Age | Commit message (Collapse) | Author |
|
This updated patch also sets the date and time strings to the SOURCE_DATE_EPOCH.
The WHOWHERE string will now be set to simply "openldap"
in the case that a SOURCE_DATE_EPOCH is set.
Upstream-Status: Submitted [https://www.openldap.org/its/index.cgi/Incoming?id=8928]
Signed-off-by: Douglas Royds <douglas.royds@taitradio.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Upstream-Status: Pending
Signed-off-by: Douglas Royds <douglas.royds@taitradio.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
While building openldap, there was a warning, like below:
WARNING: QA Issue: openldap: Files/directories were installed but not shipped in any package:
/usr/libexec
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
openldap: 1 installed and not shipped files. [installed-vs-shipped]
This is because that after openldap all contents of /usr/libexec are split
into subsets or moved into other directory and no one makes use of it.
So, to fix this QA warning, delete /usr/libexec.
Signed-off-by: Qi Hou <qi.hou@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
LDFLAGS += "-pthread" adds the flag both for native and target builds,
however the openldap-native build overwrites the variable inside
native.bbclass causing "undefined reference to `pthread_getspecific'"
and other linker errors.
Change the append to happen after parsing by using the override
syntax and thus make sure it executes after native.bbclass (bitbake -e
reports pre-expansion value "${BUILD_LDFLAGS} -pthread").
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
1) Upgrade openldap from 2.4.44 to 2.4.45
2) Delete openldap-CVE-2017-9287.patch, since it is integrated upstream.
3) License checksum changed, since the copyright years were updated.
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is
prone to a double free vulnerability. A user with access to
search the directory can crash slapd by issuing a search including the
Paged Results control with a page size of 0.
Patch reference:
http://www.openldap.org/its/?findid=8655
Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
getVar() now defaults to expanding by default, thus remove the True
option from getVar() calls. Fix a small number of cases not addressed
by the original patch:
http://git.openembedded.org/meta-openembedded/commit/?id=efd3696e70a6603f1a45faa4a172433514f0a487
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
getVar() now defaults to expanding by default, thus remove the True
option from getVar() calls with a regex search and replace.
Search made with the following regex: getVar ?\(( ?[^,()]*), True\)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Fixes errors e.g.
relocation R_AARCH64_ADR_PREL_PG_HI21 against external symbol `stderr@@GLIBC_2.17' can not be us
ed when making a shared object; recompile with -fPIC
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
The mdb backend to slapd(8) is the recommended primary backend for a
normal slapd database. Add PACKAGECONFIG 'mdb' to enable it and build
mdb as SLAPD_STATIC_BACKENDS.
This fixes the errors while starting slapd:
$systemctl start slapd
Job for slapd.service failed because the control process exited \
with error code. See "systemctl status slapd.service" and \
"journalctl -xe" for details.
$ systemctl status slapd
...
/etc/openldap/slapd.conf: line 53: <database> failed init (bdb)
Unrecognized database type (bdb)
slapd.service: Control process exited, code=exited status=1
...
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
the patch comes from:
https://bugzilla.redhat.com/show_bug.cgi?id=1238322
https://bugzilla.redhat.com/attachment.cgi?id=1055640
The nss_parse_ciphers function in libraries/libldap/tls_m.c in
OpenLDAP does not properly parse OpenSSL-style multi-keyword mode
cipher strings, which might cause a weaker than intended cipher to
be used and allow remote attackers to have unspecified impact via
unknown vectors.
Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
1)Upgrade openldap from 2.4.43 to 2.4.44.
2)Modify LIC_FILES_CHKSUM, since the date in it has been changed, But the LICENSE has not been changed.
Signed-off-by: Wang Xin <wangxin2015.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Explicitly disable ipv6 support if the distro does not include it.
Signed-off-by: Richard Tollerton <rich.tollerton@ni.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
This is required by the apr-util & apache2 recipes to enable
ldap support without breaking the build (nothing provides -native)
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
1. Upgrade openldap from 2.4.42 to 2.4.43
2. Delete patch file openldap-fix-CVE-2015-6908.patch
because the bug(ITS#8240) has been fixed in OpenLDAP 2.4.43
http://www.openldap.org/software/release/changes.html
Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Upgrade phpmyadmin from 2.4.41 to 2.4.42. And backport patch from
http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=6fe51a9
to fix CVE-2015-6908.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
1) Dropped backported patches(commit-id):
-0001-ITS-8027-require-non-empty-AttributeList.patch(c32e747)
-0001-ITS-8046-fix-vrFilter_free.patch(2f1a2dd)
2) Update the checksum of COPYRIGHT,since the date in it has been changed,
but the LICENSE has not been changed.
