Hi, Our version of OpenLDAP is a "bit" outdated.. The following diff will upgrade it to the latest stable version aka 2.4.23.
As discussed with anothers porters, the "best" plan seems to be: + upgrade databases/openldap to 2.4.23 + provide databases/openldap23 wich will contain only the -server part of our current version (2.3.43). Important thing to know about this upgrade: + ldbm backend has been removed. You must backup all your data *before* the upgrade (pkg_add will warn you) + the default backend will be bdb + slurp has been removed You will need the following diff to unbreak some apps (evolution-data-server, evolution, evolution-exchange, seahorse, zarafa, ruby-ldap). All of these has been found by landry@ while doing a bulk with this upgrade (thanks). Stephan@ tried it on his production server (with success). I use it too. I would like to thanks ajacoutot@,bernd@,jasper@,landry@,sthen@ and stephan@ for their help/avdices/comments/tests ! Please test this upgrade and give me feedbacks. Regards, -- Pierre-Emmanuel André <pea at raveland.org> GPG key: 0x7AE329DC
Index: Makefile
===================================================================
RCS file: /cvs/ports/databases/openldap/Makefile,v
retrieving revision 1.96
diff -u -p -r1.96 Makefile
--- Makefile 6 Nov 2010 22:50:02 -0000 1.96
+++ Makefile 9 Nov 2010 14:12:27 -0000
@@ -3,18 +3,16 @@
COMMENT-main= Open source LDAP software (client)
COMMENT-server= Open source LDAP software (server)
-DISTNAME= openldap-2.3.43
+DISTNAME= openldap-2.4.23
PKGNAME-main= ${DISTNAME:S/-/-client-/}
PKGNAME-server= ${DISTNAME:S/-/-server-/}
-REVISION-main= 2
-REVISION-server= 4
-SHARED_LIBS += lber 9.1 # .2.15
-SHARED_LIBS += ldap 9.1 # .2.15
-SHARED_LIBS += ldap_r 9.1 # .2.15
-SHARED_LIBS += lber-2.3 9.1 # .2.15
-SHARED_LIBS += ldap-2.3 9.1 # .2.15
-SHARED_LIBS += ldap_r-2.3 9.1 # .2.15
+SHARED_LIBS += lber 10.0 # .7.6
+SHARED_LIBS += ldap 10.0 # .7.6
+SHARED_LIBS += ldap_r 10.0 # .7.6
+SHARED_LIBS += lber-2.4 10.0 # .7.6
+SHARED_LIBS += ldap-2.4 10.0 # .7.6
+SHARED_LIBS += ldap_r-2.4 10.0 # .7.6
CATEGORIES= databases net
HOMEPAGE= http://www.openldap.org/
@@ -23,7 +21,7 @@ PERMIT_PACKAGE_CDROM= Yes
PERMIT_PACKAGE_FTP= Yes
PERMIT_DISTFILES_CDROM= Yes
PERMIT_DISTFILES_FTP= Yes
-WANTLIB= c crypto ssl asn1 com_err gssapi krb5
+WANTLIB= c crypto ssl asn1 com_err gssapi krb5 sasl2
MASTER_SITES= ftp://ftp.OpenLDAP.org/pub/OpenLDAP/openldap-release/ \
ftp://sunsite.cnlab-switch.ch/mirror/OpenLDAP/openldap-release/
\
@@ -35,12 +33,14 @@ MASTER_SITES= ftp://ftp.OpenLDAP.org/pub
EXTRACT_SUFX= .tgz
SEPARATE_BUILD= concurrent
-CONFIGURE_STYLE= gnu
+AUTOCONF_VERSION= 2.61
+CONFIGURE_STYLE= gnu autoconf
USE_GROFF = Yes
CONFIGURE_ARGS+= ${CONFIGURE_SHARED} \
--localstatedir="/var" \
- --enable-ipv6
+ --enable-ipv6 \
+ --with-tls=openssl
# slapd options
CONFIGURE_ARGS+= --enable-slapd \
@@ -52,9 +52,10 @@ CONFIGURE_ARGS+= --enable-slapd \
--enable-spasswd
# slapd modules
-CONFIGURE_ARGS+= --enable-dnssrv \
+CONFIGURE_ARGS+= --enable-bdb \
+ --enable-dnssrv \
+ --enable-hdb \
--enable-ldap \
- --enable-ldbm \
--enable-meta \
--enable-monitor \
--enable-null \
@@ -62,37 +63,23 @@ CONFIGURE_ARGS+= --enable-dnssrv \
--enable-perl \
--enable-shell
-# slurpd modules
-CONFIGURE_ARGS+= --enable-slurpd
MODGNU_CONFIG_GUESS_DIRS= ${WRKSRC} ${WRKSRC}/build
REGRESS_TARGET= test
-FLAVORS= bdb
-FLAVOR?=
-
MULTI_PACKAGES= -main -server
LIB_DEPENDS += ::security/cyrus-sasl2
WANTLIB += sasl2
CPPFLAGS += -I${LOCALBASE}/include/sasl
-.if ${FLAVOR:L:Mbdb}
-BROKEN = OpenLDAP 2.3 is incompatible with Berkeley DB 4.6
-CONFIGURE_ARGS += --enable-bdb --enable-hdb
-LIB_DEPENDS += :db->=4,<5:databases/db/v4
-WANTLIB += lib/db4/db.>=4
-CPPFLAGS += -I${LOCALBASE}/include/db4
-LDFLAGS += -L${LOCALBASE}/lib/db4
-LIBS += -ldb
-.else
-CONFIGURE_ARGS+= --disable-bdb --disable-hdb
-.endif
-
-CONFIGURE_ENV+= CPPFLAGS="${CPPFLAGS}" \
- LDFLAGS="-L${LOCALBASE}/lib ${LDFLAGS}" \
- LIBS="${LIBS}"
+LIB_DEPENDS-server= ${LIB_DEPENDS-main} \
+ icudata,icuuc::textproc/icu4c \
+ lib/db4/db.>=4:db->=4.6.21,<5:databases/db/v4
+
+CONFIGURE_ENV+= CPPFLAGS="-I${LOCALBASE}/include/sasl
-I${LOCALBASE}/include/db4 -I${LOCALBASE}/include" \
+ LDFLAGS="-L${LOCALBASE}/lib/db4 -L${LOCALBASE}/lib"
RUN_DEPENDS-server= :${FULLPKGNAME-main}:databases/openldap
WANTLIB-server= ${WANTLIB} perl util wrap m pthread
@@ -102,14 +89,6 @@ USE_LIBTOOL= Yes
pre-build:
@cd ${WRKBUILD}; ${MAKE_PROGRAM} depend
-pre-configure:
- @perl -pi -e 's,KRB5_LIBS=,KRB5_LIBS="-lgssapi -lkrb5 -lasn1 \
- -lcom_err",g' ${WRKSRC}/configure
-.if ${FLAVOR} != "bdb"
- @perl -pi -e 's,database bdb,database ldbm,' \
- ${WRKSRC}/servers/slapd/slapd.conf
-.endif
-
post-install:
${INSTALL_DATA_DIR} ${PREFIX}/share/examples/openldap
${INSTALL_DATA} ${DESTDIR}${SYSCONFDIR}/openldap/*.conf \
@@ -119,7 +98,6 @@ post-install:
${PREFIX}/share/examples/openldap/schema
${INSTALL_DATA} ${WRKSRC}/servers/slapd/DB_CONFIG \
${PREFIX}/share/examples/openldap
