openldap: version update and new build parameters

This patch updates OpenLDAP to 2.4.47, introduces new build
parameters and places openldap-server, openldap-utils and
libopenldap under a separate menu item in Network.

OpenLDAP is difficult to find in menuconfig at present. Making
a separate menu item for OpenLDAP for selection of packages and
enabling or disabling build parameters makes better sense.

To have access to the loglevel directive, OpenLDAP must be built
with debugging information. Having access to the loglevel directive
is essential during the initial configuration of OpenLDAP server.

International users may want to enable ICU support to have access
to international characters.

Signed-off-by: Val Kulkov <val.kulkov@gmail.com>

diff --git a/libs/openldap/Makefile b/libs/openldap/Makefile
index f167e56a1ebbd0258d9fb44f74bed64ea9a5f5f8..8b459642901ee6be8f9557c3219775d4759950a3 100644 (file)
--- a/libs/openldap/Makefile
+++ b/libs/openldap/Makefile
@@ -8,44 +8,72 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openldap
-PKG_VERSION:=2.4.46
-PKG_RELEASE:=2
+PKG_VERSION:=2.4.47
+PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tgz
 PKG_SOURCE_URL:=https://gpl.savoirfairelinux.net/pub/mirrors/openldap/openldap-release/ \
        http://mirror.eu.oneandone.net/software/openldap/openldap-release/ \
        http://mirror.switch.ch/ftp/software/mirror/OpenLDAP/openldap-release/ \
        https://www.openldap.org/software/download/OpenLDAP/openldap-release/
-PKG_HASH:=9a90dcb86b99ae790ccab93b7585a31fbcbeec8c94bf0f7ab0ca0a87ea0c4b2d
+PKG_HASH:=f54c5877865233d9ada77c60c0f69b3e0bfd8b1b55889504c650047cc305520b
 PKG_LICENSE:=OLDAP-2.8
 PKG_LICENSE_FILES:=LICENSE
 
 PKG_FIXUP:=autoreconf
 
+PKG_CONFIG_DEPENDS := \
+        CONFIG_OPENLDAP_DEBUG \
+        CONFIG_OPENLDAP_MONITOR \
+        CONFIG_OPENLDAP_DB47 \
+        CONFIG_OPENLDAP_ICU
+
 include $(INCLUDE_DIR)/package.mk
 
-define Package/openldap/Default
-  TITLE:=LDAP implementation
+define Package/libopenldap/Default
+  SECTION:=net
+  CATEGORY:=Network
+  SUBMENU:=OpenLDAP
+  TITLE:=LDAP directory suite
   URL:=http://www.openldap.org/
   MAINTAINER:=W. Michael Petullo <mike@flyn.org>
 endef
 
-define Package/openldap/Default/description
-       OpenLDAP Software is an open source implementation of the
-       Lightweight Directory Access Protocol (LDAP).
-endef
-
 define Package/libopenldap
-  $(call Package/openldap/Default)
-  SECTION:=libs
-  CATEGORY:=Libraries
-  DEPENDS:=+libopenssl +libsasl2 +libpthread
+  $(call Package/libopenldap/Default)
+  MENU:=1
+  DEPENDS:=+libopenssl +libsasl2 +libpthread +OPENLDAP_DB47:libdb47 +OPENLDAP_ICU:icu
   TITLE+= (libraries)
 endef
 
+define Package/libopenldap/config
+  config OPENLDAP_DEBUG
+       bool "Enable debugging information"
+       default y
+       help
+               Enable debugging information. This option must be enabled
+               for the loglevel directive to work.
+  config OPENLDAP_MONITOR
+       bool "Enable monitor backend"
+       default n
+       help
+               Enable monitor backend to obtain information about the running
+               status of the daemon. See OpenLDAP documentation for more
+               information.
+  config OPENLDAP_DB47
+       bool "Berkeley DB support"
+       default n
+       help
+               Enable Berkeley DB support (BDB).
+  config OPENLDAP_ICU
+       bool "ICU support"
+       default n
+       help
+               Enable ICU (International Components for Unicode) support.
+endef
+
 define Package/libopenldap/description
-       $(call Package/openldap/Default/description)
-       This package contains the shared LDAP client libraries, needed by other programs.
+OpenLDAP Software is an open source implementation of the Lightweight Directory Access Protocol (LDAP). This package contains the shared LDAP client libraries, needed by other programs.
 endef
 
 define Package/libopenldap/conffiles
@@ -53,33 +81,28 @@ define Package/libopenldap/conffiles
 endef
 
 define Package/openldap-utils
-  $(call Package/openldap/Default)
-  SECTION:=utils
-  CATEGORY:=Utilities
+  $(call Package/libopenldap/Default)
   DEPENDS:=+libopenldap
   TITLE+= (utilities)
 endef
 
 define Package/openldap-utils/description
-       $(call Package/openldap/Default/description)
-       This package contains client programs required to access LDAP servers.
+This package contains client programs required to access LDAP servers.
 endef
 
 define Package/openldap-server
-  $(call Package/openldap/Default)
-  SECTION:=net
-  CATEGORY:=Network
+  $(call Package/libopenldap/Default)
   DEPENDS:=+libopenldap +libuuid
   TITLE+= (server)
 endef
 
 define Package/openldap-server/description
-       $(call Package/openldap/Default/description)
-       This package contains server programs required to provide LDAP services.
+This package contains server programs required to provide LDAP services.
 endef
 
 define Package/openldap-server/conffiles
 /etc/openldap/slapd.conf
+/etc/init.d/ldap
 endef
 
