Package: openldap / 2.4.48+dfsg-1

Metadata

Package Version Patches format
openldap 2.4.48+dfsg-1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
man slapd | (download)

doc/man/man8/slapd.8 | 17 8 + 9 - 0 !
1 file changed, 8 insertions(+), 9 deletions(-)

---
evolution ntlm | (download)

include/ldap.h | 20 20 + 0 - 0 !
libraries/libldap/Makefile.in | 4 2 + 2 - 0 !
libraries/libldap/ntlm.c | 138 138 + 0 - 0 !
libraries/libldap_r/Makefile.in | 4 2 + 2 - 0 !
4 files changed, 162 insertions(+), 4 deletions(-)

---
slapi errorlog file | (download)

servers/slapd/slapi/slapi_overlay.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---
ldapi socket place | (download)

include/ldap_defaults.h | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---
wrong database location | (download)

doc/man/man5/slapd-bdb.5 | 2 1 + 1 - 0 !
doc/man/man5/slapd-config.5 | 2 1 + 1 - 0 !
doc/man/man5/slapd-mdb.5 | 2 1 + 1 - 0 !
doc/man/man5/slapd.conf.5 | 2 1 + 1 - 0 !
include/ldap_defaults.h | 2 1 + 1 - 0 !
servers/slapd/Makefile.in | 4 2 + 2 - 0 !
6 files changed, 7 insertions(+), 7 deletions(-)

---
index files created as root | (download)

doc/man/man8/slapindex.8 | 4 4 + 0 - 0 !
servers/slapd/slapindex.c | 2 2 + 0 - 0 !
2 files changed, 6 insertions(+)

---
sasl default path | (download)

include/ldap_defaults.h | 2 2 + 0 - 0 !
servers/slapd/sasl.c | 26 26 + 0 - 0 !
2 files changed, 28 insertions(+)

---
libldap symbol versions | (download)

build/openldap.m4 | 51 51 + 0 - 0 !
build/top.mk | 5 4 + 1 - 0 !
configure.in | 7 7 + 0 - 0 !
libraries/liblber/Makefile.in | 3 3 + 0 - 0 !
libraries/liblber/liblber.map | 8 8 + 0 - 0 !
libraries/libldap/Makefile.in | 3 3 + 0 - 0 !
libraries/libldap/libldap.map | 7 7 + 0 - 0 !
libraries/libldap_r/Makefile.in | 3 3 + 0 - 0 !
8 files changed, 86 insertions(+), 1 deletion(-)

---
getaddrinfo is threadsafe | (download)

libraries/libldap/os-ip.c | 6 0 + 6 - 0 !
libraries/libldap/util-int.c | 2 0 + 2 - 0 !
2 files changed, 8 deletions(-)

---
do not second guess sonames | (download)

libraries/libldap/cyrus.c | 22 0 + 22 - 0 !
servers/slapd/sasl.c | 20 0 + 20 - 0 !
2 files changed, 42 deletions(-)

---
contrib makefiles | (download)

contrib/slapd-modules/autogroup/Makefile | 4 2 + 2 - 0 !
contrib/slapd-modules/lastbind/Makefile | 4 2 + 2 - 0 !
contrib/slapd-modules/passwd/Makefile | 12 6 + 6 - 0 !
contrib/slapd-modules/passwd/pbkdf2/Makefile | 6 3 + 3 - 0 !
contrib/slapd-modules/passwd/sha2/Makefile | 4 2 + 2 - 0 !
contrib/slapd-modules/smbk5pwd/Makefile | 13 7 + 6 - 0 !
6 files changed, 22 insertions(+), 21 deletions(-)

---
smbk5pwd makefile manpage | (download)

contrib/slapd-modules/smbk5pwd/Makefile | 14 13 + 1 - 0 !
contrib/slapd-modules/smbk5pwd/slapo-smbk5pwd.5 | 179 179 + 0 - 0 !
2 files changed, 192 insertions(+), 1 deletion(-)

 [patch] contrib/smbk5pwd: add man page, install it too

Add a manual page slapo-smbk5pwd.5 and update smbk5pwd's Makefile to
install the new manual page.

This patch is derived from the corresponding patch upstreamed in ITS#8205


lastbind makefile manpage | (download)

contrib/slapd-modules/lastbind/Makefile | 14 13 + 1 - 0 !
1 file changed, 13 insertions(+), 1 deletion(-)

---
ldap conf tls cacertdir | (download)

doc/man/man5/ldap.conf.5 | 6 3 + 3 - 0 !
1 file changed, 3 insertions(+), 3 deletions(-)

---
add tlscacert option to ldap conf | (download)

libraries/libldap/ldap.conf | 4 4 + 0 - 0 !
1 file changed, 4 insertions(+)

---
fix build top mk | (download)

build/top.mk | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---
no AM_INIT_AUTOMAKE | (download)

configure.in | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 don't use am_init_automake macro when we aren't using automake
 Calling AM_INIT_AUTOMAKE() in configure.in serves no purpose if we're not
 using automake, and it confuses autoreconf.  Use AC_INIT() instead.
switch to lt_dlopenadvise to get RTLD_GLOBAL set.diff | (download)

servers/slapd/module.c | 16 15 + 1 - 0 !
1 file changed, 15 insertions(+), 1 deletion(-)

 switch to lt_dlopenadvise() so back_perl can be opened with rtld_global.    
 Open all modules with RTLD_GLOBAL, needed so that back_perl can load
 non-trivial Perl extensions that require symbols from back_perl.so itself.
Bug-Debian: http://bugs.debian.org/327585


no bdb ABI second guessing | (download)

servers/slapd/back-bdb/init.c | 13 1 + 12 - 0 !
1 file changed, 1 insertion(+), 12 deletions(-)

 don't second-guess bdb abi
 OpenLDAP upstream conservatively assumes that any change to the version
 number of libdb can result in an API-breaking change that could impact
 the database.  In Debian, we know that such changes require bumping the
 library soname and changing the package name, and demand such rigor from
 our package maintainers even when upstreams don't deliver; so any such
 check in the source code works against the packaging system by forcing
 database upgrades when we know none are required.  Disable this check
 so we rely on the packaging system to do its job.
Bug-Debian: http://bugs.debian.org/651333
ITS6035 olcauthzregex needs restart.patch | (download)

doc/man/man5/slapd-config.5 | 4 4 + 0 - 0 !
1 file changed, 4 insertions(+)

---
set maintainer name | (download)

build/mkversion | 7 1 + 6 - 0 !
1 file changed, 1 insertion(+), 6 deletions(-)

---
no gnutls_global_set_mutex | (download)

libraries/libldap/tls_g.c | 43 1 + 42 - 0 !
1 file changed, 1 insertion(+), 42 deletions(-)

 do not call gnutls_global_set_mutex()
 Since GnuTLS moved to implicit initialization on library load, calling 
 this function deinitializes GnuTLS and then re-initializes it.
 .
 When GnuTLS uses /dev/urandom as an entropy source (getrandom() not 
 available, or older versions of GnuTLS), and the application closed all 
 file descriptors at startup, this could result in GnuTLS opening 
 /dev/urandom over one of the application's file descriptors when 
 re-initialized.
 .
 Additionally, the custom mutex functions are never reset, so if libldap 
 is unloaded (for example via dlclose()) after calling this, its code 
 may be unmapped and the application could crash when GnuTLS calls the 
 mutex functions.
 .
 The default behaviour of GnuTLS, using pthreads, should be suitable on 
 all Debian systems, and is probably the same as what libldap uses 
 anyway.