- @rm -r ${DESTDIR}${SYSCONFDIR}/openldap
- @rm -r ${DESTDIR}/var/openldap-data ${DESTDIR}/var/openldap-slurp
+ @rm -rf ${DESTDIR}${SYSCONFDIR}/openldap
.include <bsd.port.mk>
Index: distinfo
===================================================================
RCS file: /cvs/ports/databases/openldap/distinfo,v
retrieving revision 1.31
diff -u -p -r1.31 distinfo
--- distinfo 21 Jul 2008 06:07:10 -0000 1.31
+++ distinfo 9 Nov 2010 14:12:27 -0000
@@ -1,5 +1,5 @@
-MD5 (openldap-2.3.43.tgz) = GyUoEIbrFGuOEevTPeCG3A==
-RMD160 (openldap-2.3.43.tgz) = Pst4nl9NTJOTV+LnIg15PrBUAuc=
-SHA1 (openldap-2.3.43.tgz) = eWtds3rlJDuE97nBEhe77ETg2ow=
-SHA256 (openldap-2.3.43.tgz) = 19LeoFNiyKx+Ebt78dpM3rByJbqNwWl0v/n1Gp89N+E=
-SIZE (openldap-2.3.43.tgz) = 3803011
+MD5 (openldap-2.4.23.tgz) = kBULjA0BkuELMBV+aIRN3w==
+RMD160 (openldap-2.4.23.tgz) = 0iaOj7iUaA0dmSb+3Kc28ZXgoL4=
+SHA1 (openldap-2.4.23.tgz) = JgJ+cCAlbF9H4XeH8X7osxr0I3g=
+SHA256 (openldap-2.4.23.tgz) = Wl7ekdXoqzx/Y3YgqimjuW6zQxiosmyO7y0seJ/AVeM=
+SIZE (openldap-2.4.23.tgz) = 5182440
Index: patches/patch-aclocal_m4
===================================================================
RCS file: patches/patch-aclocal_m4
diff -N patches/patch-aclocal_m4
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-aclocal_m4 9 Nov 2010 14:12:27 -0000
@@ -0,0 +1,11 @@
+$OpenBSD$
+--- aclocal.m4.orig Mon Dec 7 14:37:50 2009
++++ aclocal.m4 Mon Dec 7 14:38:06 2009
+@@ -2071,7 +2071,6 @@ openbsd*)
+ *) need_version=no ;;
+ esac
+ library_names_spec='${libname}${release}${shared_ext}$versuffix
${libname}${shared_ext}$versuffix'
+- finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test
"$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+ case $host_os in
Index: patches/patch-build_openldap_m4
===================================================================
RCS file: patches/patch-build_openldap_m4
diff -N patches/patch-build_openldap_m4
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-build_openldap_m4 9 Nov 2010 14:12:27 -0000
@@ -0,0 +1,12 @@
+$OpenBSD$
+--- build/openldap.m4.orig Mon Dec 7 14:39:00 2009
++++ build/openldap.m4 Mon Dec 7 14:39:15 2009
+@@ -251,7 +251,7 @@ AC_DEFUN([OL_ICU],
+ AC_CHECK_HEADERS( unicode/utypes.h )
+ if test $ac_cv_header_unicode_utypes_h = yes ; then
+ dnl OL_ICULIBS="-licui18n -licuuc -licudata"
+- OL_ICULIBS="-licuuc -licudata"
++ OL_ICULIBS="-licuuc -licudata -pthread"
+
+ AC_CACHE_CHECK([for ICU libraries], [ol_cv_lib_icu], [
+ ol_LIBS="$LIBS"
Index: patches/patch-build_top_mk
===================================================================
RCS file: /cvs/ports/databases/openldap/patches/patch-build_top_mk,v
retrieving revision 1.5
diff -u -p -r1.5 patch-build_top_mk
--- patches/patch-build_top_mk 14 Jan 2008 21:01:11 -0000 1.5
+++ patches/patch-build_top_mk 9 Nov 2010 14:12:27 -0000
@@ -1,7 +1,7 @@
$OpenBSD: patch-build_top_mk,v 1.5 2008/01/14 21:01:11 mbalmer Exp $
---- build/top.mk.orig Wed Jan 3 00:42:47 2007
-+++ build/top.mk Mon Jan 14 11:55:23 2008
-@@ -121,7 +121,7 @@ LTLINK_MOD = $(LIBTOOL) $(LTONLY_MOD) --mode=link \
+--- build/top.mk.orig Mon Jul 6 21:22:52 2009
++++ build/top.mk Mon Nov 2 12:09:42 2009
+@@ -122,7 +122,7 @@ LTLINK_MOD = $(LIBTOOL) $(LTONLY_MOD) --mode=link \
$(CC) $(LT_CFLAGS) $(LDFLAGS) $(LTFLAGS_MOD)
LTINSTALL = $(LIBTOOL) --mode=install $(INSTALL)
Index: patches/patch-configure
===================================================================
RCS file: patches/patch-configure
diff -N patches/patch-configure
--- patches/patch-configure 14 Jan 2008 21:01:11 -0000 1.4
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,30 +0,0 @@
-$OpenBSD: patch-configure,v 1.4 2008/01/14 21:01:11 mbalmer Exp $
---- configure.orig Mon Oct 8 18:38:57 2007
-+++ configure Mon Jan 14 11:56:10 2008
-@@ -9502,7 +9502,6 @@ openbsd*)
- *) need_version=no ;;
- esac
- library_names_spec='${libname}${release}${shared_ext}$versuffix
${libname}${shared_ext}$versuffix'
-- finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
- shlibpath_var=LD_LIBRARY_PATH
- if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test
"$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
- case $host_os in
-@@ -35855,8 +35854,8 @@ cat >>conftest.$ac_ext <<_ACEOF
- # define DB_VERSION_MINOR 0
- #endif
-
--/* require 4.2-4.5 */
--#if (DB_VERSION_MAJOR >= 4) && (DB_VERSION_MINOR >= 2) && (DB_VERSION_MINOR <
6)
-+/* require 4.2-4.6 */
-+#if (DB_VERSION_MAJOR >= 4) && (DB_VERSION_MINOR >= 2) && (DB_VERSION_MINOR <
7)
- __db_version_compat
- #endif
-
-@@ -37236,6 +37235,7 @@ cat confdefs.h >>conftest.$ac_ext
- cat >>conftest.$ac_ext <<_ACEOF
- /* end confdefs.h. */
-
-+#include <sys/types.h>
- #include <tcpd.h>
- int allow_severity = 0;
- int deny_severity = 0;
Index: patches/patch-configure_in
===================================================================
RCS file: patches/patch-configure_in
diff -N patches/patch-configure_in
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-configure_in 9 Nov 2010 14:12:27 -0000
@@ -0,0 +1,20 @@
+$OpenBSD$