 TARGET_CFLAGS += $(FPIC) -lpthread \
@@ -88,44 +111,60 @@ TARGET_CFLAGS += $(FPIC) -lpthread \
 CONFIGURE_ARGS += \
        --enable-shared \
        --enable-static \
-       --disable-debug \
        --enable-dynamic \
        --enable-syslog \
-       --disable-local \
-       --disable-slurpd \
        --with-cyrus-sasl \
-       --without-fetch \
        --with-threads \
        --with-tls \
        --with-yielding_select="yes" \
-       --without-threads \
        --enable-null \
-       --disable-bdb \
-       --disable-hdb \
-       --disable-monitor \
        --disable-relay
 
-CONFIGURE_VARS += \
-       ol_cv_lib_icu="no"
+
+ifdef CONFIG_OPENLDAP_MONITOR
+       CONFIGURE_ARGS+= --enable-monitor
+else
+       CONFIGURE_ARGS+= --disable-monitor
+endif
+
+ifdef CONFIG_OPENLDAP_DEBUG
+       CONFIGURE_ARGS+= --enable-debug
+else
+       CONFIGURE_ARGS+= --disable-debug
+endif
+
+ifdef CONFIG_OPENLDAP_DB47
+       CONFIGURE_ARGS+= \
+               --enable-bdb \
+               --enable-hdb
+else
+       CONFIGURE_ARGS+= \
+               --disable-bdb \
+               --disable-hdb
+endif
+
+ifndef CONFIG_OPENLDAP_ICU
+       CONFIGURE_VARS += \
+               ol_cv_lib_icu="no"
+endif
 
 define Build/Compile
        $(MAKE) -C $(PKG_BUILD_DIR) \
                DESTDIR="$(PKG_INSTALL_DIR)" \
                HOSTCC="$(HOSTCC)" \
                depend all install
+       cd $(PKG_BUILD_DIR)/libraries/liblmdb && $(MAKE) $(CONFIGURE_VARS)
 endef
 
 define Build/InstallDev
-       $(INSTALL_DIR) $(1)/usr/include
-       $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/include/{lber,ldap}*.h $(1)/usr/include/
-       $(INSTALL_DIR) $(1)/usr/lib/
+       $(INSTALL_DIR) $(1)/usr/include $(1)/usr/lib
+       $(CP) $(PKG_INSTALL_DIR)/usr/include/{lber,ldap}*.h $(1)/usr/include/
        $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{lber,ldap}*.{a,so*} $(1)/usr/lib/
 endef
 
 define Package/libopenldap/install
-       $(INSTALL_DIR) $(1)/etc/openldap
-       $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/openldap/ldap.conf $(1)/etc/openldap/
-       $(INSTALL_DIR) $(1)/usr/lib
+       $(INSTALL_DIR) $(1)/etc/openldap $(1)/usr/lib
+       $(CP) $(PKG_INSTALL_DIR)/etc/openldap/ldap.conf $(1)/etc/openldap/
        $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{lber,ldap}*.so.* $(1)/usr/lib/
 endef
 
@@ -138,15 +177,15 @@ define Package/openldap-server/install
        $(INSTALL_DIR) $(1)/etc/init.d
        $(INSTALL_BIN) ./files/ldap.init $(1)/etc/init.d/ldap
        $(INSTALL_DIR) $(1)/etc/openldap/schema
-       $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/openldap/schema/* $(1)/etc/openldap/schema/
+       $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/openldap/schema/* $(1)/etc/openldap/schema/
        $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/openldap/slapd.conf $(1)/etc/openldap/
        $(INSTALL_DIR) $(1)/usr/sbin
-       # XXX: OpenLDAP installs slapd into libexecdir, not sbindir:
+       # NB: OpenLDAP installs slapd into libexecdir, not sbindir
        $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/slapd $(1)/usr/sbin/
-       # XXX: switch default backend to ldif, since bdb is disabled
-       $(SED) 's|^\(database\)\([ \t]\+\)bdb|\1\2ldif|g' \
-           -e 's|^\(index\)|#\1|g' \
-           $(1)/etc/openldap/slapd.conf
+       $(eval SLAPTOOLS := slapadd slapcat slapdn slapindex slappasswd slaptest slapauth slapacl slapschema)
+       for i in $(SLAPTOOLS); do \
+               $(LN) ./slapd $(1)/usr/sbin/$$$$i; \
+       done
 endef
 