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
1. upgrade to 2.4.20
2. remove two backup patches
2. integrate two patches to fix CVE-2015-1545 and CVE-2015-1546
3. disable bdb/hdb backend, since BerkeleyDB 6.0.20+ license is
incompatible with LDAP
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
To be safe, the ldap_pvt_thread_pool_getkey() function should
always set the data parameter. If this is not done, slapd can
segfault during shutdown.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
The new libtool's ltmain.sh is in build-aux.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Fixed do_packagedata error when multilib:
ERROR: The recipe openldap is trying to install files into a shared area when those files already exist. Those files and their manifest location are:
/path/to/sysroots/qemux86-64/pkgdata/runtime-rprovides/openldap-backends/openldap-backends
Matched in manifest-qemux86-64-lib32-openldap.packagedata
/path/to/tmp/sysroots/qemux86-64/pkgdata/runtime/openldap-backends.packaged
Matched in manifest-qemux86-64-lib32-openldap.packagedata
/path/to/tmp/sysroots/qemux86-64/pkgdata/runtime/openldap-backends
Matched in manifest-qemux86-64-lib32-openldap.packagedata
Please verify which recipe should provide the above files.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
Changed:
* Move slapd from ${libexecdir} to ${sbin}:
Installing slapd under ${sbin} is more FHS and LSB compliance
* Manage init script by inheriting update-rc.d, than postinst
* Add status for initscript
* Rename the patch named with commit id to
gnutls-Avoid-use-of-deprecated-function.patch
* Add a patch for CVE-2013-4449
* Add a patch to use /dev/urandom for entropy
* Allow tls obtains random bits from /dev/urandom:
The URANDOM_DEVICE is undefined for cross-compiling, define it as
/dev/urandom to allow tls obtains random bits from /dev/urandom.
* Add PACKAGECONFIG for mdb, ndb, relay and sock
* Remove unsupported config for ldbm
* Add license file
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Add a '\n' to the last line of the file to fix:
No newline at end of file
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Fixed SRC_URI:
* ${PN} -> ${BPN}, use ${BP} if it was ${PN}-${PV}
* ${P} -> ${BP}
Otherwise we would meet do_fetch errors when we do the multilib, native
or nativesdk build.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
OE-core update from gnutls2 to gnutls3, openldap needs patches to cope with that. Also add libgcrypt to DEPENDS since openldap links against it directly now instead of through gnutls.
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Also remove hack that deletes headers from staging, it's not needed anymore.
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
During compiling? we need soelim command provided by groff-native.
So add DEPENDS to fix this issue, else we will get following error:
/bin/sh: 15: soelim: not found
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
* openldap-slapd was sometime depending on util-linux-libuuid
add dependency to explicitly enable it
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
* some options like ldbm weren't supported by current version
* when gnutls and openssl were both available it was picking openssl
because default --with-tls is auto
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
The /var/run directory is already created by base-files.
Signed-off-by: Jonathan Liu <net147@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Before:
WARNING: File '/usr/lib/openldap/slapd' from openldap was already stripped, this will prevent future debugging!
WARNING: File '/usr/bin/ldapsearch' from openldap was already stripped, this will prevent future debugging!
WARNING: File '/usr/bin/ldapmodify' from openldap was already stripped, this will prevent future debugging!
WARNING: File '/usr/bin/ldapdelete' from openldap was already stripped, this will prevent future debugging!
WARNING: File '/usr/bin/ldapmodrdn' from openldap was already stripped, this will prevent future debugging!
WARNING: File '/usr/bin/ldappasswd' from openldap was already stripped, this will prevent future debugging!
WARNING: File '/usr/bin/ldapwhoami' from openldap was already stripped, this will prevent future debugging!
WARNING: File '/usr/bin/ldapcompare' from openldap was already stripped, this will prevent future debugging!
WARNING: File '/usr/bin/ldapexop' from openldap was already stripped, this will prevent future debugging!
WARNING: File '/usr/bin/ldapurl' from openldap was already stripped, this will prevent future debugging!
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
* openldap-2.4.23: openldap: Files/directories were installed but not shipped
/var/volatile
/var/volatile/run
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Used sed expression given here:
http://lists.linuxtogo.org/pipermail/openembedded-core/2011-November/012373.html
Plus an additional expression for .expand. Full expression is:
sed \
-e 's:bb.data.\(setVar([^,]*,[^,]*\), \([^ )]*\) *):\2.\1):g' \
-e 's:bb.data.\(setVarFlag([^,]*,[^,]*,[^,]*\), \([^) ]*\) *):\2.\1):g' \
-e 's:bb.data.\(getVar([^,]*\), \([^, ]*\) *,\([^)]*\)):\2.\1,\3):g' \
-e 's:bb.data.\(getVarFlag([^,]*,[^,]*\), \([^, ]*\) *,\([^)]*\)):\2.\1,\3):g' \
-e 's:bb.data.\(getVarFlag([^,]*,[^,]*\), \([^) ]*\) *):\2.\1):g' \
-e 's:bb.data.\(getVar([^,]*\), \([^) ]*\) *):\2.\1):g' \
-e 's:bb.data.\(expand([^,]*\), \([^ )]*\) *):\2.\1):g' \
-i `grep -ril bb.data *`
Some minor correction in systemd.bbclass was needed for some expressions
that didn't quite match the regex in the desired way; additionally a few
instances were manually changed.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
|
|
* bitbake uses PACKAGES_DYNAMIC as regexp
^ could make matching faster (and it will be more clear that we're expecting regexp not glob)
* made all those last '-' optional, use .* (or nothing)
* use += instead of = in most cases to keep ${PN}-locale from
bitbake.conf:PACKAGES_DYNAMIC = "^${PN}-locale-.*"
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
import from meta-smartphone
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|