+--- configure.in.orig Wed Sep 30 02:24:39 2009
++++ configure.in Mon May 3 18:32:18 2010
+@@ -582,7 +582,7 @@ SLAPD_SQL_LIBS=
+ SLAPD_SQL_INCLUDES=
+
+ KRB4_LIBS=
+-KRB5_LIBS=
++KRB5_LIBS="-lgssapi -lkrb5 -lasn1 -lcom_err"
+ SASL_LIBS=
+ TLS_LIBS=
+ MODULES_LIBS=
+@@ -1901,6 +1901,7 @@ if test $ol_enable_wrappers != no ; then
+ save_LIBS="$LIBS"
+ LIBS="$LIBS -lwrap"
+ AC_LINK_IFELSE([AC_LANG_PROGRAM([[
++#include <sys/types.h>
+ #include <tcpd.h>
+ int allow_severity = 0;
+ int deny_severity = 0;
Index: patches/patch-libraries_libldap_tls_c
===================================================================
RCS file: patches/patch-libraries_libldap_tls_c
diff -N patches/patch-libraries_libldap_tls_c
--- patches/patch-libraries_libldap_tls_c 4 Dec 2009 15:26:48 -0000
1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,120 +0,0 @@
-$OpenBSD: patch-libraries_libldap_tls_c,v 1.1 2009/12/04 15:26:48 pea Exp $
---- libraries/libldap/tls.c.orig Tue Feb 12 00:24:12 2008
-+++ libraries/libldap/tls.c Thu Dec 3 12:03:47 2009
-@@ -981,7 +981,7 @@ ldap_pvt_tls_check_hostname( LDAP *ld, void *s, const
- X509 *x;
- const char *name;
- char *ptr;
-- int ntype = IS_DNS;
-+ int ntype = IS_DNS, nlen;
- #ifdef LDAP_PF_INET6
- struct in6_addr addr;
- #else
-@@ -995,6 +995,7 @@ ldap_pvt_tls_check_hostname( LDAP *ld, void *s, const
- } else {
- name = name_in;
- }
-+ nlen = strlen(name);
-
- x = tls_get_cert((SSL *)s);
- if (!x) {
-@@ -1028,15 +1029,14 @@ ldap_pvt_tls_check_hostname( LDAP *ld, void *s, const
- ex = X509_get_ext(x, i);
- alt = X509V3_EXT_d2i(ex);
- if (alt) {
-- int n, len1 = 0, len2 = 0;
-+ int n, len2 = 0;
- char *domain = NULL;
- GENERAL_NAME *gn;
-
- if (ntype == IS_DNS) {
-- len1 = strlen(name);
- domain = strchr(name, '.');
- if (domain) {
-- len2 = len1 - (domain-name);
-+ len2 = nlen - (domain-name);
- }
- }
- n = sk_GENERAL_NAME_num(alt);
-@@ -1054,7 +1054,7 @@ ldap_pvt_tls_check_hostname( LDAP *ld, void *s, const
- if (sl == 0) continue;
-
- /* Is this an exact match? */
-- if ((len1 == sl) && !strncasecmp(name,
sn, len1)) {
-+ if ((nlen == sl) && !strncasecmp(name,
sn, nlen)) {
- break;
- }
-
-@@ -1094,13 +1094,28 @@ ldap_pvt_tls_check_hostname( LDAP *ld, void *s, const
-
- if (ret != LDAP_SUCCESS) {
- X509_NAME *xn;
-- char buf[2048];
-- buf[0] = '\0';
-+ X509_NAME_ENTRY *ne;
-+ ASN1_OBJECT *obj;
-+ ASN1_STRING *cn = NULL;
-+ int navas;
-
-+ /* find the last CN */
-+ obj = OBJ_nid2obj( NID_commonName );
-+ if ( !obj ) goto no_cn; /* should never happen */
-+
- xn = X509_get_subject_name(x);
-- if( X509_NAME_get_text_by_NID( xn, NID_commonName,
-- buf, sizeof(buf)) == -1)
-+ navas = X509_NAME_entry_count( xn );
-+ for ( i=navas-1; i>=0; i-- ) {
-+ ne = X509_NAME_get_entry( xn, i );
-+ if ( !OBJ_cmp( ne->object, obj )) {
-+ cn = X509_NAME_ENTRY_get_data( ne );
-+ break;
-+ }
-+ }
-+
-+ if( !cn )
- {
-+no_cn:
- Debug( LDAP_DEBUG_ANY,
- "TLS: unable to get common name from peer
certificate.\n",
- 0, 0, 0 );
-@@ -1111,21 +1126,20 @@ ldap_pvt_tls_check_hostname( LDAP *ld, void *s, const
- ld->ld_error = LDAP_STRDUP(
- _("TLS: unable to get CN from peer
certificate"));
-
-- } else if (strcasecmp(name, buf) == 0 ) {
-+ } else if ( cn->length == nlen &&
-+ strncasecmp( name, (char *) cn->data, nlen ) == 0 ) {
- ret = LDAP_SUCCESS;
-
-- } else if (( buf[0] == '*' ) && ( buf[1] == '.' )) {
-+ } else if (( cn->data[0] == '*' ) && ( cn->data[1] == '.' )) {
- char *domain = strchr(name, '.');
- if( domain ) {
-- size_t dlen = 0;
-- size_t sl;
-+ size_t dlen;
-
-- sl = strlen(name);
-- dlen = sl - (domain-name);
-- sl = strlen(buf);
-+ dlen = nlen - (domain-name);
-
- /* Is this a wildcard match? */
-- if ((dlen == sl-1) && !strncasecmp(domain,
&buf[1], dlen)) {
-+ if ((dlen == cn->length-1) &&
-+ !strncasecmp(domain, (char *)
&cn->data[1], dlen)) {
- ret = LDAP_SUCCESS;
- }
- }
-@@ -1133,8 +1147,8 @@ ldap_pvt_tls_check_hostname( LDAP *ld, void *s, const
-
- if( ret == LDAP_LOCAL_ERROR ) {
- Debug( LDAP_DEBUG_ANY, "TLS: hostname (%s) does not
match "
-- "common name in certificate (%s).\n",
-- name, buf, 0 );
-+ "common name in certificate (%.*s).\n",
-+ name, cn->length, cn->data );
- ret = LDAP_CONNECT_ERROR;
- if ( ld->ld_error ) {
- LDAP_FREE( ld->ld_error );
Index: patches/patch-servers_slapd_Makefile_in
===================================================================
RCS file: patches/patch-servers_slapd_Makefile_in
diff -N patches/patch-servers_slapd_Makefile_in
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-servers_slapd_Makefile_in 9 Nov 2010 14:12:27 -0000
@@ -0,0 +1,12 @@
+$OpenBSD$
+--- servers/slapd/Makefile.in.orig Tue Oct 19 13:18:41 2010
++++ servers/slapd/Makefile.in Tue Oct 19 13:19:40 2010
+@@ -432,8 +432,6 @@ install-db-config: FORCE
+ @-$(MKDIR) $(DESTDIR)$(localstatedir) $(DESTDIR)$(sysconfdir)
+ @-$(INSTALL) -m 700 -d $(DESTDIR)$(localstatedir)/openldap-data
+ $(INSTALL) $(INSTALLFLAGS) -m 600 $(srcdir)/DB_CONFIG \
+- $(DESTDIR)$(localstatedir)/openldap-data/DB_CONFIG.example