 $(eval $(call BuildPackage,libopenldap))

diff --git a/libs/openldap/patches/001-automake-compat.patch b/libs/openldap/patches/001-automake-compat.patch
index 71cdebee70a44dc749d00571867e06cc87ab44da..c6a9ed89eebae88ce87ed0e31e1497e92f51f0f2 100644 (file)
--- a/libs/openldap/patches/001-automake-compat.patch
+++ b/libs/openldap/patches/001-automake-compat.patch
@@ -286,7 +286,7 @@
 +SHELL = @SHELL@
 +
  SRCS  = init.c config.c opensock.c search.c bind.c unbind.c add.c \
-               delete.c modify.c modrdn.c compare.c result.c
+               delete.c modify.c modrdn.c compare.c result.c extended.c
  OBJS  = init.lo config.lo opensock.lo search.lo bind.lo unbind.lo add.lo \
 --- a/servers/slapd/back-sql/Makefile.in
 +++ b/servers/slapd/back-sql/Makefile.in

diff --git a/libs/openldap/patches/110-reproducible-builds.patch b/libs/openldap/patches/110-reproducible-builds.patch
index 2cdce8e5cc3e3fcdfdd047dafdda8f548fbb2724..b3f724f7cc3c5c9b7dfbbee4c73fea75a9cbe698 100644 (file)
--- a/libs/openldap/patches/110-reproducible-builds.patch
+++ b/libs/openldap/patches/110-reproducible-builds.patch
@@ -1,16 +1,19 @@
-Index: openldap-2.4.45/build/mkversion
-===================================================================
---- openldap-2.4.45.orig/build/mkversion
-+++ openldap-2.4.45/build/mkversion
-@@ -50,7 +50,6 @@ if test $# != 1 ; then
+--- a/build/mkversion
++++ b/build/mkversion
+@@ -50,12 +50,6 @@ if test $# != 1 ; then
  fi
  
  APPLICATION=$1
--WHOWHERE="$USER@`uname -n`:`pwd`"
+-# Reproducible builds set SOURCE_DATE_EPOCH, want constant strings
+-if [ -n "${SOURCE_DATE_EPOCH}" ]; then
+-   WHOWHERE="openldap"
+-else
+-   WHOWHERE="$USER@$(uname -n):$(pwd)"
+-fi
  
  cat << __EOF__
  /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
-@@ -72,7 +71,6 @@ static const char copyright[] =
+@@ -77,7 +71,6 @@ static const char copyright[] =
  "COPYING RESTRICTIONS APPLY\n";
  
  $static $const char $SYMBOL[] =

diff --git a/libs/openldap/patches/800-openssl-deprecated.patch b/libs/openldap/patches/800-openssl-deprecated.patch
deleted file mode 100644 (file)
index e6b2d86..0000000
--- a/libs/openldap/patches/800-openssl-deprecated.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From d7a778004b0e0c7453075f1c7d429537162df436 Mon Sep 17 00:00:00 2001
-From: Howard Chu <hyc@openldap.org>
-Date: Fri, 21 Sep 2018 18:41:20 +0100
-Subject: [PATCH] ITS#8809 add missing includes
-
----
- libraries/libldap/tls_o.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/libraries/libldap/tls_o.c b/libraries/libldap/tls_o.c
-index 010f311d7..99626ec15 100644
---- a/libraries/libldap/tls_o.c
-+++ b/libraries/libldap/tls_o.c
-@@ -43,6 +43,9 @@
- #include <openssl/err.h>
- #include <openssl/rand.h>
- #include <openssl/safestack.h>
-+#include <openssl/bn.h>
-+#include <openssl/rsa.h>
-+#include <openssl/dh.h>
- #elif defined( HAVE_SSL_H )
- #include <ssl.h>
- #endif
--- 
-2.19.1
-

diff --git a/libs/openldap/patches/901-reduce-slapd-default-mem-usage.patch b/libs/openldap/patches/901-reduce-slapd-default-mem-usage.patch
new file mode 100644 (file)
index 0000000..0c4dd34
--- /dev/null
+++ b/libs/openldap/patches/901-reduce-slapd-default-mem-usage.patch
@@ -0,0 +1,11 @@
+--- a/servers/slapd/slapd.conf
++++ b/servers/slapd/slapd.conf
+@@ -50,7 +50,7 @@ argsfile     %LOCALSTATEDIR%/run/slapd.args
+ #######################################################################
+ 
+ database      mdb
+-maxsize               1073741824
++maxsize               8388608
+ suffix                "dc=my-domain,dc=com"
+ rootdn                "cn=Manager,dc=my-domain,dc=com"
+ # Cleartext passwords, especially for the rootdn, should