Package: newpki-server
Version: 2.0.0+rc1-9
Severity: serious
Justification: FTBFS
Hi Pierre,
newpki-server now fails to build in unstable and testing, because
libldap2-dev has been updated to the openldap 2.4 version and
various ldap_*_s() functions are deprecated:
[...]
if g++ -DHAVE_CONFIG_H -I. -I. -I.. -DLOCALEDIR=\"/usr/share/locale\"
-I/usr/include/newpki -Wall -g -O2 -MT newpki_server-ClientLDAP.o -MD -MP -MF
".deps/newpki_server-ClientLDAP.Tpo" -c -o newpki_server-ClientLDAP.o `test -f
'./ClientLDAP.cpp' || echo './'`./ClientLDAP.cpp; \
then mv -f ".deps/newpki_server-ClientLDAP.Tpo"
".deps/newpki_server-ClientLDAP.Po"; else rm -f
".deps/newpki_server-ClientLDAP.Tpo"; exit 1; fi
./ClientLDAP.cpp: In member function 'void ClientLDAP::Disconnect()':
./ClientLDAP.cpp:79: error: 'ldap_unbind_s' was not declared in this scope
./ClientLDAP.cpp: In member function 'bool ClientLDAP::Search(const mString&,
mVector<LdapResult>&, int, int)':
./ClientLDAP.cpp:108: error: 'ldap_search_s' was not declared in this scope
./ClientLDAP.cpp: In member function 'void
ClientLDAP::AddCurrentMessage(mVector<LdapResult>&, LDAPMessage*)':
./ClientLDAP.cpp:186: error: 'ldap_get_values' was not declared in this scope
./ClientLDAP.cpp:199: error: 'ldap_value_free' was not declared in this scope
./ClientLDAP.cpp: In member function 'bool ClientLDAP::Reconnect()':
./ClientLDAP.cpp:215: error: 'ldap_init' was not declared in this scope
./ClientLDAP.cpp:225: error: 'ldap_bind_s' was not declared in this scope
./ClientLDAP.cpp:229: error: 'ldap_bind_s' was not declared in this scope
./ClientLDAP.cpp:259: error: 'ldap_bind_s' was not declared in this scope
./ClientLDAP.cpp:263: error: 'ldap_bind_s' was not declared in this scope
make[3]: *** [newpki_server-ClientLDAP.o] Error 1
[...]
A full build log is available at
<http://buildd.debian.org/fetch.cgi?pkg=newpki-server&arch=alpha&ver=2.0.0%2Brc1-9%2Bb1&stamp=1201284341&file=log&as=raw>.
These functions are all listed as deprecated in ldap.h, and are only
available if you build with -DLDAP_DEPRECATED. Since they may be dropped
completely in some future version, it would probably be better to port to
the new functions now, as documented in ldap.h.
The attached patch attempts to implement this. I've verified that it
builds, but haven't tested that it works.
Thanks,
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
[EMAIL PROTECTED] [EMAIL PROTECTED]
diff -u newpki-server-2.0.0+rc1/debian/changelog newpki-server-2.0.0+rc1/debian/changelog
--- newpki-server-2.0.0+rc1/debian/changelog
+++ newpki-server-2.0.0+rc1/debian/changelog
@@ -1,3 +1,10 @@
+newpki-server (2.0.0+rc1-9.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Port to openldap 2.4.