+- $(INSTALL) $(INSTALLFLAGS) -m 600 $(srcdir)/DB_CONFIG \
+ $(DESTDIR)$(sysconfdir)/DB_CONFIG.example
+
+ install-tools: FORCE
Index: patches/patch-servers_slapd_dn_c
===================================================================
RCS file: /cvs/ports/databases/openldap/patches/patch-servers_slapd_dn_c,v
retrieving revision 1.1
diff -u -p -r1.1 patch-servers_slapd_dn_c
--- patches/patch-servers_slapd_dn_c 6 Aug 2010 02:52:05 -0000 1.1
+++ patches/patch-servers_slapd_dn_c 9 Nov 2010 14:12:27 -0000
@@ -6,31 +6,16 @@ Resolves CVE-2010-0211 and CVE-2010-0212
from upstream
---- servers/slapd/dn.c.orig Mon Feb 11 18:24:16 2008
-+++ servers/slapd/dn.c Tue Aug 3 10:24:27 2010
-@@ -352,12 +352,9 @@ LDAPRDN_rewrite( LDAPRDN rdn, unsigned flags, void *ct
- ava->la_attr = ad->ad_cname;
-
- if( ava->la_flags & LDAP_AVA_BINARY ) {
-- if( ava->la_value.bv_len == 0 ) {
-- /* BER encoding is empty */
-- return LDAP_INVALID_SYNTAX;
-- }
-+ /* AVA is binary encoded, not supported */
-+ return LDAP_INVALID_SYNTAX;
-
-- /* AVA is binary encoded, don't muck with it */
- } else if( flags & SLAP_LDAPDN_PRETTY ) {
- transf = ad->ad_type->sat_syntax->ssyn_pretty;
- if( !transf ) {
-@@ -424,6 +421,10 @@ LDAPRDN_rewrite( LDAPRDN rdn, unsigned flags, void *ct
- ber_memfree_x( ava->la_value.bv_val, ctx );
- ava->la_value = bv;
- ava->la_flags |= LDAP_AVA_FREE_VALUE;
-+ }
+--- servers/slapd/dn.c.orig Thu Jun 10 19:48:06 2010
++++ servers/slapd/dn.c Tue Sep 7 15:11:59 2010
+@@ -380,6 +380,10 @@ LDAPRDN_rewrite( LDAPRDN rdn, unsigned flags, void *ct
+ if (!ava->la_value.bv_len) {
+ return LDAP_INVALID_SYNTAX;
+ }
+ /* reject empty values */
+ if (!ava->la_value.bv_len) {
+ return LDAP_INVALID_SYNTAX;
- }
++ }
}
rc = LDAP_SUCCESS;
+
Index: patches/patch-servers_slapd_modrdn_c
===================================================================
RCS file: patches/patch-servers_slapd_modrdn_c
diff -N patches/patch-servers_slapd_modrdn_c
--- patches/patch-servers_slapd_modrdn_c 6 Aug 2010 02:52:05 -0000
1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,31 +0,0 @@
-$OpenBSD: patch-servers_slapd_modrdn_c,v 1.1 2010/08/06 02:52:05 william Exp $
-
-SECURITY FIX
-
-Resolves CVE-2010-0211 and CVE-2010-0212 (ITS#6570)
-from upstream
-
-
---- servers/slapd/modrdn.c.orig Mon Feb 11 18:24:16 2008
-+++ servers/slapd/modrdn.c Tue Aug 3 10:26:21 2010
-@@ -481,12 +481,19 @@ slap_modrdn2mods(
- mod_tmp->sml_values[1].bv_val = NULL;
- if( desc->ad_type->sat_equality->smr_normalize) {
- mod_tmp->sml_nvalues = &mod_tmp->sml_values[2];
-- (void)
(*desc->ad_type->sat_equality->smr_normalize)(
-+ rs->sr_err =
desc->ad_type->sat_equality->smr_normalize(
-
SLAP_MR_EQUALITY|SLAP_MR_VALUE_OF_ASSERTION_SYNTAX,
- desc->ad_type->sat_syntax,
- desc->ad_type->sat_equality,
- &mod_tmp->sml_values[0],
- &mod_tmp->sml_nvalues[0],
op->o_tmpmemctx );
-+ if (rs->sr_err != LDAP_SUCCESS) {
-+ ch_free(mod_tmp->sml_nvalues);
-+ ch_free(mod_tmp->sml_values[0].bv_val);
-+ ch_free(mod_tmp->sml_values);
-+ ch_free(mod_tmp);
-+ goto done;
-+ }
- mod_tmp->sml_nvalues[1].bv_val = NULL;
- } else {
- mod_tmp->sml_nvalues = NULL;
Index: patches/patch-servers_slapd_schema_init_c
===================================================================
RCS file: patches/patch-servers_slapd_schema_init_c
diff -N patches/patch-servers_slapd_schema_init_c
--- patches/patch-servers_slapd_schema_init_c 6 Aug 2010 02:52:05 -0000
1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,54 +0,0 @@
-$OpenBSD: patch-servers_slapd_schema_init_c,v 1.1 2010/08/06 02:52:05 william
Exp $
-
-SECURITY FIX
-
-Resolves CVE-2010-0211 and CVE-2010-0212 (ITS#6570)
-from upstream
-
-Also cure a crash in IA5StringNormalize() by sync'ing it with the same
-function from 2.4.23
-
-
---- servers/slapd/schema_init.c.orig Mon Feb 11 18:24:17 2008
-+++ servers/slapd/schema_init.c Tue Aug 3 15:35:45 2010
-@@ -1439,8 +1439,9 @@ UTF8StringNormalize(
- ? LDAP_UTF8_APPROX : 0;
-
- val = UTF8bvnormalize( val, &tmp, flags, ctx );
-+ /* out of memory or syntax error, the former is unlikely */
- if( val == NULL ) {
-- return LDAP_OTHER;
-+ return LDAP_INVALID_SYNTAX;
- }
-
- /* collapse spaces (in place) */
-@@ -2101,14 +2102,18 @@ IA5StringNormalize(
- char *p, *q;
- int casefold = !SLAP_MR_ASSOCIATED(mr,
slap_schema.si_mr_caseExactIA5Match);
-
-- assert( SLAP_MR_IS_VALUE_OF_SYNTAX( use ));
-+ assert( SLAP_MR_IS_VALUE_OF_SYNTAX( use ) != 0);
-
- p = val->bv_val;
-
- /* Ignore initial whitespace */
- while ( ASCII_SPACE( *p ) ) p++;
-
-- normalized->bv_val = ber_strdup_x( p, ctx );
-+ normalized->bv_len = val->bv_len - ( p - val->bv_val );
-+ normalized->bv_val = slap_sl_malloc( normalized->bv_len + 1, ctx );
-+ AC_MEMCPY( normalized->bv_val, p, normalized->bv_len );
-+ normalized->bv_val[normalized->bv_len] = '\0';
-+
- p = q = normalized->bv_val;
-
- while ( *p ) {
-@@ -2137,7 +2142,7 @@ IA5StringNormalize(
- * position. One is enough because the above loop collapsed
- * all whitespace to a single space.
