perl=no,perl" + +#--enable-relay enable relay backend no|yes|mod [yes] +PACKAGECONFIG[relay] = "--enable-relay=mod,--enable-relay=no," + +#--enable-sock enable sock backend no|yes|mod [no] +PACKAGECONFIG[sock] = "--enable-sock=mod,--enable-sock=no," + +#--enable-sql enable sql backend no|yes|mod no +# sql requires some sql backend which provides sql.h, sqlite* provides +# sqlite.h (which may be compatible but hasn't been tried.) +PACKAGECONFIG[sql] = "--enable-sql=mod,--enable-sql=no,sqlite3" + +#--enable-wt enable wt backend no|yes|mod no +# back-wt is marked currently as experimental +PACKAGECONFIG[wt] = "--enable-wt=mod,--enable-wt=no" + +#--enable-dyngroup Dynamic Group overlay no|yes|mod no +# This is a demo, Proxy Cache defines init_module which conflicts with the +# same symbol in dyngroup +PACKAGECONFIG[dyngroup] = "--enable-dyngroup=mod,--enable-dyngroup=no," + +#--enable-proxycache Proxy Cache overlay no|yes|mod no +PACKAGECONFIG[proxycache] = "--enable-proxycache=mod,--enable-proxycache=no," +FILES:${PN}-overlay-proxycache = "${md}/pcache-*.so.*" +PACKAGES += "${PN}-overlay-proxycache" + +# Append URANDOM_DEVICE='/dev/urandom' to CPPFLAGS: +# This allows tls to obtain random bits from /dev/urandom, by default +# it was disabled for cross-compiling. +CPPFLAGS:append = " -D_GNU_SOURCE -DURANDOM_DEVICE=\\"/dev/urandom\\" -fPIC" + +LDFLAGS:append = " -pthread" + +do_configure() { + rm -f ${S}/libtool + aclocal + libtoolize --force --copy + gnu-configize + cp ${STAGING_DATADIR_NATIVE}/libtool/build-aux/ltmain.sh ${S}/build + cp ${STAGING_DATADIR_NATIVE}/libtool/build-aux/missing ${S}/build + cp ${STAGING_DATADIR_NATIVE}/libtool/build-aux/compile ${S}/build + autoconf + oe_runconf +} + +LEAD_SONAME = "libldap-${LDAP_VER}.so.*" + +# The executables go in a separate package. This allows the +# installation of the libraries with no daemon support. +# Each module also has its own package - see above. +PACKAGES += "${PN}-slapd ${PN}-slurpd ${PN}-bin" + +# Package contents - shift most standard contents to -bin +FILES:${PN} = "${libdir}/lib*.so.* ${sysconfdir}/openldap/ldap.* ${localstatedir}/${BPN}/data" +FILES:${PN}-slapd = "${sysconfdir}/init.d ${libexecdir}/slapd ${sbindir} ${localstatedir}/run ${localstatedir}/volatile/run \ + ${sysconfdir}/openldap/slapd.* ${sysconfdir}/openldap/schema \ + ${sysconfdir}/openldap/DB_CONFIG.example ${systemd_unitdir}/system/*" +FILES:${PN}-slurpd = "${libexecdir}/slurpd ${localstatedir}/openldap-slurp" +FILES:${PN}-bin = "${bindir}" +FILES:${PN}-dev = "${includedir} ${libdir}/lib*.so ${libdir}/*.la ${libexecdir}/openldap/*.a ${libexecdir}/openldap/*.la ${libexecdir}/openldap/*.so ${libdir}/pkgconfig/*.pc" +FILES:${PN}-dbg += "${libexecdir}/openldap/.debug" + +do_install:append() { + install -d ${D}${sysconfdir}/init.d + cat ${WORKDIR}/initscript > ${D}${sysconfdir}/init.d/openldap + chmod 755 ${D}${sysconfdir}/init.d/openldap + # This is duplicated in /etc/openldap and is for slapd + rm -f ${D}${localstatedir}/openldap-data/DB_CONFIG.example + + # Installing slapd under ${sbin} is more FHS and LSB compliance + mv ${D}${libexecdir}/slapd ${D}/${sbindir}/slapd + rmdir --ignore-fail-on-non-empty ${D}${libexecdir} + SLAPTOOLS="slapadd slapcat slapdn slapindex slappasswd slaptest slapauth slapacl slapschema slapmodify" + cd ${D}/${sbindir}/ + rm -f ${SLAPTOOLS} + for i in ${SLAPTOOLS}; do ln -sf slapd $i; done + + rmdir "${D}${localstatedir}/run" + rmdir --ignore-fail-on-non-empty "${D}${localstatedir}" + + install -d ${D}${systemd_unitdir}/system/ + install -m 0644 ${WORKDIR}/slapd.service ${D}${systemd_unitdir}/system/ + sed -i -e 's,@SBINDIR@,${sbindir},g' ${D}${systemd_unitdir}/system/*.service + + # Uses mdm as the database + # and localstatedir as data directory ... + sed -e 's/# modulepath/modulepath/' \ + -e 's/# moduleload\s*back_bdb.*/moduleload back_mdb/' \ + -e 's/database\s*bdb/database mdb/' \ + -e 's%^directory\s*.*%directory ${localstatedir}/${BPN}/data/%' \ + -i ${D}${sysconfdir}/openldap/slapd.conf + + mkdir -p ${D}${localstatedir}/${BPN}/data +} + +INITSCRIPT_PACKAGES = "${PN}-slapd" +INITSCRIPT_NAME:${PN}-slapd = "openldap" +INITSCRIPT_PARAMS:${PN}-slapd = "defaults" +SYSTEMD_PACKAGES = "${PN}-slapd" +SYSTEMD_SERVICE:${PN}-slapd = "slapd.service" +SYSTEMD_AUTO_ENABLE:${PN}-slapd ?= "disable" + +PACKAGES_DYNAMIC += "^${PN}-backends.* ^${PN}-backend-.*" + +# The modules require their .so to be dynamicaly loaded +INSANE_SKIP:${PN}-backend-asyncmeta += "dev-so" +INSANE_SKIP:${PN}-backend-dnssrv += "dev-so" +INSANE_SKIP:${PN}-backend-ldap += "dev-so" +INSANE_SKIP:${PN}-backend-meta += "dev-so" +INSANE_SKIP:${PN}-backend-mdb += "dev-so" +INSANE_SKIP:${PN}-backend-null += "dev-so" +INSANE_SKIP:${PN}-backend-passwd += "dev-so" + +python populate_packages:prepend () { + backend_dir = d.expand('${libexecdir}/openldap') + do_split_packages(d, backend_dir, r'back_([a-z]*)\.so$', 'openldap-backend-%s', 'OpenLDAP %s backend', prepend=True, extra_depends='', allow_links=True) + do_split_packages(d, backend_dir, r'back_([a-z]*)\-.*\.so\..*$', 'openldap-backend-%s', 'OpenLDAP %s backend', extra_depends='', allow_links=True) + + metapkg = "${PN}-backends" + d.setVar('ALLOW_EMPTY:' + metapkg, "1") + d.setVar('FILES:' + metapkg, "") + metapkg_rdepends = [] + packages = d.getVar('PACKAGES').split() + for pkg in packages[1:]: + if pkg.count("openldap-backend-") and not pkg in metapkg_rdepends and not pkg.count("-dev") and not pkg.count("-dbg") and not pkg.count("static") and not pkg.count("locale"): + metapkg_rdepends.append(pkg) + d.setVar('RDEPENDS:' + metapkg, ' '.join(metapkg_rdepends)) + d.setVar('DESCRIPTION:' + metapkg, 'OpenLDAP backends meta package') + packages.append(metapkg) + d.setVar('PACKAGES', ' '.join(packages)) +} + +BBCLASSEXTEND = "native" + +# CVE-2015-3276 has no target code. +CVE_CHECK_IGNORE += "CVE-2015-3276" -- cgit 1.2.3-korg