+
+ -- Steve Langasek <[EMAIL PROTECTED]> Sun, 27 Jan 2008 12:54:08 -0800
+
newpki-server (2.0.0+rc1-9) unstable; urgency=low
* Apply patch from Michael Ablassmeier:
only in patch2:
unchanged:
--- newpki-server-2.0.0+rc1.orig/publication/ldap/src/publication_ldap.cpp
+++ newpki-server-2.0.0+rc1/publication/ldap/src/publication_ldap.cpp
@@ -83,7 +83,7 @@
if(m_Connection)
{
- ldap_unbind_s(m_Connection);
+ ldap_unbind_ext_s(m_Connection, NULL, NULL);
m_Connection = NULL;
}
@@ -94,8 +94,9 @@
const char * strPort;
unsigned int Port;
const char * Username;
- const char * Password;
+ struct berval Password;
int protoVersion;
+ char * uri = NULL;
Server = Options.Get("Server");
strPort = Options.Get("Port");
@@ -112,19 +113,19 @@
return 0;
}
Username = Options.Get("Username");
- Password = Options.Get("Password");
+ Password.bv_val = (char*)Options.Get("Password");
+ Password.bv_len = strlen(Password.bv_val);
-
-
- m_Connection = ldap_init((char*)Server, Port);
+ asprintf(&uri, "ldap://%s:%u";, (char*)Server, Port);
+ ldap_initialize(&m_Connection, uri);
if(!m_Connection)
{
LastError = ldap_err2string(LDAP_LAST_ERROR);
return 0;
}
- LdapRet = ldap_bind_s(m_Connection, (char*)Username, (char*)Password, LDAP_AUTH_SIMPLE);
+ LdapRet = ldap_sasl_bind_s(m_Connection, (char*)Username, LDAP_SASL_SIMPLE, &Password, NULL, NULL, NULL);
if(LdapRet != LDAP_SUCCESS)
{
/* Wrong protocol version try another one */
@@ -135,7 +136,7 @@
if(LdapRet != LDAP_SUCCESS)
{
LastError = ldap_err2string(LdapRet);
- ldap_unbind_s(m_Connection);
+ ldap_unbind_ext_s(m_Connection, NULL, NULL);
m_Connection = NULL;
return 0;
}
@@ -145,16 +146,16 @@
if(LdapRet != LDAP_SUCCESS)
{
LastError = ldap_err2string(LdapRet);
- ldap_unbind_s(m_Connection);
+ ldap_unbind_ext_s(m_Connection, NULL, NULL);
m_Connection = NULL;
return 0;
}
/* Retry to connect */
- LdapRet = ldap_bind_s(m_Connection, (char*)Username, (char*)Password, LDAP_AUTH_SIMPLE);
+ LdapRet = ldap_sasl_bind_s(m_Connection, (char*)Username, LDAP_SASL_SIMPLE, &Password, NULL, NULL, NULL);
if(LdapRet != LDAP_SUCCESS)
{
LastError = ldap_err2string(LdapRet);
- ldap_unbind_s(m_Connection);
+ ldap_unbind_ext_s(m_Connection, NULL, NULL);
m_Connection = NULL;
return 0;
}
@@ -162,7 +163,7 @@
else
{
LastError = ldap_err2string(LdapRet);
- ldap_unbind_s(m_Connection);
+ ldap_unbind_ext_s(m_Connection, NULL, NULL);
m_Connection = NULL;
return 0;
}
@@ -177,7 +178,7 @@
if(m_Connection)
{
- ldap_unbind_s(m_Connection);
+ ldap_unbind_ext_s(m_Connection, NULL, NULL);
m_Connection = NULL;
}
ERR_remove_state(0);
@@ -507,7 +508,7 @@
*pMsg=NULL;
- if((LdapRet = ldap_search_s(m_Connection, (char*)LdapBase.c_str(), LDAP_SCOPE_SUBTREE, (char*)strFilters.c_str(), NULL, 0, pMsg)) != LDAP_SUCCESS)
+ if((LdapRet = ldap_search_ext_s(m_Connection, (char*)LdapBase.c_str(), LDAP_SCOPE_SUBTREE, (char*)strFilters.c_str(), NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT, pMsg)) != LDAP_SUCCESS)
{
if(*pMsg)
{
@@ -521,7 +522,7 @@
return 0;
}