- */
-- if ( ASCII_SPACE( q[-1] ) ) --q;
-+ if ( q > normalized->bv_val && ASCII_SPACE( q[-1] ) ) --q;
-
- /* null terminate */
- *q = '\0';
Index: pkg/DESCR-server
===================================================================
RCS file: /cvs/ports/databases/openldap/pkg/DESCR-server,v
retrieving revision 1.3
diff -u -p -r1.3 DESCR-server
--- pkg/DESCR-server 7 Nov 2005 15:59:08 -0000 1.3
+++ pkg/DESCR-server 9 Nov 2010 14:12:27 -0000
@@ -9,6 +9,3 @@ is distributed under a Perl-style "Artis
This is the server portion of OpenLDAP, it provides the server as well as
various administrative binaries.
-
-Flavors:
- bdb enable the bdb and hdb backends
Index: pkg/PFRAG.shared-main
===================================================================
RCS file: /cvs/ports/databases/openldap/pkg/PFRAG.shared-main,v
retrieving revision 1.1
diff -u -p -r1.1 PFRAG.shared-main
--- pkg/PFRAG.shared-main 25 Nov 2006 16:50:24 -0000 1.1
+++ pkg/PFRAG.shared-main 9 Nov 2010 14:12:27 -0000
@@ -1,7 +1,7 @@
@comment $OpenBSD: PFRAG.shared-main,v 1.1 2006/11/25 16:50:24 espie Exp $
-...@lib lib/liblber-2.3.so.${LIBlber-2.3_VERSION}
+...@lib lib/liblber-2.4.so.${LIBlber-2.4_VERSION}
@lib lib/liblber.so.${LIBlber_VERSION}
-...@lib lib/libldap-2.3.so.${LIBldap-2.3_VERSION}
+...@lib lib/libldap-2.4.so.${LIBldap-2.4_VERSION}
@lib lib/libldap.so.${LIBldap_VERSION}
-...@lib lib/libldap_r-2.3.so.${LIBldap_r-2.3_VERSION}
+...@lib lib/libldap_r-2.4.so.${LIBldap_r-2.4_VERSION}
@lib lib/libldap_r.so.${LIBldap_r_VERSION}
Index: pkg/PLIST-main
===================================================================
RCS file: /cvs/ports/databases/openldap/pkg/PLIST-main,v
retrieving revision 1.3
diff -u -p -r1.3 PLIST-main
--- pkg/PLIST-main 15 Jul 2008 18:25:53 -0000 1.3
+++ pkg/PLIST-main 9 Nov 2010 14:12:27 -0000
@@ -3,10 +3,12 @@
bin/ldapadd
@bin bin/ldapcompare
@bin bin/ldapdelete
+...@bin bin/ldapexop
@bin bin/ldapmodify
@bin bin/ldapmodrdn
@bin bin/ldappasswd
@bin bin/ldapsearch
+...@bin bin/ldapurl
@bin bin/ldapwhoami
include/lber.h
include/lber_types.h
@@ -25,10 +27,12 @@ lib/libldap_r.la
@man man/man1/ldapadd.1
@man man/man1/ldapcompare.1
@man man/man1/ldapdelete.1
+...@man man/man1/ldapexop.1
@man man/man1/ldapmodify.1
@man man/man1/ldapmodrdn.1
@man man/man1/ldappasswd.1
@man man/man1/ldapsearch.1
+...@man man/man1/ldapurl.1
@man man/man1/ldapwhoami.1
@man man/man3/ber_alloc_t.3
@man man/man3/ber_bvarray_add.3
@@ -68,6 +72,7 @@ lib/libldap_r.la
@man man/man3/lber-decode.3
@man man/man3/lber-encode.3
@man man/man3/lber-memory.3
+...@man man/man3/lber-sockbuf.3
@man man/man3/lber-types.3
@man man/man3/ld_errno.3
@man man/man3/ldap.3
@@ -86,6 +91,13 @@ lib/libldap_r.la
@man man/man3/ldap_compare_ext.3
@man man/man3/ldap_compare_ext_s.3
@man man/man3/ldap_compare_s.3
+...@man man/man3/ldap_control_create.3
+...@man man/man3/ldap_control_dup.3
+...@man man/man3/ldap_control_find.3
+...@man man/man3/ldap_control_free.3
+...@man man/man3/ldap_controls.3
+...@man man/man3/ldap_controls_dup.3
+...@man man/man3/ldap_controls_free.3
@man man/man3/ldap_count_entries.3
@man man/man3/ldap_count_messages.3
@man man/man3/ldap_count_references.3
@@ -105,19 +117,30 @@ lib/libldap_r.la
@man man/man3/ldap_error.3
@man man/man3/ldap_explode_dn.3
@man man/man3/ldap_explode_rdn.3
+...@man man/man3/ldap_extended_operation.3
+...@man man/man3/ldap_extended_operation_s.3
@man man/man3/ldap_first_attribute.3
@man man/man3/ldap_first_entry.3
@man man/man3/ldap_first_message.3
@man man/man3/ldap_first_reference.3
@man man/man3/ldap_free_urldesc.3
@man man/man3/ldap_get_dn.3
+...@man man/man3/ldap_get_option.3
@man man/man3/ldap_get_values.3
@man man/man3/ldap_get_values_len.3
@man man/man3/ldap_init.3
+...@man man/man3/ldap_initialize.3
+...@man man/man3/ldap_install_tls.3
@man man/man3/ldap_is_ldap_url.3
@man man/man3/ldap_matchingrule2name.3
@man man/man3/ldap_matchingrule2str.3
@man man/man3/ldap_matchingrule_free.3
+...@man man/man3/ldap_memalloc.3
+...@man man/man3/ldap_memcalloc.3
+...@man man/man3/ldap_memfree.3
+...@man man/man3/ldap_memory.3
+...@man man/man3/ldap_memrealloc.3
+...@man man/man3/ldap_memvfree.3
@man man/man3/ldap_modify.3
@man man/man3/ldap_modify_ext.3
@man man/man3/ldap_modify_ext_s.3
@@ -142,7 +165,11 @@ lib/libldap_r.la
@man man/man3/ldap_parse_reference.3
@man man/man3/ldap_parse_result.3
@man man/man3/ldap_parse_sasl_bind_result.3
+...@man man/man3/ldap_parse_sort_control.3
+...@man man/man3/ldap_parse_vlv_control.3
@man man/man3/ldap_perror.3
+...@man man/man3/ldap_rename.3
+...@man man/man3/ldap_rename_s.3
@man man/man3/ldap_result.3
@man man/man3/ldap_result2error.3
@man man/man3/ldap_sasl_bind.3
@@ -154,20 +181,28 @@ lib/libldap_r.la
@man man/man3/ldap_search_ext_s.3
@man man/man3/ldap_search_s.3
@man man/man3/ldap_search_st.3
+...@man man/man3/ldap_set_option.3
+...@man man/man3/ldap_set_rebind_proc.3
@man man/man3/ldap_simple_bind.3
@man man/man3/ldap_simple_bind_s.3
@man man/man3/ldap_sort.3
@man man/man3/ldap_sort_entries.3
@man man/man3/ldap_sort_strcasecmp.3
@man man/man3/ldap_sort_values.3
+...@man man/man3/ldap_start_tls.3
+...@man man/man3/ldap_start_tls_s.3
@man man/man3/ldap_str2attributetype.3
@man man/man3/ldap_str2dn.3
@man man/man3/ldap_str2matchingrule.3
@man man/man3/ldap_str2objectclass.3
@man man/man3/ldap_str2syntax.3
+...@man man/man3/ldap_strdup.3
+...@man man/man3/ldap_sync.3
@man man/man3/ldap_syntax2name.3
@man man/man3/ldap_syntax2str.3
@man man/man3/ldap_syntax_free.3
+...@man man/man3/ldap_tls.3
+...@man man/man3/ldap_tls_inplace.3
@man man/man3/ldap_unbind.3
@man man/man3/ldap_unbind_ext.3
@man man/man3/ldap_unbind_ext_s.3
@@ -178,20 +213,7 @@ lib/libldap_r.la
@man man/man3/ldap_value_free_len.3
@man man/man5/ldap.conf.5
@man man/man5/ldif.5
-...@man man/man5/slapo-accesslog.5
-...@man man/man5/slapo-auditlog.5
-...@man man/man5/slapo-chain.5
-...@man man/man5/slapo-dynlist.5
-...@man man/man5/slapo-lastmod.5
-...@man man/man5/slapo-pcache.5
-...@man man/man5/slapo-ppolicy.5
-...@man man/man5/slapo-refint.5
-...@man man/man5/slapo-retcode.5
-...@man man/man5/slapo-rwm.5
-...@man man/man5/slapo-syncprov.5
-...@man man/man5/slapo-translucent.5
-...@man man/man5/slapo-unique.5
-...@man man/man5/slapo-valsort.5
+...@man man/man5/slapo-pbind.5
share/examples/openldap/
@sample ${SYSCONFDIR}/openldap/
share/examples/openldap/ldap.conf
Index: pkg/PLIST-server
===================================================================
RCS file: /cvs/ports/databases/openldap/pkg/PLIST-server,v
retrieving revision 1.18
diff -u -p -r1.18 PLIST-server
--- pkg/PLIST-server 21 Aug 2009 13:21:19 -0000 1.18
+++ pkg/PLIST-server 9 Nov 2010 14:12:27 -0000
@@ -1,10 +1,12 @@
@comment $OpenBSD: PLIST-server,v 1.18 2009/08/21 13:21:19 ajacoutot Exp $
@conflict openldap-client->=2.3.11,<=2.3.11p3
+...@pkgpath databases/openldap,-server,db
+...@ask-update openldap-server-<2.4 Make sure your existing database is backed
up
@newgroup _openldap:544
@newuser _openldap:544:_openldap:daemon:OpenLDAP
Account:/nonexistent:/sbin/nologin
@bin libexec/slapd
-...@bin libexec/slurpd
@man man/man5/slapd-bdb.5
+...@man man/man5/slapd-config.5
@man man/man5/slapd-dnssrv.5
@man man/man5/slapd-hdb.5
@man man/man5/slapd-ldap.5
@@ -12,17 +14,38 @@
@man man/man5/slapd-ldif.5
@man man/man5/slapd-meta.5
@man man/man5/slapd-monitor.5
+...@man man/man5/slapd-ndb.5
@man man/man5/slapd-null.5
@man man/man5/slapd-passwd.5
@man man/man5/slapd-perl.5
@man man/man5/slapd-relay.5
@man man/man5/slapd-shell.5
+...@man man/man5/slapd-sock.5
@man man/man5/slapd-sql.5
-...@man man/man5/slapd-tcl.5
@man man/man5/slapd.access.5
+...@man man/man5/slapd.backends.5
@man man/man5/slapd.conf.5
+...@man man/man5/slapd.overlays.5
@man man/man5/slapd.plugin.5
-...@man man/man5/slapd.replog.5
+...@man man/man5/slapo-accesslog.5
+...@man man/man5/slapo-auditlog.5
+...@man man/man5/slapo-chain.5
+...@man man/man5/slapo-collect.5
+...@man man/man5/slapo-constraint.5
+...@man man/man5/slapo-dds.5
+...@man man/man5/slapo-dyngroup.5
+...@man man/man5/slapo-dynlist.5
+...@man man/man5/slapo-memberof.5
+...@man man/man5/slapo-pcache.5
+...@man man/man5/slapo-ppolicy.5
+...@man man/man5/slapo-refint.5
+...@man man/man5/slapo-retcode.5
+...@man man/man5/slapo-rwm.5
+...@man man/man5/slapo-sssvlv.5
+...@man man/man5/slapo-syncprov.5
+...@man man/man5/slapo-translucent.5
+...@man man/man5/slapo-unique.5
+...@man man/man5/slapo-valsort.5
@man man/man8/slapacl.8
@man man/man8/slapadd.8
@man man/man8/slapauth.8
@@ -31,8 +54,8 @@
@man man/man8/slapdn.8
@man man/man8/slapindex.8
@man man/man8/slappasswd.8
+...@man man/man8/slapschema.8
@man man/man8/slaptest.8
-...@man man/man8/slurpd.8
sbin/slapacl
sbin/slapadd
sbin/slapauth
@@ -40,15 +63,27 @@ sbin/slapcat
sbin/slapdn
sbin/slapindex
sbin/slappasswd
+sbin/slapschema
sbin/slaptest
+...@mode 700
+...@owner _openldap
+...@sample /var/openldap-data/
+...@group _openldap
+share/examples/openldap/DB_CONFIG
+...@sample /var/openldap-data/DB_CONFIG
+...@mode
+...@owner
+...@group
share/examples/openldap/schema/
@sample ${SYSCONFDIR}/openldap/schema/
+share/examples/openldap/schema/collective.schema
share/examples/openldap/schema/corba.schema
@sample ${SYSCONFDIR}/openldap/schema/corba.schema
share/examples/openldap/schema/core.schema
@sample ${SYSCONFDIR}/openldap/schema/core.schema
share/examples/openldap/schema/cosine.schema
@sample ${SYSCONFDIR}/openldap/schema/cosine.schema
+share/examples/openldap/schema/duaconf.schema
share/examples/openldap/schema/dyngroup.schema
@sample ${SYSCONFDIR}/openldap/schema/dyngroup.schema
share/examples/openldap/schema/inetorgperson.schema
@@ -61,18 +96,10 @@ share/examples/openldap/schema/nis.schem
@sample ${SYSCONFDIR}/openldap/schema/nis.schema
share/examples/openldap/schema/openldap.schema
@sample ${SYSCONFDIR}/openldap/schema/openldap.schema
+share/examples/openldap/schema/pmi.schema
share/examples/openldap/schema/ppolicy.schema
@sample ${SYSCONFDIR}/openldap/schema/ppolicy.schema
@mode 0640
@group _openldap
share/examples/openldap/slapd.conf
@sample ${SYSCONFDIR}/openldap/slapd.conf
-...@mode
-...@group
-...@mode 700
-...@owner _openldap
-...@group _openldap
-...@sample /var/openldap-data/
-...@sample /var/openldap-slurp/
-share/examples/openldap/DB_CONFIG
-...@sample /var/openldap-data/DB_CONFIG
openldap23.tgz
Description: application/tar-gz
Index: databases/evolution-data-server//Makefile =================================================================== RCS file: /cvs/ports/databases/evolution-data-server/Makefile,v retrieving revision 1.73 diff -u -p -r1.73 Makefile --- databases/evolution-data-server//Makefile 23 Oct 2010 09:41:19 -0000 1.73 +++ databases/evolution-data-server//Makefile 9 Nov 2010 13:55:52 -0000 @@ -6,7 +6,7 @@ COMMENT= data backends for the Evolutio GNOME_PROJECT= evolution-data-server GNOME_VERSION= 2.32.0 -REVISION= 1 +REVISION= 2 CATEGORIES= databases @@ -41,7 +41,7 @@ WANTLIB += gthread-2.0 gtk-x11-2.0 krb5 WANTLIB += pangoft2-1.0 pcre pixman-1 plc4 plds4 png proxy pthread WANTLIB += pthread-stubs sasl2 soup-2.4 soup-gnome-2.4 sqlite3 WANTLIB += ssl tasn1 xcb xcb-render xml2 z nssutil3 -WANTLIB += db ldap-2.3 lber-2.3 gpg-error gnutls nss3.>=19 smime3 ssl3 ical +WANTLIB += db ldap lber gpg-error gnutls nss3.>=19 smime3 ssl3 ical WANTLIB += icalss icalvcal gnome-keyring.>=6 gweather gdata WANTLIB += GL Xxf86vm drm xcb-shm