- if((LdapRet = ldap_search_s(m_Connection, (char*)LdapBase.c_str(), LDAP_SCOPE_SUBTREE, (char*)strFilters.c_str(), NULL, 0, pMsg)) != LDAP_SUCCESS)
+ if((LdapRet = ldap_search_ext_s(m_Connection, (char*)LdapBase.c_str(), LDAP_SCOPE_SUBTREE, (char*)strFilters.c_str(), NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT, pMsg)) != LDAP_SUCCESS)
{
if(*pMsg)
{
@@ -628,7 +629,7 @@
mString::Encode("ISO-8859-1", "UTF-8", RDN, strRDN);
- if((LdapRet = ldap_modify_s(m_Connection, (char*)strRDN.c_str(), Mods)) != LDAP_SUCCESS)
+ if((LdapRet = ldap_modify_ext_s(m_Connection, (char*)strRDN.c_str(), Mods, NULL, NULL)) != LDAP_SUCCESS)
{
if(LdapRet == LDAP_SERVER_DOWN)
{
@@ -637,7 +638,7 @@
return 0;
}
- if((LdapRet = ldap_modify_s(m_Connection, (char*)strRDN.c_str(), Mods)) != LDAP_SUCCESS)
+ if((LdapRet = ldap_modify_ext_s(m_Connection, (char*)strRDN.c_str(), Mods, NULL, NULL)) != LDAP_SUCCESS)
{
LastError = ldap_err2string(LdapRet);
return 0;
@@ -684,7 +685,7 @@
char * Name;
LDAPMessage* currMsg;
char * attrName;
- char ** attrValue;
+ struct berval ** attrValue;
BerElement* ptr;
int currNumMatch;
int maxNumMatch;
@@ -753,18 +754,18 @@
}
if( (pos = Dn.SeekEntryName(FixedName, HASHTABLE_NOT_FOUND)) != HASHTABLE_NOT_FOUND )
{
- attrValue = ldap_get_values(m_Connection, currMsg, attrName);
+ attrValue = ldap_get_values_len(m_Connection, currMsg, attrName);
if(attrValue)
{
Value = Dn.Get(pos);
if(Value)
{
- if(stricmp(Value, *attrValue) == 0)
+ if(stricmp(Value, attrValue[0]->bv_val) == 0)
{
currNumMatch++;
}
}
- ldap_value_free(attrValue);
+ ldap_value_free_len(attrValue);
}
}
ldap_memfree(attrName);
only in patch2:
unchanged:
--- newpki-server-2.0.0+rc1.orig/src/ClientLDAP.cpp
+++ newpki-server-2.0.0+rc1/src/ClientLDAP.cpp
@@ -76,7 +76,7 @@
{
if(m_Connection)
{
- ldap_unbind_s(m_Connection);
+ ldap_unbind_ext_s(m_Connection, NULL, NULL);
m_Connection = NULL;
}
}
@@ -105,7 +105,7 @@
strSearch = SearchString;
pMsg=NULL;
- if((LdapRet = ldap_search_s(m_Connection, (char*)m_ldap_base.c_str(), LDAP_SCOPE_SUBTREE, (char*)strSearch.c_str(), NULL, 0, &pMsg)) != LDAP_SUCCESS)
+ if((LdapRet = ldap_search_ext_s(m_Connection, (char*)m_ldap_base.c_str(), LDAP_SCOPE_SUBTREE, (char*)strSearch.c_str(), NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT, &pMsg)) != LDAP_SUCCESS)
{
// Should we try to reconnect
switch(LdapRet)
@@ -118,7 +118,7 @@
}
ldap_set_option(m_Connection, LDAP_OPT_SIZELIMIT, (void *)&MaxResults);
ldap_set_option(m_Connection, LDAP_OPT_TIMELIMIT, (void *)&MaxTime);
- if((LdapRet = ldap_search_s(m_Connection, (char*)m_ldap_base.c_str(), LDAP_SCOPE_SUBTREE, (char*)strSearch.c_str(), NULL, 0, &pMsg)) != LDAP_SUCCESS)
+ if((LdapRet = ldap_search_ext_s(m_Connection, (char*)m_ldap_base.c_str(), LDAP_SCOPE_SUBTREE, (char*)strSearch.c_str(), NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT, &pMsg)) != LDAP_SUCCESS)
{
NEWPKIerr(PKI_ERROR_TXT, ERROR_LDAP);
ERR_add_error_data(2, "ldap_search_s : ", ldap_err2string(LdapRet));
@@ -159,7 +159,7 @@