Index: mail/evolution-exchange//Makefile
===================================================================
RCS file: /cvs/ports/mail/evolution-exchange/Makefile,v
retrieving revision 1.12
diff -u -p -r1.12 Makefile
--- mail/evolution-exchange//Makefile 18 Oct 2010 13:48:51 -0000 1.12
+++ mail/evolution-exchange//Makefile 5 Nov 2010 15:49:28 -0000
@@ -11,7 +11,7 @@ COMMENT= Evolution connector for MS Exch
GNOME_PROJECT= evolution-exchange
GNOME_VERSION= 2.32.0
-REVISION= 0
+REVISION= 1
CATEGORIES= mail
@@ -45,7 +45,7 @@ WANTLIB += pangoft2-1.0 pcre pixman-1 pl
WANTLIB += sasl2 smime3 soup-2.4 sqlite3 ssl ssl3 startup-notification-1
WANTLIB += stdc++ tasn1 unique-1.0 vorbis vorbisfile xcb xcb-atom
WANTLIB += xcb-aux xcb-event xcb-render xcb-render-util xml2 z
-WANTLIB += gdata gtkhtml-editor-3.14 lber-2.3 ldap-2.3 nssutil3
+WANTLIB += gdata gtkhtml-editor-3.14 lber ldap nssutil3
WANTLIB += proxy soup-gnome-2.4
WANTLIB += lib/evolution/${EVO_VERSION}/art_lgpl
WANTLIB += lib/evolution/${EVO_VERSION}/gnomecanvas
Index: mail/evolution//Makefile
===================================================================
RCS file: /cvs/ports/mail/evolution/Makefile,v
retrieving revision 1.114
diff -u -p -r1.114 Makefile
--- mail/evolution//Makefile 24 Oct 2010 11:44:37 -0000 1.114
+++ mail/evolution//Makefile 5 Nov 2010 15:49:40 -0000
@@ -5,7 +5,7 @@ COMMENT-plugins= additionnal plugins for
GNOME_PROJECT= evolution
GNOME_VERSION= 2.32.0
-REVISION-main= 3
+REVISION-main= 4
REVISION-plugins= 3
# Only get the first x.y which is needed in the PLIST.
@@ -69,7 +69,7 @@ WANTLIB += xcb-shm
WANTLIB-main += ${WANTLIB} vorbisfile canberra-gtk sasl2 ssl
WANTLIB-main += gweather icalss icalvcal ogg db gtkimageview
WANTLIB-main += icalss icalvcal ldap-2.3 ltdl ogg pst softokn3
-WANTLIB-main += ebackend-1.2 egroupwise-1.2 vorbis lber-2.3
+WANTLIB-main += ebackend-1.2 egroupwise-1.2 vorbis lber
WANTLIB-plugins += ${WANTLIB} gstreamer-0.10
WANTLIB-plugins += lib/evolution/${R}/composer lib/evolution/${R}/emformat
Index: x11/gnome/seahorse//Makefile =================================================================== RCS file: /cvs/ports/x11/gnome/seahorse/Makefile,v retrieving revision 1.44 diff -u -p -r1.44 Makefile --- x11/gnome/seahorse//Makefile 26 Oct 2010 14:53:05 -0000 1.44 +++ x11/gnome/seahorse//Makefile 5 Nov 2010 15:50:24 -0000 @@ -6,7 +6,7 @@ COMMENT= manage encryption keys GNOME_PROJECT= seahorse GNOME_VERSION= 2.32.0 -REVISION= 1 +REVISION= 2 SHARED_LIBS += cryptui 1.0 # .0.0 @@ -28,7 +28,7 @@ WANTLIB += glib-2.0 gmodule-2.0 gnutls g WANTLIB += gssapi gthread-2.0 gtk-x11-2.0 krb5 m pango-1.0 pangocairo-1.0 WANTLIB += pangoft2-1.0 pcre pixman-1 png pthread pthread-stubs WANTLIB += sasl2 ssl tasn1 xcb xml2 z xcb-render xcb-render-util -WANTLIB += lber-2.3 ldap-2.3 notify soup-2.4 gpgme gnome-keyring.>=6 gcr.>=1 +WANTLIB += lber ldap notify soup-2.4 gpgme gnome-keyring.>=6 gcr.>=1 WANTLIB += gp11 avahi-client avahi-common avahi-glib LIB_DEPENDS= ::databases/openldap \
Index: mail/zarafa/zarafa/Makefile
===================================================================
RCS file: /cvs/ports/mail/zarafa/zarafa/Makefile,v
retrieving revision 1.50
diff -u -p -r1.50 Makefile
--- mail/zarafa/zarafa/Makefile 3 Nov 2010 11:57:16 -0000 1.50
+++ mail/zarafa/zarafa/Makefile 5 Nov 2010 15:49:51 -0000
@@ -6,7 +6,7 @@ COMMENT-web= zarafa webaccess frontend a
PKGNAME-main= zarafa-${V}
PKGNAME-web= zarafa-webaccess-${V}
-REVISION-main= 3
+REVISION-main= 4
CATEGORIES= mail www productivity
@@ -31,7 +31,7 @@ BUILD_DEPENDS= ::www/php5/core \
::net/curl
WANTLIB-main += asn1 c com_err crypto gssapi krb5 m ncurses pthread ssl
-WANTLIB-main += sasl2 stdc++ z xml2 mysqlclient lber-2.3 ldap-2.3 uuid execinfo
+WANTLIB-main += sasl2 stdc++ z xml2 mysqlclient lber ldap uuid execinfo
WANTLIB-main += vmime-zarafa ical icalss
LIB_DEPENDS-main= ${MODGETTEXT_LIB_DEPENDS} \
Index: Makefile
===================================================================
RCS file: /cvs/ports/databases/ruby-ldap/Makefile,v
retrieving revision 1.16
diff -u -p -r1.16 Makefile
--- Makefile 8 Nov 2010 23:28:53 -0000 1.16
+++ Makefile 9 Nov 2010 13:47:10 -0000
@@ -4,7 +4,7 @@ COMMENT= Ruby interface to some common L
PKGNAME= ldap-0.9.7
DISTNAME= ruby-${PKGNAME}
-REVISION= 10
+REVISION= 11
CATEGORIES= databases
HOMEPAGE= http://ruby-ldap.sourceforge.net/
Index: patches/patch-conn_c
===================================================================
RCS file: patches/patch-conn_c
diff -N patches/patch-conn_c
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-conn_c 9 Nov 2010 13:47:10 -0000
@@ -0,0 +1,25 @@
+$OpenBSD$
+--- conn.c.orig Mon Nov 8 16:36:03 2010
++++ conn.c Mon Nov 8 16:37:30 2010
+@@ -497,8 +497,8 @@ rb_ldap_conn_set_option (VALUE self, VALUE opt, VALUE
+ #ifdef LDAP_OPT_X_TLS_KEYFILE
+ case LDAP_OPT_X_TLS_KEYFILE:
+ #endif
+-#ifdef LDAP_OPT_X_TLS_PROTOCOL
+- case LDAP_OPT_X_TLS_PROTOCOL:
++#ifdef LDAP_OPT_X_TLS_PROTOCOL_MIN
++ case LDAP_OPT_X_TLS_PROTOCOL_MIN:
+ #endif
+ #ifdef LDAP_OPT_X_TLS_CIPHER_SUITE
+ case LDAP_OPT_X_TLS_CIPHER_SUITE:
+@@ -627,8 +627,8 @@ rb_ldap_conn_get_option (VALUE self, VALUE opt)
+ #ifdef LDAP_OPT_X_TLS_KEYFILE
+ case LDAP_OPT_X_TLS_KEYFILE:
+ #endif
+-#ifdef LDAP_OPT_X_TLS_PROTOCOL
+- case LDAP_OPT_X_TLS_PROTOCOL:
++#ifdef LDAP_OPT_X_TLS_PROTOCOL_MIN
++ case LDAP_OPT_X_TLS_PROTOCOL_MIN:
+ #endif
+ #ifdef LDAP_OPT_X_TLS_CIPHER_SUITE
+ case LDAP_OPT_X_TLS_CIPHER_SUITE:
Index: patches/patch-ldap_c
===================================================================
RCS file: patches/patch-ldap_c
diff -N patches/patch-ldap_c
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-ldap_c 9 Nov 2010 13:47:10 -0000
@@ -0,0 +1,14 @@
+$OpenBSD$
+--- ldap.c.orig Mon Nov 8 16:34:48 2010
++++ ldap.c Mon Nov 8 16:35:55 2010
+@@ -420,8 +420,8 @@ Init_ldap ()
+ #ifdef LDAP_OPT_X_TLS
+ rb_ldap_define_opt (LDAP_OPT_X_TLS);
+ #endif
+-#ifdef LDAP_OPT_X_TLS_PROTOCOL
+- rb_ldap_define_opt (LDAP_OPT_X_TLS_PROTOCOL);
++#ifdef LDAP_OPT_X_TLS_PROTOCOL_MIX
++ rb_ldap_define_opt (LDAP_OPT_X_TLS_PROTOCOL_MIN);
+ #endif
+ #ifdef LDAP_OPT_X_TLS_CIPHER_SUITE
+ rb_ldap_define_opt (LDAP_OPT_X_TLS_CIPHER_SUITE);