LdapResult newResult;
char * Name;
char * attrName;
- char ** attrValue;
+ struct berval ** attrValue;
BerElement* ptr;
// The DN
@@ -183,7 +183,7 @@
{
if(!strstr(attrName, ";binary"))
{
- attrValue = ldap_get_values(m_Connection, currMsg, attrName);
+ attrValue = ldap_get_values_len(m_Connection, currMsg, attrName);
if(attrValue)
{
// Did we already find the attribute UID and is this one
@@ -191,12 +191,12 @@
if(!newResult.get_uid().size() && m_ldap_attr_name == attrName)
{
if(m_utf8)
- mString::Encode("UTF-8", "ISO-8859-1", *attrValue, newResult.get_uid());
+ mString::Encode("UTF-8", "ISO-8859-1", attrValue[0]->bv_val, newResult.get_uid());
else
- newResult.set_uid(*attrValue);
+ newResult.set_uid(attrValue[0]->bv_val);
}
- AddObject(newResult.get_objects(), attrName, *attrValue);
- ldap_value_free(attrValue);
+ AddObject(newResult.get_objects(), attrName, attrValue[0]->bv_val);
+ ldap_value_free_len(attrValue);
}
}
ldap_memfree(attrName);
@@ -209,10 +209,12 @@
{
LDAP_RC_TYPE LdapRet;
int protoVersion;
+ char *uri = NULL;
Disconnect();
- m_Connection = ldap_init((char*)m_ldap_server.c_str(), m_ldap_port);
+ asprintf(&uri, "ldap://%s:%u";, m_ldap_server.c_str(), m_ldap_port);
+ ldap_initialize(&m_Connection, uri);
if(!m_Connection)
{
NEWPKIerr(PKI_ERROR_TXT, ERROR_LDAP);
@@ -222,11 +224,14 @@
if(m_ldap_username.size())
{
- LdapRet = ldap_bind_s(m_Connection, (char*)m_ldap_username.c_str(), (char*)m_ldap_password.c_str(), LDAP_AUTH_SIMPLE);
+ struct berval passwd;
+ passwd.bv_val = (char *)m_ldap_password.c_str();
+ passwd.bv_len = strlen(passwd.bv_val);
+ LdapRet = ldap_sasl_bind_s(m_Connection, (char*)m_ldap_username.c_str(), LDAP_SASL_SIMPLE, &passwd, NULL, NULL, NULL);
}
else
{
- LdapRet = ldap_bind_s(m_Connection, NULL, NULL, LDAP_AUTH_SIMPLE);
+ LdapRet = ldap_sasl_bind_s(m_Connection, NULL, LDAP_SASL_SIMPLE, NULL, NULL, NULL, NULL);
}
if(LdapRet != LDAP_SUCCESS)
@@ -256,16 +261,19 @@
/* Retry to connect */
if(m_ldap_username.size())
{
- LdapRet = ldap_bind_s(m_Connection, (char*)m_ldap_username.c_str(), (char*)m_ldap_password.c_str(), LDAP_AUTH_SIMPLE);
+ struct berval passwd;
+ passwd.bv_val = (char *)m_ldap_password.c_str();
+ passwd.bv_len = strlen(passwd.bv_val);
+ LdapRet = ldap_sasl_bind_s(m_Connection, (char*)m_ldap_username.c_str(), LDAP_SASL_SIMPLE, &passwd, NULL, NULL, NULL);
}
else
{
- LdapRet = ldap_bind_s(m_Connection, NULL, NULL, LDAP_AUTH_SIMPLE);
+ LdapRet = ldap_sasl_bind_s(m_Connection, NULL, LDAP_SASL_SIMPLE, NULL, NULL, NULL, NULL);
}
if(LdapRet != LDAP_SUCCESS)
{
NEWPKIerr(PKI_ERROR_TXT, ERROR_LDAP);
- ERR_add_error_data(2, "ldap_bind_s : ", ldap_err2string(LdapRet));
+ ERR_add_error_data(2, "ldap_sasl_bind_s : ", ldap_err2string(LdapRet));
Disconnect();
return false;
}
@@ -273,7 +281,7 @@
else
{
NEWPKIerr(PKI_ERROR_TXT, ERROR_LDAP);
- ERR_add_error_data(2, "ldap_bind_s : ", ldap_err2string(LdapRet));
+ ERR_add_error_data(2, "ldap_sasl_bind_s : ", ldap_err2string(LdapRet));
Disconnect();
return false;
}
